Friday Squid Blogging: Prehistoric Dolphins that Ate Squid

Paleontologists have discovered a prehistoric toothless dolphin that fed by vacuuming up squid:

There actually are modern odontocetes that don't really use their teeth either. Male beaked whales, for example, usually have one pair of teeth that is only used to fight for females, whose teeth stay completely hidden in their gums. Beaked whales, along with pilot whales and sperm whales, also catch squid by sucking them into their mouths. But all of these whales evolved recently. Inermorostrum xenops seems to have evolved its toothless suction-feeding independently and much, much earlier than modern suction-feeding whales. "It's a highly specialized species but it's essentially a dead end," says Boessenecker. Evolution, far from being some linear progression, often works this way, hitting dead ends and retrying failed experiments from millions of years earlier.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on August 25, 2017 at 4:48 PM • 191 Comments

Comments

Ben A.August 25, 2017 4:52 PM


Crypto 2017 - LPN Decoded

"We propose new algorithms with small memory consumption for the Learning Parity with Noise (LPN) problem, both classically and quantumly.

http://bristolcrypto.blogspot.co.uk/2017/08/crypto-2017-lpn-decoded.html

https://eprint.iacr.org/2017/078.pdf


Zerodium Offers $500K for Secure Messaging App Zero Days

A popular theme on this site is how 'secure' messaging apps are trivial to break. If you think you can design an exploit, Zerodium want to hear from you.

"Remote code execution and local privilege elevation zero days in messaging apps such as WhatsApp, Signal, Facebook Messenger, iMessage, Telegram and others can fetch $500,000 from the company’s program."

https://threatpost.com/zerodium-offers-500k-for-secure-messaging-app-zero-days/127610/

https://arstechnica.com/information-technology/2017/08/wanted-weaponized-exploits-that-hack-phones-will-pay-top-dollar/


The Zen of PGP

"Wherever possible, try to use modern chat applications based on the Signal Protocol. This will give you a much higher level of security (generally speaking) with far fewer chances to make a mistake than using PGP."

https://medium.com/@thegrugq/the-zen-of-pgp-6f55d44657dd


Bypassing VirtualBox Process Hardening on Windows

The post describes "the implementation of Oracle’s VirtualBox protected process and detail three different, but now fixed, ways of bypassing the protection and injecting arbitrary code into the process. The techniques I’ll present can equally be applied to similar implementations of “protected” processes in other applications."

http://googleprojectzero.blogspot.com/2017/08/bypassing-virtualbox-process-hardening.html


I'm giving up on HPKP

"Whilst HPKP can offer a lot of protection, it can also cause a lot of harm too."

https://scotthelme.ghost.io/im-giving-up-on-hpkp/


Judge orders tech company to release Web user data from anti-Trump website

https://www.washingtonpost.com/local/public-safety/judge-orders-tech-company-to-release-web-user-data-from-anti-trump-website/2017/08/24/19abeac4-88e7-11e7-a50f-e0d4e6ec070a_story.html

https://nakedsecurity.sophos.com/2017/08/25/judge-scales-back-data-demand-on-inauguration-riot-related-web-host/


Leak of >1,700 valid passwords could make the IoT mess much worse

https://arstechnica.com/information-technology/2017/08/leak-of-1700-valid-passwords-could-make-the-iot-mess-much-worse/


Fraud Forces WannaCry Hero's Legal Fund To Refund All Donations

"The lawyer managing fundraising for Hutchins' legal defense decided it was easier to refund all donations than figure out which ones were legitimate.

https://www.buzzfeed.com/kevincollier/beset-by-fraud-wannacry-heros-legal-fund-refunds-all


NSA ramps up PR campaign to keep its mass spying powers

"Section 702 saves lives, claims spying agency, while continuing to dodge critical question."

https://www.theregister.co.uk/2017/08/25/nsa_pr_campaign/


Tests of facial matching for spotting individuals in large crowds have so far had very poor success

http://www.theregister.co.uk/2017/08/24/biometrics_commissioner_breaks_cover/

ThothAugust 25, 2017 7:15 PM

@Ben A., ab praeceptis
Re: Zerodium

They are French version of Hacking Team where they conduct cyber espionage and attacks under the ayspice of the French Government and Intelligence agencies under their former company name called Vupen. In USA, they call themselves Zerodium but essentially the business model is the same where they serve the French and US Government with cyber attacks and espionage under the auspice of both countries' Govt/IC/LEA. Caution must be taken.

Oh, and apparently they use Apache web server it seems ?

Re: Ignorance on PGP

How about trying to send large files worth of document archives and data over Signal/Whatsapp/Telegram/OTR ? Wouldn't that blow the cellphone Internet bill if you need to transfer lots of data ?

It never stops being amusing and painful to see the fanboism behind all these nonsense. PGP is good if there is a need for email based communication where there is a setting for formality and preservation of messages (i.e. you need to read the messages sometime later after many months for long term sensitive records).

These people who write 'advises' need to know how to give advises because PGP and secure chat serves two totally different purposes and they seem to get confused. How is PGP going to be replaced by Signal et. al. ?

Try moving huge binaries and files over Signal et. al. and tell me if it ever goes well. Also if it is an organisation or group setting where there is a need for archival, how are you going to archive Signal et. al. messages ?

Fanboism and bad advises by these self proclaimed experts must be weighed very carefully because even the real experts do make mistakes !!!

The consequence of bad advise cannot be taken lightly.

Re: NSA nonsense

As per usual, their PR is such a hilarious failure in an attempt to save their really thick skin. They should learn to keep quiet and sit in a corner when their reputation takes a hit but instead they keep tripping up and making so much noise that the NSA looks more like a joke than some Govt IC.

Re: HKPK FUD

Another low quality blog 'advise'. The website talks about losing the TLS key. If the TLS key is so important, why noy just use a dedicated server with a smart card or HSM to protect the TLS key in the first place. No money for dedicated server hosting with proper key protection ? Then no matter whether HKPK is disabled or enabled, attackers will still have access to the keys by the many holes in the modern computing stack.

Conclusion:
Take a huge discount on advises given as there are so many problems once it is scrutinized.

tom zellerAugust 25, 2017 7:49 PM

Defeating Shoulder Surfing

From GE's site:

What is it? “IllusionPIN,” a new technology developed by researchers at New York University’s Tandon School of Engineering, can automatically shield the screen of an ATM, smartphone or other electronic device. While the user is able to clearly see the information displayed on the device, anyone more than a few feet away sees something completely different.

Why does it matter? The new technology could protect against “shoulder surfing,” in which a potential thief looks over someone’s shoulder to gain access to sensitive information. By automatically shielding a cellphone’s display from anyone more than a few feet away, IllusionPIN gives an added level of security — not to mention peace of mind. “Our goal was to increase the resilience of PIN authentication without straining the device or compromising user experience,” says Nasir Memon, a member of the research team.

How does it work? IllusionPIN displays two images on the screen, one at high spatial frequency, and one at low spatial frequency, so the image changes, depending on angle at which it’s viewed. “On a device running IllusionPIN, the user — who is closest to the device — sees one configuration of numbers, but someone looking from a distance sees a completely different keypad,” says Memon. The program resets every time a user tries to enter a PIN, making things even harder for shoulder surfers. In trials, researchers found that the technology was 100 percent effective in deterring shoulder surfing attacks.

more info at:

https://www.eurekalert.org/pub_releases/2017-08/ntso-tte082217.php

Ben A.August 25, 2017 8:15 PM

@Thoth

The article by the grugq make senses - prefer the Signsl Ratchet over PGP. He's not advocating using mobile apps instead of email - he's saying it's better to use encryption based upon modern forward secrecy technologies where possible. Receive the message and then archive it for long term storage if necessary.

Regarding HPKP fewer than 0.5% of sites use it according to one statistic I saw. It's not just losing the TLS key that's problematic, it's rotation of the shorter Let's Encrypt keys and the pinning of 90 day leafs. Or an attacker who accesses the system and locks out the owner by configuring an unreasonably long HPKP duration. The site is bricked and the backup pins deleted.

His advice is mirrored by Qualys who don't believe it's fit for purpose in reasons they too give in a blog post.

ab praeceptisAugust 25, 2017 8:30 PM

Thoth

While I assume that they indeed apache, one should also see that it's a no brainer to make any http server identify itself as whatever one pleases.
My assumption is based on the fact that apache is still the most used http server and, importantly, one for which probably most modules as well as developers knowing how to build those modules are available. Moreover, one should assume that someone like vupen/zerodium sees their web server not simply as an output generator but also as an input engine and possibly even as a trap.

Re. PGP I agree and add that probably by far the most relevant criterion nowadays is coolness and *proclaimed and assumed* security.
That said, one must also see that PGP isn't all roses and love; there are problems and shortcoming, too, being relatively cumbersome to use (let alone have someone else install and configure it and create and exchange keys) being a major one. And, of course, PGP suffers from the PKI problem, too.

What I find by far more shocking, btw, is how many applications still rely on tls, many even specifially on openssl. This is particularly true with a certain use case you mention, file transfer. Basically *all* solutions are plagued by issues, be it firewall problems (ftp & family), be it betting on tls, or be it a combination or other problems.

I might overlook something but it seems to me that we have no well and properly designed and engineered, non-tls but secure/encrypted tool to do something as basic as transfering a file in a safe and secure and unproblematic way.

Re. nsa I largely agree but see some value in nsa, namely as serving as a useful incarnation of top level attacker (along the line "if something can withstand an nsa tao attack it can with high probability withstand pretty much everything"), i.e. as some kind of measuring device and worst Eve example. Plus, of course, we have to largely thank nsa for making it well understood that any nist approved algorithm should be looked at with utter mistrust (I myself made it a habit to strongly prefer non-nist-approved algos as much more sound (with a good probablity)). And finally I find nsa/nist useful to build some kind of private blacklist; people with a history of cooperation end up with adequate scores. To name an obvious example, everyone involved with rsa (the company) but also quite some cryptologists neds up a highly likely severely tainted on my list.
That's quite probably not what the us-americans payed their taxes for but I make the best use of nsa/nist.

ThothAugust 25, 2017 8:32 PM

@Ben A.

What is the possibility for Forward Secrecy to be used for email ? The only way to do FS for email is via One Time Pad by the way.

Comparing Signal ratchet and PGP in terms of context of use has always been a confusion and many have fallen into this trap of confusion.

I want to strongly repeat that PGP is probably not the best protocol in terms of use for secure chat application context and not in terms of bulk data transfer context which so many people have happily tripped themselves up by using the incorrect tools at the incorrect time.

Regarding SSL/TLS. It is the biggest cryptograhic protocol failure in history and let alone HPKP. The main problem with the rant on that website is failure to properly manage cryptographic keys securely but as a consequence it also opens avenues for attacks including those of HPKP. In fact it is better to rrestructure the entire communication stack to ensure security is part of it instead of TCP with SSL/TLS slap on as some band aid. The usual people here including myself cannot emphasis enough on how crappy SSL/TLS is and how bad a job the standards are anyway. Anything SSL/TLS related is at best only good for goldeb stickers and obfuscation and never for actual communication security.

ThothAugust 25, 2017 9:25 PM

@ab praeceptis

Re: File Transfer

One of the slowly growing toolkit that might have the potential to replace SSl/TLS is the NaCL toolkit by DJB. The reason NaCL is not so common is because it does not have the golden stickers associated to NIST-AES and NIST-ECC which is causing a pretty bad headache for non-security developers. Most non-security developers prefer to just copy and paste codes with sample crypto codes and library calls to get around it and for now the bulk of algorithm is still relying on NIST AES/ECC. The reason is because of the industry and government drive behind NIST algorithm poisoning and it is working very very effectively.

How many times do you see the x25519 curve and Salsa and ChaCha stream ciphers deployed in hardware accelerators ? I doubt so that you can find any or probably one or two of them. I am one of the few to have actually wrote ChaCha20 for smart cards and released them (and still exists in Github) as open sourced code. The downside is it is slow but that could be improved by using 32 bit math once I have the time to sit down and upgrade it.

If you look at the FIPS 140-2 specifications for Golden Sticker-blessed hardware selection, anything that does not use NIST algorithm and does not operate in "NIST FIPS Mode" cannot be FIPS certified and that means a ton of application from banking and finance to secure communications between groups or individuals that need Golden Sticker approval cannot use non-NIST algorithms.

The power of Golden Stickers is immensely powerful and from a recent interaction with someone in the industry, when I bring up the use of CC EAL golden stickers, you can see their eyes light up almost immediately. It gets even better when I mention that the EAL level of a particular hardware is much higher than convention HSMs rated only at EAL 4+ :) .

File transfer can be done with NaCL but the adoption would probably be slow due to using non-Golden Sticker approved algorithms. One way is to attempt to continue where I left off of trying to get algorithms like x25519 curve and ChaCha20 to operate at reasonable speed and efficiency on hardware that were never designed to do so in the first place, namely smart cards and HSMs.

What is necessary is to add hardware accelerator support for these non-Golden Sticker algorithms to increase the developers' comfort zone and get them to increase adoption of NaCL library instead of insecure libraries like OpenSSL and it's derivations.

Re: PGP

I do agree that PGP is not all roses either. The main thing here is to correct the misconception on the wrong context when using the wrong crypto tools (i.e. PGP, Signal ...).

Re: NSA

NSA is the best example in crypto textbook for the role of Eve and will always be. The ability to poison algorithms, inflitrate into seemingly secure systems and protocols and exflitrate with no traces .... very nice for security modelling of the worst case scenarios.

ab praeceptisAugust 25, 2017 11:20 PM

Thoth

I agree, NaCl is an excellent starting point and a good base. And btw. its algos performance is by no means slow (well, at least on 32+ bit systems). And I think thanks to libsodium which makes its use really easy NaCl finds increasing uptake. About the only complaint one might have is its aes fallback, which however doesn't concern me as I use NaCl directly and also implemented other algorithms (mostly in Ada).

As for nist, eal, and other golden stickers I don't care the slightest bit, quite the contrary, non-nist is a big plus in my book.

The interesting point here is a sad one, namely that one is pretty much forced to make a choice. One can largely have either security - or - some golden sticker that promises a lot but risks to deliver very little or even easy access for nsa.
Thanks no, I care for security - not for BS or even poison with golden stickers.

Re nsa: Yes, that's what I meant. nsa serves well as worst case Dolev-Yao plus some extra poison adversary. That said, I nowadays keep pqdy (post quantum dolev-yao) in mind and expect it to become the new worst case adversary (obviously with nsa among the first incarnations).
Btw. another reason to like NaCl; while its required nonces aren't really random they at least offer one vitally decisive property, namely uniqueness. I consider that as very important as it can be considered an albeit weak member of the random group which again, next to the strictly one-way group (hashes) is a very promising element in the pq scenario world.

Please note that my point wasn't that a secure file transfer tool is somehow hard; it isn't principally. My point was rather the wide-spread attitude/sectarian belief "security/crypto == tls" which I consider utterly untenable.

David H.August 26, 2017 2:00 AM

To those dismissing TLS:

Where can a beginner security nerd like myself learn more about why you dislike TLS? I'm aware of things like BEAST, CRIME, POODLE, and other attacks on SSL and TLS, but so much of our modern Internet is built on TLS wrapped onto http, imap, and other protocols that the world simply isn't prepared for another Heartbleed. (I'm also a big fan of the OpenVPN protocol, which uses TLS.)

I'm also somewhat aware of NaCl and libsodium, but they're still not mainstream. I'd need a better understanding why you're so willing to completely throw out TLS.

Molte grazie!


PS. @Ben A., a short thank you for the numerous links you drop in most Squid posts. Very nice quick reading.

ab praeceptisAugust 26, 2017 2:35 AM

David H.

Well, I'll begin and do some part...

First: You can find it right here, in this very blogs comments, albeit spread over different authors and some time.(Note: You might want to concentrate largely on a few knowledgeable "heavy weights" around here. Clive Robinson, Thoth, and Nick P. are examples)

What I'll list is by no means complete but you'll find that we have not only pro (some, it seems) and anti (some more, it seems) positions but also diverse points of view from where we look at things. I, for instance, am a rather hardcore formal specification, verification, etc. type (professionally, not socially); others might rather look at the math and yet others might mostly look from yet other angles.

- most versions of ssl/tls have not even been properly specified
- the most current one is but rather mindlessly and carelessly (imo)
- the big fat 16 ton monster is that most of ssl/tls is implemented in C or C++ which is akin to building safe walls with cookies and carton. Pretty much all major bleeding can be traced back to that factor.
- the most common implementations (openssl) are bloated beyond mindless monstrosity
- the most common implementations (openssl) are pretty much beyond manageability and control.
- some algorithms and/or implementations are or should be reasonably assumed to be poisoned
- some algorithms are aged, weak, not up to par (and the rule "larger bitsize = more security (e.g. rsa) does *not* always hold)
- much of what we know today is ignored, e.g. timing and side channel attacks
- much of ssl/tls has been de facto largely dictated by gov. and large corps.
- the whole PKI system is badly conceived, badly designed, badly implemented, and utterly rotten to its core.
- obviously ssl/tls, in particular the openssl implementation, are quite rich in attack surfaces and at the same time busily attack-studied by many parties, some of which with rather unpleasant motivations.

I'll end with a quite personal impression/subsumption which many might not share or condemn as superficial but it might be useful as a first guiding rope to walk along for a less experienced person so I write it anyway:
ssl/tls is in a way an incarnation of "security by big names, bureaucracy, and committees" whose major success might be to please insurers and the like.
Some of us feel that we would like to have more mathematical, cryptographical, and technical soundness and properties, no matter whether that gets some golden seal and an "approved" stamp from some standards body or insurers, bankers, and the like.(Yes, I happen to be one of those who strongly dislike ssl/tls and for many and good reasons)

ThothAugust 26, 2017 5:30 AM

@David H

Since you said it yourself that there is already Heartbleed, CRIME and many other SSL/TLS problems, you could look through their history and learn as you read more about how they broke down the security claims of SSL/TLS.

Take time read read about each of the exploits and you will start to notice a trend :) . Yes this is vague stuff but you need to do a little reading up first as it is impossible for any of us to dump everything onto a small post.

Ben A.August 26, 2017 5:50 AM


@Thoth

Forward secrecy can't be securely achieved by email, except by OTP, although my suggestion was more directed towards other technologies (such as XMPP) combined with the Signal ratchet.

In terms of bulk data transfer I don't think email is suitable for this. Email servers tend to have small send-receive limits (some as low as 10 MB) and even if your provider allows more, your friend's may not.

I think that PGP can be suitable for bulk data transfer where the files are encrypted and then uploaded to the cloud. If for whatever reason PGP can't be agreed upon then symmetric encryption does the job just as well and is easier for most.

For messaging I can't recommend PGP for the reasons many people (including Bruce) have spoken about before. It's a niche product and has its users but like @ab praeceptis has said the biggest problem is getting somebody else to use/understand it. Your average person has no interest in understanding smartcards, HSMs, secure computing etc - make things as simple as possible with a 'good enough' level of security to prevent dragnet surveillance.

SSL/TLS may be crappy but it's the best solution in place at the minute. Things may change if I2P becomes more popular but until then we're stuck with the tools we have and it does stop almost all of the 'simple' attacks against websites.

HPKP can have disastorous consequences if used incorrectly or if the CA messes things up from their end so it's difficult for anybody to recommend with sincerity that it be used other than for websites of exceptionally high value.

@David H.

I try to keep the links as brief as possible but covering a wide number of relevant, topical issues. I'm still digesting the first link (LPN) as that's some interesting research.

For an good introduction to SSL/TLS have a look at the documentation of the OpenSSL project. Qualys write some simpler posts about the protocol and so do Troy Hunt and Scott Helme.

OpenVPN can be hardened in a number of ways but they have a good introductory guide for you here:

https://openvpn.net/index.php/open-source/documentation/howto.html
https://openvpn.net/index.php/open-source/documentation/security-overview.html

OpenSSL information:

https://www.openssl.org/docs/man1.0.2/apps/
https://www.openssl.org/docs/man1.0.2/ssl/
https://www.openssl.org/docs/man1.0.2/crypto/

OpenSSL Cookbook:

https://www.feistyduck.com/library/openssl-cookbook/online/

ThothAugust 26, 2017 6:54 AM

@Ben A.

This is one reason security and privacy will always be lagging behind because people can't be bothered and are lazy.

If good enough security is the case that would mean the likes of TLS protected chat and without needing pseudo-anonymity protection (i.e. I2P, TOR) and using Windows would be sufficient.

Allowing Governments to do Certificate base MiTM would be perfectly fine and people shouldn't be complaining.

The reason people are complaining is security is not good enough and people are painfully aware of the problems of TOR, SSL and all that but feel helpless.

The interesting irony is people are not willing to invest time and effort to learn and improve.

I guess we can simply live with the security problems. We just need to sleep it over and another day passes :) .

O-oh Say Can You UggabuggaAugust 26, 2017 7:33 AM

India's apex court affirms the right to privacy, leaving the downtrodden US masses and their totalitarian kleptocracy in the dust.

https://www.scribd.com/document/357098939/SC-Right-to-Privacy-Judgment#from_embed

India cites an OAS-chartered treaty body in their judgment, because OAS human rights law is a legal authority and interpretive source for all UN member nations under ICJ Statute Article 38. Besides which, the OAS Charter is binding US law. That's why you never read about it in your CIA-controlled media.

Poor pathetic US serfs. They should have a charity, Save the Sox Fans, and collect money with photos of sad fat kids holding empty bowls of smartfood.

Dirk PraetAugust 26, 2017 8:23 AM

@ Thoth, @ Ben A.

I want to strongly repeat that PGP is probably not the best protocol in terms of use for secure chat application context and not in terms of bulk data transfer context which so many people have happily tripped themselves up by using the incorrect tools at the incorrect time.

There are definitely more appropriate protocols for IM than PGP (no forward secrecy), like Axolotl and OMEMO. Whilst instant messengers like Signal, ChatSecure, Zom and the like take out the hardship typically associated with correctly setting up and using PGP (with or without smart cards), their most important drawback from a security vantage is that they do not physically separate (read: air/energy gap) the encryption and transmission processes. Which means that they can be worked around by subverting the endpoint, as @Clive and others keep on repeating. And ultimately leaves you with a limited number of options.

I think that PGP can be suitable for bulk data transfer where the files are encrypted and then uploaded to the cloud.

Provided both parties know what they're doing, i.e. have a firm grasp of how PGP works. Another way of transparently exchanging files with a party you know is setting up a shared cloud storage account holding one or more Veracrypt containers with hidden volumes. If you don't trust known or suspected PRISM-associates, set up an account with some dodgy company in Ukraine or Romania that probably accepts anonymous payments in Bitcoin too.

SSL/TLS may be crappy but it's the best solution in place at the minute.

More like the most widespread solution in place at the moment. It's a kind of zombie protocol that just won't die because it's ubiquitous. On the bright side: OpenSSL is gradually being replaced by LibreSSL and similar alternatives, while at the same time a growing number of developers are adopting NaCl and libsodium.

I guess we can simply live with the security problems. We just need to sleep it over and another day passes

Although I have little reason to believe otherwise, I try to take comfort in the knowledge that many things either take a lot of time or some horribly disruptive event to change. Roma non fu fatta in un giorno. (Rome wasn't build in one day)


@ O-oh Say Can You Uggabugga

India cites an OAS-chartered treaty body in their judgment, because OAS human rights law is a legal authority and interpretive source for all UN member nations under ICJ Statute Article 38.

The US has never and will never abide by any international statute it perceives as contrary to its national interests, and generally uses rather twisted ad hoc interpretations of its Constitution to justify that behaviour. Also note that the ICJ's jurisdiction does not have binding force in itself, which means that any UNSC permanent member can veto any resolution brought forward. In terms of international law, the US, for all practical purposes, is a rogue nation.

JG4August 26, 2017 9:25 AM


I like skepticism of government programs, including the Apollo project. It should be a lot less tedious to arrive at a correct summary of the physics and technology of the 1960's and 1970's than what has transpired. I am not suggesting any censure by the moderator, and perhaps the tedium is as good as it gets on the old blue marble. If all parties are acting in good faith, that really is as good as it gets. We all have our cognitive limitations, some worse than others. Crowdsourcing allows blindspots to be covered, much as the photograph at the bottom of my long and tedious rant today.

