Calling Squid "Calamari" Makes It More Appetizing

Research shows that what a food is called affects how we think about it.

Research paper.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on February 9, 2018 at 4:17 PM • 148 Comments


Grahame GrieveFebruary 9, 2018 4:47 PM

From the kids book "On the beach", a letter home from a girl on holiday to her grandma:

"The man gave the squid to dad and I have the weird feeling dad thinks were going to eat it. I'm having calamari from the shop instead."

RhysFebruary 9, 2018 5:11 PM

If calling horse mackerel -Tuna makes a difference? Or Chilean Sea Bass is so much more inviting than Patagonian Tooth fish...well, if you say so.

For those of us who labored in Jesuit education factories- calamus is "a writing pen". The shell of the cuttle fish and its ink sac (sepia colored ink) had a Latin language reason for the terminology.

I'd really like to know if anyone knows what a Mesonychoteuthis hamiltoni or Architeuthis dux calls humans just before they eat us?

Anyway- many of areas of QC in civilian sector advancing. Not just for computation, encryption, or QKD- this was announced for storage. With QM (quantum memory) whole infrastructure is now possible. Primary & secondary storage is now being addressed, too.

WadeFebruary 9, 2018 6:20 PM

A significant amount of food nomenclature follows this role, and it's driven by sociohistorical trends. We call foodstuffs "beef," "poultry," and "pork" -- romance language derivations -- because it was historically more common for the consumption of those foods to be ordered by upper classes who spoke those languages, as opposed to Germanic "cow," "bird," and "pig," more likely to be used by poorer farmers. That's why we have both word sets today, but their usage in context predominantly differs.

WhatWouldPompeodoWiththatFebruary 9, 2018 7:01 PM

Smoke & Mirrors; less popcorn

"The negotiations in Europe last year were described by American and European intelligence officials, who spoke on the condition of anonymity to discuss a clandestine operation, and the Russian. The United States officials worked through an intermediary — an American businessman based in Germany — to preserve deniability. There were meetings in provincial German towns where John le Carré set his early spy novels, and data handoffs in five-star Berlin hotels. American intelligence agencies spent months tracking the Russian’s flights to Berlin, his rendezvous with a mistress in Vienna and his trips home to St. Petersburg, the officials said.

The N.S.A. even used its official Twitter account nearly a dozen times to send coded messages to the Russian."


"American intelligence officials were also wary of the purported kompromat the Russian wanted to sell. They saw the information, especially the video, as the stuff of tabloid gossip pages, not intelligence collection, American officials said.

But the Americans desperately wanted the hacking tools. The cyberweapons had been built to break into computer networks of Russia, China and other rival powers. Instead, they ended up in the hands of a mysterious group calling itself the Shadow Brokers, which has since provided hackers with tools that infected millions of computers around the world, crippling hospitals, factories and businesses.

No officials wanted to pass on information they thought might help determine what had happened.

“That’s one of the bedeviling things about counterintelligence and the wilderness that it is — nobody wants to be caught in a position of saying we wrote that off and then five years later saying, ‘Holy cow, it was actually a real guy,’” Mr. Hall said."

Alyer BabtuFebruary 9, 2018 7:08 PM

And how a person is called

Mark Twain - “When red-haired people are above a certain social grade their hair is auburn.”

WhatWouldPompeodoWiththatFebruary 9, 2018 7:21 PM

Here we go again in the "United States of Amnesia" (Gore Vidal).

From: Lawrence Wilkerson: I Helped Sell the False Choice of War with Iraq; It’s Happening Again with Iran


Fifteen years ago this week, Secretary of State General Colin Powell gave a speech to the United Nations arguing for war with Iraq, saying the evidence was clear: Saddam Hussein had weapons of mass destruction. It was a speech Powell would later call a blot on his career. Is President Trump doing the same thing now with Iran? We speak to Powell’s former chief of staff, Col. Lawrence Wilkerson. He recently wrote a piece titled “I Helped Sell the False Choice of War Once. It’s Happening Again.”"

Colonel Lawrence Wilkerson, welcome back to Democracy Now! Talk about what—how you felt at the time, how you came to understand the evidence that General Colin Powell, who himself said—called this speech, later, a blot on his career—how you put this speech together, and the echoes of it, what you hear today, in Ambassador Haley’s speech.

LAWRENCE WILKERSON: Amy, we put the speech together with, arguably, the entire U.S. intelligence community, led by George Tenet, the director of central intelligence, literally at Powell’s right hand all the time, seven days, seven nights, at Langley and then in New York, before we presented.

When I saw Nikki Haley give her presentation, certainly there was not the gravitas of a Powell, not the statesmanship of a Powell, not the popularity of a Powell. What I saw was a John Bolton. And remember, John Bolton was her predecessor, in terms of being a neoconservative at the United Nations representing the United States. I saw a very amateurish attempt.

But nonetheless, these kinds of things, when they’re made visual and the statements are made so dramatically, have an impact on the American people..."

"What happens is you get people like Tenet, you get people like John Brennan, you get people like John McLaughlin, you get people like Chris Mudd, for example—Phil Mudd, who was head of counterterrorism for George Tenet and who tried at the last minute to get me to put even more stuff into his presentation about the connections between Baghdad and al-Qaeda. You get people like that who are at the top. That screens all the many dedicated, high-moral, high-character professionals down in the bowels of the DIA, the CIA, the NSA and elsewhere. That screens their views, which are often accurate—I’d say probably 80 percent of the time very accurate—from the decision makers. So what you get is you get people like Tenet and McLaughlin and Brennan, who shape whatever they can to fit the policies that the president wishes to carry out. The intelligence, therefore, gets corrupted. So, in that sense, I am still down on the, quote, “U.S. intelligence community,” unquote.

AMY GOODMAN: I mean, it’s really interesting, because a number of the people you mention from the past are the current commentators on television.

LAWRENCE WILKERSON: Yes, yes. John McLaughlin—John McLaughlin lied to the secretary of state of the United States on more than one occasion during the preparation for the 5 February, 2003, U.N. Security Council..."

"LAWRENCE WILKERSON: That agreement, the JCPOA, the nuclear agreement between the U.N. Security Council permanent members, Germany, Iran, that agreement is probably the most insidious and likely way to war with Iran. The Obama regime, in a very, very difficult diplomatic situation, achieved the best it could. That best is a nuclear agreement that keeps Iran from a nuclear weapon and gives us over a year of time, should they try to secretly break out of it, to inspect and find and to stop, even if we had to bomb. So it is an agreement unparalleled in regard to stopping Iran’s search for, if it ever had the desire to, a nuclear weapon.

If Trump undermines that, if this administration undermines that, then there is no—and they are moving fast to do that—there is no other alternative, if you look at it. Now, my colleagues and some of my opponents in this will say, “Oh, no, that doesn’t necessarily mean war.” It certainly does, if you continue this march towards Iran’s—unacceptability of Iran’s having a nuclear weapon, because then we will have intelligence telling us that Iran is—I know the Foundation for Defense of Democracy and others will never let this rest. We will have everyone telling us that Iran, whether they are or not, is going after a nuclear weapon, once the agreement is abrogated. That means the only way you assure the American people and the international community, the region—Saudi Arabia is salivating for a war with Iran, with American lives at the front—that means the only way you stop Iran, under those circumstances, is to invade—500,000 soldiers and troops, you better have some allies, 10 years, $4 [trillion] or $5 trillion. And at the end of that 10 years, it looks worse than Iraq did at the end of its 10."

and so on

Maintaining Administrative ControlFebruary 9, 2018 8:14 PM

Who tires of the relentlessly data mining?
My biggest security nightmare is when unknown data flows between the Internet and my computer without either any administrative control, insight or approval.

I fled from Windows 8.0 years ago. But now in its latest bid to monetize Ubuntu Linux users, Conical is also removing local administrative control along the lines the MicroSoft ‘Trusted’ Installer. They now modify the Linux kernel removing local control for mandatory updates and proprietary Snap applications.
Snap apps must be approved by Canonical. Snaps allow binary images to be installed which traditional Linux installers rejected as untrusted.

Canonical following the business models of Googe and MicroSoft, as app owning teams are responsible for security of their SNAP apps. This deliberate design away from open source software allows malicious actors to easily interject themselves into your precious system. By design, you the owner are rendered powerless and clueless.

Snap apps must be approved by Canonical. Snaps allow binary images to be installed which previous installers either rejected as untrusted.

The ultimate irony is a worthless privacy policies stating ‘we take your privacy seriously.’ The bottom line is Ubuntu 18.04 LTS forced Snap monetizing vehicle is a non-starter. Time to jump ship again!

Now step back and combine this data-mining nightmare with the Intel Management Engine and Spector flaws.
Worse DRAM and video card prices have more than doubled. No wonder traditional PC’s are decline. I can only take so much abuse!
I’m being forced to stop investing in the traditional computing way of life dumping both popular OS and hardware. What are many options?
First change can result for the better. My solution:
Rather than have one computing device with mediocre results for everything, What are the categories?

Entertainment Results
a) Apple 4K streamer offers the best privacy for DRM services like Netflix and Amazon Prime. Connected with isolated Gbit Ethernet $200
b) Raspberry Pi 3 w/Open Source Media Center 32bit OS microSD - $75
c) Vero 4K Streamer w/OSMC for high-end multi-media 64bit OS microSD $150

The free Debian based OSMC operating system offers fine privacy control to stay local and private. However the Pi3/ARM processor ID is a concern as third-party applications can track. Dodgy Kodi add-ons are also a security concern and best avoided.

Home Business Results
d) Use latest generation (but discarded) entertainment PCs by installing an unmodified Linux Long Term Support Kernel. Useful for Mail and web browser (with Ad-block user-agent spoofing). The Gnome disks utility easily creates backup images from the micro SDs.
Security question: can disk writes be physically disabled with a SD extension adapter?

SMB Linux LTS kernel with default desktop

Open Source DD-WRT modem with AES encryption for trusted wired network

These British open source solutions aren’t sold or supported in Big-Data USA.
The $75 Raspberry Pi3 is also fast enough to use for light duty PC work. I now buy $20 mico-ssd for local storage. Unlike standard Iot devices, these devices are easier to use, improve picture quality, reliability and owner security. Unlike the Amazon Fire there is no advertising. I couldn’t be happier. Thanks go to Conical for pushing the issue.

Note: Amazon has begun selling subsidized 4K Android based streamers from China. The unspoken catch is the OS can’t be wiped-clean to prevent you from being data-mined.

Alyer BabtuFebruary 9, 2018 9:12 PM

@ all comfy distros

Forget the automatic transmissions. Pare it down as close to the bare metal as you can. Use a stickshift !

Assignment, due next Tuesday at beginning of class: Define “compiler”, and write three examples.

Mark STFebruary 10, 2018 1:32 AM

"what a food is called affects how we think about it" reminds me of the following anecdote:

One day, Korzybski was giving a lecture to a group of students, and he interrupted the lesson suddenly in order to retrieve a packet of biscuits, wrapped in white paper, from his briefcase. He muttered that he just had to eat something, and he asked the students on the seats in the front row if they would also like a biscuit. A few students took a biscuit. "Nice biscuit, don't you think," said Korzybski, while he took a second one. The students were chewing vigorously. Then he tore the white paper from the biscuits, in order to reveal the original packaging. On it was a big picture of a dog's head and the words "Dog Cookies." The students looked at the package, and were shocked. Two of them wanted to vomit, put their hands in front of their mouths, and ran out of the lecture hall to the toilet. "You see," Korzybski remarked, "I have just demonstrated that people don't just eat food, but also words, and that the taste of the former is often outdone by the taste of the latter."

Maciej KFebruary 10, 2018 3:23 AM

Russian scientists working at a top-secret Russian nuclear warhead facility arrested for allegedly mining crypto-currencies.

I found this bit particularly funny:
"The supercomputer was not supposed to be connected to the internet - to prevent intrusion - and once the scientists attempted to do so, the nuclear centre's security department was alerted."

echoFebruary 10, 2018 3:44 AM

I'm sure there is nothing new in this paper. I know of some graphic alternatives for certain food and, of course, various medical conditions or social status and other things have names which affect perception. Other papers have noted how our conciousness tends to lag decisions which have aleady been made in the more emotional and primal areas of the brain. Without naming names we know advertisers and politicians among others abuse and subvert these processes but understanding of these issues can help progress public policy in important ways so more understanding is good.

This article explains how mobile phone position data can be matched to a map to identify your location even when GPS etctera has been turned off. It also notes how apps often have permissions which allow them to exploit this. Movement and position data may also give away age, gender, and health.

ThothFebruary 10, 2018 5:17 AM

@Clive Robinson

Maintaining Trust in a Trustless Environment in the Prison Model

I have been pondering on how to implement a Trust Model in the Prison Environment and if we want to assume chips are compromised thus the use of Prison Model, we might as well assume all chips are compromised and that includes the processor responsible for routing user inputs to the array of micro processor chips to execute user functions and requests.

Your original idea was to use a chip of higher trust level to do result comparison and assigning of requests to chips.

My interpretation of this trust model takes the idea of trust in a more paranoid approach to trust by assuming that none of the chips can be guaranteed to be trustworthy and all are equally suspect. We thus assume what is called a Trustless Environment whete Trust is built based on a proof of work similar to the Bitcoin protocol.

My mwthod would effectively borrow and modify the Trustless Trust Model that is the foundation of Bitcoins.

Bitcoin relies on a majority of nodes to be honest with a work of proof and a ledger to ensure trust in a trustless environment. The adversity model of Bitcoin assumes that trust can only be established by consensus of the results derived from computation to proof a transaction does not break the rules that would adversely affect the integrity of the Bitcoin network. The results are stored in a merkle hash chain called the Ledger. The initial block of the chain is called the Genesis Block and it's hash is hardcoded.

Following the Bitcoin model for the Prison model, an initial hash for the Genesis Block is generated and hardcoded into all the chips. All the chips would be assigned tasks based on their ratings. The Ledger would be stored on an attached disk to the routing processor instead of on the execution chips to prevent bloating their own storage space.

A user request would be sent to the routing processor that would forwarded to the chips to execute. In order to determine who to be given the privilege to execute the request, a subset of the chips would vote for at least 2 execution chips based on their ratings.

The 2 execution chips' results would be submitted to all the judging subset chips and a consensus on rating would be issued to the execution chips. The rating would have a limit. A small random chance would exist to allow chips of lower rating to gain the chance to execute requests. Any execution chips caught with behaviours that break the rules would immediately have all it's ratings removed and would have much lesser chance to execute a request.

A consensus from all the judging chips on the execution chips on issued ratings and an encrypted version of the requests and results would be stored in the Ledger for future attestations.

The chip that found any problems in the Ledger would have it's ratings increased as well and the judging chips that are the cause of a problem in the Ledger would have their ratings zeroized.

This is the Trustless Trust concept for Prison Model based off Bitcoins.

