Friday Squid Blogging: The Symbiotic Relationship Between the Bobtail Squid and a Particular Microbe

This is the story of the Hawaiian bobtail squid and Vibrio fischeri.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on February 23, 2018 at 4:20 PM • 162 Comments


DougFebruary 23, 2018 5:15 PM

The Georgia (US) online voter registration system turns out to be pretty hackable. In order to view voter information all you need is the voter's name, county of residence, and birthdate. To modify the registration information, you then need to supply the driver's license number.
All of this information was contained in the Equifax breech.

I sent an email to the Secretary of State and asked if/how they planned to mitigate the risks associated with the expected Russian attempts to hack into voter systems for the mid-terms. The email went out about 2 weeks ago...not even an automated response has been returned.

As a Democrat living in this deep red color of this state I can imagine going to the polls to vote and discover that my address has been moved across the state making it difficult or impossible for me to vote.

At this point, about all I can do is check my data periodically prior to the mid-terms to make sure nobody has moved me.

Side note: GA is working hard to become a center of cyber-security...WTF???

albertFebruary 23, 2018 6:00 PM

@Clive, @echo, @JG4,

I tried the 110Hz test and got no results. This doesn't invalidate the research results. n = 1 is hardly scientific. The paper is paywalled, but I'll continue to look into it.

As for microwaves, this is the scary part. Humans are extremely sensitive to EM radiation in the 2.5 GHz region, for reasons too detailed to review here. It's theoretically possible to generate beat frequencies inside the brain using two microwave beams. We know that some people exposed to cell tower radiation have developed brain-related issues. Nowadays you'll see warning signs on military vessels warning against standing in front of radar antennas, and also on cellphone antenna access points. I've seen these signs.

(See "The Zapping Of America", by Paul Brodeur, 1977, for details of the cover ups by the US military in regard to microwave exposure health effects.)

I have no doubts that the US MIL/IC has lots of data on the effects of microwaves on humans. The Russians may have more (they started sooner). The are highly secret projects; they have to be, because microwave transmitter technologies cannot be easily regulated, and so are available to 'bad actors'. So the 'bad' can hide within the 'good'; the perfect weapon. It's rather slow acting, so it will be used by actors with long range plans, 5 to 10 years perhaps.

@Clive, or any expert,
Does a modem with wireless capabilities use the telephone line as an antenna? (this applies only to units with twisted-pair connections)

. .. . .. --- ....

Clive RobinsonFebruary 23, 2018 6:56 PM

@ Albert,

Does a modem with wireless capabilities use the telephone line as an antenna?

I can not say for "private network" phones as they are not regulated in most parts of the world except by ordinary consumer legislation.

However in most places POTS public networks are heavily regulated and standardised, they have to be for genuine safety reasons[1]. Of the top of my head I can not remember seeing any standards or regulations that would alow the 2/4wire interface to be used that way either before or after the "demarc" between the public network and consumer premises wiring. In fact I can remember a few standards where it would very specifically not be alowed or the standard tests would be failed with the EMC etc masks.

I'm not sure why you asked, but many DSL and ADSL modems do put out some very high frequency signals. That said they should be using a form of "whitening" which works like a Direct Sequence Spread Spectrum (DSSS) system to spread the data signal energy widely across the available bandwidth to prevent quite a few issues.

[1] There are also "faux safety reasons" put in place by international and national standards "finessing" by those "in the know" of current domestic or equivalent inteligence agencies.

Clive RobinsonFebruary 23, 2018 7:56 PM

@ (required),

A: If it did, you'd hear a ton of static on the line all the time.

It might be clear in your mind what you are commenting on, but I guess the other posters on this thread have at best only a hazy notion as to what it is.

How about giving a little hint by addressing the person by handle and quoting what it is you are responding to?

Clive RobinsonFebruary 23, 2018 8:19 PM

@ All,

The two lead researchers brhind the "adorable" bobtail squid and it's relationship with the light emitting bacteria, Dr Margaret McFall-Ngai and Dr Ned Ruby, have their own website called "Glowing Squid",

It has some quite fascinating articles on it. And yes many people think the diminutive bobtail is adorable / cute ignoring like they do with cats that it is a preditor.

Also that it will eat not just a close relative (octopuses) but like other squid even it's own kind, which is most definitely not adorable or cute behaviour... But don't let that put you off ;-)

Clive RobinsonFebruary 23, 2018 8:38 PM

@ hmm,

In their minds I'm sure this makes great sense.

Well "American Pai" is in the company of Vice President Mike Pence.

I wonder if they got the irony about not being able to bring the hand made award onto the stage for the presentation?...

To add further irony every radio news slot on the hour I've had the misfortune to listen to this evening has featured his boss giving his logic as to why a madman would not enter a classroom...

To say it has made me cranky and irritable would be an understatement.

How do I put it tactfully, most teachers enter the proffession to help their pupils make a start in life... Further evidence from recent times shows that even highly trained soldiers do not responed either timely or well when one of their own turns on them...

[Noise off of stage left of gritting teeth and globs of blood hiting floor from bitten tongue].

hmmFebruary 23, 2018 9:09 PM


" giving his logic as to why a madman would not enter a classroom... "

My God. I have never been more tired of being an American than today, listening to that crap.

"Highly trained, gun adept, teachers/coaches would solve the problem instantly, before police arrive,”

This is where Q shows up and starts judging humanity.

It's.. I'm out of words. I just can't relate this to any other ridiculous charade in my experience.

Ajit Pai "liberated" the internet, and Trump is giving us "tactical classroom commandos"
- on the same day! Dystopian bingo.

Lunch ladies will also detect WMD's, and the local ice cream truck will double as a mobile triage.
Your mailman may be a trained assassin 20% of the time, it's a huge deterrent!

What happened, did we cross a dimensional rift or something? When did people go clinically crazy enough to allow these... animal balloons to run things and give bizarro-speak versions of NRA talking points as advice to EDUCATORS of all people?

Educators looking for real solutions to highly armed disturbed children shooting up the place!
"Channel your inner Rambo, here's a gun, let's go people next problem. Heroin.. ok skip that one.."