I saw some egregious physics errors by the Esteemed Chairman, as well as history errors. I believe that radiation damage to semiconductors takes a significant amount of time in orbit, not what would be accumulated in a short trip of a week that spent only minutes to hours in the van Allen belts. The early astronauts were able to see flashes of light inside of their eyes from the radiation. It was confirmed by having someone stick their head in a particle beam from a cyclotron or synchrotron, where their eyes became scintillation detectors and/or Cerenkov detectors for heavy ions. The payload analysis can be readily carried out by assigning an efficiency to the rocket engine (well into the 10's of percents, maybe as much as 50%) and looking at the total energy of the fuel. I vote that this leads quite clearly to a successful landing. Today, you can buy a toy helicopter for $20 that has a more sophisticated attitude servo than is required to land on the moon. Three electrical engineering students could build a suitable analog feedback loop in one semester for a gyro-stabilized rocket engine. I've said before that Rudy Kalman deserved a Nobel prize, or would have if there were a prize for math. His work played a key role, and its application largely was the result of a coincidental meeting. The world was not ready for his ideas, but they have been widely applied.

I want to touch again on energetics, bioenergetics, systems and security. Can't recall if either of two publications showed up in the comments here, but Stratfor did a nice job with a geopolitical analysis of Iran in 2012.

The Geography of Iranian Power - An excerpt from The Revenge of Geography
http://www.stratfor.com/analysis/geography-iranian-power-robert-d-kaplan
By Robert D. Kaplan | Aug. 29, 2012

The Zomia article was somewhat earlier, but addresses the same root topic, which is the cost of delivering, or if you prefer, administering, government in mountainous regions. Think of government as a proxy for security and the cost of delivering it on your hardware/firmware/software platform. Doesn't matter how high the GDP is, if there is no money left to pay for loyalty after paying for delivery of government. Speaking of payment, this article may be behind a paywall:

The mystery of Zomia
http://www.boston.com/bostonglobe/ideas/articles/2009/12/06/the_mystery_of_zomia/
In the lawless mountain realms of Asia, a Yale professor finds a case
against civilization
By Drake Bennett December 6, 2009

One of the reasons that the US became an economic superpower is water transportation. The history of river and canal transport built the country, and it involved major investments, back when major investments were blood, sweat and tears, not fiat paper. I think that the all-in cost of the canal in upstate NY that follows the Thruway was about 1 year of NY State GDP. That is a serious bet on the future and it paid off handsomely. It wasn't made in fiat paper, soon to be fiat vaporous magnetic and electric fields on rust and sand, backed by various carrots and sticks. The railroad revolution followed the extension of water transport from the interior to the coast (paid by an early analog of the SBIR program), and the trucking revolution expanded the reach of the railroads. The solar-electric robot-truck fleet is going to be less expensive to operate, but is going to free up a lot of human capital with limited skills. Some of the cohort were sighted in Charlottesville and many others in that demographic are hooked on opioids. Ted Kaczynski provided some useful input on the topic. The fleets of drones from Skynet will require some type of IFF system. As the Huey Pilot said, "this ends with licenses and permits to scratch our asses."

The Stratfor piece indicates that Iran will never be a real threat, because the country is so mountainous that it is very expensive to deliver government to the tribes. The surplus available after paying for internal costs will never be sufficient to pay for imperial forces stationed at forward bases in 180 countries around the world. The term government is secret code for the proverbial carrot and stick. As long as the flows of carrots and sticks keeps all critical parties cooperating, you have a functioning central government. When the delivery of carrots and sticks is interrupted, the situation reverts to the very old equilibrium of warring tribes. I touched on the food security aspect of systemic failure yesterday.

From a terrian perspective, the energetics and bioenergetics of transportation in Afghanistan, which makes Iran look like a fruited plain, are nearly impossible for centralized government. Unless drugs figure prominently into the picture. Laos is the far side of Zomia, where it also is very difficult to deliver efficient government, and drugs are the major export crop. Just for the record, the largest-scale purveyor of lean and efficient government in human history (on a global per capita basis) to ever live was Ghengis Khan. Even his power to project government into mountainous areas was limited. This general line of reasoning essentially is what Boyd applied to air combat, which also involves gravitational potential energy, power and energy reserves, how quickly energy can be manipulated into different modes, and cost of delivery.

Security is like government in several senses, particularly that it has to be affordable. The definitionn of affordability varies with the value of the data stored and processed on the system, as well as with the threat model. If we have seen the word unobtainium mentioned here, it's been a while. Not a bad idea to mention it again. The cost of securing systems is staggering, if you have to lock down every process from the fab all the way to the coders, then make sure that the hardware hasn't been modified during delivery. That level of security is, at best, very difficult for state-level actors with the deepest pockets. The best that can be done after the fact is some limited system identification (testing a defined parameter space), then insuring that the data and instructions stay inside a known-good space (filtering).

The surveillance-state is a relatively low-cost approach to government, where all of the spy gear is paid by consumers. The only way to win is to not play. I still am interested in the topic of how to create a secure system for my business IP. Physical security in Switerland would be a good start, but I can't see any way to enforce a suitable level of care in the supply chain. That means government has to be a partner in every business, and there has to be some mechanism for establishing trust that they aren't going to take over your business. The news headlines have shown that .gov cannot be trusted.

the daily news dump

https://www.nakedcapitalism.com/2017/08/links-82617.html

...[quantum cryptography]

Scientists Finally Prove Strange Quantum Physics Idea Einstein Hated Gizmodo

...[signal integrity]

Confused sunflowers during eclipse EarthSky. Chuck L; “If this is what they looked like at 70% occlusion, sunflowers in the path of totality must have freaked out. Photos anyone?”

[water security; your wetware security system won't run without it, and additives like arsenic and antimony don't enhance wetware performance]

The Pentagon is Poisoning Your Drinking Water Counterpunch

[signal spoofing in biological systems]

The Parasite That Wires Plants Together Wired

[I haven't pointed out that some drugs are signals or signal spoofs; others block, amplify, switch or attenuate critical neural signals. Addiction is a feedback mechanism that locks a system into a destructive mode. I was pleased to see someone raise the question of who owns our thoughts. It should be fairly obvious who thinks they own our thoughts, but a simple and highly efficient MOSFET H-bridge goes a long way to addressing that threat model and a lot of others]

How Zebrafish on Drugs Help Us Understand Opioid Addiction National Geographic. UserFriendly: “Great, fish junkies..”

[humor is a leadership trait, in part because it showcases the ability to see all sides of a space. a very close analog for security, where effective system design demands consideration of all dimensions, or if you prefer, all threat models and all failure modes]

When Dark Humor Stops Being Funny Nautilus (micael). Notice YouTube removed the Louis C.K. video….

[surveillance state; not touched in the article is the fact that an overlooked aspect of computer security is the wildly toxic manufacturing chemistry. chemical security also requires various barriers and filters]

China?

The Dark Side of China’s Tech Boom The Diplomat (resilc)

[the most dangerous threat model involving the NorKs is Starfish Prime right in the middle. their other option is to nuke one city. a successful EMP attack has the potential to kill 200 million, whereas nuking one city might kill one million. coincidentally, the successful Japanese nuclear program in WWII was conducted in what is now North Korea. I think that I've commented before that they were 10 days from delivering a crude nuclear bomb to the west coast of the US. that puts a different light on Truman's decision to nuke civilian populations, not that it changes it from wrong to right. at the time, the US was sending uranium and know-how to Stalin. I haven't had time to comment on that, but it is an interesting topic. I think that Klaus Fuchs leaked a lot more than the Rosenbergs (sp?)]

North Korea fires three failed missiles DW

[physical security]

Thailand’s ousted PM Yingluck has fled abroad: sources Asia Times

[the substance of my preface is that Afghanistan is an ungovernable tribal area and Tacitus already has explained what "call it peace" means. the US used the term "pacification" in the peasant extermination programs. I already commented that the US version means, "Kill Anything That Moves," or "How to Win Friends and Influence People"]

The War That Time Forgot Counterpunch

...

Big Brother is Watching You Watch

[peak irony: mind the event horizon]

Why did CIA create a bogus software upgrade? To steal data from FBI, NSA ZDNet (Pat)

[well covered here by a recent post]

Connected cars have an ‘indefensible’ security vulnerability Network World (Phil P)

[eventually some important systems will be compromised. I hope that they are designed for graceful degradation]

No, USS McCain Probably Wasn’t Hacked. But What If It Was? Defense One. Resilc: “Thumb drive porn”

...[it's really not security when your security apparatus are dirty]

When J. Edgar Hoover told Chicago FBI to set the Outfit on Dick Gregory Chicago Tribune (Sid S)

Our Fabulously Free Press

[signal integrity: if your signals are corrupted, the system cannot follow design intent. a free press was part of the design intent. it's good that we don't have a truther cohort here. if I didn't say it already, jet fuel can not just soften steel, it can melt it to a bright white liquid. and nanoalumina is what you get when you melt a jetliner and smash the liquid with a quarter million tons of steel and concrete. there are many real conspiracies, but we have to be careful in sorting information. there is obvious 8u115h1t, there is ambiguity and there are things that are obviously true. the same applies in security software - you need a fuzzy category of might indicate attack that could heighten security posture without unnecessarily compromising system performance. if additional information suggests attack or escalating attack, the system performance can be degraded gracefully to counter the attack.]

Al Jazeera had been pushed to ‘discredit or offset’ 9/11 documentary which was out of the US official line failed evolution

...[security posture: six eyes total, four out, two in]

https://www.nakedcapitalism.com/wp-content/uploads/2017/08/babboon-family-links.jpg

TatütataAugust 26, 2017 9:29 AM

Although it isn't a novel topic, I found this essay published in The Atlantic interesting:

The Founding Fathers Encrypted Secret Messages, Too :

Many of the other methods that Jefferson was most enthusiastic about, such as the “perfect cypher,” designed for him by the mathematician Robert Patterson, just never caught on. As with privacy-minded people trying to get their friends to use PGP keys today, sometimes the newfangled inventions felt like too much trouble. Jefferson’s U.S. minister in Paris, Robert Livingston, simply refused to use Patterson’s complicated transposition cipher—where plaintext is reordered and transformed—while negotiating the Louisiana Purchase.

RMR~1029August 26, 2017 10:34 AM

Petya - from CIA client state Ukraine based on liberated NSA EternalBlue libraries - sabotaged, among other things, Moller/Maersk's APM container logistics system. The widespread sabotage diffused public attention and obscured a global infrastructure outage that made it possible to smuggle controlled commodities and weapons including WMD components. Marcus Hutchins knows more than most about the network command and control involved. He might just be in a position to connect some dots when something terrible happens one of these days (like the next time some NYC buildings fall down for no reason and we have to invade the wrong country and stay there for 15 years. Or something.)

In case you were wondering why FBI detained and interrogated Hutchins on embarrassingly phony bullshit accusations.

vas pupAugust 26, 2017 10:44 AM

@Andrew • August 25, 2017 11:52 PM
Thank you! I was promoting that idea on that blog (Clive could confirm that as one of the oldest blogger) many years ago.
Sane kill switch should be on: cell phones, smart TV, you name it.
I will include GPS as well as controllable function by kill switch.

MikeAAugust 26, 2017 11:18 AM

On old crypto and modern errors.

I attended a talk on the history of machine crypto back during the buzz over Mick Jagger's Enigma movie. One bit that stuck in my head was related to a U.S. Civil War device used by the Confederates. Fairly sophisticated for its day, but the messages were easily read by the Union, because most (all?) messages were "encrypted" with one of three pass-phrases, all Confederate political slogans.

Your math may be of unsurpassed crystaline purity (blue?), but if the goop around it (UI, OS, key management) is bad, you might as well shout from the rooftops.

======

On devices with divided loyalties:

https://www.nature.com/articles/s41467-017-00343-8

Anybody (Clive?) want to speculate on the "opportunities" falling out of
---
[...] ME antennas (with sizes as small as one-thousandth of a wavelength) demonstrates 1–2 orders of magnitude miniaturization over state-of-the-art compact antennas without performance degradation.
---

Gerard van VoorenAugust 26, 2017 11:29 AM

@ Thoth,

The interesting irony is people are not willing to invest time and effort to learn and improve.

I guess we can simply live with the security problems. We just need to sleep it over and another day passes :)

Well, ... yes and no. Don't underestimate the influence of GAFAM. Let's look at HTTP/2 for instance. One would think that such a basic protocol of "the web" was properly designed, wouldn't it? The answer is no. HTTP/2 is there to benefit GAFAM, not you. The cookie problem of it, that could have been solved with a MinimaLT approach of session management but they didn't use that kind of technology. So cookies are still there in HTTP/2. Why is that? Because the big Cookie Monster designed HTTP/2 !!! So the HTTP/2 standard contains more of this shortcomings yet it's standardized.

And in the past other companies standardized their cr*p as well and it got used massively. Just think of javascript, a language that was designed in thee weeks is today the standard scripting language of "the web" and it's standardized as well. XSS, most time caused by this beautiful JS also shows the stupidity.


We are talking about a hydra, a money thirsty hydra.

Mall MosquitoAugust 26, 2017 12:30 PM

Does anyone remember CASPIAN? http://www.nocards.org/

The supermarkets all have "club" cards these days, something is a bit off with their hours, and they are starting to hire "bouncers." The "bouncers" generally start to show up when the police are sick and tired of responding to calls to break up a food fight, which means the grocery stores are dealing bootleg hooch and drugs in the food, and the whole area has fallen to red-light district idiocy.

I'm curious because I just got semi-perma-banned at "Natural Pantry," Safeway, Fred Meyer's, 7-11, Walmart, and Chevron, all because I turned down a solicitation by one of the employees at the aforementioned "Natural Pantry" and was summarily ordered off the property at the somewhat far-fetched threat of arrest, even though I had never visited that store in my life, and I certainly wasn't creating a disturbance or doing anything wrong there. Then at Safeway, an agressive group of employees held me at knifepoint and almost prevented me from leaving the store. They (apparently) called 911, but no police showed up. Instead, a mental health ambulance and some fire truck showed up, but they quickly lost interest in having me committed as I was by that time calmly walking away. Employees at a 7-11 had just tried to take my bag from me, and I told them to keep their fingers off my stuff.

Time for the feds to crack down so bloody hard on these mobsters that there'll be nothing left of that privacy-invading grocery-store club-card drug-and-alcohol ring. I mean they even tell you in large block letters on your receipt (as for example, just in case you're Jewish,) exactly which foods are kosher or not, or whether or not you ought to be putting dairy and meat products in the same shopping cart, or if you really need separate receipts for such.

I just lost my appetite, and I want to puke.

TatütataAugust 26, 2017 2:36 PM

Re: "On devices with divided loyalties:"

I was at first very sceptical about the claims, as I had been already been taken in for a few days about 25 years ago by a hefty ration of snake-oil. You know, if it sounds to good to be true, then it ain't...

But the the Nature publication seem to be based in reality, although I don't expect these devices to replace the antenna in your phone, as the efficiency is far too low, to wit this passage paragraph on p. 7 that few will read:

Then the ME FBAR antenna efficiency can be calculated as ξ_rad = [...] 0.403% with a high gain of G_FBAR =
−18 dBi at the resonance frequency f_r,FBAR , or ξ_rad;corrected = 0.448% with reflection
corrected [...] . The FBAR ME antenna also has a fractional bandwidth BW [... =] 0.158 [...] . The minimum Q-factor of a small antenna is given by [formula =] 41037 as dictated by the Chu limit [...]. [...] Therefore, the Chu–Harrington limit has not been surpassed by using the magnetoelectrically coupled FBAR structure.

[emphasis added]

In plain English, the transmit gain or receive sensitivity will be about 50-100 times smaller that what would typically be achieved by a more conventional antenna.

The laws of physics are respected, this is interesting stuff, but there is no miracle.

I can envision at least one application, but we're leaving the realm of security. (BTW, can something be done about stream-of-consciousness dumps and other assorted conspiracy theorists?)

References 18 and 19 describe the earlier work on which this article is based. I can find one recent patent family US9660349B2 mentioning the author Carman as an inventor. The applicant is Northrop Grumann.

RatioAugust 26, 2017 3:58 PM

ISIS Claims Deadly Attack on Shiite Mosque in Afghanistan:

Suicide attackers stormed a crowded mosque in Kabul during Friday Prayer, officials said, killing at least 20 people and wounding dozens of others in the latest in a series of deadly attacks against Shiites in Afghanistan.

The Islamic State, which previously claimed deadly assaults against Shiite targets in the country, said its militants were behind the attack, according to the group’s Amaq news agency.

If only the agents of Western imperialism would stop congregating in Shiite mosques on Friday, these attacks would surely cease.

tyrAugust 26, 2017 5:22 PM


@JG4

Ghenghis Khan solved the problem of extending
government quite simply.

What he used is task specific agents with the
full weight of the empire behind them. If you
committed a crime, they detached soldiers to
hunt you down. Those had no other job and had
the authorization to draw on empire resources
as necessary. That extended Mongol power into
every region without the unnecessary fluff of
modern feather merchantry of law enforcement
and governments. If my memory is correct they
sent 100 soldiers after the king of Poland
after a lost battle and chased him all the way
to Spain from eastern europe.

It would work quite nicely today but there are
huge segments of the elites who like the idea
of safety zones to hide in. With only one job
to do and no goal except completing that task
without a time limit government could act in
every place that it needed to be.

Bruce is quite aware that too narrow a focus
on minutiae creates horrible blind spots in
your ability to think. Compound that with the
sorry state of functional literacy of schools
product and you get endless carping about too
complex texts.

@all

you can start your own blog, narrow the focus
and no longer be forced to read material that
you deem unworthy. Or you can just skip past the
text you find offensive. As the proverb says
the man who casts a rock at every dog that barks
will find he has a sore arm and no more rocks
long before he has run out of dogs.

gordoAugust 26, 2017 5:57 PM

Misused Espionage Act Targets Government Whistleblowers
BY DAVID GREENE AUGUST 1, 2017

This week we celebrated National Whistleblower Appreciation Day—an appropriate time to speak out against the U.S. government’s continued use of the Espionage Act to prosecute government leakers, and in so doing, restrict the flow of important information to the press.

https://www.eff.org/deeplinks/2017/08/misused-espionage-act-targets-governnent-whistleblowers

The message behind National Whistleblower Day
BY STEPHEN M. KOHN, OPINION CONTRIBUTOR - 08/02/17

On Aug. 1, 2017, the United States Senate adopted the “National Whistleblower Appreciation Day” resolution by unanimous consent. This resolution, which the Senate has passed every year since it was first introduced by Sen. Chuck Grassley (R-Iowa) in 2013, commemorates the enactment of America’s first whistleblower law.


The history behind this resolution is remarkable. It marks one of the first real tests of American democracy and how those in power would treat whistleblowers who exposed wrongdoing within the revolutionary government itself.

In February 1777, ...

http://thehill.com/blogs/congress-blog/politics/345033-the-message-behind-national-whistleblower-day

Why is Mattis Declaring War on Whistleblowers?
Congress should investigate.
By PATRICK G. EDDINGTON • August 3, 2017

Is Secretary of Defense James Mattis creating a hostile workplace for Defense Department whistleblowers? Or is he simply carrying on an anti-whistleblower organizational tradition at the Pentagon that stretches back decades? An examination of recent events and the historical record suggests it’s both, and the implications for taxpayers and American national security are stark.

http://www.theamericanconservative.com/articles/why-is-mattis-declaring-war-on-whistleblowers/

YearOfGladAugust 26, 2017 9:30 PM

@Clive Robinson

Thanks for your discouraging/encouraging summary of automated-car-highway-telemetry several weeks ago.

I am glad to hear this idea will remain where it belongs: in the dreams of Urban Planning grad students and Donald Fagen devotees.

Meant to thank you at the time, fumbled the posting/reply. Thanks again.

hermanAugust 26, 2017 9:56 PM

@JG4: "If my memory is correct they
sent 100 soldiers after the king of Poland
after a lost battle and chased him all the way
to Spain from eastern europe."
Damn, I didn't realize you are *that* old. Did you work for Ol Gengiz or for Ol King Pole?

Clive RobinsonAugust 27, 2017 5:37 AM

@ Wael,

Speaking of "having a laugh", it appears that Apple iPhone users who have the AccuWeather App are being taken for a ride.

A researcher discovered the AccuWeather App was sending high precision GPS position data off to a data aggregator for advertisers without having ask/informed the user, and worse it was not respecting the UI settings to not send location data. AccWeather apparently issued an appology and an update. But... guess what the update still sent location data...

http://www.zdnet.com/article/accuweather-still-shares-precise-location-with-advertisers-tests-reveal/

I guess this is "the new economy" in action of "lie, steal, make appologetic noises when caught" the rinse and repeate...

Anyway I hope your weekend is progressing better than mine, it's the last "Bank holiday weekend" before Xmass in the UK thus people want to get away and have a little fun. Well the powers that be have decided to be "The Grinch before Xmass" by ordering major road and rail improvments. As these "Rail improvments" --as they are called-- actually "stop trains", and you are not alowed to use "alternative routes" you end up getting put on a bus. Which at other times is more nomally used for "school bus" services. Thus the busses are about as rudimentary as "an earth toilet" --and seamingly impossibly smells worse than one as well-- as well as being unusable by people with disabilities... Then to add to the fun the "Rail Replacment Bus" services get caught up in the traffic jams from the road works on motorways (freeways) because nobody bothered to co-ordinate the "improvments" so road and rail do not clash. Thus people spend hours on a bus with no toilet facilities...

This is a level of hell that Dante must have missed in his journey.

But it gets worse as "mobile data" is apparently not mobile on these routes through "Englands green and pleasant land" so you can not get relief by browsing, or even texting, which means "little fingers" get fractious and take it out on each other or their parents which adds further to the general level of misery.

Thus the "new economy" appears to be heading towards the joys of Communist "Five Year Plans". It must make all those --supposed-- job stealing East Europeans --
deluded Alt/right wing-- politicos keep talking about nostalgic for the "good old days".

veritrashAugust 27, 2017 6:46 AM

@Clive Robison (Accuweather)

I once lived in a partitioned house with Hungarian neighbors in the adjacent unit. We had separate networks and different ISPs. One day, checking the weather® as usual, I sat there a bit confused to see that the day would be "rezben napos", or presumably in English, mostly sunny. Oddly, only some parts of the website were in Hungarian, while most was in English. The neighbors weren't merely of Hungarian descent, but rather entirely Hungarian and spoke hardly a word in English beyond the expletive. I contacted Accuweather to inquire, expressing my curiosity regarding the coincidence, but aside from admitting it was "interesting", they refused to explain exactly why. Disclaimer: I never would have used accuweather had wunderground not maimed its UI into the mess it is now, along with strangely reducing the animated radar time-frame to six hours from 24.

JG4August 27, 2017 8:10 AM


I want to include in the overall security paradigm catastrphic failure of infrastructure and tie it back to the general case of system identification. There are numerous famous examples in the US (and around the world), most involving human factors. A nice example is the Mianus River bridge, over which I drove countless times back in the day, including right before and after it collapsed. The neighbors had complained about strange sounds (secret code for unfolding failure as a pin worked its way out of the steel from truck-induced vibration). The state highway department responded by inspecting the bridge and declaring it sound. Had they installed acoustic data loggers on that bridge and perhaps all the others, they would have been able to pinpoint the changing audio signature as well as the location of the offending part. I've mentioned microphone arrays before and that is spot on this example.

I've read that the Chinese railroads were built with countless levels of subcontractors and that oversight of fill quality was all but non-existent. I think that already have been some catastrophic failures tied to what arguably is corruption. I want to propose an elegant after-the-fact inspection system, where some trains continuously broadcast high-power sound/vibration through the wheels and read the response function of the track, ties and fill underneath. If there are weaknesses and the fill is shifting, the signature will vary over time in a way that provides a diagnostic. The vibration sensors on the train could be augmented by buried sensors in the ground at critical points. I assume that people much smarter than I am, who not entirely coincidentally have staggering research budgets, and teams of people to work on problems like this, already have implemented such systems in the US and Europe. And probably are working on them in China.

see for example,

Detection Of Structural Damages In Bridge Based On ZigBee Networks Using Sensors
http://www.ijcsi.org/papers/IJCSI-10-3-1-108-112.pdf

this makes a fifth application of GMR, beyond the three I was surprised to see a few years ago

Vibration Detector based on GMR Sensors - ResearchGate
https://www.researchgate.net/publication/224715354_Vibration_Detector_based_on_GMR_Sensors

Whoever brings inexpensive video surveillance to the villages and hamlets of south Asia to protect the peasants (those still alive after the peasant extermination programs) from venomous snakes and scorpions is going to get a lot of love from the villagers. These people have an innate fear of snakes that leads to a good story. I saw a half-Thai boy who had just started to walk teetering across some well-cut grass. He had never seen a snake before or even heard the word. As he came to a green garden hose in the grass, he jumped back in horror. It still makes the hair on the back of my neck stand up. Well explained in Consilience by E. O. Wilson, the famous biologist and Darwinist. This essentially is a comment on the shark surveillance in the news below.

on to the daily news dump

https://www.nakedcapitalism.com/2017/08/links-82717.html

...[some people call polydimensional analysis thinking hinky]

Why comedy is not universal BBC

...[there is a huge opportunity to use inexpensive surveillance to protect people from snakes and scorpions in the third world]

Shark-detecting drones to patrol Australian beaches Reuters

...[file under guaranteed profits for them are guaranteed losses for you. and, oh, by the way, if you don't pay enough, we can't guarantee that our system won't accidentally wipe out all human life. well, actually, no matter how much you pay, we can't be held liable]

Imperial Collapse Watch

Nuclear Missile Overhaul Falls to Small Pool of Contractors WSJ

...[surveillance]

Why a dumb phone is a smart move FT. I concur.