-- This is public domain work.

Alice Wang and Eve WuFebruary 10, 2018 7:33 AM

This event is two weeks old, pardon me, but here the right place to say it:

The OpenPGP Message Format, draft-ietf-openpgp-rfc4880bis-04, came out on January 25. The text is contradictory, strangely namby-pamby about security, and speaks of the MDC (Modification Detection Code) packet still being hashed by SHA-1: " a modest security system, it has modest requirements on the hash function(s) it employs. It does not rely on a hash function being collision-free, it relies on a hash function being one-way."

I don't want a modest security system. SHA-1? The hash function made by the fox to protect the hen house? That one?

To my mind, the whole set up of the MDC packet is very curious: the hash of the plaintext is sitting right there ready for attack.

On forums such as, they don't like one to state opinions, which is understandable. But some people don't want to hear anything negative and they become mealy-mouthed, like the author of RFC4880bis-04.

Wrap your mind around this, a cryptologist speaking (on stackexchange), not someone who failed logic:

"SHA-1 is only academically broken. So, it is still secure for all uses." (2013)

Jaw hits floor. I see someone has zero real-world experience.

"The problem is, attacks only get better. So, migrating to SHA-2 (or at least planning for a SHA-2 migration) would be a good move." (said in 2013)

Fine. So why can't GnuPG step up from modest security to strong security--as the years go by?

What is really going on here?

Alice Wang and Eve WuFebruary 10, 2018 8:05 AM

Speaking of making the unpalatable yummy: "The Patriot Act".

Don't read how it actually undermines national security--just click once with your brain finger after listening to the name. So appealing. Vote for it.


"Operation Olive Branch"--Turkey thumbing its nose at the U.S. and bombing Kurds with impunity.

It makes one wonder. The U.S. has been averse to creating an inward-looking, state-empowered intelligence police--think GESTAPO--but it has the tools to do so, and the peeps. Its tools would also make the STASI weep. And, lot's of data already exist--thanks Google, thanks BULLRUN, thanks Facebook.

So, what will the U.S. call its secret police? (I am trying to picture Michael Hayden talking about how we need it--you know the story, safety or privacy? You pick.)

"Bureau of Security and Safety" (BOSS)

Bong-Smoking Primitive Monkey-Brained SpookFebruary 10, 2018 8:07 AM

@ r:

Don't get forked:

Hmm. Interesting problem that exposes several security weaknesses! What do you think we should do about it, agent r? Use that for our own TAO efforts?

Fragmented Desktops are NOT a StrengthFebruary 10, 2018 9:54 AM

For data-mining devices the number one priority (after pleasing Wall St) is to provide a superior user experience.
Unlike most Linux desktops the OSMC Vero/Raspberry Debian/Kodi streamers provide a GREAT user experience.
All the messy details of making a refined, smooth performance is quietly handled by their crack engineering team.
Take for instance the settings for audio and video. The OSMC has a whole menu settings page for correcting HDMI mismatches or anomalies. The critical test ‘do I have a picture and sound?’ isn’t even on the radar for linux desktops using players like VLC. So customers are left to twiddle unsatisfied forever.

Piece of Cake
On OSMC I was able to pass-thru DTS and Dolby to the receiver for the first time ever with Linux. The Vero 4K will also pass Dolby-HD and DTS-MA. The comparison the inferior Ubuntu Pulse Audio (which sits on top of superior ALSA) is clueless.
This is also why closed Silicon Valley data-mining devices are seldom designed to interface outside their own ecosystem. Who wants to misfire like troublesome Linux desktops?

Crash and Burn Example
Lets add Wayland for 17.10 but wait, its really too buggy. Sorry! So lets go back to x11 for 18.04. When all they REALLY want to do is data-mine like Silicon Valley. Snap to It...

Let me know when any Linux desktop can stream trouble-free as OSMC and I will install it on my already discarded, legacy 8th generation Intel processors.

Root Cause Issue
OSMC succeeded by omitting messy Linux desktops altogether. Apple, Microsoft, Google only support a single desktop, yet fragmented Linux has hundreds! Does this extreme amount of flexibility interfere with the smoothness, refinement and polish necessary to provide a great user experience?

ThothFebruary 10, 2018 11:01 AM

@Alice Wang and Eve Wu

The reason they could sit comfortably with SHA-1 for the MDC is because they used a MAC-then-Encrypt construct.

A Hash/MAC-then-Encrypt construct means that you generate a hash or a MAC code on the plaintext then you append the hash to the plaintext and encrypt the hash together with the plaintext into the ciphertext in CFB mode.

The assumption is that attacking the ciphertext would be difficult and thus if the attacker cannot properly decrypt the ciphertext, they would not know the result of the hash and thus they would not know how to create a hash collision.

They could even use a CRC16 to do a checksum instead of a hash and then use it as an MDC because if by following their assumption that the encryption algorithm is really hard to bypass, then the attacker would not know the plaintext and also not the checksum or hash that accompanies the plaintext and if the checksum or hash is known, then it is highly likely the plaintext would also be known because that would assume a break in the encryption or key.

In the real world, there are many attacks that one could use on Hash/MAC-then-Encrypt scheme which you can search online and thus the assumption of a SHA-1 or CRC16 used for checksuming is really pointless because attacks that can work on Hash/MAC-then-Encrypt could be used to defeat the cryptographic scheme in the first place.

This has always been a weak spot of OpenPGP message format where they use a Hash-then-Encrypt and it would probably continue into the future because nobody seems to listen.

An alternative to OpenPGP would be another open source project called miniLock which is linked below. The plus point for miniLock is it uses a well-known and field tested NaCL library to do it's cryptography and thus is definitely a much more stronger option than OpenPGP if that's what you are looking for.


CallMeLateForSupperFebruary 10, 2018 11:34 AM

"The N.S.A. even used its official Twitter account nearly a dozen times to send coded messages to the Russian."

I laughed when I read it The Intercept this morning. Very recently our Clive reminded us of the technique, which Britain had used during WWII to communicate coded information to agents on the Continent by way of "messages to friends", broadcast in the clear by BBC.

The actual NSA tweets are reported here:

Alice Wang and Eve WuFebruary 10, 2018 12:05 PM

@ Thoth

Thank you very much. I only have a basic understanding of how MAC-then-Encrypt, Encrypt-and-MAC, and Encrypt-then-MAC actually work. It surprises me that so much depends on the cipher scheme. Now I see the importance of testing.

And thanks for that link. GnuPG is fun, and I have gotten to the point where I understand almost all of the commands--and what makes for strong keys. But I am put off by the language of RFC4880. It is truly mealy-mouthed in some places, and yes, I really wonder whether they have been "got at". Why does one have to use --expert to get Curve 22519 on gpg2? Why is that?

Just some hunches: DH is surely good. RSA, in an undorked implementation, is good. AES256 is good, perhaps, despite its relatively simple algebraic structure--according to Mr. Schneier, someone who knows. TWOFISH is good. CAMELLIA256, etc., are probably good. There has been a lot of testing. I know CAMELLIA has not benefited from that to the same degree as AES. I bet Blake2 and Whirlpool are good. But, on the other hand, those NIST curves and the hashes invented by the fox to protect the hen house--I suffer from doubt. I don't want to see SHA-1 in my crypto. It clearly has weaknesses, and how those weaknesses play out in the real world, how they can be exploited, are unacceptable risks.

If another really strong option for PGP occurs to you, please fill me in.

Alice Wang and Eve WuFebruary 10, 2018 12:22 PM

@ Callmelateforsupper

I just read that Intercept article. Well, talk about movie plots!

Buying back documents that have already compromised something? Pish-posh! What a load of rubbish.

James SutherlandFebruary 10, 2018 12:50 PM

A local restaurant's manager posted an indignant rebuttal to a TripAdvisor review which complained about the quality of the squid, denying that they serve it. (So ... what IS the "calamari" on the menu made from, then...?)

Security-wise, I saw an interesting discussion this week: how much our "security industry" is chasing academic threats rather than real ones, with the real issues being human (phishing/social engineering) rather than technical. I'm tempted to point to the recent IoT botnets as a counterexample, relying entirely on technical rather than human factors to spread.

TonéFebruary 10, 2018 2:03 PM

Research shows that what a food is called affects how we think about it.

Finally, an opportunity to use Coneheads as a proper citation! The foods in the 1993 movie included:

  • leftover starch discs, topped with molten lactate extract of hooved mammals
  • grid-like breakfast slabs
  • extruded mammal tailings
  • seared strips of swine flesh
  • flattened chicken embryos

Clive RobinsonFebruary 10, 2018 2:24 PM

@ Z80,

@Nick P, posted about it on last fridays squid page,

And as I know a bit about the subject I replied to him there.

I suspect @Bruce will post about it fairly soon as it's a nice technical subject, with few non technical things to say, other than the politics of the US making TEMPEST/EmSec info and equipment "secret" some years ago. Thus paying a high RFI price, whilst a big chunk of the rest of the Western World went the EMC route to avoid such issues back in the 1980's. Thus it has overtones similar to the current US "Offensive over Defensive" cyber-security stance, with probably the same loosing outcome.

rFebruary 10, 2018 6:00 PM


I really don't have anything otherorattentive to say outside of maybe... up your stream lil bro. ;)

Even pre signed self deprecating escrow in situations like the above feel like we're all eating crow.

preloaded question, solutions..I.S.O..

GrauhutFebruary 10, 2018 7:14 PM

@WhatWouldPompeoDoWithThat, CallMeLateForSupper

They should have invested in defense instead of offense... :)

"It's a very complicated story," Risen said on CBSN Saturday. "First, the CIA and the NSA were trying to recover stolen NSA documents that allow people to do very sophisticated hacks, and they were worried that those documents would allow for really horrible hacks of American systems. ..."

tyrFebruary 10, 2018 7:23 PM

Since I'm a fan of IC shenanigans the idea
of giving away 100,000 taxpayer dollars to
buy back your hacking tools is wonderful.

Getting a bag of news clippings instead makes
it even better. Too bad JJ Angleton isn't
around to curb their enthusiasms anymore.

The Calamari I used to eat was made of baby
octopus. Given the inability of most to ID
animals, foods, or even read I can understand
how it might be confused with squid. Valiant
efforts by Korzybski have failed to turn the
corner on the problems.

I noticed a neat form of censorship recently
webpages show as not found with homilies to
the effect that you might have made a mistake.
If you do a second try now everything is normal.
Since this happens on sites which are shall we
say less than tuned into the silicon valley
consensus it appears to be a new ploy.

22519February 10, 2018 7:24 PM

In today's Washington Post, we hear about Israel's reaction to its loss of an F-16, which crashed inside Israel. One of the two pilots was severely injured. This shoot down--if that indeed happened-- would be the first such Israeli loss since 1982. Most people are not talking about how Israel has been bombing Syria with impunity for many years, but a lot of people are screaming that Israel has been attacked.

It looks as if Saddaam Hussein's invasion of Kuwait, and its after-effects, are not only still unfolding but are intensifying, and may result in even wider proxy wars and direct conflict between states.

Israel and Saudi Arabia going to war together, shoulder-to-shoulder against Iran--that's an eye popper.

65535February 10, 2018 9:23 PM

@ Nick P, Clive R, Z80 and others

Now that Clive R. has reminded me of last week squid thread where Nick P. presents his ‘Security of Software, Distribution Models: It’s Not just Open vs Closed!
Treatise on the benefits and draw backs of Open Source Software v. Close Source software, I want to thank Nick P. for his hard work.


Security of Software, Distribution Models: It's Not Just Open vs Closed!


I have read Nick P’s paper and it is interesting. Nick P presents both sides of the Open v. Close software from most angles well.

I will say there is one area of software constructing or coding that he did not delve into, and that is there area of the software developer’s or software company’s "moral turpitude" to its user base [creating software under false pretense, fraudulent pretenses, data mining pretenses, and out-right criminal pretense].

We are in an usually era where it pays well to create software that data mines, tracks and watches its user's every move. Worse, some of Americans and UK’s software makers are hiring people with well-paid salaries to make software to track and data mine users. As Bruce S. phrased it, the user have become the product” of software makers.

Look at Facebook, Twitter, Microsoft, Harris Corporation, and others including the USAs and UK's most prestigious law enforcement organizations, NSA/CIA/FBI/local police with vehicles loaded with StingRays and automatic license plate readers, the GCHQ, MI6/MI5… down to local police and multiple surveillance cameras.

We have surveillance cottage industries that are turning into large “ethical spy” companies. This seems to encourage less than ethical software jobs at a growing rate and expands Nick P’s problem with scammed closed source software v Open source software.

Paradoxically, many of positions in companies and government jobs require “background checks” including moral turpitude checks to get hired.

This is one point that Nick P did not fully investigate. It needs to be brought out into the sunlight so to speak.

Athough wide, Moral turpitude, can be defined in many ways [here is a legal description]:

'Moral turpitude is a legal concept in the United States and some other countries that refers to "an act or behavior that gravely violates the sentiment or accepted standard of the community… [or] has been described as an "act of baseness, vileness, or depravity in the private and social duties which a man owes to his fellowmen, or to society in general, contrary to the accepted and customary rule of right and duty between man and man."'

Call it spyware, scamware, or fraudware, carding software etc., but it has to be discussed openly.

The ethical nature of people in certain business such a finance, and law enforce depend on ethical people to operate. Banks can’t operate with thieves at the teller window or automatic teller machines that skim credit cards and neither can law enforcement. The software industry is probably the same. But, it is happening and must change.

It is turning deadly with young guys killing people with swatting and excusing their actions by saying “I did not pull the trigger.”

In this case the perpetrator may not have pulled the trigger but he set the stage by scammed the SS7 telephone system, the local police with extensive narrated scripts describing horrible “hostage-homicide” situations. See serial swatter “Tyler “SWAuTistic” Barriss” below.

I don’t want to get into polemics but a little moral turpitude in software development could help. Do you have any solutions Nick P?

Next, Clive R. talks extensively about air-gapped computers, and the ways to defeat such defenses.

I have even tried to bring the faraday cage down to the local apartment or home by using metal pots to contain kids cell phones. It harder than expected.

Here is a set of post reguarding using a house pot as a faraday cage. Some cooking pots work and others don’t work. See set of links below.


+1 on have Bruce S. join TSA and clean up its time wasting/hassle prone security check points. These check points are “security theater” and need to change.

I believe the USA government went overboard and turned all USA airports into Israeli style "Ben Gurion Airport/El Al" clone check points with expensive but poor security measures.

Ben Gurion/El Al clones are not the best model for economical and safe USA airports [the USA airports don’t have the same profile as Ben Gurion and are bigger and have less percentage of terrorists].

Note, this is only if Bruce S. has the time and inclination. I am sure Bruce S. has plenty of projects including this blog to handle.