"When solving unsolvable problems, offer non-solutions - The negatives cancel!"
#Trump hacks

AnonFebruary 23, 2018 11:53 PM

The way the media are lambasting the deputy is nonsense as well! What if he had thought there were multiple shooters? He wasn't a coward - he likely weighed the risk in his mind, wanted to live to see his wife and kid, and waited for backup.

Going Rambo would not be wise.

As for arming teachers - they would become target number 1 for any future attackers, and would prove ineffective.

Scenario: teacher is teaching; back to the class. Assailant walks in, gun already drawn and pointing at the teacher. They probably wouldn't even have time to realize what was going on before they're hit by the first shot fired at them.

hmmFebruary 24, 2018 12:20 AM

Hit the teacher with a $5 wrench and now they're armed in a school, exactly. What could go wrong.

tyrFebruary 24, 2018 1:49 AM


I see the hot button topic is back again.

No one has ever explained how more laws
can fix this. If the thousands of laws
already on the books didn't do it.
No one has explained why law enforcement
ignored multiple cases of being warned
about this particular individual and
did nothing.

Actually that's not true that particular
bunch has had a long history of looking
the other way until someone noticed that
tons of drugs were coming into the US in
their ares from the Carribean. The big
boys are busy chasing Rus internet trolls
and playing dirty politics so not much
chance of them following up a complaint

People who haven't been shot at should
refrain from comments about others being
a coward, nobody knows until that moment
what they are. All of the trappings they
wear won't make them a hero unless their
heart can do it.

Clive RobinsonFebruary 24, 2018 3:04 AM

@ tyr,

nobody knows until that moment what they are. All of the trappings they wear won't make them a hero unless their heart can do it.

Very very few are capable of instant action, then it's likely to be wrong. Because more than ten thousand years of disapearing up a tree at high speed takes condiderable, expensive and repeated training to over come.

I've found that out myself the hard way, luckily those I faced were considerably more inept than I was and, I was still alive to consider another day.

On other civilian occasions such as road accidents, I responded and did the right thing without thought due to training, only to have cold sweats the following day and many nights there after. Even if you are not a hero just following your training has costs few would even realise existed untill they have been through it. It's when you find you need not just friends but commrads forged by similar experiences.

ThothFebruary 24, 2018 3:44 AM

Playing Devil's Advocate here which many will not like, maybe the Asian model of dealing with weapons possessions and manufacturing and extremely hard handed punishment for assault or attempted harming of others might be the model forward for public safety where people trade in some of their freedom for social and national security.

JFFebruary 24, 2018 7:08 AM


"And yes many people think the diminutive bobtail is adorable / cute ignoring like they do with cats that it is a preditor."

That is squid nature, Clive. Have you seen Orcas taking the calves of great whales? That is a little unsettling as well. Unlike house cats allowed to roam and feral house cats, most predators are just doing what they were put on earth to do.

House cats, like rats and feral pigs in some places, are just examples of the unintended consequences of a human presence. Look at the wave of extinctions in New Zealand when Polynesians arrived. And later extinctions when Europeans arrived.

echoFebruary 24, 2018 8:29 AM

I'm wondering "What could go wrong?" and work back from there...

Poison. Traps. Rifles. The methods for eradicating island predators like rats are brutal. Some conservationists want to use Crispr to do the same job. This method isn't brutal, but it could fundamentally transform our power over nature.


New Zealand’s War on Rats Could Change the World. The nation wants to eradicate all invasive mammal predators by 2050. Gene-editing technology could help—or it could trigger an ecological disaster of global proportions.

echoFebruary 24, 2018 8:34 AM

Here's an article on "defensive pessimism".

The key difference that separates defensive pessimists from other individuals who think negatively – such as those who are simply anxious or depressed – is the way they cope. Whereas people tend to use avoidance to cope with anticipated problems when they are feeling anxious or depressed, defensive pessimists use their negative expectations to motivate them to take active steps to feel prepared and be more in control over outcomes. So being a pessimist isn't necessarily bad – though you may irritate others. Ultimately, it's what you do with that pessimism that matters.

Mike BarnoFebruary 24, 2018 11:02 AM

@ echo :

Whereas people tend to use avoidance to cope with anticipated problems when they are feeling anxious or depressed, defensive pessimists use their negative expectations to motivate them to take active steps to feel prepared and be more in control over outcomes.

This seems true over the range of my experience. When I was mainly a young utopian idealist dreamer, wanting to believe that love and rationality would bring the good outcomes that I hoped for, messy realities interfered again and again, often leaving me unprepared. When I was cynical and depressed, it led to a course of avoidance and inaction, so I missed good opportunities and still failed to prepare for unwanted developments. But when I kept the optimist/pessimist impulses in balance, I got better at thinking through all the possibilities, preparing plans of action for various problems, stocking supplies I might need if something happened, and then relaxing and moving ahead knowing I had done what I could. For example, having a fire extinguisher, jumper cables, a flashlight, and a few specific tools in my car's trunk let me drive at all hours with less stress.

This works better in computer security, too. Optimists assumed the early Internet would be used by academic researchers cooperating to share data, so they built protocols that made efficient use of limited resources instead of engineering security defenses into the systems. Pessimists later saw crackers using "viruses and worms" to subvert systems, so they slapped firewalls between their systems and the network to stop a few known attack methods, but felt they couldn't stop bad actors, so they too built software without engineering security defenses. Only the "defensive pessimists" recognized that newly recognized vulnerabilities would keep leading to new exploits affecting different parts of their systems, so they engineered checks for user-authorization and input-scrubbing and other problem-catching into their work all through the development cycle, rather than hoping no attacks ever made it past firewall and antivirus defenses.

albertFebruary 24, 2018 1:29 PM

Thanks for your responses. Let me clarify my question. My ADSL modem-router is connected to a twisted pair telephone 'line'. No phone service is used, it's internet only. I don't use wifi, so I moved the modem-router off my desk and into a room closer to the wifi users. I even put shielding to reflect the signal away from my room but I still have a good signal there. I've been looking into SDRs for a while now (I used to be a avid SWL in my youth). Making your own -calibrated- field strength meter looks nearly impossible, but perhaps a relative FSM may be work.