...[right to repair]

Volkswagen Engineer Gets Prison in Diesel Cheating Case NYT. But look at the length of the sentence…and consider the time’ll almost certainly be served at Club Fed.

[quite probably a response to hacking and a further indicator of peak irony at the end of empire]

New Cold War

How do you say ‘whoops’ in Russian? Podesta Group retroactively files more DOJ disclosures for pro-Putin work Washington Examiner. UserFriendly: “I for one am shocked, shocked!!!”

...[parallel construction will dodge that check and balance nicely]

Police State Watch

Court: Locating suspect via stingray definitely requires a warrant Ars Technica

[well covered already]

India

India Supreme Court: privacy a fundamental right Jurist

After Right to Privacy Ruling, Focus Must Now Be on Creating Robust Data Protection Laws The Wire

...[this ties back to private security organizations like La Cosa Nostra]

Ruby Ridge, 1992: the day the American militia movement was born Guardian

...[your threat model should include water]

Retired General: ‘Our Bases and Stations on the Coast Are Going Underwater’ DeSmogBlog

...[security posture: two eyes, each with 2 PI steradians of solid angle. a narrow overlap for binocular pecking. depth perception can be created by bobbing the head back and forth or by turning the head. energy-maneverability - can fly through dense foliage that will stop a larger bird of prey instantly. eats a high-fat diet from energy dense seeds. the geese example carry energy dense fat from plant fermentation and/or tasty meat]

https://www.nakedcapitalism.com/wp-content/uploads/2017/08/pexels-photo-207996-e1503804788504.jpeg

Gerard van VoorenAugust 27, 2017 8:40 AM

@ 1035-960,

Talking about the CIA and conspiracy, in October this year the remaining classified documents about the JFK assassination will be released to the public. I wonder how Trump tries to distract from this. Yet another war maybe? It's time for it. He hasn't reached anything yet so far and a "convenient" war is always a nice distraction.

veritrashAugust 27, 2017 8:58 AM

@ Gerard van Vooren
You don't really expect this said release of classified docs will be truly inclusive or even not directly misleading, do you? I suspect the subject will remain sealed for many years to come, despite the kabuki. Expect the same with events, eg insider trading, magnificent pyrotechnics etc, on 9/11.

Gerard van VoorenAugust 27, 2017 9:07 AM

@ veritrash,

I don't believe 9/11 was a conspiracy. That said, Bush knew that something big was about to happen and he didn't do anything about it. If he did then it would be a lot harder for him and his administration to push his agenda.

WaelAugust 27, 2017 10:45 AM

@Clive Robinson,

AccuWeather is still sending precise geolocation data to a third-party advertiser,

Use of a fake location app may help in some situations. On an iOS device, we have granular control on each app's ability to obtain location information. Forgot about android devices, it's been several years since I messed with one. One shouldn't rely on the apps's integrity to honor the choices we make.

Anyway I hope your weekend is progressing better than mine

It's coming along. Had a good night sleep for a change -- about 4 hours. Sipping a cup of tea outside on a gloomy Sunday morning. Don't feel like doing anything mentally stressful.

This is a level of hell that Dante must have missed in his journey.

I think I only read one of Dante's work in school about the cheating wife and her naïve husband. Dante punished the stupid in his 'stories', if I remember correctly. I know exactly what you mean. Been there, done that way too many times. But I was, surprisingly, more resourceful than you on one occasion - you don't want to hear the details of what I did.

and take it out on each other or their parents...

Parents, eh? In my case they took it out on the eleventh finger, figuratively speaking.

politicos keep talking about nostalgic for the "good old days".

The world is changing at an accelerated rate. Clear as daylight.

Anyway, how did your trip end? Safe and dry, I hope :)

keinerAugust 27, 2017 10:46 AM

@Gerard vV

"He hasn't reached anything yet so far and a "convenient" war is always a nice distraction."

Completely wrong perception. He has gutted the EPA and is doing the same with other federal agencies, consumer law, etc pp.

As Bannon wrote, let them cry on racism, we can do out nationalistic protectionism agenda in the meantime.

Perfect distraction!

Mall MosquitoAugust 27, 2017 11:42 AM

@keiner, Gerard van Vooren

That is a very interesting discussion you are having.

War is not a convenience. It is necessitated by the encroaching curtailment of our liberties which has been inflicted upon us by our enemies more and more over a period of many, many years. It gets to the point where these enemies have made our domestic lives so miserable in captivity and bondage that we seek any available excuse to go to war against them. The "convenience" or the "convenient" justification for war is only the straw that broke the camel's back.

Having said this, I was warned in Europe about being "too patriotic" — that is, cultivating and fomenting too "white" a nationalist agenda in a misguided attempt to right these wrongful encroachments upon our human rights and freedoms.

I actually visited an abandoned, literally gutted EPA building in Kansas City, Kansas. A live electrical transformer had been vandalized and had its cover ripped off, exposing the naked high-voltage metal terminals inside. Water was leaking everywhere from the interior of the building to the basement, which reeked of a strong odor of marijuana, which was no doubt being grown for some environmental government "research."

Regarding "consumer law," I just wanted to "consume" in peace the unadulterated food products I purchased and paid for at the grocery store. I didn't want to be a member of a grocery store "club," and I certainly never wanted to become a mental health consumer.

Gerard van VoorenAugust 27, 2017 12:11 PM

@ Mall Mosquito,

You are either a troll or at the wrong place. Anyway, I don't argue with "those guys". It just ain't worth it.

Mall MosquitoAugust 27, 2017 12:30 PM

@Gerard van Vooren

Must see: statue of a troll at the end of "Troll Avenue North" which runs under the Aurora Bridge downtown Seattle, Washington. Washington State Route 99, a.k.a. "Pacific Highway," a.k.a. "William P. Stewart Memorial Highway" runs over that same bridge, where it is known as "Aurora Avenue North."

CallMeLateForSupperAugust 27, 2017 1:25 PM

Yesterday I emailed a sibling to flesh out for her my long-standing, continuous loud objections to cellphones in general and smartphones in particular. Then I put apps in general under a microscope and railed for a bit about the holes so many of them have easily and silently punched in users' privacy.

This morning, the very first article I encountered was this one in The Intercept: "Hit App Sarahah Quietly Uploads Your Address Book"

"Sarahah, a new app that lets people sign up to receive anonymized, candid messages, has been surging in popularity [...] the app is collecting more than feedback messages. When launched for the first time, it immediately HARVESTS AND UPLOADS all phone numbers and email addresses in your address book. Although Sarahah does in some cases ask for permission to access contacts, it DOES NOT DISCLOSE that it uploads such data, nor does it seem to make any functional use of the information."

https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/

WaelAugust 27, 2017 1:55 PM

@CallMeLateForSupper,

Hit App Sarahah Quietly Uploads Your Address Book

I also saw it last week or the week before. It's an Arabic name meaning "Frank" or "Honesty", or something like that. The developer is a Saudi national called Zain El Deen Tawfeeq. Use google translate for this link:
https://www.alaraby.co.uk/medianews/2017/2/19/مؤسس-موقع-صراحة-لـ-العربي-الجديد-لا-تخافوا-على-خصوصيتكم

The Arabic words at the end say: "Don't be worried about your privacy" or basically "Don't fear that your privacy will be violated" - yea, right! Now I feel warm and fuzzy that my address book is uploaded without my consent.

I wouldn't be surprised if one of the giant social media companies acquired it. I don't use it. Why they silently upload the user's address book is very fishy. Seems some 'entity' is behind it, or the developer just thought he can get away with it - but for what purpose?

Mall MosquitoAugust 27, 2017 3:29 PM

for what purpose?

Other people's personal information is useful for any and all sorts of legitimate and illegitimate marketing and identity theft.

The more you know about another human being, the easier it is to get into that human being's pocketbook.

It's worth hard cash money.

ttsAugust 27, 2017 4:02 PM

Draft Checklist- Day 0-a Windows

I will be working on a windows 7 computer ### soon; user has around ten years of work on it.

Day 0 tentative checklist

1) boot Knoppix or like live DVD on xxx, "nuke" usb b/u hdd, "nuke" usb thumb drive (I plan to do all this on xxx; obviously there is risk to data loss)

2) use Knoppix to copy folder documents&settings to usb thumb; use dd to image xxx to usb b/u hdd.

3) reboot xxx into Windows 7

4a) download fciv.exe from Microsoft

4b) download Belarc Advisor http://www.belarc.com/; compare md5 and sha1 hashes to hashes found elsewhere

5) inventory stuff on xxx with Belarc Advisor printout

6) trash anti-virus app and install mse (Windows Defender for Windows 7)

7) do full disk scan

8) see if "pup"s still there; if pups still there do 4b with Malwarebytes

9) review what is on xxx with customer and discuss their needs and wants and what programs and features to start deleting or updating, if any

Input would be appreciated.

I plan to ignore routers, other computers, and the like while proceeding with 1-9.

Dirk PraetAugust 27, 2017 4:06 PM

@ keiner, @Gerard van Vooren

He has gutted the EPA and is doing the same with other federal agencies, consumer law, etc pp.

It takes vision, courage, time, effort, skills and plenty of other resources to build stuff. But it only takes one idiot with a pen or a bag of dynamite to bring it all down again. Destruction is never an achievement. It's the weapon of fools and evil men.

NondisclosureAugust 27, 2017 4:20 PM

@apps calling home

How many app developers check and/or even care what their apps do under the hood when they use marketers SDKs and how many users care and/or check what the apps do under the hood.

Apps that are given unlimited access from dialers to character input that are essentially over-the-shoulder surfing for the likes of Facebook.

How many people would if asked directly in a clear and transparent manner that all the contacts' details will be sold to Facebook and the like and togethrr all their browsing history and everything they enter into the device is fair game for selling bto anyone willing to pay.

I felt like I had been grossly violated when despite being totally against Facebook, I found out that for several months one app was continuously sending data to Facebook. The free app was gratuitously robbing my device's data and selling it to Facebook.

There are people who swore off Facebook who do not know they are being sold out and robbed naked by Facebook

WaelAugust 27, 2017 4:29 PM

@Mall Mosquito,

Other people's personal information is useful for any...

There are two types of knowledge: What and Who. Your description is applicable to the'What'. The 'Who' is the type of information that's interesting to the Spook-craft industry.

@hentity,

Why for art, dost one weareth gloves?

Agent art fighteth spook-craft :)

RachelAugust 27, 2017 4:30 PM

Tumbeweed

thanks for your contribution. Well, we can't wait to read your superior intellectual and insightful discourse surpassing JG4's. We're waiting. Or are you as substantial as your name?

JG4
I love your posts particularly as you discourse beyond just NC links. I find your thoughts brilliant. hope you can recognise your esteemed contribution here

Mall Mosquito
You've been saying the same things for a very long time. You keep changing your name. I knew you as Bumble Bee amongst others.

Clive
you wrote about issues of dietary carbohydrates a couple squids back. primary Ketogenic diet site - all text at that
ketogenic-diet-resource.com
very helpful, everything you need to know to implement

Tyr
Some war histories, excellent!
The 2nd World War John Keegan
The Last Lion -Manchester (on Churchill)

All
There is never , ever, an excuse for rudeness. What about patience, inclusiveness, expansion? I thought people here were radical and not prone to following group think. Reminds me of the story of the psychedelic pioneers in the sixties. One dinner they all sat around rapping about changing world conciousness: but no one wanted to do the washing up of the diner plates. Please consider, a scathing commentary
vibe influences the emotional experience of tens of thousands of people reading this. I am sure they already have enough concerns affecting their mood

Mall MosquitoAugust 27, 2017 4:46 PM

@Wael

What? They want your money.
Who? They want your freedom.

@Rachael

Mall Mosquito
You've been saying the same things for a very long time. You keep changing your name. I knew you as Bumble Bee amongst others.

Some people are very slow to learn, and very aggressive in depriving me of my money and my freedom.

Clive RobinsonAugust 27, 2017 5:36 PM

@ Wael,

Anyway, how did your trip end? Safe and dry, I hope :)

There are two types of trip, those that were highlighted in the song "Wandering Star" where you just go, and those where you go and come back again.

Thus whilst I feel like I should "bless a star" that I arrived to relax and enjoy... I have instead a sinking feeling that the worst is yet to come on the return :-(

I sometimes think that the perceived level of incompetence that gives rise to such "improvment" misery, is in fact artful maliciousness from on high. Where they take great pleasure from being deliberatly spiteful to the mainly innocent "wage slaves". Just to ensure the slaves know that they have not even made it to the bottom rung of the ladder as they feel their faces ground into the ground and walked upon...

I could be wrong but that would require incompetence to have "natural selection" importance, which is an even more frightening prospect...

Mall MosquitoAugust 27, 2017 5:52 PM

Correction to my above post:

What? They want your money and your property.
Who? They want your freedom and your life.

Nothing is enough for those bastards. They will stop at nothing till they are hunted to extinction.

Clive RobinsonAugust 27, 2017 6:17 PM

@ Mall Mosquito, Rachel,

Some people are very slow to learn

Sometimes, but for many it's like a dog with a favourite bone. They keep gnawing in the same way with the bone they have picked, no matter if there is a meatier one closer, that old bone is a friend to be treasured.

Which means that those with eyes see the same bone and thus have no reason to pay attention to the name on the collar.

By the looks of it there are atleast three others currently under "new names". One of whom, who has a "conspiracy" bone they chew upon very noisily. They got called out for it a couple of days ago and have not commented under that handle since. However they are possibly back again under a new name with a new conspiracy to chew on.

As was once observed "we all have a favourite itch we scratch" or totem we play with. Provided we are low key or atleast not blatant with our scratching / fiddling "society" generaly makes no comment. If however we are not just overt, but blatantly so, then society kicks back.

I have my itches but I try --possibly unsuccessfully-- to scratch them either discretely or humorously. Hopefully society is tolerant about them, or if not polite enough not to shatter my illusions ;-)

@ Wael,

No this is not an opportunity for you to make my ears go pink by trotting them all out in excruciating detail 0:)

WaelAugust 27, 2017 6:33 PM

@Clive Robinson,

but that would require incompetence to have "natural selection" importance, which is an even more frightening prospect...

Counter-intuitive things happen in the short term. Natural selection requires donkey's ears pun intended to produce supporting results. Meaning. We're unlikely to witness it in our lifetime.

No this is not an opportunity for you to make my ears go pink

We're getting closer to subliminal shared secrets. I typed the previous reply before I read what you said. Strange, eh?

No, I'm not implying a connection between extremely long times and your soon-to-be-pink ears. Wait a second! They already went pink! :-)

Clive RobinsonAugust 27, 2017 6:44 PM

150 Alan Turing letters found in Manchester

They were found in a red cardboard folder in a dusty old filing cabinet, they come from the last years of his life and in part show some of his thinking on AI,

https://www.theguardian.com/science/2017/aug/27/collection-letters-codebreaker-alan-turing-found-filing-cabinet

Whilst the article implies that most of the information is known from other sources, this by no means that they are worthless to researchers. However the papers also potentially have a very high financial worth as one of his notebooks sold for over a million dollars nearly a year and a half ago, thus making them well "worth their weight in gold".

https://www.theguardian.com/science/2015/apr/13/alan-turings-notebook-sells-for-more-than-1m-at-new-york-auction

WaelAugust 27, 2017 6:53 PM

@Clive Robinson,

150 Alan Turing letters found in Manchester

On that letter at the left, addressed to Mr. Wood(?)..,
The game between Princeton and Manchester...
What game, and which Princeton? US or UK?

Was Turing betting on the games?

RatioAugust 27, 2017 7:00 PM

@Clive Robinson,

[One of at least three others currently under "new names"] got called out for it a couple of days ago and [has] not commented under that handle since.

An ever so delicate use of the passive voice…

Well, may the Flying Spaghetti Monster bless whoever it was.

Dirk PraetAugust 27, 2017 7:11 PM

@ Mall Mosquito

That is a very interesting discussion you are having.

It kinda was until you broke into it. Please go away. There's already more than enough soapboxing and off-topic ranting going on on this forum as it is.

@ Rachel

You keep changing your name.

The pot and the kettle, @Jen ? 8-)

veritrashAugust 27, 2017 7:15 PM

@Clive
I hope the term "conspiracy" hasn't been directed at the content of my disposable handle; I never use the word, mostly because there is no common usage other than the insane, lazy or pejorative, none of which appeal to me much nor do justice to the subjects they are slewed at. van Vooren's usage of the word, I think, is lazy, and not applicable at all to my comment, although no offense should be taken by this and I value Vooren's comments. Logically, if he is waiting for disclosure of an event that should legally be transparent in the first place and is grossly overdue from inception, some measure of dubious activity is implied, no? The data has been withheld thus far for the greater good, with exclusively wholesome intent? Really? I hope I am typing at phantoms, for I'd be sorely disappointed to witness what have hitherto been the stalwart critical thinkers of this blog for so long going flaccid in the gourd. I'll not digress into the actual topic of the big bad word itself, and I ardently hope it isn't necessary either. Yes, I'm trying my best not to digress and it's difficult. But I know I've read what I've read in so many threads and no regular here is that dense. Or are they? Common mate, let's shatter some illusions, some big ones.

Disclaimer (you'll have to take my word or run some analysis): I rarely comment here and never deliberately troll. I prefer meat on the bone, but never mistake it for a good cigar.

tamper evidentAugust 27, 2017 7:44 PM

Some time back at ars technica, I thought that I read something about glue and sparkles, speckles, or something to help reveal physical tampering. Now I can't ffind the link. Any recommendations for a small wifi router, with internal antenna(s), to try to identify opening the device. I think using a camera was part of the technique. I don't want to interfere too much with the wifi.

ThothAugust 27, 2017 8:14 PM

@tamper evident

Forget about using some glue and sparkles. Just take a vault and keep your hardware inside. A small hole for the cabling and reinforcing the cabling hole will be much more useful.

ThothAugust 27, 2017 11:02 PM

@Clive Robinson, ab praeceptis

Time for me to use the gitblog for the first time to get something done :) .

How Intel ID Can Enable Persistent Device Identification
===========================================

Abstract:
FIDO authentication has been an important milestone in Ientity Protection by incorporating usable hardware protected tokens and biometrics as a second factor authentication with other traditional authenticators (i.e. PINs and passwords).

Intel have always had an Identity Protection suite that leverages the so-called Trusted Execution Environment (a.k.a Intel SGX) for 'secure storage and transaction' via it's TEE/Intel SGX environment.

Intel has decided to extend it's Identity Protection to ubiquitious multi-factor authentication which includes the ability to use the Identity Protection capability in a 'silent manner'.

Link: https://github.com/thotheolh/gitblog/blob/master/security-thoughts/Backdooring_In_Intel_ID.md

ab praeceptisAugust 27, 2017 11:50 PM

Thoth

Thank you, well done!

Bad news for me: no more lenovo notebooks; I liked them but I have a policy that I try very hard to follow even if that's painful: I stay away from products from companies engaging in crapware and snakeoil schemes. Which includes i.a. all with their logos presented as fido (BSAL-4+) supporters.

Some will probably call me hardcore and/or weirdo but there is imo a clear BS sign, namely usage of the word "experience" for something they want to sell. Well, a propos experience, mine is that whenever they try to sell some "experience" it's snakeoily crap. I always take that word (in marketing or PR contexts) as a clear "stay away!" signal.

In case someone is more easily trusting than myself, the "just insert the dongle and put your finger on it" line (dongle typically being usb, of course, as usb is oh so super-safe) should do it for you. You'll hardly find them shouting out "It's crap and snakeoil. Do not trust us!" any louder than that.

That said, my answer to the question whether that fido stuff (to avoid saying "con op") will be a success I guess the answer is a clear YES!

From what we've seen so far snakeoil with big names in it's back and a promise of "security" and "ease of use" has excellent chances to f*ck the 95% of the consuming population who deactivated their brain to make room for more "consumer experience".

And frankly, I like fido. After all we've had enough warning shots; those who still carelessly buy "security experience" are asking for it and deserve no better.
I think, it's time for the nsa to get into the cloud business and to give away low price access products. After all, why should a "being eavesdropped" experience come for free?

ThothAugust 28, 2017 12:46 AM

@ab praeceptis

Re: FIDO

I wouldn't say FIDO is good enough for me either as the scheme is still crap as usual. It is only that tiny bit better than purely password or some picture login thing.

Put the finger on the button (U2F scheme) isn't my preferred manner as they have a better scheme called the UAF scheme where it becomes essentially a public key base login but that isn't good enough as the UAF scheme allows for a ton of biometric which we know is nonsense.

The 95% are not interested in high assurance security like we do. They are more interested in not having to listen to news regarding credential breaches due to password leaks. They see things more simply than we do and so FIDO is just right for them who don't want high assurance security.

Also, isn't Intel in bed with NSA :D ?

That's the whole point of the article which is another warning that Intel is sneaking more crap into their already nonsense filled hardware and the myth of some 'TEE/Secure Enclave' which is so widely marketed these days as the ARM TZ or Intel SGX is now another literal Golden Sticker in itself and companies are taught to look for the ARM TZ/Qualcomm Haven/QSEE and Intel SGX branding and trademark for 'Enterprise (In)Security' and meet 'compliance' (i.e. the so called GDPR, HIPAA, PCI, EMv ...).

tyrAugust 28, 2017 1:49 AM


@Herman

Itwas from Harold Lambs book
Ruler of all Men. I read it in
the 1950s so might have lost a
part over the years. They call
me great grandpa for a good reason.

@Rachel

Thousand Hour Day is a pretty good
military book unless you are a
Polish patriot type.

Clive RobinsonAugust 28, 2017 2:27 AM

@ Thoth,

With regards the klepto attack, you might want to mention Adam Young and Moti Yung who invented the idea.

I occasionally recommend their book "Malicious Cryptography" on this blog and other places.

There are a number of problems with FIDO (which by the way did not invent the idea) that I do not like. The most obvious is "all your eggs in one basket" where the secret eggs can be cracked by a side channel attack on the device on which the basket rests.

Since the 90's I've been going on about the problems with authentication tokens. The two main issues being,

1, The communications end point being beyond the security end point.

2, The human not being part of the authentication chain.

Obviously having the keychain --basket-- of keys --eggs-- on the device which communicates just invites an attack either as an "end run" --to the UI where the plaintext is-- or by stealing the keychain and doing an off line attack against the weakest part which is the lack of entropy in the user plaintext input.

But worse from an attack perspective is the vulnerability to collusion between the keychain software and some external entity via the security chain. This can be unintentionally via a standard/protocol/implementation mistake creating an attack vector or quite intentionaly via a deliberate backdoor made to look like an unintentional mistake.

To reduce this possability you need to create a choke point in the security chain where communications between the keychain software and the external entity can be not just confined to a single channel but that the channel be actively monitored as well. In the past I've argued that this should be an "airgap" with a very simple protocol and that the human be the bridge across the gap.

I will have further "mull this over" today and post any further thoughts.

Clive RobinsonAugust 28, 2017 2:38 AM

@ Thoth,

Oh I forgot to mention who originated the idea of using PubKey to provide anonymous authentication.

It was Iang at what was the "Financialcryptography" blog. He came up with the idea as a way to reduce "moderator" load. The idea being that the blog moderator could add a reputational "trust value" to a PubKey. Thus for each blog-rule passing comnent made the reputational value would rise, and the moderator could thus concentrate / prioritize attention to the low values, which would be "held for moderation" whilst vakues above a threshold would not get held for moderation.

I've mentioned it here a couple of times in the past when chatting with @Nick P and others about potential improvments to this blog (like the ability to edit comments and post graphics etc).

Wesley ParishAugust 28, 2017 3:31 AM

Entirely On-Topic contribution:

https://www.infoworld.com/article/3219831/java/openjdk-may-tackle-java-security-gaps-with-secretive-group.html

The proposed OpenJDK (Java Development Kit) Vulnerability Group would provide a secure, private forum in which trusted members of the community receive reports on vulnerabilities in code bases and then review and fix them. Coordinating the release of fixes also would be part of the group’s mandate.

Coordination of fixes makes sense; working on reported vulnerabilities makes sense; restricting it to trusted members makes sense.