Clive RobinsonFebruary 11, 2018 2:04 AM

@ Thoth,

if we want to assume chips are compromised thus the use of Prison Model, we might as well assume all chips are compromised and that includes the processor responsible for routing user inputs to the array of micro processor chips to execute user functions and requests

The C-v-P model uses a process of mitigation to stop external attacks, it does not prevent knowledgable administrator insider attacks as I will explain later.

The first assumption in the model is chips from different manufactures (second sourced) will be,

1, Uncompromised.
2, Compromised.
3, Switchable by an external signal from uncompromised behaviour to compromised behaviour.

It's further assumed that chips are not compromised if available from multiple sources. Thus say an ARM core would be either uncompromised or switchable to compromised via an attack signal. This is based on the fact that a compromised CPU will behave differently to an uncompromised CPU thus the difference would be detectable during extensive --but not exhaustive-- "testing". Further that CPUs from different manufactures, even if compromised will be compromised differently for each manufacturer.

Thus a compromised chip can be spotted by running a number of second sourced CPU's on the same task in parallel into a voting protocol which throws an upwards exception to the state machine hyporviser (trustee) that halts the parallel CPUs and fires off an exception up to a CPU based hypervisor (guard) which can then make an examination of the prison cells involved.

Thus whilst it is possible for external malware etc to try to get control of a prison cell CPU, the malware can not get into the state machine (trustee) or any higher up the hypervisor chain, because it can not see them. But the point of putting the CPU in the prison behind an MMU it does not control is not just issolating it. It is also to control the amount of core memory it has access to, thus it can make the environment only just large enough to hold the task. The concequence of this is that any malware is starved of resources so in effect ends up not just with "no place to hide" but no place to get a toe hold. But there are other less obvious security advantages to the hypervisor controlled MMU, and that is that the page tables held in memory that control the MMU are not visable to the prison cell CPU, so reach down attacks on memory like Rowhammer just can not work. The fact that likewise the prison cell CPU is single tasked means that reach around attacks using side channels give's the CPU nothing else but it's own code to see, thus negates the current meltdown and spector hardware attacks, and similar that are comming up that defeate the likes of "secure enclaves" like Intel's SGX.

The point about using a state machine for the "trustee" hypervisor is that state machines can be devised relatively simply, such that every state and state transition is known about and can be properly audited and analysed by formal methods. In effect they can not be made to function in supprising ways, or even ways they were not designed for by malware trying to run in the prison cell.

Earlier I noted that the architecture could not survive certain types of insider attacks, which I would elaberate on.

If you have three prison cells running the same task but on three CPUs from different manufactures, that all contain switched compromises, as long as they are not "pre-switched" any malware would have to send three different switch signals. As it could not do this simultaniously, the prison cell CPUs would switch over at different times that should be picked up by the voting circuitry and hypervisor thus halt the effected cell CPUs. This stops the switching process before it compleates. However there is a fly in the ointment an insider could with sufficient knowledge and system admin access to the upper level hypervisors could modify their behaviour to in effect ignore the voting circuit exceptions. Whilst the system can be designed to stop this from any soft-access point, it can not stop it from a hard-access attack. That is the admin could bring the hardware into power-down, open the system lid, pull the higher level hypervisor cards and change them for ones which have been modified to circumvent the protection systems. In effect it's a "Front Pannel" access attack, that has in the era of portable computing become known as "evil-maid" attacks, and the recognised protections to stop this can be found in the "rainbow-books" and are about traditional "physical security" and humourles people with the likes of guns watching access points 24x365.25...

Alive Wang and Eve WuFebruary 11, 2018 2:20 AM

I want to make a further point about the awful statement made in the most recent version of RFC4880bis (from January 25). First, here is the astonishing statement:

"The obvious way to protect or authenticate an encrypted block is
to digitally sign it. However, many people do not wish to
habitually sign data, for a large number of reasons beyond the
scope of this document. Suffice it to say that many people
consider properties such as deniability to be as valuable as

OpenPGP addresses this desire to have more security than raw
encryption and yet preserve deniability with the MDC system. An
MDC is intentionally not a MAC. Its name was not selected by
accident. It is analogous to a checksum.

Despite the fact that it is a relatively modest system, it has
proved itself in the real world. It is an effective defense to
several attacks that have surfaced since it has been created.
It has met its modest goals admirably.

Consequently, because it is a modest security system, it has
modest requirements on the hash function(s) it employs. It does
not rely on a hash function being collision-free, it relies on a
hash function being one-way."

In other words, let's not protect information so as to frustrate national-level agencies or pros working on their own.


Definition of milquetoast
: a timid, meek, or unassertive person

Wesley ParishFebruary 11, 2018 2:44 AM

@Mark ST

Reminds me of a story a friend in high school told me - his parents had been missionaries in the Trobriand Islands, PNG. And one day they'd had a celebration at the local village. He'd enjoyed the meat, then he asked what it was. "Dog," he was told, and sicked up.

As far as eating dog food goes, a budget advisory friend in Christchurch, NZ, told me that dog rolls are a staple for many low income families.

I refrain from commenting on various tech companies eating their own dog food, particularly in cases where it has been heavily processed by the dog beforehand. I have had to support MS Win 9x ...

ThothFebruary 11, 2018 3:59 AM

@Clive Robinson

Would the Bitcoin-like protocol have any effects on stopping insider attacks of the system assuming the insider cannot change the chip firmware of the prison cpu chips and the results of computations are encrypted and chained to a Ledger that is stored on hard disk of the hypervisior chip for audit purposes ?

ThothFebruary 11, 2018 4:14 AM

@Alive Wang and Eve Wu

I do agree with the OpenPGP document that it has digital signature to be used for signing ciphertext. In fact, under this assumption of deniability, I wouldn't even put a MDC in it to increase deniability or at most a CRC16.

The document described the format in many parts and what you pointed out was only the data ciphering format and not the entire scheme as a whole.

A typical scenario for a signed and encrypted message is to encrypt the message and sign it with a digital signature to prevent message tampering. Adding a hash or MAC in the MDC does not magically make the scheme stronger. If you are looking for tamper protection of the message, use the digital signature.

When using PGP, typical scenario is to sign or sign+encrypt. Why wouldn't the sign portion not be used when it is already available and specified. Why just rely on the encrypt's internal hash to provide message tampering detection ?

Even with a SHA 256 or 512 hash used for MDC, due to it's Hash-then-Encrypt nature and the CFB mode, it would still again be vulnerable to tampering and that SHA2 hash would have almost been redundant anyway under the assumption that solely the encrypt mode is used while deliberately omitting the sign portion of the scheme.

ThothFebruary 11, 2018 4:16 AM

@Alive Wang and Eve Wu

In fact, due to the ease if creating collisions on CRC16 checksums, I would recommend it's use on the MDC to ease deniability.

Clive RobinsonFebruary 11, 2018 4:33 AM

@ Yummy,

- We need to deregulate things until people start eating actual garbage.

Err you don't need to "deregulate", we already eat not just "garbage" but the product of eating garbage...

In times past "peasants" got to eat what others in a higher socioeconomic position would consider not just garbage but inedible garbage.

And the peasant out of not just "need to feed" but also need to stimulate their palate, to be able to keep eating developed curious flavours and contrasts with such garbage (garlic entered French cuisine big style in Paris during the revolution as all normal meat was eaten and that which was left was the rotting copses of things like dogs... Similar things happened in Russia during WWII when under siege by German troops, and on other occasions eating human corpses became accepted/normal).

So would you eat those scaley scabby skined feet of fowl? Well Chicken feet soup is considered a speciality dish... How about globuls of disolved sparrow spit? That's the very expensive birds nest soup. But do you really want to know about preserving eggs in female horse pee?

How about all those cured meats, the preserving salts were hand picked out of "middens" which was where the general waste of inedible food, and human and animal excrement pilled up to rot and break down. Those crystals are the result of that rotting, and give you in real cornedbeef the little corns that give little bursts of flavour and texture.

Oh and do you realy want to know what happens to chicken feathers and hair from the floor in asian hair cutting establishments? Just look up the Chorelywood process that makes your "sliced white bread" you use for your sandwiches or toast, so light fluffy and bouncy.

If you follow the history back of what are considered today luxury foods, most were foods that peasents made edible, so cavia, smoked salmon, oysters, whitebait, sweetmeats, sweetbreads, black and white puddings, brawn, oxtail, taramsalata etc oh and most of our "breakfast cereals".

Then there is game and alcohol all come from food that have started to rot...

But what about the worlds most expensive coffee? It's made from hand picked civit cat poo... The civit eats the fallen berrys, diggests the pulp and excreets the bean. Natives track the civit and pick up it's poo, finger through it to find the beans and then sell them onwards to become very very expensive coffee.

Sometimes people are better off not knowing where lifes little luxuries come from ;-)

Oh and don't think going veggie will get you away from eating such rotting crap, just have a look at femented bean products etc...

AndersFebruary 11, 2018 5:32 AM

In Estonian language Calamari sound just like Kalamari, which in turn means Caviar.
So putting this nice name to Squid dish may indeed appeal :)

If anyone interested, Estonian Foreign Intelligence Service published a new annual report titled "International Security and Estonia 2018".


On page 52 there's small overview which Russian govt agency does what in the cyber field.

In the Estonian version of this report there's also a little challenge.

SIGINT catched the encrypted message:


Since the target wasn't able to decrypt it, the source send the same message again:


Find the encryption key and the plaintext.

Clive RobinsonFebruary 11, 2018 7:32 AM

@ 22519,

Israel and Saudi Arabia going to war together, shoulder-to-shoulder against Iran--that's an eye popper.

It has to be said with style though. So...,

1, First make throat slitting action, by drawing the index finger across the throat.
2, Smile an evil smile, with arched eybrows.
3, Then quote with an evil chuckle,

    Mine enemies enemy is my friend

The depending on the effect you wish to convay, laugh in a mad hyena like way, smile on the diagonal and wink an eye, or look thoughtfull and stroke your goatee beard.

Alternatively just deny any such course of action whilst impersonating any one of a half dozen US ambassadors, foregin policy wonks or Colin Powel giving a UN speech. Or better still whilst impersonating US Airforce General Curtis "Bombs Away" LeMay when talk about it in the same way as incursions into North Vietnam to bomb them into the stone age...

Alice Wang and Eve WuFebruary 11, 2018 8:01 AM

@ Thoth

Thanks again!

@ Anders

----------------- break, break...

I got it. > It is not encrypted. It is Russian language.


Hello, well, my... (not sure about the last part, but my money is on an expletive)

Clive RobinsonFebruary 11, 2018 12:43 PM

@ CallMeLate...,

Reading the Intercept article when I got to this, I started laughing enough to hurt,

    As a result, the Americans are uncertain whether the Russians involved are part of a disinformation campaign orchestrated by Moscow, either to discredit Trump or to discredit efforts by American officials investigating Trump’s possible ties to Russia, including Special Counsel Robert Mueller.

Has it not occured to them that the "Russians" might actually be working for another Government or foreign entity?

It's actually quite likely that this is a false flag operation and that the shadow brokers was used as a lure to real in known US intel assets and feed them a "fugu fish sandwich" but by whom?

There is a saying the Intercept appears not to have thought about,

    Keep your enemies close, but your --supposed-- friends closer.

For instance it's a fairly certain bet that the CIA, not only knew about the NSA tools but had copies of them etc. We also know the CIA had disinformation tools to make a cyber attack look like another nation etc to get false atribution established... Thus this little op of "black eyeing" the NSA would be well within their capabilities and general game plan. Likewise the IC entities in various other nations in not just the West, Middle East and Far East...

Thus this is definitely good for a bowl of popcorn on it's own, even before we get into the rest of the document.

stencilFebruary 11, 2018 9:54 PM

@Clive Robinson

"It's actually quite likely that this is a false flag operation..."


I also found humorous the narrative's heavy-handed, repeated insistence on emphasizing the near complete disinterest by US Intelligence in evidence that might show a Trump-Russia collusion. "What's that you say, you have evidence that might help us complete this soft coup we've been flailing at for the past year? Not interested! Good day to you, Sir!"

...alas though, in the end, after being endlessly harangued by the Russian source, they begrudgingly accepted the "unsolicited", "inadvertent", non-"primary objective", "annoying sidelight" material. lol

Alyer Babtu February 11, 2018 10:01 PM

General question:

Would learning about Abstract State Machines (abbrev. ASMs) likely to be of help in understanding security (includes privacy) and implementing secure designs and systems ?

BookieFebruary 11, 2018 10:28 PM

"It's actually quite likely that this is a false flag operation"

Says he who doesn't know reel from real. Oh yes great odds. 100%.

Connie MackFebruary 11, 2018 10:38 PM

Holy facepalm fatman!

jzelinskie 1 day ago [-]

Today I learned that you can actually abuse the system bus on some macbooks to actually send audio over AM radio[0]. Even scarier, you can do it from the browser[1]. And now this library[2] will let you open a TCP connection over the radio to download off that data machine. This is shaping up to be a pretty cool attack PoC!




Maxwell's DaemonFebruary 11, 2018 11:05 PM

Israel and Saudi Arabia going to war together, shoulder-to-shoulder against Iran--that's an eye popper.

TL;DR: It's inevitable at the end of (the) day(s)

That wouldn't surprise me, nor more than a few Middle East analysts, in the least. The whole region is a collection of non-sequitirs. Always has been. To start with, Saudi Arabia and Israel have been next door neighbors for seventy years and not once has either made a threatening move on the other. It's not uncommon for neighbors to talk, they do that regularly, if not being obvious about it. And should they need a bit of indirection, there's always the British hanging about. Lastly, there's Sandhurst. Neither trust the United States in this.

The appearance of the Shia-Crescent is an existential threat to both. Iran has made no efforts to conceal their ambitions concerning Israel. Jerusalem has always been on the menu. Their ambitions concerning Mecca and Medina date back to the split between Shia and Sunni over a millenium ago. The two points of that crescent point at each of them and that's completely ignoring the body.

Ever wonder what the big deal about Qatar and the rest of the Gulf Cooperation Council? It's so much easier for an amphibious invasion if the landing zone is the piers right next door. Qatar has been a bit too chummy with Iran for that not to be a threat to all the rest of the members of the GCC. That had to be broken up. What's interesting here is President Erdogan of Turkey has dropped a heavy marker of logistics and troops on Qatar. For the present, that should be enough to give Iran pause. While the horns of the crescent are not point in Turkey's direction now, things change.

The last two players are Kuwait and Egypt. Kuwait has been acting as the mediator for the Qatar dispute. It's also strategically important to the US given our pre-positioned forces there. Egypt is the wild card. It can simply stand by or offer some sort of services to both Saudi Arabia and Israel. Egypt has already settled a territorial dispute in Saudi Arabia's favor, at serious political risk to al-Sissi. The populace was not at all happy. If I were to go out a limb, the mere appearance of Egyptian alliance should give Iran nightmares one would think. Oh yes, one final wild card. Israel has nukes and little reticence.