BTW, if anyone has intermittent connectivity problems with ADSL, internet-only, have the tech check to see if the line is set up for internet-only. Apparently there are 'filters?' (she called them "coils") that are required for voice-only lines, but screw up internet service. These lines have no dial tone, so techs sometime think they are unused.

. .. . .. --- ....

albertFebruary 24, 2018 2:10 PM

Who's responsible for feral cats* (and many outdoor house cats) destroying the songbird population?r

Irresponsible pet owners. Of course, many can't afford the high costs of spaying or gibbing their pets.
*Felix domestica

Jim Jeffries is a very funny guy.

You're not Jim Jeffries are you?
. .. . .. --- ....

Clive RobinsonFebruary 24, 2018 2:21 PM

@ hmm,

How is the blood preasure?

If still high then for the sake of your health don't read,

Put simply a change in Chinese law requires Chinese users data etc to be stored not just inside China's jurisdiction, but also by an organization that has a strong Chinese Gov connection (read in effect has overall control).

Many fear that this will endanger Chinese disidents etc... Well it appears there is little Apple can do maneuvering wise...

And these constraints will apply to all companies that "do business in china"...

JG4February 24, 2018 4:42 PM

Thanks for the good discussion. Here's some entertainment:

Here is some science fiction:

Amputee Makes History with APL’s Modular Prosthetic Limb

It's not really a robot, but it will be soon:

da Vinci Robot Peeling at Grape - Doctors Hospital at White Rock Lake

hmmFebruary 24, 2018 6:08 PM

"these constraints will apply to all companies that "do business in china"..."

Apple knowingly used slave labor to make their phones in the first place, full stop right off.. It's a dithered line between directly supporting those practices when you utilize or profit from them as part of your expensive line of high-end surveillance devices that people pay money to carry around, and maintaining some modicum of internal standards that meant you made less (dirty) money as a corporation. The bar gets lower every day because there's nothing propping it back up. Why wouldn't it keep going?

And there's the line right? But no, still fully doing business as if nothing happened. What problem?

Sancho_PFebruary 24, 2018 6:39 PM


The ADSL modem-router does not use the telephone (twisted pair) as antenna, it also (LAN) works (here with my router) when I disconnect the twisted pair line.
What shielding did you use, the WiFi is nearly everywhere, very hard to shield off?

The twisted pair cable goes directly to the router, a phone (if used) is in parallel but must go through a filter box (yes, coils+), otherwise it would present a low impedance to the HF ADSL signal and the router can’t connect.

hmmFebruary 24, 2018 6:51 PM


I hover around ~150 psi these days reading the news. The daily aneurysm. Cheers.


Those little dongles are just a filter to take out the inaudible frequencies used by the data which cointerferes with operation/line quality. They allow both on the same line without the line splitter at line-in. There are cheapo ones and better active ones.

You want to keep the line from telco to modem as short as possible and any splices/junctions between are potential sources of interference/echo. Then you run regular CATx for however long you need from there to an AP or end router. I also wouldn't use the wifi on a telco-supplied box myself. Get a decent AP/router downleg. You can buy RF line tester kits and meters, building a decent one from scratch would be an undertaking.

Clive RobinsonFebruary 24, 2018 8:00 PM

@ JG4,

The CBT is lucky it's agents have not been "shot on sight" when crawling around peoples property in certain US states.

For some quaint and ridiculous reason the US justice system belives in "the sanctity of official uniforms and badges" as identification... However there are so many "hot spots" in the world where stolen or copied uniforms are used by killers to get close to their targets even the dimest of people who can read newspapers or listen to TV/Radio news must have heard about terrorists in police uniforms etc.

In the UK there is a saying "An Englishman's home is his castle". Some years ago now a police covert operative John Fordham dressed in a camouflage uniform was stabed to death by a serious criminal Kenith Noye. It happened on Noye's property and he was aquitted on the basis of "self defence". Even though this was back a "working life time" ago in the early 1980's the case was reported internationaly, and for other reasons I've mentioned in the past sticks in the mind. Thus even the likes of the CBP must be aware there is case law on the dangers for officers wearing uniform invading peoples property... Thus there behaviour is at best stupid and if ordered by seniors bordering on reckless endangerment. Especially when there is also a decade later US case law with Ruby Ridge, that made international news,

Where the behaviour of FBI officers closely under Louis Freech came into question for perjury... As for LEO's shooting or otherwise killing innocent peoples pets, it appears to be so frequent even their own are calling it into question,

Remi the canuckFebruary 24, 2018 9:12 PM

Is it normal for to be cert stripped at coffee shop with bogus one added. Time is set ok and https://www.Gmail dot com and others seem fine. Also where did go and of tails main page seems fubar. Also from home provider. Guess they got my dns something special?

JG4February 24, 2018 9:26 PM

@Clive and the usual suspects

Can't recall how many months ago it might have been, but you suggested that Google got a lot of things right with Chromebook. This is my second one. I was predisposed from many years ago, like 2008, to understand that Google knows something about security. Don't worry - I'm not brown-nosing here. It's their security they got mostly right, not yours. The hair on the back of my neck stood up when I saw Clive's comment about the latest peasant control program. My friend who lives in Zurich has a neighbor who is/was a big wheel in Google. My friend believes that it is OK to use Google docs, because they are used internally for mission-critical IP. The sharper knives in the drawer will be questioning the threat model here - Google's IP generally is safe from the vortices they spawn to steal from Great Estates and Little Boats alike. I probably mentioned that my friend was in the meetings at Thinking Machines with Feynman back in the day. Feynman still was razor sharp. And another friend was at CalTech as an undergrad, when Feynman would walk the dorms at night to talk with the students. His genius is matched only in a narrow slice of the population of your planet. He was very friendly with the Martians in a time when outsiders were suspect.