Allowing Oracle anything more than an advisory role though would be the thin end of the wedge. We've seen Oracle waste everybody's time and cast Java into doubt with its stupid Java IPR case.

Now back to the usual diet of conspiracy theories, ad hominems and ad lapidems, etc.

ThothAugust 28, 2017 3:44 AM

@Clive Robinson, ab praeceptis

It is something like an informal article thus I did not mention them in name but added their works in the links section.

Usability vs security is always going to be the problem and anything ranging from authentication tokens to cryptographic keys and biometrics, whichever makes the life easier, people will tend to lean towards it and as per usual, security is always not so usable and thus people then to make bad decisions when coming to decide on such trade offs.

Also, China wants to float up the idea of using actual names for online identification yet again. One of those 'True ID' scheme that simply never dies despite being disastrous to online privacy and security. Note that one of the reason the Chinese Communist Party wants real names to be collected for identification online is for the sake of 'promoting privacy and security'. The ease up this time is that pseudo-names can be used but it must be backed by a real name somewhere in the service provider's database for record and investigative purposes when needed.

Link: http://www.theregister.co.uk/2017/08/28/china_to_identify_commentards_with_brrealname_policy/

ThothAugust 28, 2017 3:46 AM

@Wesley Parish

I wish there is something like a Rust, Ada or Haskell variant of smart card scripting language so I can fully ditch JavaCard and the entire Java stack for smart card development.

65535August 28, 2017 4:22 AM

@ Andrew

“Laptop with physical switches for microphone, camera, radio”

Good. I have it bookmarked.

@ Tatütata

“Jefferson was most enthusiastic about, such as the “perfect cypher,” designed for him by the mathematician Robert Patterson”-Atlantic

Too bad it was not used.

@ gordo

Misused Espionage Act Targets Government Whistleblowers –[EFF]

This looks like a real misuse of power.

@ Clive Robinson

“AccuWeather App was sending high precision GPS position data off to a data aggregator for advertisers without having ask/informed the user” –zdnet

Nasty stuff.

This is more evidence that “smartphones” or iPhones have huge attack surface areas. I guess when you trust Apple you get the pole.

@ CallMeLateForSupper

“Sarahah does in some cases ask for permission to access contacts, it DOES NOT DISCLOSE that it uploads such data”-intercept

That is a terrible thing. I see it is linked to Snapchat which is supposed to be secure. That makes Snapchat not so secure.


@ Tom Trottier

I looked at the YouTube video in the Register piece that demonstrated the nonlinear audio processing exploit.

That is interesting and could be a huge attack surface given it works on Google Now and Nexus 5X with Android 7.1.2 and probably others. It appears totally silent and confuses the voice recognition software. I has shades of Bad Bios style of attack on a wider set of devices.

I could see a lot of TLA uses of such a device in airports and other public buildings assuming a bit of perfection.

YouTube video of attack:
https://www.youtube.com/watch?v=wF-DuVkQNQQ&feature=youtu.be

mozAugust 28, 2017 4:33 AM

JG4 your memory of events at the Mianus bridge doesn't seem to match with the accident report. In the section on preceding events noises are mentioned only from a civil engineer the night before the collapse. There is no additional inspection mentioned. Any idea why?

veritrashAugust 28, 2017 4:35 AM

Systemd and the general decay of Linux
Recently discovered that pressing ctrl-alt-del even after disabling the function via systemctl mask ctrl-alt-del.target still reboots the system if it's pressed more than seven times while not in x. The only rationale I've seen for this (other than pure arrogance) is that if someone has physical access to the system, it's pwnded anyway. So much for multi terminals and locked computers.

I know regs around here have no faith in Linux, but at least it was usable before this diseased genesis. I fear the coming Poettering Inquisition which will write all souls to /dev/null for the blasphemy of daring to question it, and I do, but not here. Just wanted to mention the above and vent a bit.

Dirk PraetAugust 28, 2017 7:13 AM

@ Wesley Parish

Now back to the usual diet of conspiracy theories, ad hominems and ad lapidems, etc.

+1

Did you have anyone in particular in mind ? 8-)

@ Thoth

How Intel ID Can Enable Persistent Device Identification

Most of these Intel AMT, Anti-Theft and SGX features are useless to the average consumer since they generally require (paid) management console software to be of any benefit anyway. As a rule of thumb, disable everything you can unless needed/required in a corporate context, and for which you can find plenty of information with a minimum of Google Fu. Which is not to say that we can preclude the existence of "hidden features" or other backdoors that can either not be disabled or covertly re-enabled. I refer to the Lenovo Superfish-M/S WPBT and LSE APT's, to name just a few.

In essence: there is little way around this kind of stuff, the only alternative being sticking to aging hardware that pretty soon will no longer be able to support contemporary apps and operating systems as I have pointed out on previous occasions.

I have recently acquired a brand new, high-end Lenovo Thinkpad. It's a beautiful and powerful machine (i7/16Gb RAM), but it's on a subnet of its own, carefully seperated from the rest of my stuff, with all ingress/egress traffic monitored closely.


@ 65535, @ Andrew

“Laptop with physical switches for microphone, camera, radio”

Librems seem like a good choice, but I find them pretty expensive compared to other COTS laptops, and regularly short in supply.


@ 65535, @ gordo

Re. Misused Espionage Act Targets Government Whistleblowers

The are plenty of ancient laws and SCOTUS rulings out there that are being twisted and turned to fit contemporary cases. The 1917 Espionage Act or 1979 Smith v. Maryland are just a few examples.

JG4August 28, 2017 7:38 AM


@all acting in good faith - thanks for the continued excellent discussions. if I am guilty of soapboxing, it is on the point of holding people accountable for rule of law and preserving civilization. without those, it is just another tribal war over the ashes of civilization. it probably is clear to all of the professionals here and elsewhere that security is an adaptive system with figures of merit.

@herman - the comment about the King of Poland wasn't by me, it was directed to me. you can needle tyr about his longevity

@rachel - thanks for your kind words

@moz - My memory was a lot sharper 34 years ago. It is possible that the "History will be kind to us, for we shall write it" factor was in play when the report was written. Perhaps the residents complained timely, but the state highway department were slow to respond. I remember very clearly hearing a PE say, "The residents complained for weeks about the strange sounds..." I thought those comments included the inspectors coming sooner than the night before, but I may have garbled the timeline of when the inspection was done or they may have garbled it for image reasons. I don't claim 100% accuracy, but I want to at least get the broad strokes right. My bigger point is that surveillance of infrastructure is not only permissible, it's a great idea. Creating feedback paths to warn of danger is OK as long as they don't trample legal or Constitutional lines. Framing adaptive security as a system identification exercise is a powerful approach to not just understanding, but to engineering. Optimal feedback and system observation are key features of Kalman filtering. I'd like to understand that better. I am quite certain that it has applications to computer security, but the transition from simple vector math to the nonlinear reality of computing isn't going to be trivial. Especially when the adversary is a consortium of state-level actors.

I trust that Project Mockingbird is well known in these circles. I will have more to say later about the feedback paths regarding image. The short version is that politicians are narcissistic.

http://www.zerohedge.com/news/2017-08-27/internal-cia-memos-expose-media-agencys-principal-villains-urges-intervention-journa

@Clive

http://www.zerohedge.com/news/2017-08-28/india-and-china-agree-disengage-troops-along-disputed-border-area

thermo-rectal probing in the news. the sensation of heat from chili powder is a result of ion-channel activation of a temperature sensing system. a nice example of signal spoofing or repurposing. just for the record, I am not singling out India for criticism here. the US and China must be competing for most ambitious state sponsors of torture on the old blue marble.

The demons within: India's tryst with torture
http://www.aljazeera.com/indepth/opinion/2017/08/demons-india-tryst-torture-170826073345639.html
70 years on from independence, state torture is still prevalent in India. It's time to enact anti-torture laws.

...[the NYPD were found to have used the first part of this technique in the 1980's, but mysteriously none of the other officers were able to hear the screams]

"A rod was inserted up my anus and vigorously stirred thereby causing severe pain and bleeding," he said. "The wooden rod broke inside my anus. Chilli powder was also applied to my eyes, anus and genitals as a result of which I could not urinate."
...
In 1997, India signed the United Nations Convention Against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment, but is yet to ratify it. In 2010, the Prevention of Torture Bill was prepared as an enabling legislation to ratify the UN convention, but it lapsed with the dissolution of the 15th Lok Sabha in May 2014. Today, AFSPA is still in force, but there is still no legislation to prevent torture in India.
[this is a result of positive feedback and endemic psychopathy]
In the absence of necessary checks, torture follows a constant, sometimes cyclical pattern. It repeats itself in different locations, with the same, or aggravated cruelty.

Interestingly enough, the pain from chili pepper is addictive. It causes release of endorphins, which produce a very pleasant relaxation after exercise, after various spicy meals, and deep body massage. Not sure about torture. The evolutionary purpose of capsaicin is to discourage rodents from eating the seeds, which makes chili pepper a good way to discourage rodents from being in your house. Birds are not sensitive to capsaicin, and are able eat and spread the seeds, with some nitrogen fertilizer, over a much larger area than rodents. Also, rodents tend to chew seeds open to get the high-energy contents, whereas the birds are mostly after the pulp calories.

The capsaicin receptor: a heat-activated ion channel in the pain pathway
http://www.nature.com/nature/journal/v389/n6653/full/389816a0.html?foxtrotcallback=true

see also:

Binding of Capsaicin to the TRPV1 Ion Channel - Molecular ...
Transient receptor potential (TRP) ion channels constitute a notable family of cation channels involved in the ability of an organisms to detect noxious mechanical ...
http://pubs.acs.org/doi/abs/10.1021/acs.molpharmaceut.5b00641

This isn't the article that I mentioned when I linked the one about how people treat information in a persistent state of class war. Any piece or combination of pieces of information creates or reveals one or more attack surfaces. In some ways, this article is better than the one that I misplaced. This can be advance reading about how gangs, police and various other organizations are adaptive systems.

Origins of the Sicilian Mafia: The Market for Lemons
https://www.nottingham.ac.uk/credit/documents/papers/12-01.pdf
by Arcangelo Dimico, Alessia Isopi, Ola Olsson

game theory: "men of honor" just as the data encryption-hostage pirates have to maintain sterling crediblity with regard to honoring payments and delivery of goods (however ill-gotten), the mafia insurance offering has to maintain full credibility both with regard to providing the "advertised" protection, as well as with making good on threats. hence the gruesome and very creative signaling that has been seen with the Mexican drug cartels and showcased in various mafia movies like The Godfather. when you can't enforce contracts within the legal system, they are enforced outside the legal system, breaking the state monopoly on violence. if the US and Mexico are viewed as elements of a system, then the problem is clearly a result of US consumer demand and Mexico's dependence on drug traffic to produce income. not so different from Afghanistan and Laos. and the prohibition experience in the US that propelled the Capone and Kennedy cartels to fame and fortune.

As Mexico's drug cartels fracture, violence and travel warnings soar
https://www.dallasnews.com/news/mexico/2017/08/25/mexicos-drug-cartels-fracture-violence-travel-warnings-soar

on to the daily news dump

https://www.nakedcapitalism.com/2017/08/links-82817.html

...[parallel construction can defeat checks and balances in a trice]

Police State Watch

California passed a law boosting police transparency on cellphone surveillance. Here’s why it’s not working LA Times

...[great advice for this forum]

The 10 Commandments of Rational Debate [logical fallacies explained] Relatively Interesting. The Review Kev: “Old but relevant.”
...
1. Though shall not attack the person’s character, but the argument itself. (“Ad hominem”)
2. Though shall not misrepresent or exaggerate a person’s argument in order to make them easier to attack. (“Straw Man Fallacy”)
3. Though shall not use small numbers to represent the whole. (“Hasty Generalization”)
4. Though shall not argue thy position by assuming one of its premises is true. (“Begging the Question”)
5. Though shall not claim that because something occurred before, but must be the cause. (“Post Hoc/False Cause”).
6. Though shall not reduce the argument down to only two possibilities when there is a clear middle ground. (“False Dichotomy”)
7. Though shall not argue that because of our ignorance, the claim must be true or false. (“Ad Ignorantiam”).
8. Though shall not lay the burn of proof onto him that is questioning the claim. (“Burden of Proof Reversal”).
9. Though shall not assume that “this” follows “that”, when “it” has no logical connection. (“Non Sequitur”).
10. Though shall not claim that because a premise is popular, therefore, it must be true. (“Bandwagon Fallacy”).

...[one of the two largest surveillance platforms ever built. the other three horsemen of the tech apocalypse are playing catchup with Google and Facebook. I was photographed by an Apple camera car last week. wish I would have been quick enough to snap a picture of it.]

Is Facebook Staring Down Its “AOL Moment?” Mark St. Cyr (furzy). And, if true, not a moment too soon.

...[peak irony; navigation and control systems.]

Imperial Collapse Watch

Investigators Repeatedly Warned Navy Ahead of Deadly Collisions WSJ

Big Brother IS Watching You Watch

ICE to Outsource Data Collection on 500,000 People Per Month Truthdig

Big Tech can no longer be allowed to police itself FT

Europe’s next competition clash: Online data Politico

...[@Clive]

India

Doklam Stand-Off Ends: Indian Troops Withdraw, China Says Will “Exercise Sovereign Rights” The Wire

Bob PaddockAugust 28, 2017 7:52 AM

For those with interests in unusual antennas check out the book Plasma Antennas by Dr. Theodore Anderson PhD. Tells how to build them and why you'd want too do so. Ted's site is:

http://www.ionizedgasantennas.com

The security implication is that a Plasma Antenna that is turned off can not be detected, unlike many dipoles.

Example, experiments have demonstrated that a Plasma Antenna, along the lines of a NE2 bulb family, can also simultaneously be used as a video detector/demodulater around 10 GHz.

Gerard van VoorenAugust 28, 2017 8:05 AM

@ keiner,

You are right about the distractions. But I am still very curious about the data that is gonna be released in October. Well, we will see.

albertAugust 28, 2017 10:14 AM

@Bob Paddock,

Re: Plasma antennas. This is fascinating stuff. Somewhere standard fluorescent tubes are mentioned. Imagine huge banks of fluorescent tubes that look like standard lighting, but are actually antennas. The reflectors for downward-directed lighting could be white plastic. Great for greenhouses:)

I have no time to pursue further...

. .. . .. --- ....

JG4August 28, 2017 12:23 PM


@Bob Paddock and albert

Thanks for the comments on plasma phenomena and antennae. It jogged my remaining neuron about this:

Woody Norris shows off two of his inventions that treat sound in new ways,
and talks about his untraditional approach to inventing and education.

http://ted.com/talks/woody_norris_invents_amazing_things

At least one of his TED talks mentions plasma antennas and I was naïve enough to think that he had invented them. Maybe he reinvented them.

I had noticed in the 1970's that the breakdown voltage of neon bulbs is affected by light and I had been meaning to try that again with blue and UV LEDs, which are far more advanced than what I had then. I wasn't clever enough to realize that the phenomenon could be useful, except with regard to one other data point and the thought that it is a convenient way to trigger fairly high voltages from TTL or CMOS logic. There is some kind of vacuum or gas thyratron-like device that can be triggered with light. It may be used in physics research or even nuclear devices. I've never worked on nuclear technology, so it is open-source intelligence to say that the arrival of inexpensive femtosecond lasers represents a paradigm shift in implosion technology. We have to come up with the political maturity to navigate the dissemination of vast destructive powers.


Bob PaddockAugust 28, 2017 12:41 PM

@JG4

Earliest reference I've come across for Plasma Antennas is in the early 70's, with a video detector out of Israel.

Yes they are light sensitive.

You might find this 'Twinkle Light' made of NE2 bulbs of interest: http://www.tinaja.com/glib/muse136.pdf.

Makes use of the Negative Resistance area of the Plasma. Don't know of anyway to make one based on LEDs. If want to play with Negative Resistance at lower voltages look up Lambda Diodes.

The Abnormal Glow region of the Plasma may be sensitive to other esoteric phenomenon....

vas pupAugust 28, 2017 1:16 PM

http://www.bbc.com/news/technology-40935771
Nigerian Oshi Agabi has unveiled a computer based not on silicon but on mice neurons at the TEDGlobal conference in Tanzania.

The system has been trained to recognize the smell of explosives and could be used to replace traditional airport security, he said.

Eventually the modem-sized device - dubbed Koniku Kore - could provide the brain for future robots.

Experts said that making such systems mass-market was challenging.

While computers are better than humans at complex mathematical equations, there are many cognitive functions where the brain is much better: training a computer to recognise smells would require colossal amounts of computational power and energy, for example.

Mr Agabi is attempting to reverse-engineer biology, which already accomplishes this function with a fraction of the power it would take a silicon-based processor. "Biology is technology. Bio is tech," he says. "Our deep learning networks are all copying the brain."

He launched his start-up Koniku over a year ago, has raised $1m (£800,000) in funding and claims it is already making profits of $10m in deals with the security industry.

Milo M.August 28, 2017 1:44 PM

re: JFK records release:

https://www.archives.gov/research/jfk/processing-project

"Approximately 88% of the records in the Collection are open in full. An addition 11% are released in part with sensitive portions removed. Approximately 1% of documents identified as assassination-related remain withheld in full. All documents withheld either in part or in full were authorized for withholding by the Assassination Records Review Board (ARRB), an independent temporary agency that was in existence from 1994 to 1998.

According to the Act, all records previously withheld either in part or in full should be released on October 26, 2017, unless authorized for further withholding by the President of the United States [emphasis added]. The 2017 date derives directly from the law that states:

Each assassination record shall be publicly disclosed in full, and available in the Collection no later than the date that is 25 years after the date of the enactment of this Act, unless the President certifies, as required by this Act, that –

(i) continued postponement is made necessary by an identifiable harm to military defense, intelligence operations, law enforcement or conduct of foreign relations; and

(ii) the identifiable harm is of such gravity that it outweighs the public interest in disclosure.

The Act was signed by President Bush on October 26, 1992, thus the final release date is October 26, 2017."

"Have any agencies appealed the release of their records?

As of March, 2017, NARA has not been notified that any agency has appealed release of their documents. However, it is our understanding that agencies are still reviewing the documents subject to release in October 2017."


"How likely is it that there could be a major revelation in the material?

The ARRB considered the relevancy of each document to the assassination events when they determined which documents would be released during their tenure and which could be postponed until 2017. The ARRB cast a wide net in what they considered assassination related and included records on topics not specifically related to the assassination and the investigations into the assassination. While NARA cannot comment on the content of the records, we assume that much of what will be released will be tangential to the assassination events. [emphasis added]

Are we going to see everything, or will some documents remain secret forever?

NARA is trusted with preserving our archival holdings permanently and holds that all records in our legal custody will eventually be available for research. That said, there are categories of records in the collection that, in accordance with the Act, will not be released in 2017. Sections 10 and 11 of the act discuss grand jury information and records held under section 6103 of the Internal Revenue Code (tax return information) as well as records covered by a specific deed of gift. We have identified a small number of records, or portions of records, that fit into these categories. For all other records, how long records stay withheld after 2017 will be determined by the President, who has final appeal authority."

veritrashAugust 28, 2017 1:55 PM

@Milo M

I think that pretty much puts the matter into perspective, about as effectively as possible. It would also be difficult to throw stones at (ad lapidem/lapidation) or dismiss the cynicism as "conspiracy".

@all
http://blog.ptsecurity.com/2017/08/disabling-intel-me.html - speaking of the C word, no intention behind the 'vulnerabilities' in ATM/ME, of course.

albertAugust 28, 2017 2:11 PM

@JG4,

Thanks for the link on Woody Norris. A brilliant guy, in the mold of Edwin Land, Forrest Mims, Stanford Ovshinsky, etc.

. .. . .. --- ....

Clive RobinsonAugust 28, 2017 4:22 PM

@ Bob Paddock, Albert, JG4.

With regards plasma antennas, as you have found out they have been around since the early 1970's.

If you can find it have a look at research into making self sustaining "ball lightning" and "St Elmo's fire".

One idea was that you could fire up a special mortar round that would make a largish ball of lightning, which you would point a "burst radio" transmitter at to send out a signal that reflected off it much as some amateur radio enthusiasts do with both meteorscatter and troposcatter. Thus you can use it as a "mirror in the sky" to communicate on VHF / UHF or even microwaves across a continent or ocean. Thus giving you the same benifit as HF Sky-waves bouncing of the various ionosphere layers.

Some other experiments that led up to that were carried out in the 1950's and 60's using the ionised "northern lights" to pick up Russian VHF/UHF communications from a long way over both the optical and RF horizon.

Yes you can use ordinary fluorescent tubes you can buy for "strip lighting" but they have a problem in that you need to feed them with a very high DC voltage to get a decent plasma. It does not however require much in the way of current so is effectively low power.

To experiment mount a 4ft tube vertically and connect the bottom end to a ground plane. Connect the top via a suitible RF choke to the high voltage supply make a quaterwave wire antenna resonant around 300Mhz and mount it on the ground plane about an inch from the tube.

By using an RF field strength meter about 10meters away you can see the difference in field strength when the high voltage is on to when it's off.

If you want to go further then look up the design of the "slim jim" antenna and find a neon tube artist and ask them to make you up a tube of the same dimensions. You put the high voltage electrodes at either side of the "gap" and feed it via RF chokes. To couple in the RF you can make a "capacitive" connection by wrapping the outer braid from RG52 or equivalent coax around the neon tube at the appropriate points.

From what I can gather the attempts to make ball lighting were not a success so they ended up using explosives and metal foil . When detonated the explosion turns the metal foil into a plasma in the same way a shaped charge does.

Oh and if you are into having fun it's not to difficult to show that a flame likewise conducts electricity. But it behaves kind of oddly,

https://www.researchgate.net/profile/Petr_Mohyla/publication/267379796_ELECTRICAL_PROPERTIES_OF_FLAME_FROM_METHANE_AND_OXYGEN_MIXTURE/links/5551e67908ae980ca605e801/ELECTRICAL-PROPERTIES-OF-FLAME-FROM-METHANE-AND-OXYGEN-MIXTURE.pdf

ab praeceptisAugust 28, 2017 5:54 PM

r

Nice - but I take this as a balloon from the us of a agencies.

The 50 dimensional scientific sounding bla bla breaks quickly when some operational cleverness is applied.

I, for example, never ortho- (or otherwise) check my public posts, well knowing that that creates a seductively good fingerprint. When writing under my real name (e.g. business communication) I *always* spellcheck and/or have it written or checked by a native speaker.

And I'm not even particularly exposed. If I were in a position like Nakamoto, I'd simply always use my native language, have that auto translated and then a little polished. Simple and cheap process ... and then good luck to dhs, haha.

trsm.mckayAugust 28, 2017 7:10 PM

@Thoth

Do you have any specific information to back-up your concerns in "How Intel ID Can Enable Persistent Device Identification"? From my quick read, there is both inaccuracy (details below), and it goes against my experience of Intel. Of all the companies I have worked for (and I don't currently work for them), Intel had the best internal privacy culture. Though it was before the time I worked there, it appears to me that people working at Intel took the kick-back against CPU ID very seriously (my recollection it occurred during late P3, early P4 era), and worked to make privacy an integral part of product design.

Are you familiar with Intel's Enhanced Privacy ID (EPID aka SIGMA)? If not it is definitely worth spending some time understanding, one of the few real world places I have seen zero-knowledge proofs used. Short version, an external entity can establish that a particular ID belongs to a certain class of Intel products, but does not know any individual details about which specific instance of the device the ID came from.

Here are a few other places where your GIT document has inaccuracies: SGX is not the same as Intel TEE, SGX has not been around forever (~2015 and Skylake), and IPT (last time I looked) had nothing to do with SGX. Unlike ARM TrustZone, there is no one particular Intel technology that provides TEE style assurances. The general idea of TEE is to protect subsystem integrity, and certain transactions from a malware controlled main CPU. Modern Intel chips have many co-processors (security, power-management, graphics, imaging, audio, comm/network, etc.). Some of these (also depending upon chip generation) have some security isolation properties that can withstand various types of attacks from a malware owned main CPU. The main goal of SGX is to provide TEE functionality for general use. Prior solutions were limited; either to Intel or a handful of OEM/ODMs, or to very specific solutions (Anti-theft, IPT).

I read through the Intel whitepaper linked in the GIT site, not clear which internal components are being used. Since they only mention protecting keys, and not execution integrity, probably based on the older security co-processor (same as used for IPT). In either case, Intel culture strongly discourages identifying CPUs other than through EPID.