Note: Even before my first deployment to the region, I did my research. Four years of college shouldn't go to waste now, should it? I did not want to plead ignorance when someone was trying to shoot my ass off. I wanted to know who and why, if not when and where. Twice, fellow shipmates took their thumb off the mark and died for it.

Otherwise, I'm just an engineer that reads everything even if it is nailed shut. And I'll be there with a claw-hammer. Truthfully, I was encouraged in my habits by command. Gave me something useful to do waiting for something to break. And they weren't exactly adverse to using me from time to time outside of my professional duties. My clearance helped, also.

tyrFebruary 12, 2018 1:04 AM


I hear corn smut is a big thrill at upscale
events. Having been exposed to a few of the
native delicasies the world has to offer I'd
say that humans will eat anything barring
ridiculous taboos.
In the 1800s the dog was considered your
emergency food supply in America by settlers.
The natives thought of it as just another

The Cato institute has a free PDF available
on the Mexican Cartel wars. The Fire Next
Door by Ted Galen Carpenter.

I have never thought that having a warzone
next to your country was a good idea. I
must be old fashioned.

Clive RobinsonFebruary 12, 2018 3:43 AM

@ Thoth,

Would the Bitcoin-like protocol have any effects on stopping insider attacks of the system

First just let me say I'm no fan of "Proof of Work" (PoW) protocols as they are being used in curently fielded blockchain systems, especially as the Gordon Moore "observation" they built in is nolonger true[1].

Also I see current fielded blockchain systems as a significant EmSec security threat (ie "Eficiency-v-Security" issues is just one issue). Oh and as others have started pointing out about Bitcoin the power consumption is a real issue that gets exponentially worse with time, which is a self imposed self defeating excercise. That is in such PoW systems all your computing power would be needed

So in all honesty I'd only thought about simpler Merkel Trees before rejecting them as offering to little at too higher price. Worse there were alternative options that would do a better job for lest cost security wise.

In part because of a different view point to your,

[A]ssuming the insider cannot change the chip firmware of the prison cpu chips and the results of computations are encrypted and chained to a Ledger that is stored on hard disk of the hypervisior chip for audit purposes ?

Whilst most insiders do not have state level resources behind them, the fact there are so many convincing fakes in the supply chain and Russian crackers have little difficulty changing commodity firmware in controlers on USB thumb drives and Hard drives I assumed that the term ROM was nolonger as immutable as it once was.

I guess I need to have a think about the middle ground a bit more.

[1] Even Intel have admitted in SEC filings that consumers do not want the doubling of transistors / power every 12-24months as they used to, which was the real reason for the trend that Gordon Moore saw and marketing types turned into a "Law". The simple fact is the bulk of users want convenience and entertainment these days which is why end user devices are increasingly "mobile" that ARM tend to excell at. Thus Intel's main high profit customer has migrated away to ARM... Which left the HPC market for Intel to push product in or did it? One of the worlds leading manufacturers of Super-Computers anounced it had decided to switch to an ARMv8 cores getting on for two years ago,

For very real reasons not to do with Intel directly. However the foot had fallen for the start of a journey with other ARM anouncments. With this 'ARM's become the best for the best in HPC' type article in Nov17,

Which leaves the very high end cloud users like Google and friends who are becoming interested in other architectures, that involve FPGA or ASIC "co-Processors" to run algorithms thus even they are not that fussed about IAx86 any more... I guess the Intel CEO might well have thought "Oh my the skylake is falling" and sold his shares PDQ ;-)

Let's face itFebruary 12, 2018 5:41 AM


Even a casual observer can see Al-Sisi is Israel's picked man just like Mubarak was.

Calling that an "alliance" is pretty generous terminology. It's another occupation.

Alice Wang and Eve WuFebruary 12, 2018 5:49 AM

Speaking of Minilock...

They have a certificate error (already).

I really wonder. As soon as you see something that really looks as if it works... poof... gone.

Now, we cannot use elliptic curves and hash with Blake2! Naughty, naughty!

And we cannot Encrypt-then-MAC, but MAC-then-Encrypt is just fine!

Offering anything above "modest" security (GnuPG, etc.) is suspect!

ThothFebruary 12, 2018 6:48 AM

@Clive Robinson

The implementation of using the original idea for the Prison Model to rely on a central 'trusted router' isn't a difficult thing. In fact, it should be rather trivial to do and it should be producible with modest effort and resources. Work and mundane chores have pretty much made it not possible for me to embark on this project for now. I am interested in building a working piece once time and resources are available.

On top of the original Prison Model idea, my thought of not relying on a central 'trusted router' chip was due to the fact that almost every other chip maker is in bed with some Government(s) of sorts and it has become a choke point. We can continue to bet on RISC V project but I wouldn't be surprise the same choke hold on the chip supplies to the world would also be quickly applied to any RISC V variants until the day we can build our own chips in our backyards then would we have a 'trusted router' and probably even our own 'Trusted Castles' built by our own hands. This led me to think of an alternate variant of Prison Model just in case the 'trusted router' isn't all too 'trusted' or to at least have a backup somewhere in case we need this backup of so-called 'Trustless Trust' protocol to do be used to anchor 'Trust' in some sort of form.

I will get to work on the original Prison Model using a variety of SIM cards to simulate Prison CPU and the scripting language to drive the scripts would be Bitcoin's Smart Contract language called ... Script ... linked below.

The reason for modifying Bitcoin's Smart Contract language is because it is already in use and it closely resembles assembly instructions in some form and this should be easy for those who have a background of creating their own low level firmware in assembly to do some work here. Also a good thing to note is that the Smart Contract language for Bitcoin is not Turing Complete thus raising the bar for security a little.

Some modifications to the Script language have to be done so that it can be comfortably used in SIM cards with about 2 to 4 KB RAM.


Clive RobinsonFebruary 12, 2018 8:57 AM

@ Alyer Babtu,

Would learning about Abstract State Machines (abbrev. ASMs) likely to be of help in understanding security (includes privacy) and implementing secure designs and systems ?

Yes definitely so.

A state machine does not need to be "Turing Complete" to do a usefull function. In fact you can constrain it to a very limited number of states which are completely known likewise the permisable transitions. So unlike a Turing complete CPU you can make your security analysis not just possible but comparatively easy.

Clive RobinsonFebruary 12, 2018 9:15 AM

@ Bookie,

Says he who doesn't know reel from real. Oh yes great odds. 100%.

Hmmm enjoying chewing on the fugu fish?

Perhaps we should ask @Moderator to look at who you are as there are so many revolving handles around here it's like watching a video of a revolving door on fast forward. Thus difficult to tell the ratio of honest commentors from trolls.

ModeratorFebruary 12, 2018 10:19 AM

@All, please don't change handles mid-discussion; people deserve to know whether they're talking to one person or many.

markFebruary 12, 2018 11:33 AM

Not to me. Besides, I've got a deal: I don't eat calimari, and giant kraken don't eat me. It's been working for a lot of years now....

Clive RobinsonFebruary 12, 2018 12:50 PM

@ Mark,

I've got a deal: I don't eat calimari, and giant kraken don't eat me.

Did the Kraken "ink the page"?

Don't forget the mis-quote of Godwin,

    A verbal contract isn't worth the paper it's written on.

Thus if not inked the P.T.Barnam rules apply,

1, There's a sucker born every minute[1].

2, Nobody ever lost a dollar by underestimating the taste of the American public.

3, The wonders of the ages assembled for your edification, education and enjoyment - for a price[2].

Should make the deal breaking a well watched spectacular...

[1] The giant squid breeding cycle is so low that even with eight tenticals a sucker a minute is not a bad average ;-)

[2] A price may not be demanded today, but a creditor like a bad penny usually turns up when least wanted and at maximum cost.

(required)February 12, 2018 5:08 PM

Thus difficult to tell the ratio of honest commentors from trolls

That's certainly true.

justina colmena February 12, 2018 6:11 PM

Calling Squid "Calamari" Makes It More Appetizing

I suppose calling hog meat "pork" does make it more appetizing.

Calling ox meat "beef" ...

Calling deer "venison" ...

Or calling birds (both their meat and their eggs) "poultry" ...

Calling maize "corn" ...

Paranoia Strikes DeepFebruary 12, 2018 6:12 PM

A long, enlightened, detailed and incredibly shocking writeup of ruthless Facebook

“But people who know him say that Zuckerberg has truly been altered in the crucible of the past several months. He has thought deeply; he has reckoned with what happened; and he truly cares that his company fix the problems swirling around it. And he’s also worried. “This whole year has massively changed his personal techno-­optimism,” says an executive at the company. “It has made him much more paranoid about the ways that people could abuse the thing that he built.”

Genuine Touchy Caring Feelings
With 60% corporate control, I can data-mine endlessly in order to effect the necessary change society to meet MY expectations.
I can’t help if mad scientists find new ways to leverage off our unprecedented data-mined analytics.
Unlike the secret CIA mind control experiments of the 1950s, we clearly explain our social experients in our terms of service. However if you are under 13 please ask your parents first.

Alyer BabtuFebruary 12, 2018 9:33 PM

For most of these simplistic, devouring info-moguls, with their shabby nostrums, the story is told by the line from Fiddler: “when you’re rich, they think you really know”. There is some appreciation of the subtle in Google’s PageRank, but “don’t be evil” seems a long time ago now.

65535February 13, 2018 7:44 AM

@ Sieve and/or Connie Mack

“I learned that you can actually abuse the system bus on some macbooks to actually send audio over AM radio[0]. Even scarier, you can do it from the browser[1]. And now this library[2] will let you open a TCP connection over the radio to download off that data machine. This is shaping up to be a pretty cool attack PoC!”- Connie Mack

Your link to github are quite interesting and somewhat disturbing. Clive R. is always talking about Faraday cages

It looks like you will have to put one in a room of your house. I wonder when IoT devices will port “The Fulldecent system bus radio” to their home software/hardware gadgets.

I wonder how many IoT devices have the ability to use a system bus as a AM radio TCP packet sender?

Let the Black Hats have a crack at turning this software stack into a hacking tool. It will probably happen.

@ Alice Wang and Eve Wu

Yes, is an invalid Common Name [CN]. The real server is a github server with a wild card.

Alternative Names:
*.github dot com
github dot com
*.github dot io
github dot io

commonName= *.github dot com
organizationName= GitHub, Inc.
localityName= San Francisco
stateOrProvinceName= California
countryName= US

Serial Number 09975234E83242499BF5D10B72CA951E

Fingerprint (SHA-256) 6FEC26888180B7CC990002330D243AB17BE8D44895A78E522EACDC9236D53FCF

Valid From Mon, 20 Mar 2017 00:00:00 GMT
Valid To Tue, 07 Apr 2020 12:00:00 GMT (Expires in 783 days)

[Note the github Certificate has not expired]

Key RSA (2048-bit)
Signature SHA-256 / RSA

The certificate fingerprint matches the Gibson labs SHA1 fingerprint [I looked at the first five hexidecimal digits which is usually good enough].



Gibson Research fingerprint:


See Gibson Research:

You can see the actual x.509 certificate at by Comodo CA. That is how I got the SHA1 fingerprint.

Or go to SSL Analyzer:

Shame on Minilock. There may be some load balancing servers or a transparent firewall causing the problem... I don't think that is a valid excuse. But, I guess a lot of people do it at github.

CallMeLateForSupperFebruary 13, 2018 9:59 AM

"baby cow meat" versus "veal"
4 syllables/10 letters versus 1 syllable/4 letters
I vote for "veal".

That, despite the fact that toddler-me refused to eat veal because its name sounded like "eel".

markFebruary 13, 2018 11:23 AM

Clive Robinson • February 12, 2018 12:50 PM wrote:

@ Mark,

I've got a deal: I don't eat calimari, and giant kraken don't eat me.

Did the Kraken "ink the page"?

Hey, I'm still here, aren't I? And I've been in the ocean over the years, so the deal must be working.

JG4February 13, 2018 11:57 AM

Clive is right about the three-letter agencies. They are blank slates for psychopaths and sociopaths. There are more interesting stories than my brief excerpt.


Big Brother is Watching You Watch

Facebook employee concerned company tracking his phone for leaks: Report Business Insider (Chuck L)

Talk down to Siri like she’s a mere servant – your safety demands it The Register (Kevin W)

The UK’s hidden role in Assange’s detention Jonathan Cook (Anthony L)

U.S. Intelligence Shuts Down Damning Report on Whistleblower Retaliation Daily Beast (Chuck L)

German court rules Facebook use of personal data illegal Reuters


Clive RobinsonFebruary 13, 2018 4:54 PM

@ echo,

The old "there be ailiens" marking on the star chart, always amuses as does variations of "OMG ailiens have come to probe us" or some such variation.


new study argues that if we receive a message from aliens maybe we should delete it without reading

Just ment I had to read it ;-)

The point that appears lost on those being quoted is that whilst Turing machines may be universal in nature, there are no universal code Turing machines...

That is whilst we can design a Turing engine that can replace another Turing engine, we have yet to design a Turing engine that will process input for any Turing machine, ie behave like a Startrek "universal translator" for computers...

echoFebruary 13, 2018 5:23 PM


There are certain specialist clinics in the UK that don't like patients reading books. I read a lot of books. Things did not go well with a specialist who behaved like he never read his own buried three layers deep protocol he personally signed off two months earlier. I know this because I read it.

Yes. I did note the computational and translation issues. While the signal itself is benign I daresay instructions to build the necessary device could be included. I also wondered if more indirect booby traps may be buried in theories or philosophies within a message. A lot of this and beyond I agree becomes more of a speculative fiction discussion. Of course, what might happen behind the stiffnecked desk banging pearl clutching stentorian axe grinding is curiousity and truth will out. I imagine a small comedic alien popping out of a 3D printer and breathlessly squeaking with rising alarm in their voice "Behind you!" just as a brown dawrf or zombie planet looms towards the Earth against background cries of "You mad paranoid fools! You have doomed us all!!!"

Alyer Babtu February 13, 2018 5:37 PM

@Clive Robinson

Many thanks.

In trying to follow up on C-v-P (still at it), to fill in personal education missing background, I looked at various books on computer architecture and design, but they didn’t seem to provide an opening to questions of computing purposes, such as security.

Then came across “Abstract State Machines: A Method for High-Level System Design and Analysis” by Egon Börger. This looked more like it might lead to modeling computing purposes. (Strangely, one of the few books on ASMs I have found so far.)

It looks very solid. It has a preface quote about the “utility of theory for practice” that suggests it will take one beyond academic preparation:

Quelli che s'innamoran di pratica senza scienzia sono come l nocchieri ch'entra in navilio sanza timone o bussola, che mai ha certezza dove si vada.
— Leonardo da Vinci

Those who fall in love with practice without scientific knowledge or method are like the helmsman who enters a ship without rudder or compass, who is never certain which way it might go.