I'll take advantage of Clive's brief excursion into the nutrition weeds as an opportunity to convey some health information critical for many of us. No one gets out alive, because time always find a point of failure, but we can at least try to optimize our health-spans and cognitive-spans. Potassium and magnesium deficits contribute to cardiovascular problems, diabetes and more. The deficits are good for corporations, because the subtle discomfort makes people look to sugar, alcohol, junk food and plastic widgets to make them feel better. Two key causes of mineral deficiencies are processed food and alcohol consumption. You also can sweat them out, and might end up with loss of nerve control in your legs during a marathon. Did I say that my cousin used to spend a lot of time refilling electrolytes when the troops got stuck in kickin' chicken mode? Half to three-quarters of the US population already has started the progression of lifestyle diseases. The way that I got short of potassium and magnesium was skipping meals and eating low-carb. Fasting and low-carb diets both are good from the point of view of glucose management, as long as you don't stray into nutritional deficits. Putting a finer point on it, calorie and carbohydrate deficits are good for you, but nutrient deficits are bad. Exercise is the anti-carb. Walking a few miles a day will add life to your years and years to your life. The sugar, industrial grade oils, and processed foods don't provide adequate magnesium and potassium. The most fascinating part of all may be the psychological effects, which are anxiety, anger, paranoia and other subtleties. Mendosa's website is a model of scientific accuracy and practical advice for managing diabetes. You may find it an interesting source of healthy recipes. Ironically, I probably wouldn't have gotten hypertensive or diabetic if I would have gotten enough potassium and magnesium. Hopefully the wear and tear was worth what I learned.



It found that among more than 600 people with type 2 diabetes that they followed for an average of 11 years the more potassium they pee (technically “urinary potassium excretion”) the fewer of these problems they had. What goes in must come out.

Alyer BabtuFebruary 24, 2018 9:58 PM

@JG4 et al in re nutrition

You might look into the work of Max Gerson from the 1920s on curing chronic disease including cancer via nutritional therapy. Considered quackery and prosecutable by US medical regime, but many helped by it. Security some known to me personally. A website gerson dot org for the therapy is run by Dr. Gerson’s daughter.

Clive RobinsonFebruary 24, 2018 10:08 PM

@ Albert,

I'm still not 100% about what you want to do.

As @hmm and @Sancho_P have indicated above the old POTS lines are actually capable of carrying some quite high speed thus frequency data, in some quite complex systems.

The reason the POTS line can do this is two fold. Firstly it is a "balanced transmission line" secondly it is "twisted" which makes the balance considerably easier to maintain thus issolating it much better from it's environment.

Importantly even if you had very qood test equipment --like a low noise spectrum analyser-- measuring even quite high power signals on the line from outside it would be dependent on the inbalance on the line more than anything else...

Worse as I mentioned they use "whitening" which acts like a form of DS Spread Spectrum (DSSS) which lowers any "energy / Hz" by spreading the energy across a very wide bandwidth thus droping it "below the grass" of many test instruments.

However... Low cost hand made test instruments will in some cases work better. One such is the amplified diode detector.

Ordinary diode detectors are just "broad band envelope detectors" with no gain thus quite high detection thresholds but importantly even cheap silicon signal diodes like the 1N4148 diode can work up into the low end of the UHF band. More expensive but still cheap Shottky detection diodes will work into the low end of microwaves and more specialised expensive ones work up to near 100GHz.

You can buy quite cheaply "ModAmp" broadband matched impeadence broadband surface mount amplifers that do near DC to 6GHz for around a dollar from the likes of Mouser and Digikey that will give upto a ten fold voltage gain, thus making any diode you do use after it ten times more sensitive.

But if you look back half a century "diode detectors" were also made more sensitive by using tuned circuits as voltage multipliers. That is if you have a parallel tuned circuit of reasonable Q you can take a tap point near the "earthy end" which would be about 50 ohms and take the diode up several tap distances at the 1-5 kilohm impeadence thus getting a "power match" which gives you a passive voltage gain as well as increased selectivity. You can find such circuits by looking for "poor mans spectrum analyser" which replaces the mechanically variable capacitance with an electronically variable one known as a "varicap diode" which you then drive with the output of a low frequency audio "sawtooth waveform" generator from the likes of an NE555 timer chip. You feed the sweep voltage into an oscilloscope Y input and the output from the detector diode to the X input. This was infact the way early spectrum display systems for EW etc worked.

The detector diode can be made more sensitive by "DC bias" put simply you "add in" via a high value inductor on the RF side a small DC voltage that is temprature compensated that provides a "forward bias" to the diode this will up it's detection sensitivity by a factor of ten with care. Such a temprature compensated bias source can be made with just another diode of the same type as the detector diode closely thermally bonded and an Opamp circuit even an old 741 chip will work well. Speaking of Opamps you can put one on the DC side of the detector diode to up it's effective impeadence thus lower it's negative effect on the Q of the tuned circuit whilst giving a low output impeadence to a following signal amplifier.

Which brings us to the question of "log amps" --expensive-- or RSSI detectors --cheap-- that will provide you with a logrithmic (decibell) output from the detector.

NXP that used to be Philips make the SA602 and SA604 that were based on Plesse parts. Though you often see them as "NE602" and "NE604" parts in circuit diagrams. If you look at their data sheets and application notes you can see they are easy to use, thus loved by amateur radio/home constructor/ maker types but also have an RSSI output,

These chips were used to make a poor mans spectrum analyser with the outputs going to the left and right audio inputs of a PC sound card. There was a circuit and software published by Elektor magazine some years ago based on a Plesse application note from the 1980s (IIRC writen by Peter Chadwick). Various versions have since been made and put up on the Internet in various places, and somebody used to sell one commercialy.

Thus you can with a little skill at home electronics construction make yourself a suitable piece of "low cost test kit". However calibrating it requires other test kit which again you can build. Such as a VCO driving a 74ACT family inverter/buffer feeding a surface mount resistor divider to give a 50ohm output at a fixed power level that you can then feed into home made antennuator strip to give lesser but more than sufficiently accurate levels to calibrate your detector.

There is the old saying about "A poor workman blaims his tools", well the opposite is "A good workman makes his own tools".