And of course add the usual disclaimers about the existence of bugs (Intel AMT is a favorite), and the various ways powerful agencies like NSA could suborn Intel products. As our host has speculated before, I concur that it is unlikely the NSA would directly involve companies with their plots, because that type of thing would be too hard to keep secret. Corrupting standards, or buying seemingly innocuous features seems more along their lines. If the NSA really did want to compromise Intel, my guess is that they would do something more like trying to compromise the micro-code update signing keys (I have seen that discussed here several times).

trsm.mckayAugust 28, 2017 7:37 PM

@Clive

Although I mostly agree with your concerns about authentication tokens; uncharacteristically for you -- your recent post was too narrow about security concerns (1, The communications end point being beyond the security end point). There is more to be concerned about then just the relying party trying to authenticate its user. One of the big motivations to use "trusted devices" is to protect the biometric data, preventing the need to send it off to various relying parties whom the user may have good reason not to fully trust.

Not sure I understand your point abut 2, The human not being part of the authentication chain. I agree with your follow-up paragraphs about potential attacks (my paraphrases might have different nuances): trusted device keychain is valuable, and we need to be concerned about authentication "replay" facilitated by a protocol/implementation attack. But don't see how that ties into the point about humans not being involved.

To my way of thinking, the whole point of fusion-biometrics (multiple authentication factors that are dependent upon each other) is to make sure the human is involved. And some version of internal or external replay is one of the primary attacks we have to be concerned with.

rAugust 28, 2017 7:39 PM

@ab,

For the sale of argument: that's where you're wrong. We are all particularly exposed, Hutchins is a cog.

Even you have a Lisp.

The elefants never forget.

ThothAugust 28, 2017 8:41 PM

@trsm.mckay, Clive Robinson, ab praeceptis, Nick P

Tamper Resistant Security Module. Hmmm ....

There is a difference between what they say on specs and marketing and how much opaqueness there is on Intel AMD/SGX, TrustZone and so on.

I am aware that Intel SGX only came onto the scene recently. There used to be a timeline graph with the estimated date of appearance of smart cards, HSMs, ARM TZ, Intel SGX and so on but I can't find it for now.

I am not saying we cannot believe what the spec sheet and marketing say. What I am saying is the potential of having hardware backdoors is much more easier with opaque specs and the fact that NDAs are required to develop on these platforms. Due to opaqueness, it is best to be on the safer side and warn when certain features implemented by commercial companies are dubious.

What I am simply doing is pointing to certain possibilities.

You can choose to believe in the marketing and specs or maybe you have done some work and you have absolute faith in it and that's good for you. I do not see why I should trust those marketing spec sheets and their droning with so much of their designs and implementations kept in secrecy and requiring NDAs.

Good luck with the Intel Security Technologies.

@Clive Robinson, ab praeceptis, Nick P

The only thing I find a little comforting is with smart cards especially with JavaCard is because they do not attempt to keep the specs secret. There is a 200+ pages document on how to implement your own JVM for Smart Card and another 100+ document on the finer details of the JavaCard Runtime Environment and how it should work left in the open without needing NDAs whatsoever and free for anyone to download on Oracle's website. That means theoretically anyone can develop their own JavaCard VM on whichever hardware you want and certification to be compliant is another issue altogether.

Other 'Secure Enclave/World' based products do not have such luxury of opening the doors fully and transparently which JavaCard accomplished with it's thick pages of documents on the functionality of the JCVM and JCRE.

Of course this leaves with the form of implementation may not be according to the theoretical form as per laid out in the JCVM but due to the open nature of JavaCard documents, one can more easily script testing toolkits (that already exists) to test the claims of commercial JCVM + JCRE in the market to ensure that they comply with the documents. One example is the applet firewall test toolkit that can be used to ensure that the smart card applet's firewall does it's job of preventing data leaks as per specified in detail in the 100+ pages JCRE document.

You don't get that kind of freely available information with fine details on working mechanisms of designs with no strings attached from Intel SGX, Samsung Knox, Apple Secure Enclave and what not.

JG4August 28, 2017 9:32 PM


@Bob Paddock, albert, Clive and others consistently commenting in good faith. Thanks for the crowdsourced knowledge.

I wasn't clear enough in saying that the blue and UV LEDs can be used to trigger neon bulbs, if the potential is high enough, i.e., close enough to breakover. That echoes the point that you made. I don't know what the minimum photon energy is, and it almost certainly varies with electrode material. Trialkali is the most sensitive known material for longer wavelengths. The light will begin ionization, presumably through photoelectron emission or excited electronic states on the metal surface. My point was suggesting the use of LEDs or lasers as triggers of gas discharge lamps, not that LEDs have negative resistance. I have seen some pretty crazy phenomena with LEDs generating negative photovoltages at below-bandgap wavelengths, but that is a different discussion. I had noticed in the 1970's that the breakover voltage of the NE-2's is sensitive to light. I may even have noticed that they were more sensitive to blue light, or I may have added that as conjecture later. I've been meaning to revisit the topic in the past 6 months, but have been too busy.

There are other interesting phenomenon in flames, beyond ionization. One is amplification of sounds, which is one of the reasons that larger fires make roaring sounds. The reactive chemical species in the flame respond to local pressure increases by reacting faster, resulting in amplification of pressure waves, as chemical energy is coupled into the acoustic waves. Putting a finer point on it, the flame is a gain medium for sound in certain frequency ranges. One limiting case of chemical amplification of acoustic waves is pulse detonation jet engines, which are only slightly off topic, because of their security implications. Speaking of the cat and mouse game with the Soviets, including radio and radar reflections from balloon-borne antennae, nuclear fireballs and even the moon, all were discussed in Secret History of Silicon Valley. It's a security classic, so I don't mind reposting it occasionally.

Secret History of Silicon Valley
https://www.youtube.com/watch?v=ZTC_RxWN_xo

WaelAugust 28, 2017 11:37 PM

@JG4,

Secret History of Silicon Valley

Informed, entertained, and inspired! Thank you, interesting history.

Putting a finer point on it, the flame is a gain medium for sound in certain frequency ranges.

So I was inspired by the video! How about a hat with a couple of candles next to each ear to combat tinnitus or for a replacement hearing aid? Any one wantth[1] to fund me? I'm commenting on good faith ;)

[1] @r You too have a lithp, did you know that or are you that denth? :-)

WaelAugust 29, 2017 1:10 AM

@vas pup,

Nigerian Oshi Agabi...

Scary stuff. Long way to go, I believe.

in funding and claims it is already making profits of $10m in deals with the security industry.

At an average of $500 a pop, how many Security-Impaired schmucks replied to the Nigerian Prince email "deal"?

65535August 29, 2017 1:51 AM

@ r
“Despite these efforts (according to my source at the DHS) Satoshi Nakamoto gave investigators the only tool they needed to find him -- his own words.” – Slashdot

I am betting there are certain people on this board who have knowledge of the actual Bitcoin inventor or group of inventors and/investment bankers. Although the name “Satoshi Nakamoto” tends to point to Gavin Andersen of Princeton.

“…outside his suburban home in Temple City, California. Dorian Nakamoto, 64, had been identified by Newsweek as the person who masterminded Bitcoin—a story that, like previous attempts to unmask its pseudonymous inventor… That person is Gavin Andresen, a mild-mannered 48-year-old picked by the real Satoshi Nakamoto, whoever he or she is, as his successor in late 2010. Andresen became “core maintainer”—chief developer—of the open source code that defines the rules of Bitcoin… -Technologyreview [MIT].

I briefly observed Bitcoin and I came to the conclusion that Bitcoin's competition to the USD, regulatory agencies, certain investment banks and a constant loss of Bitcoin money via lost wallets and the 2010 bug in the code lead to the Bitcoin inventor[s] desire want to say in the shadows due to legal and/or liability issues [nobody want to be scapegoat for lost bitcoins and real money].

“… CIA and Washington regulators have looked to him to explain the currency. And it was Andresen who conceived of the nonprofit Bitcoin Foundation—established in 2012—which is the closest thing to a central authority in the world of Bitcoin... smooth ascent has led to frequent accusations that Andresen is Nakamoto and shed the pseudonym once the currency gained traction. He always flatly denies it. “I am not Satoshi Nakamoto; I have never met him; I have had many e-mail conversations with him,” he said after giving a talk in April. “Nobody knows who he is, I think.” If that was a lie, Andresen is a remarkable con man.

See:
https://www.technologyreview.com/s/527051/the-man-who-really-built-bitcoin/

"On 6 August 2010, a major vulnerability in the bitcoin protocol was spotted. Transactions were not properly verified before they were included in the blockchain, which let users bypass bitcoin's economic restrictions and create an indefinite number of bitcoins.[89][90] On 15 August, the vulnerability was exploited; over 184 billion bitcoins were generated in a transaction, and sent to two addresses on the network. Within hours, the transaction was spotted and erased from the transaction log after the bug was fixed and the network forked to an updated version of the bitcoin protocol."

https://en.wikipedia.org/wiki/History_of_bitcoin

“Ponzi scheme concerns,
Various journalists,[ economists,[144][145] and the central bank of Estonia[146] have voiced concerns that bitcoin is a Ponzi scheme." -Wikipedia

“Criminal activity,
The use of bitcoin by criminals has attracted the attention of financial regulators, legislative bodies, law enforcement, and the media.[151] The FBI prepared an intelligence assessment"-Wikipedia

“Venture capital,
Venture capitalists, such as Peter Thiel's Founders Fund, which invested US$3 million in BitPay, do not purchase bitcoins themselves, instead funding bitcoin infrastructure like companies that provide payment systems to merchants, exchanges, wallet services, etc.[123] In 2012, an incubator for bitcoin-focused start-ups was founded by Adam Draper, with financing help from his father, venture capitalist Tim Draper, one of the largest bitcoin holders..."-Wikipedia


See:
https://en.wikipedia.org/wiki/Bitcoin

"Who really invented bitcoin
2.1 Possible identities
2.1.1 Nick Szabo
2.1.2 Dorian Nakamoto
2.1.3 Hal Finney
2.1.4 Craig Steven Wright
2.1.5 Other speculation"

See:
https://en.wikipedia.org/wiki/Satoshi_Nakamoto

"Legality of bitcoin by country or territory
The legal status of bitcoin varies substantially from country to country and is still undefined or changing in many of them. Whilst the majority of countries do not make the usage of bitcoin itself illegal (with the exceptions of: Bangladesh, Bolivia, Ecuador & Kyrgyzstan), its status as money (or a commodity) varies, with differing regulatory implications. While some countries have explicitly allowed its use and trade, others have banned or restricted it. Likewise, various government agencies, departments, and courts have classified bitcoins differently."-Wikipedia

https://en.wikipedia.org/wiki/Legality_of_bitcoin_by_country_or_territory


"History of bitcoin, …is a cryptocurrency, a digital asset designed to work as a medium of exchange that uses cryptography to control its creation and management, rather than relying on central authorities. The presumed pseudonymous Satoshi Nakamoto integrated many existing ideas from the cypherpunk community when creating bitcoin."-Wikipedia

https://en.wikipedia.org/wiki/History_of_bitcoin

Three main bitcoin wikis:

https://en.wikipedia.org/wiki/Bitcoin
https://en.wikipedia.org/wiki/Satoshi_Nakamoto
https://en.wikipedia.org/wiki/Gavin_Andresen

And
https://www.technologyreview.com/s/527051/the-man-who-really-built-bitcoin/

All of the above leads me to guess the creator of Bitcoin could find him/her self in some sort of trouble and wishes to remain anonymous. If any to you have any further information of the actual inventor of Bitcoin please speak up.

ab praeceptisAugust 29, 2017 2:45 AM

Thoth

"intel 'security'" - I would be willing to trust intel somewhat if they hadn't sold out security multiple times in favour of pleasing large corp desires. I consider AMT as a typical example of that.

Well noted, I *do* understand the desire of corporations to centralize IT mgmt but intel could - and should - have made that an option, one could activate (or not). Helping themselves to "background network access" was the point where I lost any trust I might have in intel as well as any readiness to ever give them a second chance.

"javacard full and open jvm spec" - nice but, frankly, I'd strongly prefer to avoid java anyway and to simply get proper chip and assembler documentation.

I happened to look at a study of the worst lack-of-security culprits in web sites and applications and guess what: java managed to be even worse than php.

Clive RobinsonAugust 29, 2017 5:35 AM

@ JG4,

saying that the blue and UV LEDs can be used to trigger neon bulbs, if the potential is high enough, i.e., close enough to breakover.

I know UV breakdown is used for spark gaps on the likes of very high voltage/power generators for particle accelerators using "water capaciors" and other esoteric technology.

However I'd be cautious of thinking the same would work with NE2 neon lamps due to the glass used it's generally not UV or even blue light friendly, in that it would absorb the energy needed to trigger.

The thing is also deep red and IR is generally something creatures with the types of eyes we have can not see, for various reasons not least of which is finding a rhodopsin equivalent that would work at those longer wavelengths.

Many many years ago I had a chat with a chemist doing research in a related field and they made the point that most chemicals that could be used down at those lower light frequencies were not freely available in the environment which in some cases was just as well as they have "significant toxicological disadvantages" with LD50s going down into and below the microgram/Kg levels.

Another person I chatted to who was doing entirely different research pointed out that the fact "we very much are what we eat". That is we could not survive as a spiecies if the more esoteric chemicals our bodies need was not first taken up by a plant etc at the bottom of the food chain and passed up to the apex. Most plants are green for a reason, and that might account for why our eyes likewise work around that band of light frequencies.

At the end of the day "natural selection" / evolution is bounded by the resorces available and can cause evolutionary cul-de-sacs in apex creatures. The most well known in humans being "Scurvy" from lack of vitamin C. If what they say about our species evolving near the equator is true, vitimin C was readily available, thus unlike other organisms we did not have to synthesize it internally...

Clive RobinsonAugust 29, 2017 6:46 AM

@ trsm.mckay,

uncharacteristically for you -- your recent post was too narrow about security concerns

Blaim it on the unseasonably warm weather and frustrations of "Bank Holiday" travel issues (hey I'm human what can I say... ;-)

The reason for "putting the human in the loop" as the choke point is for several reasons. Firstly it "makes the air gap" which historically stopped most side channels. Secondly if the protocols are sufficiently simple then going through the human brain should provide "instrumentation" thus monitoring and "not alow things to happen sight unseen".

The problem is that whilst some humans that can and do practice some level of OpSec would benefit, most humans do the opposite and "over trust" thus become fresh meat for the cyber-criminal and SigInt agency mills to get ground down into product.

Several years ago @Nick P, several others and myself had a conversation about the use of authenticating tokens for online banking. I pointed out that it was the individual transactions not the communications channel that needed authentication and that because of the limitations of humans tamper proof or atleast tamper evident tokens should be used in issolation. The reason for the issolation was to stop what we now call "end run" attacks and to stop or limit exploitation of the inevitable weaknesses or bugs in the token design that could be excercised by the attacker.

It turns out that the majority of humans do not want security and all it's issues as long as they havr deniability. The object lesson in this was the payment card industries Secure Electronic Transactions (SET) protocol. More recently with the advent of blockchain technology, it turns out that not only do people not want that level of security they actually rrquire ways for it to be breached. We have seen this with bit-coin and more recently electronic contracts. You actually require a way to undo tansactions that are fraudulant that have occured because the actual implementations have bugs that can be exploited, because no human can see all the multidimensional edge and corner cases and correctly cover them all in a fundementally new concept/design.

I once sat in on a small talk from someone who had been responsible for moving a globe stradling bank's manual security proceadures onto a computer. One of the first things that became clear was that many of the proceadurs were redundant. A major reason for this was that a security rule never got removed or changed a new rule was added. That is a rule that covered the general case would get an edge case exploited so a new rule covering the edge case would be brought in, then a corner case would get exploited so a new rule would be added for that. Nobody had ever sat down and analyzed the system in the banks three hundred year history and rationalised the rules. As they doscovered the problem with just adding rules ment that the increased complexity added another dimension thus new edge and corner cases as well as making the system not just tortuously more unwieldy but also extreamly fragile.

Humans are flexible and learn and can actually see new problems which AI systems etc can not. Bruce calls it "feeling/thinking hinky". The downside is humens get tired or lazy and thus less vigilant.

Although we know from history that "gate guards" are only vigilant when new or after someone has taken advantage of their lack of vigilance and those above the gate guards are looking for "an example to be made". But we have not found a workable replacment for the gate guards that is as flexible.

Thus the need to keep humans in the security chain, and the end of the security chain beyond the choke point you put the human at to act as a gate guard.

JG4August 29, 2017 7:30 AM


@the usual suspects - Thanks

@65535 - a nice tutorial and further proof that we could crowdsource a book with Bruce herding the cats

@Clive - the sad part is that I have had the LEDs, the neon lamps, the power supply, the scope and the signal generator for as long as I can remember. but I can't find enough bench space to get the power supply and signal generator to the same place. I only remembered about 6 months ago that I want to try it out. I'll let you know what happens, but at my present velocity we may be looking at 3 to 12 more months

I stopped short of saying that cash flow is a gain medium for growth of orgnizations, both good and bad. You could think of prohibition as setting up a dam that creates a pressure differential, as exploitable source of Gibbs free energy. There probably is a corollary of enropy maximization that states "Any exploitable source of Gibbs free energy in any ecosystem eventually will be exploited." Psychopaths and sociopaths have a much wider range of options for harvesting those energy sources. Nature is a fascinating mix of cooperation and competition. I'll have more to say about feedback mechanisms, self-defense, power security and food security in coming days and weeks. The magnesium has been life-changing in a good way.

https://www.nakedcapitalism.com/2017/08/links-82917.html

...[tech company tie-in]

Uber’s New CEO May Get at Least $200 Million to Exit Expedia Bloomberg and New Uber CEO Khosrowshahi Faces Daunting Fix-It List Bloomberg. Like a business model that can’t ever show a profit.

Hedge funds see a gold rush in data mining FT

The age of AI surveillance is here Quartz

Boffins bust AI with corrupted training data The Register

Showing the Algorithms Behind New York City Services NYT

Facebook Figured Out My Family Secrets, And It Won’t Tell Me How Gizmodo

Facebook’s Fight Against Fake News Hits Pages and Business Listings Fortune. “The company recently partnered with third-party groups like Snopes, the Associated Press, and ABC News to identify stories proven to be fake.” First, it’s amazing to me that Fortune can mention AP and ABC in the same breath with a tiny firm whose owners are at odds, and keep a straight face. More centrally, would Facebook have been able to detect that Judy Miller’s WMD stories were fake? And if so, what action, if any, would Facebook have taken? Finally, it should be amusing to see the arms race between Facebook’s algos and Macedonian teenagers (or the Silicon Valley companies that are the real problem). This entire projects reeks of bad faith.

‘Economic censorship’: YouTube bans advertisers from Ron Paul videos RT

The great digital media culling of 2017 The Week

The Mayweather-McGregor Fight Shows It’s Impossible to Stop Social Media Streaming of Big Events Motherboard (Re Silc).

...[security, surveillance]

Police State Watch

Soul Snatchers: How the NYPD’s 42nd Precinct, the Bronx DA’s Office, and the City of New York Conspired to Destroy Black and Brown Lives (Part 1) Shaun King, Medium. Rather like Chicago’s Homan Square, which also happened under a Democrat mayor.

Trump rescinds Obama limits on transfer of military gear to police Reuters

Police Access to Military Equipment Needs More Oversight, Not Less Project on Government Oversight

Chicago cops get more Tasers, but red flags remain Chicago Tribune

Boyfriend’s betrayal: ABQ woman jailed after ATF informant lured her into drug deals New Mexico In Depth

A Federal Judge Put Hundreds of Immigrants Behind Bars While Her Husband Invested in Private Prisons Mother Jones

vas pupAugust 29, 2017 9:59 AM

@65535 • August 29, 2017 1:51 AM
“Criminal activity,
The use of bitcoin by criminals has attracted the attention of financial regulators, legislative bodies, law enforcement, and the media.[151] The FBI prepared an intelligence assessment"-Wikipedia

I guess IC is using it as well for black ops for the same set of reasons criminals do. That is the same problem as with shutting down offshore banking. Your own IC could be victim of 'friendly' fire.

ThothAugust 29, 2017 10:47 AM

@Dirk Praet

re: Disabling Intel ME

I think the forum have discussed this and had this brought up a couple of times and that includes such technical articles on modifying the behaviour of ME booting.

Such procedures are only partial and we don't know what else is hidden in the ARC4 CPU embedded into every Intel chipset these days. The safest bet is to simply consider all CPU in the range of Intel, AMD and ARM Cortex A series as backdoored by default as per usual and to offload security critical processes to air/energy gapped setup which nobody (or few) ever likes but is necessary.

Most chips these days have more than 1 MB of internal Flash on the chip with more than 10 KB of SRAM on it. You can comfortably load a microkernel on it with features ranging from cryptographic engines to biometric access to network inspection kits and micro web servers.

In fact, a variant of JavaCard called the JavaCard Connected Edition type of smart card includes a miniaturized HTTPS Web Server with capability of Web Servlets besides acting as a normal JavaCard smart card and all those would only add up to a couple hundreds of KB in code size and typical chips with more than 1 MB of internal persistent memory would still have more than enough space to allow a couple of applets to be issued to use the Micro Web Server on the JavaCard Connected Edition. This particular variant of JavaCard already exist for a while but is not popular and thus not widely implemented (probably a good news to reduce attack surface) because few actually see a need for Web access on smart cards and thus never really seeing much actual production by card makers.

Imagine that a JavaCard smart card can host a JCVM with an internal HTTPS Web Server taking up only a few hundreds of KB of code space, you could do the same for something more powerful like Intel and AMD processors and even ARM 64 processors (noting that ARM 64 bit would also start to ship with ARM TrustZone), you can imagine how much more comfortable you can hide persistent hardware level exploits and backdoors these days.

One of the best defense method that @Figureitout mentioned was to use very low memory capacity EEPROM based smart card chips or generally just chips with low memory capacity with just enough memory for one's needs so that there would be very little luxury space to hide a backdoor or two in the chip. In fact, the Ledger team used this method to select their chips for the Ledger hardware wallets to ensure that backdoors are not going to be comfortable if ever attempted as a mitigation technique.

It is always most prudent to be paranoid and anticipate for whatever that would be released to the public for use.

Sometimes our laziness gets the better and we choose the easiest way out and make excuses that higher assurance is not necessary and the result is we do not improve. In fact, this is a disease as we are suffering the consequence of bad security and helplessness at the same time thus my decision to push hard on practical security by creating actual products and designs in real world instead of just plain forum talking. There will always be counter-force whenever advancement is made and it should be expected.

albertAugust 29, 2017 11:47 AM

@JG4,

Can you post actual links instead of references? I don't have time to search for them. Normally, I wouldn't bother to ask, but most of your references look interesting.

. .. . .. --- ....

JG4August 29, 2017 12:58 PM


@albert

I always post a link at the top of the news dump. If you follow that link, all of the news stories are there, with their individual links. No searching required. Sorry about the confusion. I used to include all of the individual links and once I even did the xml formatting.

When I post an isolated story like Zomia, I generally include the link immediately below the title.

I had a moment of clarity a few minutes ago, as I was thinking about posting an interesting and long-overdue math exercise. I think that we could post small spreadsheets or maths in xml that would run through either Open Office or a stand-alone computing program.

The math exercise is to calculate the number of imperial fiat dollars per day required to buy the hard drive space for Spookwerks Utah to store every word spoken in the presence of cell phones in the US.

Assumptions, intended to produce an upper bound

200 million cell phones
they are listening 24/7, but only transmit speech
200 million adults
16 waking hours, continuous speech
300 to 3000 Hz audio channel bandwidth
6 kHz sampling rate
16-bit words (overkill, but the math is easy)
90% compression
10^5 seconds in a day
50% discount on rust at the corresponding dollar volume
3 TB drive is a $100 at retail

I got somewhere in the neighborhood of $100K to $300K per day doing the math in my head. I'll try to post my answer tomorrow. Feel free to critique the problem and provide answers. A nice companion problem is to estimate the number of bytes of email generated per day and stored at the same site. the end game, which is in play, is total power


CzernoAugust 29, 2017 1:53 PM

@Thoth, @Dirk Praet, re: Disabling Intel ME

Thoth, w/ due respect, the very interesting article which @Dirk Praet linked to is about a newer generation of Intel ME engine than has been previously discussed here, and this one is X86-based, NOT ARC !

RatioAugust 29, 2017 2:41 PM

Iranian police seize carrier pigeons used to smuggle drugs:

Police in western Iran have seized 100 carrier pigeons used to smuggle drugs.

Anti-narcotics officers seized homing pigeons trained for delivering drugs carried in small blue plastic bags attached to their legs, the Irna state news agency reported.

According to Irna, the use of birds to transport recreational substances is unprecedented.

(Unprecedented?)

Clive RobinsonAugust 29, 2017 3:01 PM

@ Thoth,

One of the best defense method that @Figureitout mentioned was to use very low memory capacity EEPROM based smart card chips or generally just chips with low memory capacity with just enough memory for one's needs so that there would be very little luxury space to hide a backdoor or two in the chip.