RatioFebruary 13, 2018 5:50 PM

Judge refuses to withdraw Julian Assange arrest warrant:

Julian Assange will continue to face detention if he leaves the Ecuadorian embassy in London after a British judge upheld a warrant for his arrest.

Today’s ruling (ten pages in all) makes for interesting reading. From the conclusion (these are numbered 60–62):

  1. The impression I have, and this may well be dispelled if and when Mr Assange finally appears in court, is that he is a man who wants to impose his terms on the course of justice, whether the course of justice is in this jurisdiction or in Sweden. He appears to consider himself above the normal rules of law and wants justice only if it goes in his favour. As long as the court process is going his way, he is willing to be bailed conditionally but as soon as the Supreme Court rules against him, he no longer wants to participate on the court’s terms but on his terms.
  2. I have had to consider whether it is proportionate not to withdraw the warrant for his arrest. On the one hand he is a man who has failed to attend court and has thwarted the course of justice but on the other he has been unable to leave a small flat for a number of years and is suffering physically and mentally as a result.
  3. Having weighed up the factors for and against and considered Mr Summers’ arguments I find arrest is a proportionate response even though Mr Assange has restricted his own freedom for a number of years. Defendants on bail up and down the country, and requested persons facing extradition, come to court to face the consequences of their own choices. He should have the courage to do so too.

And then there’s that whole thing about the United Nations’ Human Rights Council Working Group on Arbitrary Detention on pages 3–6…

Grand Duchy of Savile and Haute de le GarenneFebruary 13, 2018 9:19 PM

Thanks for Britain's middle finger to the WGAD. 'For reasons which must be clear,' hack judge Emma Arbuthnot blows off the universal-jurisdiction legal tests for arbitrary detention without an argument. This is the new post-Brexit pariah state's shtik.

This kind of caveman ugga-bugga gibberish is why Britain got kicked off the ICJ panel, for the first time ever, in an unprecedented international disgrace for the runt of the P5 litter. The EU will be licking their chops for their chance to tear Britain a new one when they have to crawl for special treatment after their hard Brexit. Britain better hang on to Assange - soon he'll be the only person who matters in their floundering irrelevant laughingstock of an islet.

BertrandFebruary 13, 2018 10:21 PM

@ Ratio

1. Your first impressions probably don't relate to his actual mindset at all. He wasn't avoiding the charge, he was avoiding that being used as an excuse to rendition him to US custody to face prosecution for his Wikileaks role for which he was never actually charged. They all but admitted he would have been extradited if the US asked for him. How is it that you know nothing about this but want to sit in judgement of his mindset of all things? Ridiculous.

2. No legal bearing.

3. That's not a summary of any of the arguments and your findings are not based in law.

I do really doubt you read anything about this case if those are your three takeaways. Ridiculous.

RatioFebruary 13, 2018 10:50 PM


I do really doubt you read anything about this case if those are your three takeaways.

I don’t doubt you haven’t read the judge’s ruling. (Hint: page 10, 60–62.)

BertrandFebruary 13, 2018 11:55 PM

@ Ratio

You certainly picked some arbitrary non-points to 'summarize' it with, odd choices either way.
Nothing to do with the case really at all.

It's like you have no idea what he was being charged with or why he resisted extradition in the first place, and are tracing the reader's digest version for the first time as if this hasn't been going on for the better part of a decade already.

He submitted himself to the court on several occasions, he just wanted a guarantee that the charge (singular) that was brought would be served out in country if convicted. It was a bullshit charge and just about nobody was prosecuted under it. They wouldn't give him any guarantees of safety, instead all kinds of doubletalk but in the end admitted that if the US asked for him, he would be given up to them.

Your blithe and unfettered layman's readings of his personality and motivations, never having met him or knowing what he faced, well... they're garbage.

BertrandFebruary 14, 2018 12:04 AM

If you support someone being renditioned and extra-judicially tortured as was a distinctly real and demonstrated possibility during the period of his cloistering in the Embassy building for the crime of sex without a condom and no other reason... just say that instead.

You don't need fluff invented renderings of what you imagine his personality is like and he certainly doesn't need your unread and unmet layman's appraisal of his courage level either, that's as worthless as the rest of it. He made the right decision given the circumstances. He still has no guarantees. May you face similar decisions someday and hopefully have "the courage" to be renditioned and tortured for glibly pretending it was no big deal from a complete lack of understanding of the actual stakes.

The man is no saint but you're certainly no stand-in for his shoes either.

BertrandFebruary 14, 2018 12:20 AM

I've read it already. I wasn't criticizing the ruling, it's blackletter law and expected.

What I was critiquing wasn't what any actual judge or friend of the court wrote, nor anyone who knew much about this case as it's progressed over the years in the media.

BertrandFebruary 14, 2018 12:54 AM

I don't believe you're a judge. No. The ruling is not legally interesting or unexpected. It's a warrant. You selected and linked to and also reprinted that particular selection for the obvious smears of no legal bearing. It's not like it was about to reverse itself and there's nothing interesting about it. It was a smear for the sake of justifying a continued persecution of a man untried and unconvicted for any crime, should you find the "courage" to admit it. Ridiculous.

BertrandFebruary 14, 2018 1:03 AM

You omit anything that doesn't smear the man as if that's the entirety of his case and the ruling.
Your "summary" doesn't even touch any single interesting or important part of it, as if that's it?
Riduclous smear, find the courage anytime.


The first was that Mr Assange had reasonable grounds for taking the course he did
because he feared being sent to the United States. The second was that the UN
Human Rights Council Working Group on Arbitrary Detention ruled that Mr
Assange’s situation in the Ecuadorian Embassy was disproportionate and
unreasonable. Thirdly, at all stages Mr Assange had been willing to be interviewed by
the Swedish prosecutor and if this had happened this would have brought the
proceedings to an end at a very early stage. Fourthly, the last five and a half years
might be thought adequate if not severe punishment for the actions which he took.
Fifthly, I was reminded that the law had changed since Mr Assange’s request and he
would no longer be extradited for an investigation.
11.I am grateful to Mr Summers for the usual clarity of his written and oral submissions.

12.My approach to this argument has been to consider the factors for and against
pursuing the section 6 proceedings. It seems to the court that as part of the weighing
up of the proportionality of the proceedings I have to have regard to the seriousness of
the failure to surrender, the level of culpability as I find it at this stage of the
proceedings to be and the harm caused including the impact on the community. If the
court considers the factors against the proceedings outweigh the factors in favour then
one outcome might be the withdrawal of the section 7 warrant for Mr Assange’s
arrest. I consider Mr Summers’ five points below.
The first point
13.Mr Summers argued that Mr Assange’s failure to surrender was justified. He said he
was not seeking to downplay the effect on justice but Mr Assange’s case was
exceptional. At the time, Chelsea Manning had been arrested and was in solitary
confinement and Mr Assange feared being rendered to the United States. The United
States had opened an investigation into him and some officials were calling for the
death penalty. This might amount to a reasonable excuse (although he accepted that
that might be for another day). These considerations which were extraordinary should
play into the interests of justice test. Also Ecuador, a friendly foreign State, had
considered Mr Assange’s fears and declared them to be well founded and that the risks
to him were and remain real.
14.I accept that Mr Assange had expressed fears of being returned to the United States
from a very early stage in the Swedish extradition proceedings but, absent any
evidence from Mr Assange on oath, I do not find that Mr Assange’s fears were
reasonable. I do not accept that Sweden would have rendered Mr Assange to the
United States. If that had happened there would have been a diplomatic crisis
between the United Kingdom, Sweden and the United States which would have
affected international relationships and extradition proceedings between the states.
15.Rather than rendering Mr Assange to the United States, if the US had initiated a
request to extradite Mr Assange from Sweden, Sweden would have contacted this
court and the judiciary here would have had to consider the request. Mr Assange
would then have been able to raise any bars to extradition including fair trial and
conditions of detention.
16.The position now is that the Swedish proceedings are at an end. If Mr Assange
surrenders to the section 7 warrant, this court would consider whether a prosecution
for failing to surrender should be launched. The Crown Prosecution Service which
has a right to invite the court to consider proceedings could do so. If the United States
initiates extradition proceedings, Mr Assange would have the ability to raise any bars
to the extradition and challenge the proceedings just as he did with the Swedish
The second point
17.Mr Summers pointed out that the United Nations’ Human Rights Council Working
Group on Arbitrary Detention had ruled in an Opinion in December 2015 that Mr
Assange had in effect been forced to choose between two impossible situations. The
parties making submissions to the Working Group were a “source” (on behalf of Mr
Assange), Sweden and the United Kingdom.
18.The “source” claimed that Mr Assange was being subject to arbitrary detention and
this arises “where a state forces an individual to ‘choose’ between confinement and
risking persecution, confinement and the ability to apply for asylum”.
19.The Working Group considered that various articles of the Universal Declaration of
Human Rights and the International Covenant on Civil and Political Rights had been
breached and that Mr Assange had not been guaranteed due process or a fair trial
during the period from detention “in isolation” in Wandsworth Prison, “the 550 days
under house arrest, and the continuation of the deprivation of liberty in the Embassy”.
20.The Group’s conclusion is at paragraph 99 headed Disposition. The deprivation of
liberty during the three periods above is described as arbitrary. The Working Group
asked Sweden and the Government of the United Kingdom to assess Mr Assange’s
situation to “ensure his safety and physical integrity, to facilitate the exercise of his
right to freedom of movement in an expedient manner, and to ensure the full
enjoyment of his rights guaranteed by the international norms of detention”.
21.I have read the Opinion. The group appears to have based its conclusions on some
misunderstandings of what occurred after Mr Assange’s arrest.
22.In trying to work out what weight I should give to the views of the Working Group, I
have had to consider the beginning of the extradition process conducted at the City of
Westminster Magistrates’ Court in relation to Mr Assange.
23.The “source” told the Working Group that Mr Assange was detained for (a.) ten days
in isolation in Wandsworth Prison from 7
th December 2010 to 16th December 2010,
(b.) for 550 days under house arrest and (c.) thereafter in the Ecuadorian Embassy.
24.In relation to Wandsworth Prison, paragraph 86 makes the point that there is
arbitrariness in this deprivation of liberty, because “the individual has been left
outside the cloak of legal protection, including the access to legal assistance”. The
implication is that Mr Assange was detained in isolation in Wandsworth Prison
without recourse to a lawyer.
25.In paragraph 89 of the Working Group’s opinion it says that it considers that Mr
Assange has not been guaranteed the international norms of due process and the
guarantees of fair trial during these three different moments ((a.) (b.) and (c.) above).
26.The Working Group found that this “initial deprivation of liberty then continued in the
form of house arrest for some 550 days”. The Working Group described his living
conditions as “harsh restrictions, including monitoring using an electric tag, an
obligation to report to the police every day, and a bar on being outside of his place of
residence at night”.
27.The Working Group goes on to say that it “has no choice but to query what has
prohibited the unfolding of judicial management of any kind in a reasonable manner
from occurring for such an extended period of time”. It is not clear whether the
Working Group understood there to be no judicial management exercised or whether
it believed that the judicial management which occurred was not reasonable.
28.These references by the Working Group to the beginning of the extradition
proceedings have led this court to check the original court file.
29.The court file notes that Mr Assange was arrested on 7
th December 2010 and brought
to the court the same day; he was represented by a barrister, John Jones, later QC, a
leading specialist in extradition before his untimely death in 2016. On 7
th December
2010 Mr John Jones suggested (on instructions from Mr Assange and in his presence)
a number of bail conditions including a condition of residence, a curfew and reporting
to a police station (quite apart from the securities and sureties). On 7
th December
2010 bail was refused and Mr Assange was remanded in custody.
30.Mr Assange appeared one week later on 14th December 2010. This time he was
represented by Geoffrey Robertson QC. This specialist in human rights with a
lifetime of experience in the criminal courts suggested the same bail conditions as Mr
Jones had offered the week before. Mr Robertson put forward the conditions of
residence, curfew and reporting (and various others). The judge then granted Mr
Assange bail with those conditions.
31.The district judge’s decision was appealed to the High Court by the Crown
Prosecution Service and on 16th December 2010 the High Court added a £200K
security to the conditions but confirmed the other conditions put forward by Mr Jones
and Mr Robertson. Mr Assange was released from Wandsworth Prison on conditional
bail the same day.
32.It was said by the “source” to the Working Group that Mr Assange was held in
isolation in Wandsworth Prison. I have not thought it appropriate to contact the prison
to find out whether he was held apart from the rest of the prison population; what I
can say is that the Working Group was quite wrong when it implied that Mr Assange
had been left outside the cloak of legal protection. Quite the opposite, he was
represented at the first and second hearings, by leading counsel at the second and the
bail package put together by his defence team led to his release on conditional bail. At
no stage do I understand that that bail package was challenged in court. There were
minor variations on certain dates to accommodate hearings in London and changes to
Mr Assange’s address but no changes to the residence, curfew or reporting.
33.As I hope is clear from the above, the “house arrest” and “harsh restrictions” referred
to by the Working Group which went on for 550 days were proposed by Mr Assange
himself. Mr Assange was staying in a country house, he had to be indoors at night
and had to attend the police station to sign on daily. I do not find those restrictions
harsh and there was certainly no such suggestion during the currency of the
extradition proceedings. The court (rightly as it turned out) had a fear Mr Assange
would not surrender himself to the court and to ensure his attendance the conditions
suggested by his lawyers were put in place. If the court had not been able to grant him
conditional bail, he would have been remanded in custody.
34.There was judicial management during this period of the proceedings and such
management was reasonable. Mr Assange could appeal at any point or apply to vary
the bail and it would appear from time to time that it was varied.
35.The Working Group considered Mr Assange’s stay in the Embassy as a “prolongation
of the already continued deprivation of liberty that had been conducted in breach of
the principles of reasonableness, necessity and proportionality” (paragraph 90). I do
not consider the 550 days on conditional bail to be a period of deprivation of liberty
but a restriction to Mr Assange’s freedom. I consider the same in relation to his
decision to live in the Ecuadorian Embassy.
36.It is true that he has restricted freedom in the Ecuadorian Embassy, but there is a
distinction between being held in Wandsworth Prison and living in the Embassy.
Firstly, he can leave the embassy whenever he wishes; secondly, he is free to receive,
it would seem, an unlimited number of visitors and those visits are not supervised;
thirdly, he can choose the food he eats, the time he sleeps and exercises. He can sit on
the balcony (I accept probably observed by the police and his supporters) to take the
air. He is not locked in at night. Importantly for a man who spends a great deal of
time on his computer, he is free to use multi-media, whether his computer or a mobile
telephone, in a way that prisoners are not allowed to do. I suspect if one were to ask
one of the men incarcerated in Wandsworth Prison whether conditions in the
Ecuadorian Embassy were akin to a remand in custody, the prisoner would dispute the
Working Group’s assertion.
37.My reading of the Working Group’s opinion led me to look at the dissenting opinion
of one of the members of the Working Group. This member of the group had
extensive criminal law experience at all levels of court. He said of Mr Assange’s
situation that it was self-confinement and 550 days of restriction of liberty rather than
deprivation of liberty and was not within the mandate of the Group.
38.Finally, the Working Group defines arbitrary; it explains that the detention can be
authorised by domestic law and still be arbitrary. The definition includes elements of
inappropriateness, injustice, lack of predictability and due process of law, as well as
elements of reasonableness, necessity and proportionality.
39.I do not find that Mr Assange’s stay in the Embassy is inappropriate, unjust,
unpredictable, unreasonable, unnecessary or disproportionate.
40.For reasons which must be clear I give little weight to the views of the Working
The third point
41. Mr Summers said that ordinarily the effect of absconding is to interfere with the
criminal process. This case was far from that paradigm. Mr Assange had sought to
engage with the process and asked to be interviewed. There was delay between 2012
and 2016 in which nothing happened. Delay was a justified concern of the Working
Group. The interview with Mr Assange took place and then the investigation came to
a sharp end. This is a significant factor in the interests of justice assessment of the
effects of his non-appearance. Mr Assange was not a defendant waiting out the
investigative process.
42. Mr Assange’s offer to make himself available to be interviewed by the Swedish
prosecutor from an early stage is confirmed by his Swedish lawyer, Mr Samuelson
(tab 3 of the latest bundle). The lawyer explained that from the earliest stage the
prosecution were told that Mr Assange was willing to engage with the investigation
by being interviewed. As soon as Mr Assange was interviewed the Swedish
prosecutor dropped the case. Mr Samuelson spoke about seeing but not being able to
copy certain texts which he said undermined the case against Mr Assange. It was Mr
Samuelson’s view that the prosecutor’s refusal to interview him earlier or give them
copies of the texts disadvantaged Mr Assange.
43. Mr Summers relied on a chronology at tab 6 and at tabs 4 and 5 copies of emails in
which a Crown Prosecution Service lawyer gives reasoned advice to the Swedish
prosecutor in January 2011 that she should not seek to interview Mr Assange in the
United Kingdom. Mr Summers also relies on an exchange of emails in October 2013
when the Swedish prosecutor was considering withdrawing the EAW; the Crown
Prosecution Service’s response was to send the link to Sweden about developments in
the United States and ask whether that affected their views.
44. At Mr Summers’ request I have not heard from the Crown Prosecution Service and I
cannot determine from the extracts of correspondence whether the lawyer in the
extradition unit acted inappropriately. It is too speculative to wonder what would
have happened to the Swedish case had Mr Assange been interviewed earlier.
45. Mr Assange’s failure to return has already led to three of the accusations becoming
time barred in August 2015. The fourth accusation of rape (“lesser degree” as it was
termed by the Swedish authorities) would have become time barred in 2020 had the
request not been withdrawn.
46. The Swedish prosecutor in her statement of 19th May 2017 explains that in the
circumstances executing the decision to extradite Mr Assange to Sweden is not
expected to be possible in the foreseeable future. She points out too that the
proportionality of the Swedish decision to arrest him has been repeatedly examined by
the Swedish courts.
47. In 2015 the Supreme Court in Sweden considered the public interest in the
investigation as well as the risk that Mr Assange would evade legal proceedings
against him. In 2015 the court decided that the continued arrest warrant was
proportionate despite the amount of time passed.
48. Ms Ny explains that on 14th to 15th November 2016 Mr Assange was interviewed by
two Ecuadorian prosecutors. The Swedes received the translation of the interview in
March 2017. Further investigative measures were taken and it was then not possible
to take any steps which would move the investigation forward. She said on 19th May
2017 that it had become less proportionate to maintain the arrest of Mr Assange in his
absence. She ends by saying that the continuation of the legal proceedings would
require Mr Assange’s personal appearance in court and there was no reason to
continue with the investigation.
49. Mr Assange relies upon the offers he made to be interviewed by the Swedish
authorities in the United Kingdom. I note that the Crown Prosecution Service advised
the Swedish authorities that there were downsides to this approach. I noted from the
Swedish Court of Appeal judgment in September 2016 that the Ecuadorian Embassy
had refused to allow an interview between Mr Assange and the prosecutor to take
50. A request for mutual legal assistance was sent by Sweden to the United Kingdom and
Ecuador in Spring 2015. Whilst the United Kingdom accepted the request, Ecuador
did not. The Swedish government then took a separate initiative which resulted in an
agreement on mutual legal assistance in criminal matters between Sweden and
Ecuador in late summer 2015. The agreement came into force in December 2015, but
the request then made by Sweden for legal assistance was refused by Ecuador on
technical grounds. A new request (the third) was sent and accepted on 16th March
2016. As part of the agreement Mr Assange was not to be interviewed by a Swedish
prosecutor but by an Ecuadorian one and then the questions had to be submitted to Mr
Assange in advance.
51. Mr Assange’s complaints that the investigation was not being proceeded with in a
timely manner have been considered by the Swedish courts on a number of occasions.
Mr Assange was able to put his views to those courts and was represented at those
hearings. The appeal courts ruled against him. The investigator has made her
52. Mr Summers argues that the failing to surrender has had no effect on the proceedings
and has not brought them to a grinding halt. I do not agree. If Mr Assange had gone
back to Sweden when he should have done after he had exhausted the appeal
processes in this country, the Swedish prosecutor would have questioned him, then
either prosecuted him five years ago or discontinued the proceedings. The
complainants would have had their complaints resolved one way or another. Mr
Assange would have had the accusations resolved one way or another. The interview
on his own terms does not comply with the court’s order that he be extradited to
The fourth point
53. Mr Summers relies on what he says is the punishment that Mr Assange has
undergone. There is evidence of the medical effect of him spending four and a half
years in a small room. He has respiratory infections. Mr Summers says he has no
sunlight. He cannot leave the flat to have dental treatment or have an MRI scan on his
frozen shoulder. He is a resilient character but is suffering from significant
depression. For the first five years he was avoiding the extradition process but for the
last six months his incarceration is referable to his fears concerning exposure to the
actions of the United States if detained on this court’s arrest warrant. Even were he to
be committed to the Crown Court, Mr Summers argues, the maximum sentence for
failing to surrender would be 12 months’ imprisonment. He has served this sentence,
forfeited his own money and the money of his sureties. There is no residual public
interest in further punishment for failure to attend. It is disproportionate. The issue is
whether he has been punished enough for what he has done, whether it can be said
that it is proportionate and in the public interest to initiate the process.
54. I have read the medical reports. Mr Assange is fortunately in relatively good physical
health. He has a serious tooth problem and is in need of dental treatment and needs an
MRI scan on a shoulder which has been described as frozen. I accept he has
depression and suffers respiratory infections. Mr Sommers contends he has been
punished enough. I do not accept there is no sunlight; there are a number of
photographs of him on a balcony connected to the premises he inhabits. Mr
Assange’s health problems could be much worse.
The fifth point
55. Finally, Mr Summers points out that the law has changed since the Supreme Court
decision and Mr Assange would now not be returned to Sweden because of section
12A of the Extradition Act 2003. This section does not allow the return of an
individual if there are reasonable grounds to believe that the requesting State has
made no decision to charge or try and the individual’s absence from the requesting
State is not the sole reason for that failure. Having looked at the prosecutor’s record
of her decision dated 19th May 2017, Mr Summers is arguably wrong. In the last
paragraph of the decision Ms Ny states: “…In view of this, and that to continue with
legal proceedings would require JA’s personal appearance in court, there is no longer
any reason to continue with the investigation.” On the face of it, the reason for
stopping the investigation is Mr Assange’s absence from the court proceedings in
Sweden and on that basis extradition may not be barred were the Swedish request still
in place.