It's not actually difficult to "boot strap" your way upto reliable RF test kit. Both the ARRL and RSGB publish very low cost books on making and using low cost but effective test equipment.

You can with a little ingenuity and sideways thinking make equipment that is way way better than even high priced proffessional equipment. One I made was an FM modulation meter, proffessional kit of the time used quite complex and sensitive analog circuits... I thought "s0d that" and designed a partial the fully digital version based on a "Pulse Count Demodulator" using three 74 family logic gates for the detector that easily outperformed any proffessional kit you could rent at the time. They were at best 200 to 1000 parts per million(ppm), mine when using an ordinary XTAL was better tha 1ppm and with a cheap 10MHz "off air" standard beter than 0.01ppm and even more so if you had access to better time/frequency standards.

Such is the way of the world, you make one good bit of kit and then use it to leverage up other bits of kit till the point you have kit to rival the proffessionals.

I'm currently thinking about how to improve a design of "Vector Network Analyser" for "big signal" not "small signal" analysis. What I designed originally used a modified VSWR bridge meter as the detector head. Effective as it is for designing RF Power Amps in the 20Watt and up range and rapid switched Antenna Tuning Units for HF frequency hopping/agile systems with "random wire aerials" the "directivity" of the directional couplers hold it back for other work :-(

Clive RobinsonFebruary 24, 2018 11:02 PM

@ Remi the canuck,

Is it normal for to be cert stripped at coffee shop with bogus one added.

The short answer is "It should not", but the long aswer is "It depends".

It's all to do with "The War on Terror"... If you go to a little "Mom-n-Pop Coffee shop" like as not their WiFi system will be the same as any other small business or home user deprnding on their ISP. That is it won't be the shop playing fast and loose with "faux certs", but only some ISPs.

When it comes to chain/franchise coffee shops etc often they have outsourced the WiFi to some company that's also into the "breaching privacy for profit" game if not also suplying part or all of the ePos through stock control systems.

Although it's not "Official" it's highly likely that there is a NSL or "on the nod" arangment with the FBI etc. That is there on the excuse of "Terrorists use Tor" or "Drug Lords use Tor" or any other of the "Horsemen of the InfoWars Apocalypse" used to scare the average citizen into compliance that has a "Think of the children" type soundbite.

People especially "browser developers" should get it into their heads that CA Certs are a "busted flush" security wise the way they currently use them. Which is why criminals and LEOs alike use "faux certs" for profit and gain...

The excuse that it's "too complicated for users" is just more FUD in the same vain as "Think of the children". Because it is rapidly becoming clear it is the reason for much if not most of the current malware etc deployment success...

So much so that for some time now I have suspected browser designers are deliberately ignoring the various CA Cert issues. As it's in their interets to ensure that certain people have "easy access". In effect it's a "back door in the design, and as has been pointed out on the odd occasion recently there is no "NOBBUS" backdoors, just "exploitable" backdoors. What you are seeing could be just another "step down that road".

65535February 25, 2018 12:59 AM

@ Clive Robinson & others

“In some respects ie "signed malware" this is not new news. But the methods and details given should make people realise that the whole CA pyramid is easily computable…”

Not good.

I saw the pdf report from Recorded futures that showed only 1 to 6 AV engines [VirusTotal ?] detection rate.

back market price .3k yo1.7K USD.

How are the certs created?

Scam of Co. Id or con-game?
Sha1-2 Sig fraud?
Insider at major Cert CA?
Forging engine perfected by black hat?

Apple is only slightly good at detection & Smart Screen, Sender ID, Domain keys fair to poor.

excuse my mistakes due to injury.

tyrFebruary 25, 2018 1:49 AM

@Clive one of the slickest pieces of
test equipment I ever used was called
an octopus. It hooked up to a scope
with a Z axis input. Cheap easy to
make and you could use it on most
components for a quick pass fail test.

If you played with it a lot it could
find stuff no other fancy commercial
test rig could see. I'm sure someone
has a write up on it on the Net.

I made one after finding it in some
electronics magazine, the best home
made gadget of all time for a tech.

Mine had phonograph needle test leads
but I wouldn't have wanted to play a
record with those needles.

On the other subject most won't talk
about the aftermath except with selected
folk. Humans unlike most animals can
relive our experiences with unbelieveable
amounts of second thoughts sometimes this
is not a good thing to do. Imagination is
good but too much can be really bad for
your mental health.

hmmFebruary 25, 2018 1:52 AM


That's the gorilla in the room. That's a major story I had no idea about. Thanks.

@ Clive

Excellent explanations as always. And very true words about the costs of jumping into a situation where nobody really knows how they'll respond until they're in it.

I agree little breadboards of diode arrays could be an ultra-cheap detector suite but I don't know how feasible that would be for someone to build themselves if first assuming they're having big troubles with DSL. :/ There's a lot of knowledge and efficiency in every cheapo multimeter or radio that most people will not internalize in their life. To see far though we do all stand on the shoulders of giants.

I've thought about removing CA's from my lists for a decade now but I'd always need a very current and reliable minimum-functional published list to start with. Every local area has a bunch of region-specific certs, Turkey has Turkish certs that most in say France probably would never ever be comparing as a random example, and that as a default installation everyone is awfully trusting beyond what would be probably real-world needed. There's no choice given easily to the low-user and no hedged bets, it's all-in worldwide. It seems to me minimal trust levels could make new certs a more deliberate user choice. I doubt most end users in "the real world" even realize certs or CA's exist. They should.

AndersFebruary 25, 2018 4:50 AM


Seems like the Ars have fixed their typo in the url.

"How are the certs created?"

There's one solution in the article pointed out - "and are registered using stolen corporate identities"

You hack into the corporate e-mail system, you learn how they operate and order the certs, then pretending to be the right person you order new cert and pay.´No need to breaking the crypto, no need to stole cert and risking they revert it. Noone cares who exactly makes the payment as long as you get the money.

echoFebruary 25, 2018 4:59 AM


Speaking of crackpots and electronic thingamejigs I read this article the other day about Stuart Hameroff's quantum conciousness theories. The interesting bit is about microtubules. I have no idea whether the Orch-OR theory is true or not but new research suggests microtubles display the properties of memristors.