Ages ago when I first described "Castles-v-Prisons" here I indicated that the purpose of the MMU controled by the hypervisor not the CPU was to control the amount of Read Only and Read Write memory "giving malware no place to hide".

RatioAugust 29, 2017 3:14 PM

@Anura,

Sorry, I should have been clearer. I was questioning the claim by Irna that this is unprecedented in Iran. :)

The article mentions instances of this happening elsewhere:

In May, officials in Kuwait said they had seized a pigeon carrying 178 illicit pills in a tiny backpack. Images carried by the Kuwaiti newspaper al-Rai showed a pigeon with a miniature fabric backpack attached to its back, full of pills containing ketamine. That incident took place in the city of Abdali, near the border with Iraq, suggesting pigeons were being used to smuggle drugs from there into Kuwait.

In a similar incident in 2011, police in Colombia captured a pigeon carrying 40g of marijuana and 5g of cocaine into a prison in the northern city of Bucaramanga.

Clive RobinsonAugust 29, 2017 3:14 PM

@ JG4,

The math exercise is to calculate the number of imperial fiat dollars per day required to buy the hard drive space for Spookwerks Utah to store every word spoken in the presence of cell phones in the US.

Between the time the NSA hole in a salt lake became news worthy with educated guesses about it's purpose were suggested, and the Ed Snowden revelations happened Bruce put up a page asking what was technically possible.

Quite a few answers came back from technologicaly knowledgeable people and it appeared to surprise quite a few people here as well as Bruce.

You might want to hunt it out and check if your model is the same or not before posting. You might be a little surprised as well.

RatioAugust 29, 2017 3:21 PM

@Anura,

That last case is the one mentioned in your article. (Hit "submit" instead of "preview".)

Clive RobinsonAugust 29, 2017 3:23 PM

@ Thoth,

Another aspect of "C-v-P" --as @Wael re cristened it-- was it was designed with massive parallelism in mind with a very minimal OS in mind.

Finally undergrad courses are waking up to our massively parallel future and preparing them for it (about eight years after we started discussing it here).

Have a look at,

http://zoo.cs.yale.edu/classes/cs422/pios

Dirk PraetAugust 29, 2017 3:59 PM

@ Thoth

... thus my decision to push hard on practical security by creating actual products and designs in real world instead of just plain forum talking.

Both go hand in hand. Imagine a world without thinkers and philosophers whose very ideas engineers build upon. Although plenty of folks on this forum undoubtedly have a background in technology or IT in particular, and with a particular interest in security, not everyone is an engineer or has the same practical focus you have. And which you cannot blame people for. It would be like project or service delivery managers looking down on engineers and the incomprehensible mumbo jumbo none of them understand a word of.

There will always be counter-force whenever advancement is made and it should be expected.

Did I ever say otherwise, my friend ? Don't give in to bitterness and frustration, for they can ruin everything that is beautiful about life.

WaelAugust 29, 2017 4:09 PM

Clive Robinson,

Finally undergrad courses are waking up to our massively parallel future...

I see some overlap with C-v-P. But there was a lot more to C-v-P than what's described in these courses! I don't believe we finished the discussion yet ;)

@Dirk Praet,

Re. Intel ME

Thanks for sharing, mate! Good read. Reverse engineering is sometimes hard on a "moving target".

WaelAugust 29, 2017 4:41 PM

@Dirk Praet,

Don't give in to bitterness and frustration, for they can ruin everything that is beautiful about life.

Excellent advice!

JG4August 29, 2017 5:11 PM


Thanks for helpful comments

https://www.nakedcapitalism.com/2017/08/200pm-water-cooler-8292017.html
...
News of the Wired

“U.S. Home Broadband Penetration By State” (map) [Econintersect]. A familiar pattern.

“On internet privacy, be very afraid” [Harvard Gazette]. Interview with Bruce Schneier:
https://news.harvard.edu/gazette/story/2017/08/when-it-comes-to-internet-privacy-be-very-afraid-analyst-suggests/
“Surveillance is the business model of the internet. Everyone is under constant surveillance by many companies, ranging from social networks like Facebook to cellphone providers. This data is collected, compiled, analyzed, and used to try to sell us stuff. Personalized advertising is how these companies make money, and is why so much of the internet is free to users. We’re the product, not the customer.”

trsm.mckayAugust 29, 2017 5:22 PM

@Thoth

Yes, trsm.mckay is my public identity for security related topics. Chose the name back when I was a financial HSM architect, and the abbreviation TRSM was becoming trendy.

You can choose to believe in the marketing and specs or maybe you have done some work and you have absolute faith in it and that's good for you. I do not see why I should trust those marketing spec sheets and their droning with so much of their designs and implementations kept in secrecy and requiring NDAs.

Those NDAs you mention do make it harder for me to discuss things (normally I have to research what is public, before my conversations can get detailed - like the ME CPU change from ARC to x86).

I understand why you have your doubts, and I am far from having absolute faith in the tech companies. I also appreciate gaming out how the opaque security could be misused (this was a big deal for the financial HSMs, we wanted to avoid even the appearance that we were collecting secrets from the HSM, so logs did not have any encrypted data, etc.). I am not claiming that backdoors never exist (Juniper is a recent example), but even narrow back-doors can be hard to keep secret in a Silicon Valley type environment of job changing and somewhat libertarian engineers. And design-level broad back doors, like your hypothetical Intel secretly using CPU ID for a FIDO plug-in would be known by hundreds of engineers over its lifetime. What are the chances they would all keep quiet about that?

So keep on thinking about this, but don't be surprised if I think some of your fears are overblown. Also be careful when talking about this, to clearly distinguish between suspicion ("here is how they could gain something") vs. discovery ("here is some indication/proof that company X is doing Y"). I started reading your document with a misunderstanding that you had actually discovered an issue, and your document was not clear about that (hence my first question to you up-thread).

I have not done much with JavaCards, in part because licensing for commercial products (through Gemalto?) used to be a nightmare. Anyone know if it has gotten better?

Clive RobinsonAugust 29, 2017 6:26 PM

@ Bruce and the usual suspects,

There has been some dodgy articles about a clay tablet from Mesopotamia with what looks like an inverse trig table[1] on it.

This article,

https://blogs.scientificamerican.com/roots-of-unity/dont-fall-for-babylonian-trigonometry-hype/

Is aimed at dispelling the "hype" of a recent paper that has had more puff pieces than an "Eaton Mess.

It demonstrates why "experts" are probably not the best people in the world to try and "decode the past".

So just for fun I'll give my likewise arbitary explanation,

For me the importance is the way the table is laid out. If I were a surveyor, architect, carpenter or stone masson, this table would be very very handy for "laying out" and "marking up" and "cutting to fit"[2]. We have long believed that both the Egyptians and Romans used, not to disimilar tables for exactly that purpose. Which is what my guess at what it would be used for. Also tablets for such use would be way more numerous for that task rather than mathmatics. Likewise if "used on site" as they would be they would be more likely to get damaged or lost thus end up being trampled into the ground etc than if they were used by mathmeticians.

Pick your own favorite guess, it'd probably more likely to be accurate than the paper the article talks about ;-)

Oh if you are wondering why the mesopotamians used base 60 the reason is well known and has been for several centuries 60 = 2 x 2 x 3 x 5 which means it's easy to do basic dividing into parts. It's the same reason Imperial Measurments are Base 12. Oh and the reason English pounds are 16ounces and liquids are measured in fluid ouncez is to do with eggs, but I'll save why for another day.

[1] For those younger than 50 who may never have seen a slide rule or trig table, they were the "scientific calculators" of their time. You had basic tables for the likes of logs, sin, cos, tan that would be sufficient for being a surveyor or architect or navigate around the world. The "first computer" designed and part made by Charles Babbage was designed to print out such mathmatical tables for the purpose of navigation.

[2] There are old "marking up" short cuts that are fast being forgotten which is a shame. Part of that is we don't have pre-Victorian rulers or protractors. For instance if I gave you a length of timber and said cut it lengthwise into three equal width strips how would you do it if your ruler at best only had inch markings? The answer is fairly simple and can give you almost any accuracy you want what you do is using a right angle scribe two parallel lines across the wood. You arange for the distance between them to be such that when you put your ruler at the start of one line and finish at the end of the other it has an exact multiple of three graduations along it. You then mark those points you then turn the ruler to line up with the finish of the first line and the start of the second so you in effect get a cross. You then mark the points. If you then turn the ruler so it is at right angles to the parallel lines you can then by lining it up with the marks scribe in the "cut lines". Thus you get that 1/3 spacing which you can not measure with your ruler as it does not have fine enough markings.

Clive RobinsonAugust 29, 2017 6:39 PM

@ Wael,

I don't believe we finished the discussion yet.

We actually got hardly started on it even though it was tacked onto probably 20 or so threads here.

I keep meaning to write it up bit my notes fill several box folders, and just looking at them makes me want to go and do something else.

Importantly it now involves others @Thoth for instance has pointed out that SIM cards can be made to work in a similar but not quite as effective way @RobertT certainly looked at it in a similar way but all on a single silicon chip.

And as we have found more recently somebody at University College London (UCL) and previously at the UK Cambridge Computer Labs appears to have filched a subset of the ideas to make a commercial product. What Ross J. Anderson thinks about it would make interesting reading.

ThothAugust 29, 2017 6:55 PM

@Clive Robinson

re: Under Grad Course

Nice. Finally students are given something decent to catch up to industry.

@Dirk Praet

re: Counter-force

Not sure what you have interpreted it as but my meaning is a mental reminder that for every advancement, there is always a chance of something misusing or going wrong. You can have a chip with 4 MB of Flash inside for code and user data storage as an advancement and then counter-force is more memory inside chip means more space to hide backdoors with some form of more advanced AI logic to compare codes to determine when to disrupt the chip.

@Czerno

Interesting. So now they have upgraded from ARC4 to a full Intel X86 in the North Bridge of Intel chipsets. This means a much more powerful Intel AMT environment and a much more possibilities Intel can theoretically do to a user :) . That means malware that affects the main CPU can theoretically also affect the now Intel X86 North Bridge ?

@trsm.mckay

You never know how long secrets can be kept. If the designers of a possible backdoor can keep it a secret for a long time, we would never know. What I am saying is never to under-estimate what can be done with a little more processing power and storage in these microchips and the lifespan of secrets. Some secrets can be kept quite for decades pretty easily if the designers and developers are really tight lipped about it and if there isn't many people involved.

The fact that most HSM, Smart Cards and TPM architectures are still blackboxes and nobody have a clear idea of what actually runs within these blackbox devices is a good proof that some of the secrets on their architecture can be kept secret for a very long time. Is there any public information on Safenet or Utimaco HSMs and how they operate, their Operating System they run, the internal EEPROM/Flash and general purpose internal RAM and crypto-RAM available and what not ? It isn't likely that anyone knows much about it.

The only HSM that publishes some information on it's internal state is the Thales nCipher HSM which includes some whitepapers but those are rather brief as well.

Also, do note that I have not expressed the information in my document as a definite discovery. It is a theoretical attack that can be created against the user of the Intel CPU product if Intel so decides or already decided to do so.

Not including sensitive data into HSM logs is not just for appearance of 'we ain't doing anything behind your back' but also on a practical level to reduce possible leakage and liability and also to comply with the available security standards in the industry like the PCI.

JavaCards are not licensed. They are purchased in bundles of programmable smart cards and so far I have not seen any issues yet.

@Dirk Praet, et. al.
In fact, to counteract the issues of blackbox modules, I have spent some of my off-work time when I am not managing and running my commercial projects to sit down and create a hardware security module designed with open source in mind to supersede all my previous creations which I have hinted to @Figureitout et. al. to try and bring security into the open. As it is to be expected, running commercial projects and spending free time doing open source development doesn't go very well together and time is very limited so it will take a while as per usual.

RatioAugust 29, 2017 7:02 PM

The far right is losing its ability to speak freely online. Should the left defend it?:

Cloudflare is just one of many internet companies that cleaned house amid a wave of public outrage following a deadly white supremacist rally in Charlottesville. Critics charge that technology platforms have enabled a disparate network of racist extremists to seek one another out, raise funds, and plan and execute such rallies. But unlike consumer facing companies such as Facebook, YouTube, PayPal and Discord, and even as liberal voices – including the Guardian editorial board – applaud it, Cloudflare won’t defend its actions.

“I am deeply uncomfortable with the decision [to kick the Daily Stormer off the Internet],” [Cloudflare CEO] Prince said in an interview. “It doesn’t align with our principles.”

The primary principle at stake – that the US and the internet both remain free speech zones, even for Nazis – has never been more fraught.

ThothAugust 29, 2017 7:15 PM

@Clive Robinson

In fact, a 80 KB EEPROM Smart/SIM card with about 5 KB SRAM in the card is more than enough for a really tiny VM. I have been mulling over how to refine the micro-VM and the best architecture. In fact, Srini Devadas have shown that he could implement a subset of a RISC-like instruction set in a JavaCard VM with the applet codes in JavaCard language (btw JavaCard is not directly Java because it has to be modified for embedded security chips and carries lesser of the troubles and risks associated with the normal Java) and a RISC-like instruction done ins JC applet. The applet is only less than couple tens of KBs on EEPROM. The downside is the source codes are incomplete as it is only for demo purposes on the main features.

The interesting part of Srini Devadas implementation is to make use of the host computer the card is attached to for encrypted off-load of RAM memory and persistent memory where the smart card holds a data encryption key that will encrypt persistent objects and transient RAM objects to be offloaded to make space for execution and have instructions just like how you would handle a CPU with a RAM in modern computing. Essentially you can load a ton of scripted instructions to the applet he wrote and it will do the offloading and loading of encrypted memory objects and execute just like a normal CPU but with security in mind.

I personally do not agree with this approach because the loading and offloading for smart cards will take a long time due to round trips between smart card and host computer (also note that host computer must run a special program to understand the card's intention and service the card's request) and thus I have begun developing a variation of Srini Devadas design by not using RISC-like instructions but to create my own VM more of like a PL/SQL interpretor or a very high language interpretor found in SQL databases although it is not quite a direct copy of PL/SQL design either but of a very high level design to put it simply.

This will allow more instructions to be loaded into the smart card and would allow faster execution but at a cost of limiting how much instruction size of a scriptlet and when compared to Srini Devadas design, his could have a theoretical unlimited scriptlet size but theroetically slower executing as well due to shuffling of encrypted memory objects between the host computer and the card for execution.

I am pretty sure I just blasted my own foot by opening up my design here.

AnuraAugust 29, 2017 7:15 PM

@Ratio

I'm not sure when free speech started meaning more than just the government can't arrest you for your words (although in many countries, there are exceptions for hate speech). There's no reason why you should have to allow people to use your property to spread hate.

WaelAugust 29, 2017 7:21 PM

@Clive Robinson,

We actually got hardly started on it even though it was tacked onto probably 20 or so threads here.

And it will always be, implicitly or explicitly. Right? I'll have to recollect where we stopped! It's been some time since I looked at it.

@RobertT certainly looked at it in a similar way but all on a single silicon chip.

I don't remember how RobertT viewed it as. Since he's back, perhaps he can elaborate or send a pointer.

What Ross J. Anderson thinks about it would make interesting reading.

Did he say something about it?

ThothAugust 29, 2017 7:27 PM

@Clive Robinson

Also, the good thing about using multiple smart cards is you can simply unplug any of the many cards if you suspect subversion and switch out the cards. If you have all the components of the Prison model on a single CPU, you wouldn't be able to swap out components that are faulty or presumably subverted which is a plus point for using smart card arrays for Prison model and smart cards are down right cheap these days vs. creating some specialized solution with special boards.

As I have probably explained earlier, my smart card array I am playing with are USB secure tokens (smart card minus the plastic cards form plus the USB form) and as long as my USB hub and OS can handle the amount of USB tokens I insert, it would work. No additional special hardware necessary which those people at UCL had to develop and thus lesser hassle and more cost effective with the increased availability of programmable USB secure tokens to be used as Prison elements in a Prison array.

Also, the problem now is who too be used as the trusted hardware to compare results. I have not come any any conclusion of solving that and using the hosting computer as a result comparison engine is a very bad idea so for now I have thought of using round robin job scheduling so that each Prison Element (USB secure token) in the Prison Array would deterministically take their turns as comparisoon modules when they are not assigned jobs to process and jobs and also how to assign jobs to which Prison Element in it's Array is another interesting thing I have not solved completely for now.

Maybe we can modify the Prison Model to a more practical scenario with the computing and comparison chips being the USB secure tokens and try to create some sort of a game to ensure that the USB secure tokens can be both a semi-trusted comparison module and a computing module as this is most cost effective and practical for now.

Craig McQueenAugust 29, 2017 7:58 PM

Evolution, far from being some linear progression, often works this way, hitting dead ends and retrying failed experiments from millions of years earlier.

That attributes a purposefulness to evolution that the theory says is entirely lacking. Curious that these mischaracterisations persist.

JG4August 29, 2017 8:29 PM


@Clive - Thanks for the tip. The discussion you mentioned is here and it includes some real gems:

https://www.schneier.com/blog/archives/2013/06/evidence_that_t.html

I must have missed the post and discussion, because I was hurting pretty bad that month. It looks like I bounced back in July, but it wasn't like the good old days. Rough year, except for the part where people stopped laughing at me about being spied on.

My ballpark number matched up pretty nicely with what went before. The crowdsourced version did a good job of bringing into the picture details like electricity costs for keeping data online, the utility of text-searching and plenty more.

BTW, speaking of the cost of electricity for keeping data online, memristors were supposed to have revolutionized computing by now. Can't recall if I posted the link, but the guy who was behind HP's ill-fated foray into memristors moved on to a new position. He had some profound comments for where the value-add in the computing ecosystem is moving. Not surprising that a dynamic system would change over time. At one point the value was the in the semiconductor devices, but those became commodities. I think that his point was that the data are the real value right now. "Data" is secret code for "your identity and thoughts, including every point on the attack surface."

ThothAugust 29, 2017 9:01 PM

@ab praeceptis, Nick p, JW4, Figureitout, w0el, gpg, secure modules, et. al.

It seems like my projects are doing fine in terms of technical side but to sell them to customers can be tricky as they are somewhat rather advance and complex. Besides Golden Stickers, it just need a lttle charm.

I have noticed some good data diode offerings in small packages and some of them are really nicely made. One of them are Athena System's. Tny litle data diode modules that you can slip nto the pocket.

Connections by direct plug and deliver with known addresses is not advisable though as it becomes noticeable too when using the data diodes so best it is to unplug and run off in dedicated SCIF compartments. Nasty stuff.

Hopefully the data diode @Figureitout and @Markus Ottela designed would not trip up and get into troubl with the transmissin as I noticed that robust build of commercial data diodes are god.

Just a show of numbers who is gonna not install smartcard interface during a new Groggybox edition revise ?

It would be useful to know before I commit to writing a possible commercial product for that ?

ab praeceptisAugust 29, 2017 9:03 PM

Czerno

Yes, that article (I think almost everybody saw it on HN) was interesting and, yes, intel seems to use one of their own cores nowadays which is to a degree helpful for us.
Unfortunately though that article is more of an "early peek" into ongoing work albeit one with an interesting "deliverable" ... along with strong caveats.

But that's two largely different questions anyway (both of which are more or less interesting). The interest here and now (wrt said article) roughly is "Can intel chip[set] [diverse innards supposed to be evil] be disabled/castrated and if so, how?".
Thoths questions seems to be more centered not around if and how to castrate [evil chip[set] innards] but rather how to recognize and generally avoid those chip[set]s, at least for sensitive mechanisms/applications.

Frankly, as far as I'm concerned I find the "how to spot and/or castrate evil chip[set] stuff?" intellectually interesting and to a degree useful but am generally more with Thoth and his perspective because a secure [part of a] system should use a reasonably secure processor in the first place rather than starting with a gravely tainted compromise (like intel, amd, arm tz).

One major reason for my pov is that Jane and Joe are working with utterly questionable and compromised systems and, on top of that, an utterly questionable stack. It just doesn't look sensible or reasonable to me to rely on being able to castrate at least some venomous snakes in the weird system zoo, and even less so considering that Jane and Joe are quite likely to re-enable the poison again for reasons of comfort and coolness.

What *can* be expected, as quite some examples show, is Jane and Joe to use certain "security devices" in a reasonably proper way. And we also know that we almost never really need powerful but tainted/compromised processors or chipsets for that limited "secure device" functionality.

AnuraAugust 29, 2017 9:07 PM

@Ratio

I didn't read the whole thing, just skimmed it and read their closing statement. Net neutrality already protects the internet as a public forum; there is simply no reason to extend protections to arbitrary online platforms/web servers.

ab praeceptisAugust 29, 2017 9:19 PM

Ratio

As I happen to still be somewhat connected to the provider/hosting world I can tell what might well be the reason for cloudflare and others thinking again:

There was a major backlash of quite considerable proportion. I know, for instance, of well known and generally well like registrars, hosters, and other companies who lost thousands of customers with a few hours.

The general line was something like "I dislike nazis but I just transferred all my business away from XYZ after they cancelled service to daily stormer".

Interesting side note: There seem to be increasingly many people who consider DNS related services (e.g. registrars) as so important that more than one person (speaking for his small to mid size business) said something to the effect of "DNS related services should be regulated similar to electricity".

Chairman MaoAugust 29, 2017 11:43 PM

@Ratio, @ab praeciptis

As far as I'm concerned, the net should be as free as a pack of coyotes to howl at night. And, your neighbor's dog, too -- who answers back.

If I don't like it, I can turn off the computer.

Dirk PraetAugust 30, 2017 3:55 AM

@ Ratio

Re. The far right is losing its ability to speak freely online.

Over here in the EU, hate speech and inciting to violence is not considered free speech, as recently upheld by the ECHR in the Fouad Belkacem v. Belgium case.

Most European countries also have reasonably strict laws about public display of nazi era paraphernalia or glorification of said ideology due to some seriously bad experiences during the first half of the previous century, and which many folks in the US seem to have forgotten about.

From a US vantage, I'm having a hard time understanding why anyone would defend the freedom of speech of a bunch of deluded nitwits whose entire ideology - like that of Daesh (IS) - goes against everything your Constitution actually stands for. That's as silly as an animal rights organisation on general principle making a stand for tiger mosquitoes spreading malaria.

In the words of our main man Obi Wan Kenobi: "Only a Sith deals in absolutes".

@ Chairman Mao

If I don't like it, I can turn off the computer.

Isn't that like closing your curtains when a white supremacist has just run his car into a crowd of unarmed protesters in your street ?

JG4August 30, 2017 6:58 AM


Can't recall if I posted "Google is The Deep State" previously, but this dovetails to it. The term of art is public-private partnership. With the right safeguards, it would be a good idea. Given that there are no safeguards, we already are in a turn-key totalitarian state. I still have not published the simplest, cheapest opt-out. You could think of it as the permanent withdrawal of consent. Is it far preferable to a bout of thermo-rectal examination by the guard labor. Consequently and for other reasons that can be derived from first principles, it should be taught far and wide.

Why Google Made The NSA
http://www.zerohedge.com/news/2017-08-29/why-google-made-nsa
Authored by Nafeez Ahmed via Medium.com,

Inside the secret network behind mass surveillance, endless war, and Skynet...

INSURGE INTELLIGENCE, a new crowd-funded investigative journalism project, breaks the exclusive story of how the United States intelligence community funded, nurtured and incubated Google as part of a drive to dominate the world through control of information. Seed-funded by the NSA and CIA, Google was merely the first among a plethora of private sector start-ups co-opted by US intelligence to retain ‘information superiority.’

...

@the usual suspects - Thanks for your diligent efforts to build secure hardware. I have a budget for it and my budget is well into the hundreds of dollars. I have some cognitive limitations that prevent me from being much direct help, but I am happy to backfill the first principles derivations.

@de La Boetie - Betrayal is a convenient term for a particular failure mode of trust. I think of it as a scaling problem, where you can make so much more money by betraying hundreds of millions of people or billions, instead of only a few.

@Dirk Praet - Nicely said. I still favor vigorous protection of speech, but I like the dividing line of incitement vs. incorrect facts. To the extent that the racists claim that e.g., blacks are inferior, that can be proven wrong with facts, not that many of the racists will ever recognize their errors. Incitement is a different matter and only a short step from claiming inferiority. Your point about the Constitution and the Declaration is spot on. I've been trying to avoid politics (and not doing a great job because it permeates everything), but I've thought about a first principles statement that starts with "We hold these truths to be self-evident" Self-defense, including collective self-defense, fits neatly into that picture. Safeguarding data and hiding attack surfaces clearly is self-defense. Nothing is more self-evident than all of the life-forms on your planet doing whatever it takes to stay alive. I am happy to be ethically constrained, if that is the price of living in civilization and I am happy to see people who betray trust swinging on hemp lines, because they threaten all of us with their treachery and lies. From a very few a priori assumptions about the nature of reality, you can get to a variety of political/ideological positions. I try to navigate deftly between Darwinist, JudeoChristian and Buddhist ideas, finding them complementary.