BertrandFebruary 14, 2018 1:08 AM


56. In December 2010 for seven days, Mr Assange was held in Wandsworth Prison whilst
the bail package he suggested was being put in place. Whilst he was held in prison he
had three separate appearances in court, two at the then City of Westminster
Magistrates’ Court and one at the High Court. He was then granted bail subject to the
conditions he had suggested. He was subject to a curfew, had to live in a country
house and had to attend the local police station daily. Without the conditional bail
given to him he would have been held in custody and extradited at the end of the
appeal process granted to him. Those restrictions on his freedom were according to
law and proportionate. They cannot be criticised.
57. Mr Summers says Mr Assange fears being rendered to the United States by Sweden.
There is no evidence that that was going to happen. He would not have been rendered
by this country to the United States nor by Sweden. On occasions Mr Assange says
he fears being extradited to the United States. On an extradition request from the
United States in this jurisdiction he would be able to argue extraneous considerations,
fair trial and conditions of detention in the United States prison system. The courts
would consider, with the assistance of Mr Assange’s lawyers and expert witnesses,
whether he should be extradited. There would then be the appeal process which
would consider whether the first court got it wrong, whatever the decision either way.
58. I have found above that Mr Assange’s failure to surrender has impeded the course of
justice and has led finally to the case being dropped as it cannot be continued unless
he returned to Sweden. I find Mr Assange’s failure is a determined attempt to avoid
the order of the court, an order which was considered by the Supreme Court in this
59. When considering the public interest I have regard to the consequences of his failure
to appear, one of which is the drain on resources that policing Mr Assange’s choice
has caused. I have regard too to the losses incurred by his sureties. I must look at the
impact on public confidence in the criminal justice system if Mr Assange is allowed
to avoid a warrant for his arrest by staying out of reach of the police for years in
conditions which are nothing like a prison. The failure to surrender was deliberate
and occurred after the defendant had been able to challenge the original order all the
way to the Supreme Court.
60. The impression I have, and this may well be dispelled if and when Mr Assange finally
appears in court, is that he is a man who wants to impose his terms on the course of
justice, whether the course of justice is in this jurisdiction or in Sweden. He appears
to consider himself above the normal rules of law and wants justice only if it goes in
his favour. As long as the court process is going his way, he is willing to be bailed
conditionally but as soon as the Supreme Court rules against him, he no longer wants
to participate on the court’s terms but on his terms.
61. I have had to consider whether it is proportionate not to withdraw the warrant for his
arrest. On the one hand he is a man who has failed to attend court and has thwarted
the course of justice but on the other he has been unable to leave a small flat for a
number of years and is suffering physically and mentally as a result.
62. Having weighed up the factors for and against and considered Mr Summers’
arguments I find arrest is a proportionate response even though Mr Assange has
restricted his own freedom for a number of years. Defendants on bail up and down
the country, and requested persons facing extradition, come to court to face the
consequences of their own choices. He should have the courage to do so too.
63. It is certainly not against the public interest to proceed. Whether section 6
proceedings are initiated will depend on Mr Assange’s circumstances (such as health)
at the time he is produced to the court. If section 6 proceedings are launched, Mr
Assange can then plead guilty or put forward a reasonable cause for his nonattendance
and the court will then adjudicate. If found guilty the court will have the
sentencing options available to it including that of committal to the Crown Court if
the court finds its sentencing options to be too limited.

Quite a very different story than what you selected as a "summary" isn't it?
Find the courage indeed.

DavidFebruary 14, 2018 1:23 AM

Kaspersky Lab researchers have uncovered ‘in the wild’ attacks being carried out by a new piece of malware using a zero-day vulnerability in the Telegram Desktop app.

According to the research, the Telegram zero-day vulnerability was based on the RLO (right-to-left override) Unicode method. It is generally used for coding languages that are written from right to left, like Arabic or Hebrew. Besides that, however, it can also be used by malware creators to mislead users into downloading malicious files disguised, for example, as images.

Attackers used a hidden Unicode character in the file name that reversed the order of the characters, thus renaming the file itself. As a result, users downloaded hidden malware which was then installed on their computers. Kaspersky Lab reported the vulnerability to Telegram and, at the time of publication, the zero-day flaw has not since been observed in messenger’s products.

During their analysis, Kaspersky Lab experts identified several scenarios of zero-day exploitation in the wild by threat actors. Firstly, the vulnerability was exploited to deliver mining malware, which can be significantly harmful to users. By using the victim’s PC computing power, cybercriminals have been creating different types of cryptocurrency including Monero, Zcash, Fantomcoin and others. Moreover, while analyzing a threat actor’s servers, Kaspersky Lab researchers found archives containing a Telegram local cache that had been stolen from victims.

RatioFebruary 14, 2018 1:37 AM


You selected and linked to and also reprinted that particular selection for the obvious smears of no legal bearing.

I selected 3 of the last 4 paragraphs of something titled “CONCLUSION”. I omitted the final paragraph because (1) the “section 6 proceedings” probably need explaining and (2) I’d already linked to an article in the Guardian and quoted a single paragraph that says “[...] a British judge upheld a warrant for his arrest” (which is the point of the final paragraph of the ruling’s conclusion).

Moreover, I (implicitly) invited anyone reading to read the whole document, noting it was only ten pages long, and explicitly asked you if you had read it. If only you hadn’t seen right through my reverse psychology.

Anyway, one would think that the conclusion of a ruling by a judge has some legal bearing on a case, but IANAL…

Quite a very different story than what you selected as a "summary" isn't it?

Ehmmm… no? Nice wall of text, though.

meFebruary 14, 2018 1:42 AM

Jared Kushner, now a senior White House adviser with a broad foreign policy portfolio that requires access to some of the intelligence community’s most closely guarded secrets, still has not succeeded in securing a permanent security clearance. The delay has left him operating on an interim status that allows him access to classified material while the F.B.I. continues working on his full background investigation.

BertrandFebruary 14, 2018 4:14 AM

"I omitted the entire ruling, beginning and meat of the conclusion, and final paragraph because..."

Your apprehension to the "wall of text" of the actual ruling you truncated so unreliably is indicative of why. May you find the courage to admit your hand-picked selection of 7 or 8 sentences of the 10 pages was no more interesting or legally substantive or novel or unusual than they were plausibly a representative summary. If you didn't make your brief selection to vaguely smear him you've done no favors here for anyone at all.

"I accept that Mr Assange had expressed fears of being returned to the United States
from a very early stage in the Swedish extradition proceedings but, absent any
evidence from Mr Assange on oath, I do not find that Mr Assange’s fears were

His primary defense wasn't considered because he did not submit to testify under oath before the court, a tautological constraint dismissing with one hand the fact that his extradition fears are valid and provable and there was ample evidence of it.

Her rationale is that Assange would get a similar hearing like this one where any defenses would be overruled on narrow grounds just the same. Even hardship would have been easily swept aside with political will to do so. She has already established his hardships as his "own choice" by semantic logic. There's nothing new or particularly interesting about this ruling except these blips of casual flippant disregard which may form the basis for a later appeal. If you're afraid of the density of the text, don't pretend to be summarizing it. There's nothing new about this ruling or unusual at all.
You might have mentioned this one if you were looking for novel precedent instead of piling on.

RatioFebruary 14, 2018 4:50 AM


"I omitted the entire ruling, beginning and meat of the conclusion, and final paragraph because..."