Clive RobinsonFebruary 25, 2018 5:53 AM

@ JG4,

Can't recall how many months ago it might have been, but you suggested that Google got a lot of things right with Chromebook.

The thing I normally talk about was their design of the chrome browser when it first came out.

It was painfully obvious back then all the other browsers designs were just plain wrong, in that they put everything in a single process memory space, thus an attack from one HTTP stream could not just see but modify the memory for another HTTP stream (tab). For atleast a year before that I'd been raising the total lack of segregation as a big red flag.

In essence the other browser developers were short circuiting the basic process functioning of the OS. That is if on a *nix box you ran two terminal windows it was the OS that was giving you a great deal of security by keeping the two well segregated. Business had moved away from CLI/terminal use to fancy browsers. The problem was that without it being replicated in the browser a user could have a sensitive internal customer/sales/marketing DB open via a middleware browser interface and an Internet malicious website that could using quite minimal tricks get at that data in the other browser tab, and with a little more effort get to talk to the middleware interface, thus to the backend database...

Chrome when it came out had lifted a lot of the OS segregation techniques upwards into the user space thus had better issolated tabs and consequently better security than the other browsers of the time.

Somewhere you will find on this web site several conversations between @Nick P and myself about the issues.

However the world has moved on since then...

Other early Chromebook developments were what we might call the "fast boot" aspect. They had taken an "embbeded system" view point and thus booted up and was functional in seconds in quite low power hardware compared to minutes in quite high powered PC hardware of the time.

However since those early days many have alluded to the fact that Google have done a "Skywalker Senior" and "turned to the dark side" thus become "De'ath Pervader" with walled gardens and what is massive hemorrhaging of user privacy... Not helped by their desire to get in your childrends minds and school work to form cradle2grave profiling any stalker would give most of their limbs for. Which of course Schools, Collages and Universities have forced on their students over parents objections... Worse even charity/private sector physical and mental health organisations use Google in various ways as well... To say creepy is an understatment.

So yes whilst Chrome/Chromebook had --note past tense-- good tech how they used it was a lot less admirable.

JG4February 25, 2018 5:59 AM

@tyr et al.

One term of art for a similar device is a semiconductor curve tracer. This type of measurement fits neatly into the framework of system identification. I think that you need three things to make a semiconductor curve tracer. A signal generator that can go both positive and negative, preferably to the breakover potential of the parts, a resistor big enough to prevent damage to the parts, and a scope to watch the action. If you don't need to see the reverse breakdown voltage, the risk of damage is reduced. I probably said that I know a guy who worked for HP back in the day. His job was to automate parameter measurements on incoming parts so that they could catch subtle changes before their production was impacted. If your system is complex enough, you can't predict all of the knock-on consequences of changes that are in spec.


We might be able to distinguish near-field and far-field effects with twisted pair. You could easily pick up the signal in POTS with a capacitive sensor localized on one side of one loop. Not so in the far-field where the fields essentially cancel. ATT must have had some clever tricks for altering the twist rate and placement in the 50-pair bundles to prevent cross talk. If two pairs with the same twist rate are side by side, there will be uncancelled capacitive coupling. Another day we will delve into system identification and compensation in USB, DSL and cable. And the use of adaptive feedback to cancel echoes. Back in the day, I found a couple of problems in helicopters where EMI was getting into the internal telecom. One was a Huey where coax had been used to carry audio in a high EMI environment created by the switching power supply in a UHF radio. Had the coax been installed correctly, the voltages induced on the inner and outer conductors would have canceled at a balanced input. It was my first brush with shielding gone wrong, and the problem had stumped the entire electronics staff. I got a day of leave for fixing it. The guys who flew it had balls the size of alpha centauri and would go out in any weather to rescue people at sea. Because they had been in hard rain in Vietnam, they didn't have any more fear. The other one was a twin-engine helicopter where the wires in the telecom junction box were jumbled. I just twisted the pairs neatly and it fixed the problem entirely. It was much later that I was emotionally scarred by EMI that could only be reduced three orders of magnitude with heavy copper straps.

Clive RobinsonFebruary 25, 2018 8:07 AM

@ echo,

I read this article the other day about Stuart Hameroff's quantum conciousness theories.

He's not the only one, perhaps more famous is the English Prof of Mathmatics Roger Penrose. His view point is that AI is not only coming up short, it never will replace certain aspects of creativity in some humans. Thus something is missing from the model of the physical human mind. He pointed out that carbon nano tubes could provide quantum effects. However the suggestion appeared to become a mantra that has subsequently become a rod for his back.

The "quantum" devices in living beings has been much poo pooed, which has had unfortunate events. Because things like light energy to chemical energy conversion comes up short using conventional photo-chemistry ideas. However alow quantum effects and it does not.

Smell likewise appears to have failings using conventional ideas that go away with the alowing of quantum effects.

Then there are the questions about bords having what are quantum sensitivity magnetometers that they use for guidence. Apparantly Arctic Foxes respond in the way they hunt to the earths magnetic gradient as well.

Likewise other asspects of biology.

Does this mean that quantum effects are part of biology? Well we don't currently "know" but things are changing as evidence is stacking up that conventional biology mechanisms are insufficient and quantum effects can balance the scales as it were.

I guess hard proof will not be long in coming, either way it will have a quite significant effect on biology as a subject.

DavidFebruary 25, 2018 10:12 AM

The detector diode can be made more sensitive by "DC bias" put simply you "add in" via a high value inductor on the RF side a small DC voltage that is temprature compensated that provides a "forward bias" to the diode this will up it's detection sensitivity by a factor of ten with care. Such a temprature compensated bias source can be made with just another diode of the same type as the detector diode closely thermally bonded and an Opamp circuit even an old 741 chip will work well. Speaking of Opamps you can put one on the DC side of the detector diode to up it's effective impeadence thus lower it's negative effect on the Q of the tuned circuit whilst giving a low output impeadence to a following signal amplifier.