Putting a finer point on my previous comments, "blacks" is the most misguided catchall ever, because there is more genetic diversity in Africa than there is in the entire rest of the human population put together. I have heard very smart people say, "There is more genetic diversity between two neighboring troops of lowland gorillas than there is in the entire human population." We will explore later how that happened, but my view of race is that each portion of humanity adapted to their local ecosystem as best they could. The difference between groups are very small compared to the differences within groups. To the extent that there are differences, they are interesting things like tolerance for heat, tolerance for cold, tolerance for sunlight, distribution of muscle mass, ratio of slow-twitch to fast-twitch muscle fibers and so on. The propensity for genocide is equally distributed. In evolutionary-speak, that would be a highly conserved trait. Or as they say in computing, that's a feature, not a bug. All you need beyond that is a propensity to seek profit by grinding bodies and souls to make money and power. And than some psychpaths and sociopaths to drive the machine called empire. If your surplus efforts are not directed to checking the abuses of power, you will have nothing but the ashes of civilization.

@ab praeceptis - We are close to the point where access to information should be recognized as a human right. Many of the problems on the old blue marble can be traced to asymmetric information. This forum is doing a good job of bringing to light some important asymmetries.

@Thoth, Figureitout and Markus Ottela - Thanks for your diligent efforts.

@Craig McQueen - Genetic adaptation is a gradient-descent multiplex optimization algorithm. Just as rain collects in puddles, life forms will appear in local minima, having passed over topological saddles from other local minima. Looking back through the polydimensional space over time, there will be multiple chokepoints, some of which isolate populations into new species and others which completely trim branches. Similar branches may grow later via convergent evolution. The local minima may disappear without any preservation of the genetics that were adapted to them, which must have happened the seven times that the oceans were boiled by impacts. The Great Frost in Ireland is a good example of the puddle level shifting down ~20 C via statistical fluctuation. Convergent evolution may craft similar adaptive structures from widely disparate starting structures, at such time as similar local minima reappear. The old blue marble can be gone in a flash, (from the point of view of life) be it a gamma ray burst, an asteroid flash, or a nuclear flash from a doomsday device. To the extent that evolution has a purpose, it would be entropy maximization. Living systems operate under the laws of non-equilibrium thermodynamics.

on to the daily news dump (each of the stories is linked in the catchall link)

https://www.nakedcapitalism.com/2017/08/links-83017.html
...

Crowdsourced gaming of Google Translate dubs Kim Jung Un “Mr. Squidward” ars technica

Google to Comply With EU Search Demands to Avoid More Fines Bloomberg. Google says it will comply. We’ll find out in a month if the EU deems Google’s plans to be adequate.

...

New Cold War

NEW PROOF: Intelligence Analysts Say Russia Didn’t Hack U.S. Election Lee Camp, YouTube

Imperial Collapse Watch

‘Missile Gap’ Redux: Heroic Days of Threat Inflation Aren’t Over American Conservative (resilc)

Big Brother is Watching You Watch

Comcast builds out ‘smart home’ strategy as cable shrinks Reuters (EM)

Man in jail 2 years for refusing to decrypt drives. Will he ever get out? ars technica

...[cars and pedestrians have very different energy-maneuverability diagrams, roughly equal to the asymmetry between paper and scissors]

Not What I Signed Up For: Why This Fighter Pilot Is Running for Office Military.com. JTM: “Just what we need, more military people in charge of things…”

DHS warned authorities of potential violence ahead of Charlottesville rally: report The Hill

White supremacists joked about using cars to run over opponents before Charlottesville marches Salon (furzy)

...

Tech Censorship

Facebook now blocks ads from pages that spread fake news The Verge (furzy)

Rural America Is Building Its Own Internet Because No One Else Will Motherboard (Chuck L)

Publishers Are Making More Video—Whether You Want It or Not Bloomberg.

Access denied appAugust 30, 2017 8:46 AM

Does anyone know if there is android app that logs requests for access to all other apps' data and grants or denies such requests eg request for access to contacts. I need to find it an is requesting access in context and situation it has no business asking for access.

Markus OttelaAugust 30, 2017 8:49 AM

"@Thoth: Hopefully the data diode @Figureitout and @Markus Ottela designed"

I want to point out the data diode is where it is only because of @Sancho P. Their work can be found here.

@Sancho P, @Nick P, @Thoth and others, I apologize for continuously disappearing in the middle of emails and discussions here. There's no excuse for that. Hopefully I'll have more time in the future to dive into all this.

Google Monopoly Solution: Disable Google-AnalyticsAugust 30, 2017 9:59 AM

Barry Lynn, the director of the Google funded Open Markets Program was defunded under pressure from Google CEO Eric Schmidt. Here’s what Mr. Lynn wrote:
"The Open Markets Team congratulates European Commissioner for Competition Margrethe Vestager and the European competition authority for this important decision. Google's market power is one of the most critical challenges for competition policymakers in the world today. By requiring that Google give equal treatment to rival services instead of privileging its own, Vestager is protecting the free flow of information and commerce upon which all democracies depend. We call upon U.S. enforcers, including the Federal Trade Commission, the Department of Justice, and states attorneys general, to build upon this important precedent, both in respect to Google and to other dominant platform monopolists including Amazon. U.S. enforcers should apply the traditional American approach to network monopoly, which is to cleanly separate ownership of the network from ownership of the products and services sold on that network, as they did in the original Microsoft case of the late 1990s." https://www.nytimes.com/2017/08/30/us/politics/eric-schmidt-google-new-america.html
Recently a Republican wanted to regulate Google's vast Internet monopoly similar a utility. He too was canned.
Now the democrats are turning on Google. Whats a ruling Elite to do?
Through the misuse of power they are biasing American news to eliminate competition for the 2020 elections. Witness Mark Zuckerberg, Tim Cook and Sheryl Sandberg recent personalized, high-gear marketing efforts to seize controlling the government (through guiding of minions). As thye movie The Circle depicts, all citizen/government interactions will be through mandatory social media accounts. As we already see today those who threaten the corporations profits & morality will be cut-off.
The intellectuals elites of Silicon Valley are grooming future generations of voters by dumbing-down our children both in the classroom and through the addicting use of smartphones. Unable to critically think they require constant guidance typically 150 times a day.
Are they a handicap to society and a threat to Americas national security? Just look at the US Navy - accident after accident largely being blamed on inept personnel.
The solution is to simply cut-out their eavesdropping power. The first step is to deny the worlds largest advertiser from lurking behind government sites, public institutions like universities, schools and libraries. In other words disable Google-Analytics. Its that simple people...

albertAugust 30, 2017 10:10 AM

@JG4,
(Don't know what happened to my previous reply)
Please accept my apology. I didn't look at the nakedcapitalism link.
DOH!
. .. . .. --- ....

Chairman MaoAugust 30, 2017 10:46 AM

@Dirk Praet

@ Chairman Mao

If I don't like it, I can turn off the computer.

Isn't that like closing your curtains when a white supremacist has just run his car into a crowd of unarmed protesters in your street ?

No.

It means a live and let live policy like the one I finally implemented with Chiang Kai-shek. We resolved our problems by swapping wives and mistresses.

Clive RobinsonAugust 30, 2017 11:42 AM

@ Craig McQueen,

That attributes a purposefulness to evolution that the theory says is entirely lacking. Curious that these mischaracterisations persist.

It's only true if you beleive there is no such think as random, freewill or non minima optimization.

I could go in some depth to explain why what you say by "purposefulness" and "mischaracterisations" is wrong but it would be too long for most readers.

Dirk PraetAugust 30, 2017 11:50 AM

@ Chairman Mao

It means a live and let live policy ...

Like the one implemented by the moron who drove his car into a crowd of unarmed protesters ?

Sorry for asking, but are you high out of your mind or just not realizing that a live and let live policy is the exact thing neo-nazis, white supremacists and Daesh supporters want to get rid of and their opponents want to preserve ?

free speech & hate speech vs. no speechAugust 30, 2017 2:08 PM

From eff regarding free speech and slippery slopes
"In the wake of Charlottesville, both GoDaddy and Google have refused to manage the domain registration for the Daily Stormer, a neo-Nazi website that, in the words of the Southern Poverty Law Center, is “dedicated to spreading anti-Semitism, neo-Nazism, and white nationalism.” Subsequently Cloudflare, whose service was used to protect the site from denial-of-service attacks, has also dropped them as a customer, with a telling quote from Cloudflare’s CEO: “Literally, I woke up in a bad mood and decided someone shouldn’t be allowed on the Internet. No one should have that power.”

We agree. Even for free speech advocates, this situation is deeply fraught with emotional, logistical, and legal twists and turns. All fair-minded people must stand against the hateful violence and aggression that seems to be growing across our country. But we must also recognize that on the Internet, any tactic used now to silence neo-Nazis will soon be used against others, including people whose opinions we agree with. Those on the left face calls to characterize the Black Lives Matter movement as a hate group. In the Civil Rights Era cases that formed the basis of today’s protections of freedom of speech, the NAACP’s voice was the one attacked.

Protecting free speech is not something we do because we agree with all of the speech that gets protected. We do it because we believe that no one—not the government and not private commercial enterprises—should decide who gets to speak and who doesn’t."
https://www.eff.org/deeplinks/2017/08/fighting-neo-nazis-future-free-expression

Also
https://www.eff.org/free-speech-weak-link/

For example,
"Cloudflare's termination of service to the neo-Nazi website the Daily Stormer in August 2017 was the first occasion on which the Content Delivery Network gave in to pressure pressure from third parties to become a vehicle for censorship of a customer website. Status: under observation."
https://www.eff.org/free-speech-weak-link/#cdn

JG4August 30, 2017 2:55 PM


@Wael and Clive - I'd like to see that analysis. I've left quantum fluctuations out of my simple analyses, mostly because they are close to or fall into the Buddhist realm of unanswerable questions.

I mentioned memristors last night. I think that they are coming and will have an impact on the scale of massive parallelism. This is a profound view of the world:

https://www.theregister.co.uk/2017/03/09/martin_fink_speaks/
...
More than a decade ago, I started the early work on a memory-first paradigm. I still very much much believe in that future, which gets to why I joined Western Digital. I believe that there is a value-shift that is happening in our industry. That the value is shifting from compute to data. Where we've historically looked at data stores (memory, rotating media, etc.) as the commodity, and the compute engine as the value; I think the model is reversing – where the data is the value and the compute engine is the commodity. Data is where we derive information, which gives us knowledge, then insight.


vas pupAugust 30, 2017 3:42 PM

@Ratio and @Thoth

Free speech is very vague issue. As for now legal scholars and SCOTUS try to clarify 1st Amendment meaning, but I guess average Joe/Jane have no clear beacon in that legal fog.

I'll stick to Ben's Franklin: "Without freedom of thought there can be no such thing as wisdom".

The only reasonable restriction should be on utilizing free speech as tool to promote violence.

E.g., statement that somebody does not like(or even hate) any person/official/demographic group/etc. is within free speech, but statement like 'kill or physically harm the same set of folks, burn or destroy property' is NOT protected by no means, but SCOTUS (9 legal gurus) have final word on that. I hope they know Franklin's statement above.
Ideas should be fought by ideas, violence by LEAs.

Chairman MaoAugust 30, 2017 4:12 PM

@Dirk Praet

It means a live and let live policy ...

Like the one implemented by the moron who drove his car into a crowd of unarmed protesters ?

Sorry for asking, but are you high out of your mind or just not realizing that a live and let live policy is the exact thing neo-nazis, white supremacists and Daesh supporters want to get rid of and their opponents want to preserve ?

First, why would a young dude (who makes ~$1200 / month and who has a 6 year note on his vehicle) -- want to crash his late model highway patrol car with a deficiency clause on the note?


The solution to the problem is to throw a party. Invite the girls. Share. New form of Team Building.

It worked for Chiang and I.

Nick PAugust 30, 2017 11:20 PM

@ Markus Ottela

"@Sancho P, @Nick P, @Thoth and others, I apologize for continuously disappearing in the middle of emails and discussions here. There's no excuse for that. Hopefully I'll have more time in the future to dive into all this."

No need to apologize. I'm in a similar situation where I'm overloaded with stuff to point that my replies are pretty sporadic. It's taken me weeks to get back to some. What people see me do a lot is the stuff that comes second nature (barely effort) since I've done it plenty times before. That's also why I haven't dug into your protocol and stuff. I do keep mentioning it to specialists that might when it makes sense to do so.

WaelAugust 30, 2017 11:37 PM

@JG4,

This is a profound view of the world:

Yet, the ancients knew about it. They called it "Knowlege is power".

I got another view! We thought that "Knowlege is power" but that view seems to be reversing now, after Snowden flapped his lips: "Power is knowledge". Equally profound!

I'd like to see that analysis.

Any time now, @Clive Robinson

@Nick P,

No need to apologize.

I won't be as courteous: You need to apologize, homie!

ThothAugust 31, 2017 3:42 AM

@Clive Robinson, all

ViSA pushes hard on biometrics and tokenization ina bid to lessen fraud. Gonna start expecting more malware attacking the biometrics and camera hardware of smartphones as the latest attack vector.

I may have mentioned a theoretical attack on the fingerprint hardare by the means of figuring out the protocol of the fingerprint hardware it uses and then spoofing the protocol and injecting a valid fingerprint pattern remotely (i.e. from a compromised TrustZone applet which have higher privileged access to hardware) to by pass fingerprint locks remotely. It's kind of a niche for now but who knows with growing use comes more attentiom and thus more attacks.

Link: http://www.afr.com/technology/visa-moves-to-kill-pins-by-pushing-aussie-banks-towards-biometric-authentication-20170824-gy3cs5

ab praeceptisAugust 31, 2017 5:12 AM

Thoth

The following is somewhat political (although I think, it's not far off).

What do large corps. and in particular banks hate? a) being regulated and controlled, and b) well educated "customers" who know their rights and want a fair partnership.

So they employ over and over again the same patterns, one mahor one being "lure them into comfort and - without them knowing - into diverse dependencies ... and once they're caught, change the rules and impose your will".

Another pattern, you, of course, already guessed it is "paint everything nicely and as oh so interested in the sheeps well being".

Any more questions? I don't think so.

RachelAugust 31, 2017 6:24 AM

Ab Praeceptis
Fairly consistently, you have (if I generalise/paraphrase) refuted the relevance or importance of factoring quantum computing as a priority in your threat model. I can't re find the quote but I believe last week you surprised me by specifically describing quantum computing as one of your considerations.It really seemed contrary. Able to elucidate? thankyou

ThothAugust 31, 2017 6:32 AM

@Rachel

re: QC and exploit vectors

None of the PQC ciphers are shown to be show-time ready with robust proof. The theory of how Quantum Computers work and actual ones that are capable of breaking ciphers are still unknown as they are non-existent as none are known publicly yet.

Also note that most aecurity breaks are done by compromising endpoints and observing traffic via metadata analysis instead of a head-on attack against a particular cipher. One reason is it is more economical and therefore easily scalable if you weaponize exploits without the overhead of targetting the cipher thus the more important thing for now is hardenkng of execution environment and create protocols that drown out metadata by being very consistent and noisy themselves. Maybe @Clive Robinson can do a better job explaining than me.

JG4August 31, 2017 7:11 AM


@all - Thanks for the continued excellent discussions of computer security. I managed a few insights this morning, which are my stock in trade. They come from a modest repository of knowledge. I cracked the control problem I've been working wide open. The first insight relevant to this discussion is that I should write up a tutorial on memristors along the lines of 65535's excellent compendium on bitcoin. I picked up the memristor thread somewhere in the 2006 to 2012 timeframe, possibly by way of a TED talk. I've definitely seen good content on Youtube. I revisited the memristor topic in 2013 or 2014, because I have a client interested in secure data storage on thumb drives. Secure from the point of view of data loss, although robust encryption and not spreading malware in national security infrastructure also are appealing features. My budget for that is in the thousands. In my foray through the literature on robust thumbdrives, which overlaps the discussion of partitioned machines, I found only the Sony Duo and HP's dream of memristors, which had a timeline to release in the past few years. That dream died with Fink's departure (without getting bogged down in questions of causality and entanglement), but memristors and other robust memory devices are relevant to the smart card computing enterprise discussed here. It wouldn't be paranoid to suggest that the memristor enterprise that HP formulated has important national security implications at various Spookwerks shops and may not have actually died, but rather gone dark. Fink now will have his hands and ideas in Western Digital's national security enterprise. I've been too lazy and dysfunctional to estimate what fraction of global rust demand goes to Spookwerks Utah, but that is an excellent question that I didn't see covered in the 2013 discussion of audio bandwidth vs. data depth. The Sony Duo platform is tragically flawed in that the robust recovery option is to mail it back to Sony for extraction. I found some hobby-level RAID implementations with thumbdrives, which also answer the question of data loss prevention. RAID with small solid state drives also would be fast and robust, but more difficult to filter (partition) without a first-principles effort to put together hardware. When I said that this is a profound view of the world, it was more aimed at the memory-first paradigm and the concept of a moving value-add target in the computer ecosystem, rather than the "data are not information, information is not knowledge, knowledge is not wisdom, wisdom is not power, power is not benevolence, benevolence is not contentment" line of reasoning, which also is quite profound. I hope to put together that thread later, in part because it overlaps AI and adaptive systems, as well as the question of purpose in evolution.

@whoever said that the lack of trust is appalling has failed to see the implications of how many times people have been betrayed by governments in the past 100, 300, 1000, 3000, 10,000, 30,000, 100,000, 300,000 and 1,000,000 years. it's a business model that is in play always and everywhere.

In rereading my comment from last night, I realized that encryption is aimed at formulating an unanswerable question, "What is the key?" while hiding the key in a safe space. The side channels, including rubber hose cryptography, really are the weak links in the proverbial chain.

I've mentioned at least one uncanny passage in the bible in the past, and I will revisit that topic in force later, because there are several more. There are many other ancient writings and legends that are equally uncanny. None more so than Odin plucking out his eye to trade off the depth dimension of vision in return for the ability to see through time. Can't recall if I have mentioned previously that a major portion of the human brain is devoted to processing visual information. It is the visual cortex and in people born blind, it can be repurposed for audio processing. I believe that anaphasia allows some people to be stunning writers. It will be fairly obvious that neurons and brains are adaptive systems. You won't have to do more than search Matthew Weigmann in the DuckDuck box to see how profound that can be. The blind can hear no better than anyone else, but their ability to process sounds into useful information often is spooky. So it is with me, in the sense that I could have been quite good at several of the many topics that we discuss. I used to be a solid writer of C with limited assembly language to manage some especially fast computations in an interrupt service routine for instrument control applications, but now it takes all the effort that I can muster to write 5 lines of SciLab code. I plucked out one eye, figuratively speaking, to be able to see across systems from quarks to galaxies, dollars to donuts, neurochemistry to politics. Not that I am good at any of those. A jack of all trades cannot master very many. Later we may be able to look at the neural and system feedback paths that make the spooks and police repurpose national security money to feather their own nests, as well as enabling psychopaths and sociopaths.

@Clive and Rachel - re: ketogenic/low-carb/optimal diet I haven't been able to eat nuts while I was short of magnesium, as they produced some very ancient pain sensations from what might be called pseudodiverticulitis. There was trip to the hospital with peritonitis too. I've been doing a lot better in that regard, but my prediabetes has been worse since I started getting enough magnesium and cut back on wine. You read that right - wine lowers blood glucose, at least until the acetaldehyde damages/destroys one of the three most metabolically active tissues in the body. One of the perverse symptoms of magnesium deficiency, besides all of the lifestyle diseases it engenders, is that it causes a desire to drink, which causes more magnesium deficiency, as well as thiamine deficiency, which is linked to serious short-term memory loss (Korsakoff's syndrome). Last night, I got into the nuts in quantity (walnuts, pumpkin seeds, almonds and a little bit of raw macadamias - I only eat raw nuts) and was pleasantly surprised that my blood glucose was 5 to 15 points lower than usual last night and this morning. If I haven't said it before, there are three foods associated with longevity, which are fish, nuts and beans. Moderate wine consumption doesn't hurt. A very powerful augmentation to ketogenic diet is fasting for 18 to 24 hours at some regular interval, at least once a month. My burst of creativity last week was from several in a row. I find that a modest amount of alcohol and fish at the end of that will produce a burst of insights. That may be secret code for neurogenesis, which is suppressed during starvation. The creativity has nothing to do with bipolar disorder. Pay no attention to the man behind the curtain.

on to the daily news dump

https://www.nakedcapitalism.com/2017/08/links-83117.html

...

We Said Google Was Dangerously Powerful, Then Google Proved Us Right. Matt Stoller, Buzzfeed

Google-Funded Think Tank Fired Google Critics After They Dared Criticize Google The Intercept. We need real “scholars,” with academic tenure, precisely to avoid this sort of situation.

A leading Google critic’s firing from a Google-funded think tank, explained Matthew Yglesias, Vox. “[T]he case sheds light on the growing tendency of companies to use think tanks as essentially stealth lobbyists.” “Growing.” Really?

The Dumb Fact of Google Money The Atlantic

Barnum Presidents and Benevolent Monopolists: Mark Twain, Amazon, and the Futility of Antitrust LA Review of Books

Inside the Massive 711 Million Record Onliner Spambot Dump Troy Hunt

New Uber chief aims for IPO within 18-36 months FT

Ex-Uber CEO Travis Kalanick was key in picking his replacement USA Today. Or so he says. “Khosrowshahi, who initially was not interested in the Uber post, describes how his mind ultimately was changed by the power of Kalanick’s pitch.” For more on “the pitch,” see NC here.

This letter from an angry Uber investor reads like a piece of modernist poetry Quartz. So Quartz formatted it that way. Hilarity ensues!

...

Imperial Collapse Watch

Army planners solve Korea tensions with proposal to move Seoul 300 miles south Duffel Blog

Is the US Navy a hazard to Asian commercial shipping? Lloyd’s List

Maybe today’s Navy is just not very good at driving ships Military Times

Erik Prince: Contractors, Not Troops, Will Save Afghanistan NYT

Our Famously Free Press

Opinion: Trolling is not opinion The Outline. From the URL, we infer the author’s title: “the-nyt-opinion-section-is-bad.”

New Cold War

New Russian ambassador to U.S. calls for resumed military contacts Reuters

ab praeceptisAugust 31, 2017 7:30 AM

Rachel

That's simple (in a way).

I don't think that there will be actually reasonably useful quantum computers anytime soon. In fact, I even have doubts wrt. quantum computing in general. For diverse reasons, the obvious one being that quanta don't like to be observed and are divas wrt what they perceive as observation. Moreover I have what could be called philosophical doubts (which I don't like to elaborate here). To be an actually useful computing device such a system (or should I call it processor) would need other resources, too, for instance some memory (and I doubt that we cann store superpositions anytime soon...).

But as everyone and his cat is talking about quantum computers and post-quantum crypto I took the liberty to use the term in a more general way, describing not yet specified "disruptive" technologies, in particular those with a high significance for crypto.

I'm a pragmatic man and as such I see that much of public-key crypto relies on foundations that might turn out to be shaky. One does, for example, not necessarily need a quantum computer miracle to all but explode the underlaying few security reductions, namely the log and factorization problems. Keep in mind that we do *not* even use primes but rather "probable primes".
Similarly, P vs NP is certainly not a field which we could reasonably consider as well understood and known, no surprises expected. What stirs my thinking particularly is the fact the whole setup is, pardon me, quite modest, to put it politely. How about, for instance, NE? That would be much more comforting. Or, in other words, "not in polynomial time" - seen from today and with todays technology! - doesn't really promise that much, and, more importantly, can change with much lesser progress than quantum computers. Just think back a decade or two when rsa-512 was considered to be NP. People tend to forget that while there is a definition in the ideal mathematical realm there also is one - and the one we effectively care about - in the practical realm. Which shows one major point of my concerns: P vs. NP has, in practical terms, become largely a purely quantitative (as opposed to qualitative) problem; rsa-512 is clearly P while rsa-4096 currently is assumed to be NP. Hmmm...

And, of course, there is mathematics. Seeing some progress made there frightens me a lot more than quantum computing. There is, for instance, still Riemanns hypothesis (which to assume being a strong conjecture seems prudent) lurking.