Who are you quoting?

There's nothing new about this ruling or unusual at all.

It made the front page of the Guardian online yesterday.

You might have mentioned this one if you were looking for novel precedent instead of piling on.

The (non-)extradition of Lauri Love was mentioned here a couple of days ago, IIRC.

The outcome of that particular case doesn’t seem to help the credibility of (part of) the narrative of this one, though. YMMV.

echoFebruary 14, 2018 5:12 AM


In strict legal terms Assange committed rape and psychological assault. Assange also cannot be extradited to the US without the consent of the UK.

I am happy to participate in a discussion of the opsec and social engineering aspects of sex crimes and discrimination but not if this is framed around the Assange case as I believe this is too polarising. I am also very cautious discussing this topic in case misunderstandings and misconceptions become more entrenched or predatory types take advantage.

The Convention on the Elimination of All Forms of Discrimination against Women

JG4February 14, 2018 6:50 AM

The news about nuclear arms also is interesting.

...[Your definition of win is different from their definition of win. Every increment of arbitrary power is an invitation to abuse.]

Big Brother is Watching You Watch

Computerized Criminal Behavior Predictions Are No More Effective Than Untrained Humans: Report Alternet

...[Stafish Prime]

Wholesale Power Generators to Get Hurt by Grid Batteries


BertrandFebruary 14, 2018 12:50 PM

"It made the front page of the Guardian online yesterday."

Not because it full of uncited legal precedent, your uninteresting and dishonest account proves.
Lauri Love was a novel ruling. You seem to get confused as to what we're talking about.

Maybe you should just read the rulings first and not try to paraphrase them poorly.

RatioFebruary 14, 2018 2:42 PM


your uninteresting and dishonest account

My initial comment consists of a Guardian headline and one-sentence quote (stating indisputable facts, no less), my opinion that the ruling made for interesting reading (that was and is my opinion), a section of the ruling’s conclusion (reproducing the judge’s words exactly as they appear in the ruling, as can be verified), the observation that it’s a ten-page document (a simple fact), and the mention of a discussion of the United Nations’ Human Rights Council Working Group on Arbitrary Detention on pages 3–6 (you’ll see it’s there).

Like you, I did not reproduce the entirety of the ruling. The three paragraphs I quoted are representative of the conclusion as a whole, as anyone can see. (I have already explained why I did not include the final paragraph, and will not repeat myself.)

If you think there are three contiguous paragraphs in the conclusion of the ruling that paint a more accurate picture of the ruling, or even one that is more favorable to your cause, I’d love to hear what they would be. (You can reference them by number; you seem to have quoted the conclusion in full here.)

You seem to get confused as to what we're talking about.

I’ve been talking about the same thing the whole time, since before you commented. Maybe the confusion lies elsewhere.

Maybe you should just read the rulings first and not try to paraphrase them poorly.

More confusion? I didn’t try to restate any rulings using different words. I reproduced part of the relevant ruling verbatim.

Clive RobinsonFebruary 14, 2018 3:21 PM

@ Bruce, and those with AI interests,

There has been a paper released by
A researcher Julia Dressel and her Prof Hany Farid from Dartmouth about predicting recidivism rates in criminals.

Volunteers were given seven pieces of information including sex and age, but not name and ethnicity about a criminal they were assessing. Equivant's COMPAS "AI" system apparently has 137 pieces of information on each criminal including ethnicity and other identifing information (details are unclear because of Equivant's overly secretivness and attempts at misinformation).

It appears that the human volunteers via the mechanical turk system got the rate right 67% of the time marginally better than the expensive Equivant computer system.

Interestingly Dressel and Farid developed their own algorithm system and selectively removed information to find what the key assessment factors for predicting recidivism.

It turns out that just two are required "Age" and "number of prior convictions"[1]...

That is young and many makes you high risk old and few make you low risk... Perhaps not an unsprising result[1]

Whilst I suspect there are other factors that do effect low prior rate recidivism, I can easily see where the high rate would be an over riding indicator.

[1] However these results still showed ethnicity bias, as the prior convictions number is already ethnicity biased.

BertrandFebruary 14, 2018 3:23 PM


"...and one-sentence quote," followed by cherry-picked smears as a summary of the entire ruling.

A selection is a selection, a cropping is an cropping, 8 sentences is 8 sentences of 10 pages.

"Like you, I did not reproduce the entirety of the ruling"

Picking 3 cherries makes for a nice pie but you left the crust out intentionally.
If your intent was not to smear Assange then you've done nobody any favors here.
Certainly not anyone interested in the relevant legal precepts.

My inclusion of the case-relevant text in total was not passed off as a complete summary.
It was however much more complete and a lot less overtly focused on smearing Assange.
An honest read can see that much, if.

Legally interesting, lol. Oh yes, the concept of legal proportionality is so interesting.
A fine point. Good luck with the confusion.

BertrandFebruary 14, 2018 3:30 PM


Assange has aged 7 more years in a one room, I'd say his odds of sex without a condom in Sweden are low.


(But some might disagree and have, say, 3 piqued points of 'argument' on the subject...)

jonatanFebruary 14, 2018 3:51 PM

Kaspersky sues over Federal ban #2

"Kaspersky Lab said it was disappointed by the decision to ban its products. It said the company has never helped any government anywhere with cyber-espionage and added that it's, quote, 'disconcerting that a private company can be considered guilty until proven innocent due to geopolitical issues.'"

Kaspersky Lab's lawsuit also claims that the ban violates the Administrative Procedures Act and the Fifth Amendment. The Administrative Procedures Act controls how agencies like the DHS can establish regulations, and requires that agencies must provide "substantial evidence" for their regulation decisions if questioned by a U.S. court.

RatioFebruary 14, 2018 3:59 PM


cherry-picked smears as a summary of the entire ruling

No, as a representative, contiguous section from its conclusion.

If you insist the section I chose is unrepresentative of the ruling’s conclusion, you’ll actually have to show a contiguous section of three paragraphs of the conclusion that, in your view, is superior in this respect. Or four, five, or six contiguous paragraphs (out of a mere eight), if you really must. Which ones would they be?

My inclusion of the case-relevant text in total was not passed off as a complete summary.

I haven’t even mentioned the word “summary” above. Where did I suggest the text I quoted was “a complete summary” of the case?

Oh yes, the concept of legal proportionality is so interesting.

Is that why you felt compelled to reproduce so many words discussing it?

BertrandFebruary 14, 2018 4:13 PM

"representative" not of any legally interesting precepts as claimed, (warrant law and proportionality), nor the legal basis for the meat of the ruling which was in dismissing his primary defenses without considering them based on thin judicial preference, not his 4th defense twice over as you selected for.

"So many words" + "wall of text" - Are you sure you even read the ruling?
You sure seem to be apprehensive about the text volume several times here.

It's uncompelling to select three, (two actually) points from 8 sentences of 10 pages in a 7 year case as a "representative" legal summary, nor are they legally complex, novel or interesting in any way. Just the closing fluff comment presented as if it was all that was considered in it as though you hadn't read the ruling or the case. As if it were that simple and reduced to those selected smears. If you can't understand this, that does explain some of your confusion in promoting your personal selection as a "representative" summary. This is pretty basic stuff.

RatioFebruary 14, 2018 4:47 PM


"representative" not of any legally interesting precepts as claimed

Who made this claim?

nor the legal basis for the meat of the ruling

Which is why it’s called a “conclusion”.

[...] as you selected for

I selected for a representative, contiguous portion of the conclusion. You have yet to show otherwise.

Are you sure you even read the ruling?


If you can't understand this, that does explain some of your confusion in promoting your personal selection as a "representative" summary. This is pretty basic stuff.

Selection; “summary” is the description you use and then object to.

Why don’t you present a better, more representative sample of the ruling’s conclusion that is a contiguous piece of text spanning between three and six of its eight numbered paragraphs? Is that so hard?

@“Bertrant”, (!)

Here, more dirt since you're digging.

I’m not the one who’s digging…

Grand Duchy of Savile and Haut de la GarenneFebruary 14, 2018 5:19 PM

"Why don’t you present a better, more representative sample of the ruling’s conclusion that is a contiguous piece of text spanning between three and six of its eight numbered paragraphs?"

Because most people, when they look down at the sidewalk and say, "Ick, a turd!" they walk past it. Few people need to sniff it and pick through the undigested bits and palpate the mushy parts.

Pretend Judge Arbuthnot, when she's not reselling her legal virginity to MI6, is taking her orders from rampaging English pedos via pillowtalk.

Murray, for example, takes an inordinate amount of care nuking the nonsensical judgment she pulled out her ass.

RatioFebruary 14, 2018 5:37 PM


I had read both the Guardian article and the ruling in its entirety before submitting my initial comment.

As for “piling on”, would you have me avoid submitting comments on current events because other people might be talking about them too? (I’m not even aware of any big discussion. Is there any?) How would I know which topics are verboten and when? How do you do this?

@Grand Duchy of Savile and Haut de la Garenne,

Because most people, when they look down at the sidewalk and say, "Ick, a turd!" they walk past it.

In your fecal analogy my initial comment is like pointing and saying “Turd. Right there.” Reproducing the bulk of the ruling would then be akin to shoving it in someone's face and asking “How’s that taste?”

@“Bertrand”, @Grand Duchy of Savile and Haut de la Garenne,

Maybe you two could first agree on whether I quoted too little or too much. Thanks.

BertrandFebruary 14, 2018 5:46 PM

"Why don’t you present a better, more representative sample"

Such points have been made above. That "wall of text" comprised of "so many words" is the body I posted to encompass your 8 sentence selection as summary, as you previously complained of it being difficult to read. Read it again if you need, it's right there.

Your selection was blackletter warrant law upheld by rote and repeated twice on the point of proportionality in both 2 and 3, hardly novel. As opposed to appeal-considering grey areas of legal prudence in judicial preference in dismissing his primary defenses. The judge's defense of basic warrant law by derisively intimating Assange's valid legal calculus as arrogant in not submitting himself to a bench provably failing to consider his legal defenses or address his valid extrajudicial extradition concerns that have been borne true since, and as he was in contact with the court by correspondence and legal counsel the entire time, and as the Swedish court has dropped the initial half-baked prosecution in the first place, and in your decision to select only for that short smear as an "interesting summary" requires no further elucidation, lucem non poteris. Brevity is wit unless you've truncated information. I don't believe you're seeking any of those in continuing to defend what should be obvious or in asking to repeat myself.

Assange should be free to walk around after paying a modest fine. Defense of this ongoing charade is complicity, admitted by the court or yourself or not, and selections of smears as summary are evidence of nothing but that effort. Certainly not legal points of interest or value in defending rote law from a disallowed challenge. Happy reading.

Clive RobinsonFebruary 14, 2018 5:48 PM

Has Facebook abused your 2FA?

As many will know Facebook is on a bit of a downward spiral currently with users leaving and traffic falling, and I guess revenue likewise...

Now if you were in the same position how would you woo people back?

Can I suggest that abusing a security feature is not a good way to do it...

I'm just glad I don't do "social media" it's begining to sound like the "Psych stalker date from hell" (or atleast in Facebooks case, you can que up the Hitchcock sound track).

RatioFebruary 14, 2018 6:03 PM


you previously complained of it being difficult to read

I have not. I observed it was a nice wall of text, and it is. Nothing more.

I don't believe you're seeking any of those in continuing to defend what should be obvious or in asking to repeat myself.

I’m merely insisting that the portion I chose to quote is a fair representation of what the judge wrote in the ruling’s conclusion. I don’t speak for anyone but me, and, as you said, I’m not a judge.

Assange should be free to walk around after paying a modest fine.

I’m sure he’d be glad to have bright legal minds joining his efforts.

selections of smears as summary are evidence of nothing but that effort

Please come to an agreement with @Grand Duchy of Savile and Haut de la Garenne on how much (and which parts?) I should have quoted. Thank you.

BertrandFebruary 14, 2018 6:08 PM

"I observed it was a nice wall of text, and it is"

- Oxford Law School *of trolling

Good day, sir or madam.

Grand Duchy of Savile and Haut de la GarenneFebruary 14, 2018 6:16 PM

"Right there." Just so. It seems your deadpan style confuses some. The portions you cited have that unmistakable moist-turd smell. Once you get a whiff, what more is there to say?

RatioFebruary 14, 2018 6:25 PM


You suggested that copy-pasting all that text painted “[q]uite a very different story” than what I had quoted. I said that while it didn’t do that, it did at least make for a nice wall of text. And a joke you don’t like is trolling, of course.

A good day to you, too.

@Grand Duchy of Savile and Haut de la Garenne,

Once you get a whiff, what more is there to say?

Apparently the whiff has to be just right, and there should be lots of it so you can almost taste it. At least, that’s the complaint I seem to be getting from the other side. Please work this out and let me know.

BertrandFebruary 14, 2018 7:00 PM

Or just read and say what's interesting about it, 10 pages isn't long. You've described it in 1 word.
'Whiffing about' instead of reading it serves you no legally interested nor interesting purpose.
If you contribute no actual interest then it's what it is. Find the courage to admit one of the two.
What's interesting about it to you?

oscar mikeFebruary 14, 2018 7:18 PM

score : Kelly 1, Rest of the scandal 10^23

“In no universe should Trump be anywhere near Rohrabacher for any reason. Ever,” said Kristofer Harrison, who worked on Russia issues for both Defense Secretary Don Rumsfeld and Secretary of State Condoleezza Rice during the Bush administration. “Rohrabacher went to Russia to help spike the Global Magnitsky Act, a topic related to Don Jr. and Jared’s Trump Tower meeting with Russian spies. He publicly thanked Russia for its Syria efforts. He met with Vladimir Yakunin, who is on the U.S. sanctions list.”

The only thing surprising about the decision, Harrison argued, was that it had to be made at all. “Were it normal times, Trump would see him as radioactive. It’s astonishing that it took Kelly’s intervention to stop the meeting,” he said, “but Kelly was nevertheless right to do so.”

Clive RobinsonFebruary 14, 2018 11:43 PM

Are we back to "China APT" again?

Which way is the US Existential Cyber-Threat wind vane swinging today boys and girls?

Well it swinging round to Huawei and ZTE phones again...

During the annual Senate Intelligence Committee hearing this week, senior officials from amongst others the NSA, CIA and FBI have been trotting out the line that people should not be using devices made by Chinese manufacturers Huawei or ZTE.

Apparently they had, “Deep concerns,” over telecommunications equipment made by companies, “beholden to foreign governments,” they claimed presented potential security risks...

As older readers will know this "Oh My God" behaviour from various US Gov seniors has been raised in the past (2012) strenuously denied by both the manufacturers and no evidence presented by the US to support the claimes...

National intelligence director, Dan Coats said the United States is under attack from, “Entities using cyber to penetrate virtually every major action that takes place in the United States,” prior to saying 'cyber threats' are one of his significant concerns thus top priorities.