I designed and built such a temperature compensated diode bridge detector many years ago using 1N270 germanium diodes which works well into the UHF band. I found that germanium 1N270s worked better than silicon switching diodes like the ubiquitous 1N4148 with or without forward bias.

For a broadband detector, an even better way is to chop the RF input signal and use synchronous demodulation. This removes all drift terms so temperature compensation is not required. Chopping can be done in a number of ways including with PIN diodes but I would probably use a diode bridge for that.

echoFebruary 25, 2018 10:57 AM

This dialog with Rebecca Newberger Goldstein discusses quantum mechanics and beauty (or "baroque and unappealing" depending on which aspect is being considered), and also philosophical discussion of "rational actors" and "hideously irrational" collective results.

Speaking of hideously irrational collective results here is a paper on feature interactions.

albertFebruary 25, 2018 11:02 AM

@Sancho_P, @et al,
I just wanted to get it off my desk, which was inches from the front windows of my flat, and 3 feet from my addled brain. The wifi needs to reach to the back room of my floor and the whole of the floor below. It now happily resides on the floor outside my door, shielded by foil-based card stock on two sides (due to temperature constraints) and the top. Before I moved it, I could connect from across the street.
I could not get my router to work with the new modem/router from the telco. It's possible, but I can't really experiment because there are other users who depend on it. Plus it requires a wifi device, one computer on the modem/router, and one on the router under test, both for configuration changes. I've done this before, but I just don't have the time.

I have the only wired connection, and if it were up to me, there'd be no wifi, and I wouldn't be bothering you guys.
I will have to digest your post later. I'm sure it will be very helpful.
I can't thank you guys enough for your help.

All the best to you.
. .. . .. --- ....

echoFebruary 25, 2018 12:38 PM


Further to your comments on fight or flight - after a fire incident Sabrina Cohen-Hatton began a PhD to help keep firefighters safe. She looked into thinking, response, and behaviour; and how people make risk-critical decisions. Mounted cameras helped uncover a 20% analytical and 80% instinctive decisions. The new decision control process led to five times higher situational awareness, and more goal directed decision making. A book by Sabrina documenting the science of firefighting and the psychology of commanders is due to be published in 2019.

Why firefighters are able to run toward danger and take instant decisions – fire chief's groundbreaking study

Mike BarnoFebruary 25, 2018 2:20 PM

@ echo :

I read the paper (published in 2002) on interactions between features in a system. Frankly I was hoping to learn more from it. The paper concentrates on telecommunications systems such as telephone networks, but the methods can apply to other domains of application programming and middleware. For those readers wondering what the point is, here's a phone-service example:

... consider the scenario where user A subscribes to "Originating Call Screening" (OCS), with user C on the screening list, and user B subscribes to CFB ["Call Forward when Busy"] to user C. If A calls B [when user B is already connected on another call], and the call is forwarded to C, as prescribed by B’s feature CFB, then A’s feature OCS is compromised. Clearly, if the call is not forwarded, then the CFB feature is compromised.

And here's an example about cars:

A[n] often referred to example is where a thief hits the front of a stationary car and all doors automatically get unlocked. This is because the safety feature of the car assumes an accident has occurred and to allow passengers to escape and paramedics to reach potentially injured passengers all doors get unlocked. This could be seen as the security feature (keep all doors locked) is compromised by the safety feature.


I noticed this point about interactions that must be handled in live running systems and their supporting tools, rather than in abstract specifications and models in the development cycle:

An increasingly multi-vendor market removes global knowledge about services in the
network – and the possibility to change those supplied by others.

When your own code is the only thing that affects what actually goes on, those spec analysis tools and custom modeling languages let developers build swell, well-understood systems in the lab, if their employers give enough time and budget. But plenty of programming today depends not just on the underlying operating system, but on a browser, browser plug-ins, a database interface, accounting software, Customer Relations Management software, and/or other code written and updated by other companies. So there's more room for unanticipated cross-behavior, particularly when other companies update their portions without documenting changes to your team.


The paper ends up being pretty much just a listing of general classes of approaches to the problem (software engineering approaches, formal methods, and on-line techniques), detailed by lists of specific methodologies from previous research papers. The conclusion was that these approaches had made some progress but had not come close to solving the overall problem.

So my question for anyone sufficiently up-to-date is: In the decade-and-a-half since this paper came out, have these efforts gotten much further? It seems the commercial software industry has instead focused on moving darn-near-everything from mainframes and PCs to smartphones and the cloud. User convenience, quickly-deployed "shiny new" features, and monetization appear to have outraced efforts at well-controlled functionality. The trend toward using artificial intelligence, letting systems learn behavior that even its programmers don't understand, would seem to make it still harder to fully control unplanned interaction among features. In this site's comments, I occasionally see mentions of some purely academic project or some niche language's development tool attempting to address this topic, but I haven't heard of such things getting much traction in the real world.

Dan HFebruary 25, 2018 3:27 PM


As a former USAF airman, I was never so embarrassed to be an American than when 0bama was in office. Making red lines with Assad and backing down; letting Russia take Crimea from the Ukraine; Iran constantly taunting the US Navy; starting another war in Libya that has left the country without a central government and more violent than before overthrowing Qdaffy; lack of action on Syria that led to the Islamic State.

Then we could also delve into Hillaryous and Barry meddling in the FBI matter of her email server. Hillaryous rigging the DNC primary. Hillaryous paying Fusion GPS to concoct the dossier that was used for a warrant for surveillance of a political foe. The top of the FBI and who knows whoever else working to oust Trump like a third world country.

The lead investigator on the Hillaryous matter was anti-Trump and later became the Mueller Matter team lead and didn’t want it because he said there was no collusion. The same guy changed Comey’s wording that would have made it prosecutable.

Yes, 0bama, Hillaryous and the democrats make it hard to be proud.

Dan HFebruary 25, 2018 3:33 PM


My USAF AFSC was 57130. Fireman specialist. USAF Civil Engineering PRIME BEEF (Prime Base Engineer Emergency Force). Strategic Air Command.

hmmFebruary 25, 2018 7:31 PM


Another revisionist's song and dance, of course we've heard your gripes before. On Fox News verbatim.