Finally, there are factors that don't seem to get adequate consideration. To offer an example: We like to keep state small so as to fit an L1 cache line and have fast algos. Doing that, however, also at the same time lowers the practical pq burden; looking at what's currently known a 32-qbit quantum processor is quite a hard to achieve task and to give it an additional few qbytes memory is too; giving it much more memory is presumably non-linearly more difficult. That imo suggests the question whether it's really smart to optimize crypto for small states spaces. It seems prudent to me to have some large state space algorithms available for more than key derivation and similar.

To put it pragmatically: I do not care whether one day a client calls me and tells me that there is a quantum processor that actually can run e.g. Shors algorithm with reasonable qbit size or whether he tells me that some russian mathematician has proven RH and/or developed an algo for quick factorization or whether some yet chip designer have very significantly enhanced certain operations in hw. What I care about is being able to smile calmly and tell my client to simply change a config parameter and be secure at least for some time.

I follow diverse trails and paths (and have excluded others as little promising) to achieve my goal. Unfortunately, the usual (widely known, well, more or less) approaches like e.g. error code based algos all have one or more major drawbacks, e.g. too large key size. Currently, my thinking is focussed on the question whether PK crypto as we use it (in one way or another boiling down to one-way/trapdoor functions) is still the right way, in particular in the way we do it. Obviously that problem isn't as trivial as simply advising to use OTP and be done (i.a. because that answers a different question than the one PK strives to answer and obviously also because it leaves open the decisive question "from which tree do the keymats fall?").

I feel to have identified some at least promising areas that are mathematically known to be solid and at the same time practically reasonably doable. And all of that is under the headline (as I interpret it) "pq crypto" where I take the liberty to consider the problem generally known a pq problem as just 1 variant of a larger and urgent problem class.

I hope I succeeded to answer your question in a halfway understandable way.

JG4August 31, 2017 10:30 AM


the most profound game theory that you're going to read today. I've been working on something that dovetails to this. the rest of it is worth the time.

http://epsilontheory.com/narrative/before-and-after-the-storm/
...
We tend to think big thoughts when big things like this happen, and there’s been a lot of that going on. For me, those thoughts have turned local, but I know a great many people outside of the Greater Houston area are focused on other things that are going on: Charlottesville, the Trump presidency, Berkeley, Eclipses, Nazis. It’s a lot to take, and Ben has accurately predicted and is now observing how some of these issues are manifesting themselves in Competitive Games that force us all into positions where we must either fight or lose. He was absolutely right that the aftermath of the Trump presidency would break us, that it would destroy any chance at productive political, social — hell, even investment dialogue. Was the event that broke us irrevocable? How do we get out of this Competitive Game? Can we?

These questions form the central context for one of the greatest works of science fiction ever written: Foundation, by Isaac Asimov. Spoilers follow, but frankly if you haven’t read it, you should stop reading this note and read it instead. It’s better. The story of Foundation is the story of a massive multi-planetary civilization and the development of a robust, flexible system for understanding and modeling the sociopolitical trends of its very large societies: psychohistory. The main champion of this system, a generational genius named Hari Seldon, identifies the inevitable fall of the prevailing government and its devastating aftermath. While the collapse is unavoidable, he determines, not all subsequent outcomes are equivalent. He devises a plan to plant seeds of the civilization that would survive in two corners of the galaxy, predicting that the evolution of those societies over future generations would lead to the maximum possible peace and stability. The system of psychohistory hinges on the behaviors of very large groups of humans and the simplifying assumption that no individual could possibly have the influence or power to break these models.

There are two kinks in Hari Seldon’s system. The first is the idea that Foundation — but really, any civilization — will reach inflection points from time to time where one set of actions will break the path back to peace and harmony, and one set of actions will maintain it. These events require active intervention outside of the normal behaviors that those in power would otherwise pursue. These are Seldon Crises. The second kink is different in that it is unpredictable, or at least was unpredicted. It is the existence of a single individual who does reach the level of power — in this case through the development of abilities to influence the emotions and judgments of those he encounters — to change the inevitability of Seldon’s map of history. The Mule, as he is called, nearly breaks the Seldon model, until those who rediscovered psychohistory rebuild the models and determine the appropriate strategy to ensure that the Foundation civilization gets back on its long-cycle path back toward peace and stability.


RachelAugust 31, 2017 12:03 PM

Thanks Thoth and Ab Praeceptis for the response- I'm most glad I asked as your offerrings are most insightful. I like the multiple angles and particularly Ab Praeceptis your post has a lot for me to process.

JG4
if i'm off topic i try to keep it to one post. apologies in advance. Whereas Clive gets carte blanche.
raw nuts are full of anti nutrients, to prevent them germinating until rain comes. look up making 'activated nuts' which is basically soaking raw nuts in salted water (real salt) for 24 hrs then putting in a dehydrator. (an excellent investment and great for making dehydrated survival foods-just add water) the taste is indescribable you will never ever look back.
your countries 'whole foods' will retail them but much better to make at home

magnesium goes to different tissues depending on the form. glycinate: liver and muscle. orotate: vascular, which may be relevant for you.(BP) Threonate prompts GABA so good for sleep. Glycerophosphate is very good.

see book Touching The Rock by John Hull. about mans slow descent into blindness over 20yrs. explains how rain allows a blind person to experience the world in 3D

enjoying naked capitalism commentary on google business models EU anti trust case

in many respects it doesnt matter if the lunar landing was real or not. I just read a project gutenburg book written in 1885 out of Baltimore Maryland USA, '100 reasons the world is not round.' thats a lot of reasons. i decided the shape of the blue 'may or may not be a marble' is inconsequential. in life as in security it is all too easy to be consumed by energy sucking trivia. the war for our attention is arguably the real covert war between good and evil few have picked up on. as we observe, the security sphere is thick with distraction mind parasites requiring an enduring vigilance of 'not this, not this'

Clive RobinsonAugust 31, 2017 4:28 PM

@ JG4,

The side channels, including rubber hose cryptography, really are the weak links in the proverbial chain.

This is where I send you on another link hunt in the knowledge repository this blog has become over the years, thanks to our genial host @Bruce.

@Nick P myself and otherz have had discussions on and off in the past about designing systems where you can prove you do not need to know the key to an encrypted drive you have in your possession.

The simplest is the device contains an embedded server and private key, which nobody needs know only the public key. Then a group of people submit their public keys to the server key ring. They get sent a key share by the server encrypted by their pub key and signed by the servers priv key.

The server has various sensors such as the US GPS, the European and Russian equivalents such that it can know it's location without it being spoofed (on the assumption that you can tell the satellites are for real, which is a conversation for another day).

You now have a glorified game of Multi Factor Authentication (MFA) in that each share holder being in different jurisdictions sends not just their key share but sends it encrypted by a geolocation and GMT time, signed by their private key then encrypted under the servers public key.

Not only does each share holder have to send a valid share, they have to send a valid geolocation and time they have all agreed on. The server can only recover the key share when it's at the right place at the right time.

Thus the courier has two pieces of knowledge the time and place, but they do not have the secret key. If the server is not at the right time and place when the button is pushed it can not remake the secret key. Whilst it might be possible to rubber hose the location out of the courier, it does no good if the time has passed...

Likewise it's pointless for a judge to use "contempt of court" because the courier can not make the secret. Also they don't even need to know the time and place to press the button. That could be communicated to the recipient not the courier again with a time and place requirment.

Even taking the device appart is not going to help if it's been implemented correctly (which is not something I'm going to go into here because it's more than a bit long).

The point is that "place and time" are easy for people to remember because it's something our brains are wired up to do by evoloution, unlike long random strings for pass phrases etc. And once the time point is passed the sent shares are of no use. Hopefully a judge will realise that their hands have been tied by the laws of time and mathmatics, unlike that Auz PM.

JG4August 31, 2017 8:55 PM


@a few of the usual suspects - I remember as if it were yesterday a friend in the physics business telling me in the 1980's that it was news that a physicist had plotted the allegedly random numbers from an RNG or PRNG in a polydimensional space and found that they were highly correlated. That's not entropy maximization, but I'm not sure if it was malice, incompetence, or both.

@Clive - Thanks for your profound thoughts. I almost remember that discussion, but I must have been too busy to comment. In some sense it would be like using n one-time pads in sequence, such that the plaintext is only recoverable with the cooperation of all n parties. Controlling one or more of the OTPs with GPS-derived position and/or clock-derived time is a stroke of genius, but that's why we are here. The result must include a flavor of plausible deniability, which is an ever-popular theme in the business space. This probably is the discussion that you reference:

https://www.schneier.com/blog/archives/2012/01/federal_judge_o.xml

My suggestion of memristors and compact, filtered memory devices missed one or more of the devices that have been discussed here. I saw Iron Key mentioned in the archive, but there probably are other devices that would be useful for the purposes that I described.

We always are rewiring our brains to adapt to local conditions:

How I Rewired My Brain to Become Fluent in Math | Hacker News
https://news.ycombinator.com/item?id=8402859

John Robb did a good job of capturing some new social trends here. If groups achieve success or even think that they achieved success, they will be back for more neurotransmitters. Weaponized autism can be implemented in AI.

The Alt-Right and Antifa Are Waging a New Kind of Internet Warfare
https://www.vice.com/en_ca/article/7xxmad/the-alt-right-and-antifa-are-waging-a-new-kind-of-internet-warfare

I wrote a good six-word answer to Rodney King's question some weeks ago, but I misplaced it. Money and power, psychopaths and sociopaths, and two that I can't recall, but may have been arbitrarge and conlict of interest.

afternoon news dump

https://www.nakedcapitalism.com/2017/08/200pm-water-cooler-8312017.html

...

Gaia
“Repeating radio signals from a mysterious source in a dwarf galaxy 3 billion light-years away have been detected by astronomers” [Newsweek]. “Despite widespread speculation, the possibility of the signals coming from an advanced alien civilization has been largely ruled out.”

...

News of the Wired

“How Apple Plans to Change the Way You Use the Next iPhone” [Bloomberg]. Whaddaya mean, “you”? If Apple forces facial recognition on me, I’m off the platform. Even if I trained it with a Nixon mask, I’d still have to carry the mask at all times. Or just wear it. Hey, why not?

“Bitcoin’s Academic Pedigree” [Association for Computing Machinery]. “[N]early all of the technical components of bitcoin originated in the academic literature of the 1980s and ’90s…. This is not to diminish Nakamoto’s achievement but to point out that he stood on the shoulders of giants. Indeed, by tracing the origins of the ideas in bitcoin, we can zero in on Nakamoto’s true leap of insight—the specific, complex way in which the underlying components are put together. This helps explain why bitcoin took so long to be invented. Readers already familiar with how bitcoin works may gain a deeper understanding from this historical presentation…. Bitcoin’s intellectual history also serves as a case study demonstrating the relationships among academia, outside researchers, and practitioners, and offers lessons on how these groups can benefit from one another.”

“Wittgenstein on Whether Speech Is Violence” [JSTOR Daily]. “In his essay, “Wittgenstein’s Dictionary,” the educator John Willinsky highlights the differences between the ‘meaning is use’ doctrine and a dictionary-first theory of meaning. ‘The dictionary’s careful fixing of words to definitions, like butterflies pinned under glass, can suggest that this is how language works. The definitions can seem to ensure and fix the meaning of words, just as the gold standard can back a country’s currency. What Wittgenstein found in the circulation of ordinary language, however, was a free-floating currency of meaning. The value of each word arises out of the exchange. The lexicographer abstracts a meaning from that exchange, which is then set within the conventions of the dictionary definition… When is speech violence? It depends on how we define it. If we define violence as a physical act, then speech is never violence. If we choose to define violence as causing harm to a person, then speech is often violence. If we choose to define violence as intentionally causing harm, then sometimes speech is violence.”

“I didn’t know what a meme was, says Distracted Boyfriend photographer” [Guardian]. If you’re into meme transmission, this is a must-read (And see the indispensable Know Your Meme here.) Since nobody else has, I guess I’ll have to (and do feel free to propagate on the Twitter):

https://www.nakedcapitalism.com/wp-content/uploads/2017/08/distracted_2-e1504204599807.jpg

What’s interesting to me is the tripartite structure of the meme (which is the source of its power as a vehicle for jokes and commentary). Most of our political discourse is binary (“If you voted against X you are for Y,” “If you are against anti-X you are pro-X”). So watching “the Internet” collectively learn to think in threes is interesting.

Chairman MaoSeptember 1, 2017 12:29 AM

@Dirk Praet

Sorry for asking, but are you high out of your mind or just not realizing that a live and let live policy is the exact thing neo-nazis, white supremacists and Daesh supporters want to get rid of and their opponents want to preserve ?

Did you see the video(s) of the car that tried to smash into the Presidential Convoy in Springfield, Missouri (Aug 30. See YouTube)

Be sure to study the videos while using Google Maps in 3D and street view.

Wanna know who did it? Their 'signatures' are all over it.

Dirk PraetSeptember 1, 2017 4:54 AM

@ Chairman Mao

Did you see the video(s) of the car that tried to smash into the Presidential Convoy in Springfield, Missouri (Aug 30. See YouTube)

An assassination attempt on a president or other figure holding public office (generally) is a political statement. Driving a car into a crowd of innocent protesters opposing your violent, white-supremacist ideology is plain murder bordering on terrorism, and a clear reflection of how you believe anybody disagreeing with you should be dealt with.

ab praeceptisSeptember 1, 2017 4:57 AM

Chairman Mao

Good answer.

Let me, strange as that may seem, defend dirk praet somewhat. I think that he is actually a nice and smart man who just happens to lose it (manners, fairness, ...) when discussing matters dear to his heart.

Let's just look at the current example -> "live and let live".

Also note the "neo-nazis, white supremacists and Daesh supporters". Evidently to people like him it seems perfectly fine when an antifa or a black person beats up others or even kills them, particularly when the victim is "neo-nazis, white supremacists and Daesh supporters"; just like many others who actually consider as great and even demand openly to asassinate president trump.

Having been called "neo-nazi" myself (which is *very* easily to achieve in parts of europa) I particularly enjoy mentioning that even more often I have been called a "damn communist". Considerably less funny is the fact that in south-africa whites are nowadays pretty much fair game and get robbed, raped, and killed by blacks at alarming rates - yet none of the oh so concerned about racism have even noticed that, let alone clearly taken position against it.

So, lesson #1 regarding the "live and let live" faction is: It depends. There are good killers and bad killers, good racists and bad racists, good terrorists and bad terrorist.
lesson #1 is: The judgement whether anyone is a good or a bad killer, terrorist, or racist is exclusively at the pleasure of the "live and let live" democrats. Evidence isn't needed but will gladly be accepted to be bent so as to fit what has been decided in advance.

Finally, re. the "live and let live" itself: The trick is a usual one, namely to erect a nice looking banner with a principle that at a first superficial look seems to be great. "live and let live" is a good example; Hardly anyone wouldn't agree to that.
The problem arises from the fact that a) there are - intentionally - no qualifiers and b) it is arbitrarily interpreted with the actual aggressor faction claiming the high ground.

ad a) "live and let live" is far too general and unqualified a statement. It sounds nice but to carry any weight it must be qualified. Even worse, that statement is all but bound to end in a conflict.
Example: is the police officer who is confronted by a criminal with a gun to "let live" - and such risk no *not* live himself?

Less grave but by far more important in the current situation are qualifiers like "where?" and "how?". Even most nazis and "nazis" would hardly be against the qualified statement "migrants (the sort that currently floods europe and brings along a crime wave) should live and let live *in their own countries*". It is this very qualifier that is not met and is responsible for the recent strong rise in "nazis".

Ad b) it's not some self-acclaimed high-grounds that are decisive in our societies. It's the laws that are decisive. The law in most countries says that there are citizens and there is a border and that border must be protected against non-citizens. We may like or dislike that but that's the law; to change it one must use democratic processes and not street riots or arbitrarily branding people with another view as terrorists or fascists or the like.

Short, "live and let live" is and always was *qualified*. To try to kill a president one doesn't like was never covered by that statement. And arbitrarily calling him racist or nazi does *not* change that.

Btw, funnily "evil Russia"(tm) actually has a quite well functioning version of "live and let live", qualified, of course, by the supremacy of the law of the land. And it works nicely. Christians, buddhists, muslims (and more than some muslim countries), white, yellow, and brown people, they all live quite well together and demonstrate "live and let live".

ab praeceptisSeptember 1, 2017 5:49 AM

JG4

a physicist had plotted the allegedly random numbers from an RNG or PRNG in a polydimensional space and found that they were highly correlated.

Yes, of course, they are correlated, namely by the generator function. But so is crypto input and output.
But that is not a concern by itself. Maybe that can better understood when looking at our mechanistic (newtonian/einsteinian) image of the world: even true random numbers are assumed to be correlated, e.g. by quantum field functions. In other words, true random seems (by definition btw) random because we don't know natures generator function and all relevant states.

So, a prng is in a way just a very much simplified version (which also makes it less random).

But there is more to it, namely that in crypto we have a (more or less) clearly defined set of properties (and acceptable property domains). Probably the most important one being "unpredictability", i.e. the property that for a given algorithm we can not with reasonable effort and in reasonable time predict the next random number based on the numbers seen so far.

Which leads to two other properties, one obvious and one "hidden": The obvious one is a generators period (how many random numbers it can deliver before a new cycle begins, repeating the same random numbers). Evidently we want generators with a sufficiently long period; typical ones are in the range from 2^32 to 2^512 (but much larger ones exist).

The other property, the "hidden" one is, more importantly, a widely misunderstood one, namely uniqueness. In fact, very much counter to what most think, uniqueness per se is not necessary. After all, we have many random generators that are accepted as highly random that, however, do not at all deliver unique numbers. roulette is an example.
To understand it better one must understand *why* uniqueness (i.e. that any random number comes up no more than one time in cycle) is often so high up on the desired properties list - and that reason is *not* that doubles per se are bad or inacceptable. The reason is that non-unique numbers highly likely indicate negative properties or even flaws in the generator. Keep in mind that unlike a roulette wheel where many factors are at play (temperature, etc.) prngs do not have any but their algorithm.

Next to some other factors (e.g. distribution, no bias, etc) there are, of course, also the practical ones. State space is a good example; we want that as small as possible due to the register -> main memory attack vector ladder (register least vulnerable, then L1, L2, L3, and finally main memory most vulnerable). A CSprng, however, will be lucky to achieve L1 locality and often is worse (L2). Moreover, almost all CSprng are almost obsessed with (mostly focussed on) unpredictablity and are lacking in other respects.

Finally, in our field, we must obviously be concerned about adversaries. What if Eve has vastly superior resources to ours plus, very dangerously, a hidden algorithmic knowledge (think "can, due to some kept secret algorithm perform relevant calculations in fractions of the time that is generally assumed")? This brings up questions like "how much of our period can we actually use without giving away enough to Eve to allow her to achieve significantly lowered unpredictability (or even plain predictability)?

In case anyone cares, my personal advice is to never use more numbers than root(period) of a random algorithm. In my minds eye this is about the most frequent error in protocol implementations. Frightengly often the code goes like "for i The problem with that is that it gives away the whole cycle and hence the full target domain which to a resourceful Eve is immensely valuable. And no, running the next cycle after re-seeding the prng does *not* help, quite the contrary, it provides Eve even more information; in fact, having two full cycles Eve not only can analyse our generator but also gets some look at our re-seeding source (which is typically the OS /dev/random).

Funny, most people don't think much about random generators; this also shows in typically quite poor prngs in many languages standard libraries. But random is an immensely important core element in much of crypto and a likely attack vector. If I had, for instance, to crack telegram or the like, one of my first looks were at their prng.

Dirk PraetSeptember 1, 2017 7:11 AM

@ Chairman Mao

For the record:

1) I do not advocate or condone violence or hate speech on any side or on any continent. Do note, however, that most civil countries have enshrined in law the concepts of self-defense and provocation. The parading - in full battle dress - of nazi and white supremacist symbols to the average Afro-American or Muslim is the bar equivalent of calling someone's mother or sister a whore. Which, at least in our pub, is not a recommended course of action unless you need positive proof that you have been beaten senseless by a bunch of thugs in the course of some insurance fraud or desperate attempt to explain to your wife where you have been the last three days.

2) I believe the exclusion of hate speech and inciting to violence as we know here in the EU is a perfectly reasonable limitation on free speech, especially if it's intent is to undermine or destroy the very principles democracy - and free speech in particular - is based upon. You cannot have the cake and eat it.

3) I have not and will never advocate the murder of a US president (or any other person, for that matter), however much I would like to see him fall victim to an unfortunate surprise attack by a local alligator on his next visit to Texas or Louisiana.

4) My opinion on EU immigration and refugee crisis is well-known and the exact opposite of indiscriminately allowing everyone in under the assumption that every migrant or refugee by definition is a poor victim and a decent human being we are under some legal or moral obligation to provide and care for.

5) In Russia (or China), people of different ethnic, religious and other backgrounds live quietly together because stirring up ethnic or religious tensions will land you either in jail, get you disappeared or your village bombed. That's what authoritarian regimes do. Ask any Chechnian.

5) I am not a nice person.

Clive RobinsonSeptember 1, 2017 7:28 AM

@ ab praeceptis,

Funny, most people don't think much about random generators; this also shows in typically quite poor prngs in many languages standard libraries.

Yes the one you see pop up from time to time is X+Y not (X+Y)modZ. Especially when combining multiple generator outputs to "stir the pool" etc.

They don't appear to realise --even though Knuth documents it-- that without the modulo operation folding things back it changes the distribution from "flat" to an aproximation of "normal" which is that cute "bell curve" lots of people talk about (but likewise do not understand).

Then there are other things such as going from a 2^n range of numbers to a range of different numbers the worst being 2^X +1.

For some reason most code cutters making libraries for their apps don't get taught such things...

Chairman MaoSeptember 1, 2017 11:53 AM

@Dirk
@ab praeceptis

I hear both of you.

Moving on, be OBJECTIVE AND IMPARTIAL.

Did you do your study and compare the videos to the maps and sattelite images?

If not, do it now.

Then read this: https://www.voanews.com/a/car-without-brakes-nearly-slams-donald-trump-motorcade/4010409.html

Does it look like brake failure to you? Did you know that there was a private airfield within 1/2 a mile of the incident? Do you see the 'signatures' in the videos?

Who dun it? (Hint: Who pays for the Voice of America? Why are we here at Schneier.com? Who is behind all of this? Be objective and face the facts. Nobody will solve anything until that happens.)

RachelSeptember 1, 2017 11:54 AM

Dirk

' I am not a nice person '

yeah. Iyu're the only one here I always envisioned, stomping into the pub or gig, chanting " Oi Oi Oi are you feelin' alright..."

Chairman MaoSeptember 1, 2017 12:01 PM

@Dirk
@ab praeciptis

QUESTION: Does it appear to you that the VOA is broadcasting truthful, multi-sourced facts per the law and their charter?

QUESTION: Who dun it?

ADDING TO MY PRIOR POST: https://en.wikipedia.org/wiki/Voice_of_America

Laws[edit]
Smith–Mundt Act[edit]
From 1948 until its repeal in 2013, Voice of America was forbidden to broadcast directly to American citizens under § 501 of the Smith–Mundt Act.[5] The act was repealed as a result of the passing of the Smith-Mundt Modernization Act provision of the National Defense Authorization Act for 2013.[6] The intent of the legislation in 1948 was to protect the American public from propaganda actions by their own government.[37]

Internal policies[edit]
VOA charter[edit]
Under the Eisenhower administration in 1959, VOA Director Henry Loomis commissioned a formal statement of principles to protect the integrity of VOA programming and define the organization's mission, and was issued by Director George V. Allen as a directive in 1960 and was endorsed in 1962 by USIA director Edward R. Murrow.[38] On July 12, 1976, the principles were signed into law on July 12, 1976, by President Gerald Ford. It reads:

The long-range interests of the United States are served by communicating directly with the peoples of the world by radio. To be effective, the Voice of America must win the attention and respect of listeners. These principles will therefore govern Voice of America (VOA) broadcasts. 1. VOA will serve as a consistently reliable and authoritative source of news. VOA news will be accurate, objective, and comprehensive. 2. VOA will represent America, not any single segment of American society, and will therefore present a balanced and comprehensive projection of significant American thought and institutions. 3. VOA will present the policies of the United States clearly and effectively, and will also present responsible discussions and opinion on these policies.[4]

"Two-source rule"[edit]
According to former VOA correspondent Alan Heil, the internal policy of VOA News is that any story broadcast must have two independently corroborating sources or have a staff correspondent actually witness an event.[39]

Dirk PraetSeptember 2, 2017 7:23 AM

@ Rachel

yu're the only one here I always envisioned, stomping into the pub or gig, chanting " Oi Oi Oi are you feelin' alright..."

I'm actually the guy throwing those types out, as well as alerting the potheads to the presence of undercover agents on a steak out. They usually come in pairs.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.