Then suprise suprise boys and girls he singled out those four "US Existential Cyber-threat Nations" of China, Iran, North Korea and Russia as posing the greatest threats.

The thing is folks all phones and most IoT devices are a security threat one way or another including all those designed in the US and built in part in the Far East. The simple fact is there is supply chain issues with most if not all electronic devices and currently there is little or nothing that can be done about it.

The ironic part is that it is the same self serving politicians that put the US in this position in the first place in oh so many ways... Dare I say chickens and roost?

(req'd)February 15, 2018 12:56 AM

IIRC Huawei phones were being specifically targeted in Android malware subroutines that had only vanilla-android hooks for other types of phones, and these specific routines allowed it to hide above userland only on Huawei phones where not easily discovered.

That struck me as a bad thing. I'll have to go look for that one, didn't bookmark it.
Meanwhile, Huawei is owned by the Chicom Party and it's about as obvious as Trump's taxes.

They don't let anyone see who ACTUALLY OWNS IT in 2018, but want you to buy their phones meanwhile.
Full disclosure I can't stand Tim Cook and I wouldn't buy any Android variant except to test dropping it.
*(financial times)

Inside a glass case in a private room in Huawei’s headquarters in Shenzhen, China, are 10 blue books that help answer a question that has vexed the US government: who really owns the huge Chinese telecoms equipment company?

The centimetre-thick volumes contain the names, ID numbers and other details on the roughly 80,000 employees that Huawei says own almost 99 per cent of the company under an “employee stock option plan”.

During a tour of the Shenzhen campus, Jiang Xisheng, chief secretary of the board, allowed the Financial Times to examine the books to see the holdings of the staff who own Huawei, through what is called the “Union”, along with founder Ren Zhengfei.

Leafing through the thousands of pages, it appeared that the vast majority of staff had tens of thousands of shares, while a small group had holdings in the millions. After the FT pointed to an entry with 2.65m shares, Mr Jiang ordered a file from the next room where the contracts are stored to shed light on how shares are awarded.

The move to show a foreign journalist the books for the first time is part of an effort to rebut criticism that Huawei has been less than transparent about its ownership.

Huawei was founded by Mr Ren, a former Chinese military officer, in 1987. It has become one of the world’s biggest telecoms companies, but has faced serious obstacles in the US because of suspicions about its ownership. In 2012, the US House intelligence committee recommended that the US block any M&A deals involving Huawei because it “cannot be trusted to be free of foreign state influence”.

The company has repeatedly dismissed claims about possible links to the Chinese government as baseless, and the US government has not made public any solid evidence to back up its concerns. But to try to refute such suggestions, Huawei has started gradually pulling back the curtain on its ownership structure.

Duncan Clark, chairman of telecoms consultancy BDA China, says providing access to the shareholding books is a positive step, but that it will not satisfy critics.

“It is like a child that tries hard but the results aren’t there. They think it’s unfair, and there is probably an element of that,” says Mr Clark, before adding that the best way for Huawei to answer its critics would be to go public. “Sunlight is the best disinfectant, but they are pulling back the blinds halfway.”

Three years ago, Huawei revealed its board of directors for the first time. Last year, Cathy Meng, chief financial officer and Mr Ren’s daughter, said the company would provide more details at some point about its ownership beyond the fact that Mr Ren owns 1.4 per cent. She said this would include details on directors’ shareholdings, although Huawei has not set any date for their release.

One problem Huawei has faced is convincing critics that the plan gives staff some control as opposed to just sharing profits. The US House intelligence committee said “many analysts believe that Huawei is not actually controlled by its common shareholders, but actually controlled by an elite subset of its management”.

(gets popcorn)

(req'd)February 15, 2018 1:08 AM

I show them my dumb phone manufactured by a company that doesn't exist anymore with 0 security issues.
I put on my robe and wizard hat.

Clive RobinsonFebruary 15, 2018 1:25 AM

Monero declares war on ASIC miners

A few days ago people were asking about blockchain "Proof of Work" protocols. Which in turn brought up a brief discussion with regards "Egalitarian" protocols[1] to ensure mining on CPU/GPU remained as, if not more effective than FPGA/ASIC thus removing a series of potential problems.

Currently egalitarian protocols use structures that are difficult or prohibitively expensive in FPGA/ASIC. However as I pointed out there are problems arising from the likes of Gordon Moores observation about transistor count and similar.

Well it appears the crypto-coin Monero has decided to adopt a way to keep the egalitarian proof of work protocol "current" unlike that of other crypto-coins. Which will have other afvantageous side effects.

Put simply they will review aproximately every six months the protocol and change it. This will kill any market distorting profit/control out of ASIC usage, and will probably have similar effects on FPGA enhanced (co-pro) systems as well. Thus favouring large memory model CPU/GPU systems.

However as SETI and home games machine builders know only to well Monero has significant side effects that effect them. Currently there is a developing market in GPU Mining Rigs using six or more high end GPU graphics cards. So much so that there is now a "commodities market" developing over the shortages created. Thus to get a High end GPU at "recommended retail" is nearly impossible for many people.

Which leaves the question of what the GPU graphics card manufacturers will do. If they do the simple "supply-v-demand" solution of price rising, whilst their short term profit's will rise, it will also encorage other entrants into their market place reducing their market share. However if as many suspect the demand for GPU graphics cards is a "bubble market" the following crash back will cause surplus product to hit the second hand market to the point that the whole GPU market will reduce to less than current sustainable levels. If that happens fairly quickly it will be bad enough, but if new manufacturers have entered the market it will become a "death spiral" potentially killing the market it's self...

I fully expect to see all sorts of other adverse effects caused by speculators in crypto-currancy.

Douglas Adams had a running gag line in Hitchhikers about a world where "shoe manufacturing / retailing" reached a point where it had negatively effected all other markets. So the only profitable thing to do was join in the shoe market. Thus a spiral developed and not just the economy but the entire civilization colapsed and ended.

Whilst I hope crypto-currancy does not kill society, the speculation involved in cryptocoin mining is making it's self felt increasingly in other markets, usually detrimentaly so. Thus it is increasingly a "Disruptive technology".


(req'd)February 15, 2018 3:28 AM

New AMA report : US diplomatic staff in Cuba attack, ultrasound preliminarily ruled out as cause.

"Exposed to directional energy source that caused trauma." "Concussion wound without concussion"
"Nearly a year later, only seven of the 21 patients have been able to return to work full time."

“Neurological examination and cognitive screens did not reveal evidence of malingering, and objective testing and behavioral observations during cognitive testing indicated high levels of effort and motivation,” the JAMA article said in raising the issue of possible “collective delusional disorders.”

*Malingering = faking, natch. Neural testing proved it impossible. Not a panic, not a rumor, not fake.

“Several of the objective manifestations consistently found in this cohort,” including vision and balance abnormalities, “could not have been consciously or unconsciously manipulated,” it said.

Those doctors that evaluated them signed non-disclosure agreements, so “they cannot discuss whether they know more about what happened in Havana than has already been made public,” according to the journal.

Nobody (that I find) from actual media sources is talking about DEW's much at all.
I mean at all. Ultrasonic was mentioned in all of them but almost nobody went into DEW's. = Tons of homemade youtube microwave guns though...

Notice the sound the microwave pulse makes on the camera mic. Imagine an eardrum.
Imagine different modulated wavelengths/pulses, a specific range that resonates.

Nasty. Disorientation, dizziness, tinnitus, nausea, headaches.. it seems possible.
They hit @ sleeping, duration a few seconds up to a minute, maybe multiple nights.
Any EM imbalances would wear off in minutes to hours and nobody was looking anyway.
Hotels put their beds in the same place in the rooms. It checks a lot of boxes maybe.

ThothFebruary 15, 2018 3:52 AM

@Clive Robinson

Looking back at what I mentioned on the Bitcoin-like protocol, it may not be Proof-of-Work based to clarify what it essentially does because the Proof protocols require a sort of math game linked below but my protocol description fails to mention any Proof of Work game other then creating blockchain and then hosting blockchain of the attestation for the computation results on the memory of the host CPU and then allowing the blockchain to be freely inspected by any of the Prison chips and to allow ratings of these chips to be increased or decreased accordingly.

To make my protocol a proper Proof of Work based protocol, it needs to not only rely on 'players' checking the blockchain for validity which is equivalent to the 'Mining' phaseof a Bitcoin network excluding the Proof of Work since to make it compliant to having a Proof of Work, it must follow as the link posted below otherwise it's only capable of partial 'Mining without Proof of Work'.


JG4February 15, 2018 10:57 AM

approaching peak irony - mind the event horizon
agencies that forced backdoors on anyone doing business in US
decry Chinese government doing the same

Don't use Huawei phones, say heads of FBI, CIA, and NSA

the stuff of nightmares

Awesome Boston Dynamics Robots

the usual daily compendium


Quantum computers ‘one step closer’ BBC (David L)

Why Broadband Competition at Faster Speeds is Virtually Nonexistent Motherboard (resilc)


Big Brother is Watching You Watch

Surveillance Valley Yasha Levine, Baffler. From last week. Important.

Don’t use Huawei phones, say heads of FBI, CIA, and NSA The Verge (Kevin W). So we consumers are told to prefer the backdoors installed by the FBI, CIA and NSA to the ones installed by the Chinese?

Rise of the data protection officer, the hottest tech ticket in town Reuters (resilc)

...[no one gets out alive]

Paul Bronks
And I looked, and behold, a pale horse. And its rider’s name was Death.

Alyer Babtu February 15, 2018 12:34 PM

@ Boston Dynamics video

The SpotMini would seem to handle the 30 m proposed border barriers being tested for the “Wall”

(req'd)February 15, 2018 12:54 PM

The so-called NotPetya attack in June started in Ukraine where it crippled government and business computers before spreading around Europe and the world, halting operations at ports, factories and offices.

“The attack masqueraded as a criminal enterprise but its purpose was principally to disrupt,” it said.

“Primary targets were Ukrainian financial, energy and government sectors. Its indiscriminate design caused it to spread further, affecting other European and Russian business.”

Russia denies British allegations that Moscow was behind cyber-attack
Britain’s foreign ministry said in a statement the attack originated from the Russian military.

Russia plays superdumb and cries Russophobia... again... for the 100th time...
Well, you either believe them or you don't. Maybe it's the CIA! :D

Or the FDA!

(req'd)February 15, 2018 1:53 PM

Ajit Pai's media consolidation allowance scrutinized for deals with Sinclair Broadcasting.

“For months I have been trying to get to the bottom of the allegations about Chairman Pai’s relationship with Sinclair Broadcasting,” Mr. Pallone, the top Democrat on the committee that oversees the F.C.C., said in the statement to The New York Times. “I am grateful to the F.C.C.’s inspector general that he has decided to take up this important investigation.”

Is there anything NOT for sale in this country right now?

bttbFebruary 15, 2018 5:46 PM

"Christina Sommers‏Verified account
Follow Follow @CHSommers
Dear kids: I’m a Baby Boomer. We are getting old. But at least we had sex, drugs and rock & roll. Seems like millennials have moral panics, workshops, and grievance circles. Time to rebel! xxMom
7:18 PM - 14 Feb 2018"

Edward Snowden retweeted
"Thomas Drake‏
Follow Follow @Thomas_Drake1
Intel agencies treating whistleblowers as the enemy within. Old enuf to remember when I was prosecuted under Espionage Act & smeared as worse than a spy because I blew the whistle on mass surveillance programs, 9/11 intel failures & many billions in fraud.
6:18 PM - 11 Feb 2018"

U.S. Intelligence Shuts Down Damning Report on Whistleblower Retaliation
A top watchdog investigated 190 cases of alleged retaliation against whistleblowers—and found that intelligence bureaucrats only once ruled in favor of the whistleblower."

rFebruary 15, 2018 8:19 PM

re: constructivism

maybe i should change my name to pest.

single unresponsive commentary with minor elusive behavior to protect dwindling privacy is discouraged?

at least i see the topics of my repetitive interest showing up in other's provocative feeds.

god save the queen.

tyrFebruary 15, 2018 8:55 PM

So where do you get a phone that is
not made in China ??

Also why are people surprised that
the chinese Communists are still the
ones running their industry ? Maybe
if the Zaibatsu had really disappeared
from Japan the Chinese system might
have undergone a dramatic change
and been noticed.

Next some one will notice that the
British royals are Germans.

JG4February 16, 2018 7:06 AM

As always, I appreciate the discussion and ideas.


119,000 Passports and Photo IDs of FedEx Customers Found on Unsecured Amazon Server GizModo (CL).


Our Famously Free Press

The War for Social Media: The Center is Trying to Diminish Diversity and Control Speech Benjamin Studebaker (UserFriendly).

CIA Defends Selective Disclosure to Reporters Federation of American Scientists

Leaked Chat Transcripts: New York Times Employees Are Pissed About Bari Weiss HuffPo (PDF from managment). Interesting institutionally; the abolished Public Editor position seems to have functioned as a safety valve/internal referee more than we knew.


Forget Boston Dynamics’ Robot Dogs: Purdue’s Microbots Are the Real Nightmare Vice (DL).


RatioFebruary 16, 2018 1:36 PM

Thirteen Russians criminally charged for interfering in US election, Mueller announces:

Mueller’s office said 13 Russians and three Russian entities, including the notorious state-backed “troll farm” the Internet Research Agency, had been indicted by a federal grand jury in Washington DC.

A 37-page indictment alleged that the Russians’ operations “included supporting the presidential campaign of then-candidate Donald J Trump ... and disparaging Hillary Clinton,” his Democratic opponent.

Mueller alleged that Russian operatives “communicated with unwitting individuals associated with the Trump campaign”, but the indictment did not address the question of whether anyone else in Trump’s team had knowingly colluded.

Rod Rosenstein, the deputy attorney general, said at a press conference in Washington: “There is no allegation in this indictment that any American had any knowledge.” Rosenstein added that the charges did not mean the Russian activity had an effect on the outcome of the election.

(The indictment, ICYMI.)

RatioFebruary 16, 2018 2:48 PM

These are the exact words Rod Rosenstein used as part of his prepared statement:

Now, there is no allegation in this indictment that any American was a knowing participant in this illegal activity. There is no allegation in the indictment that the charged conduct altered the outcome of the 2016 election.

Words, they matter.

hmmFebruary 17, 2018 3:39 PM

It also helps if you read them carefully and in the context of their peers.

"there is no allegation in this indictment"

Because it wasn't indicting Americans which would weaken their case for the sub-issue here.

Establishing both separately and in order is useful to a prosecution.

This indictment will convict them in absentia perhaps but either way is a step-stone to further indictments which will in fact prove American collusion, as 6 defendants have ALREADY plead/began pleading GUILTY and have turned State's evidence agreeing to (oath) answer all questions in their fullest responses - or the deal is off and they get prison for twice as long.

Words do matter yes. It's a pity so many are lost on such a quorum.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.