I don't defend every action of Obama. I never have, it's nonsensical to think that way in my view. He has made mistakes empirically. It's not a part of my political philosophy to cover up for bad decisions or questionable choices even in hindsight, but you sure haven't explored even a single one of the possible alternative consequences even for the limited list of grievances you bring but don't delve into whatsoever. A glaring omission on your part. Nobody is limiting your right to say what you do here, but you might as well make a full point if you're going to play Monday morning QB.

A list of unexplored grievances is not an alternative course of action, Fireman Specialist. I don't know why you'd bring your enlisted rating into this argument as if being an airbase fireman makes you particularly more adept at global foreign policy tactical strategies... But thank you for your fellow corps service.

I don't feel the need ask your thanks for my service or bring my career specifics to bat for my views on well-documented history. Waving a unrelated DD-214 doesn't make anyone more credible in analysis of fact, and in fact it looks to readers like an appeal to authority, which many will recognize as one of the common logical fallacies. But let's observe your hypothetical grievances' null hypotheses shall we?

"Making red lines with Assad and backing down; letting Russia take Crimea from the Ukraine; Iran constantly taunting the US Navy; starting another war in Libya that has left the country without a central government and more violent than before overthrowing Qdaffy; lack of action on Syria that led to the Islamic State."

So you as armchair-CIC would have instead gone to war with Syria directly and risked escalation with Russia and attacks on allies such as Israel with CBR weapons, nuked(?) Iran or at least sunk their torpedo boats and risked escalation there including attacks on Gulf infrastructure like the strait being closed, bombed Russian forces and civilian militia groups indiscriminately in the Crimea to prevent Russia's expansion again risking escalation, and I guess you thought Obama didn't significantly weaken Isis over the course of his administration because you don't wish to know what actually happened.

Trump didn't change much if anything about the existing strategy. Obama more or less left the Pentagon in charge of the ground movements, and rightly so. His expertise isn't Asian land wars, it's law. He signed off on the expertise of generals and experts, in fact many-to-most predating his administration. Your own stated expertise is putting toxic foam on toxic oxidizers.

The head of FBI found reasons to suspect Trump of crimes. So has the rest of the IC/DOJ.
So have the average quasi-literate or better members of the US public, whatever % that is today.
That's why this is happening. Not because Comey "likes" Trump or not. Trump committed crimes,
there is more evidence of that than Clinton's "is is" lie or any charge you could bring at Obama.
Trump has done way-worse-than-nothing to defend himself on these charges. It's Nixon ad libbed.

Whatever chance he had of riding out the investigation successfully with a slap on the wrist ended immediately when he provably acted to obstruct justice in each of several ways. This is not really debatable, Grand Juries have found cause and guilty pleas are in hand already. Your smokescreen is over, Trump support network. This is in Mueller's hands and all your teeth gnashing has no bearing. It's a matter of law, not politics. Mueller is a Republican. Comey is a Republican. Trump HIMSELF nominated and appointed Rod Rosenstein AND Chris Wray. They're doing their jobs and Trump wants to fire them all for that specifically.

So you can keep whining about Obama or Hillary. And you can cry wolf about the FBI.
But when those bars go clang, maybe then you'll understand what really is going on here.

65535February 25, 2018 9:20 PM

@ Anders

“You hack into the corporate e-mail system, you learn how they operate and order the certs, then pretending to be the right person you order new cert and pay.´No need to breaking the crypto, no need to stole cert…”

You have refined my theory of “Scam of Co. Id or con-game?”

r u saying it is just a ID theft of someone high up in the Corp and a purchase of a Cert? That sounds logical.

Either the Corp guy or Cert CA is hoodwinked by a con-artist. One would think the CAs would be cautious about issuing certs to important customers – maybe not.

Why did some AV engines flag the scammed certs? That seems to be a technical error. See the pdf in the artstechnia post.


“3,000 Databases with 200 Million Unique accounts found on Dark Web”

Could this be a cumulation of the Target and OPM plus all other breaches combined [yahoo, etc]?

@ albert

“I tried the 110Hz test and got no results.”

Why would the A [110 Hz] string on the guitar or an A [440 Hz] on the piano two octaves below the middle C cause a problem [110 Hz]? High volume?

Sorry about the mistakes and poor grammar. I am not at the top my game.

Alyer BabtuFebruary 25, 2018 10:25 PM


It would be interesting to know what Carver Mead thinks about memristors and what changes it would make to his book Analog VLSI and Neural Systems. I haven’t seen anything about this.

hmmFebruary 25, 2018 11:23 PM

"It's so poignant to see hmmm fall for CIA's divide-and-conquer propaganda"

FBI and DOJ are not CIA which also isn't the NSA. If DOJ indictments and guilty pleas are propaganda,
then you're quite a bit further into the rabbit hat than I've ever gone myself. Sorry.

"(D) or (R)" In fact I voted for neither party's candidate in the last Presidential election and advocate for more parties, transparent funding, limits on multinational corporate donations, yadda. I'll agree the CIA is still doing things that I wouldn't sign off on. That's been a problem for a long time before I was born, and the candidate I did vote for actually made some lip service towards accountability in that regard. It's sure not being solved by President Taco Bowl, the swamp-drainer.

"Most people here know their democracy is fake"

I don't know about you but we live in a Republic here in the US. I don't think base terminology like "fake" gets you where you want to go with your argument, though I'm also sure not signing off on everything done by the US government. That's unreasonable. Maybe you're misreading something but I sure didn't say anything like that.

I have no idea what you're referring to with 'poppin cherry Musha Cay' or any of the rest of your misdirected rant about Democrats being WWF fans? There's a lot to fact check there, I'll leave you to it since you're so very keen to correct the record here, heh.


AnonFebruary 25, 2018 11:37 PM

@Mike Barno:

As I see it, most mass-market software is written as quickly as possible by the lowest bidder. The end result is code quality is poor, system design is non-existent, and possible problems are, at best, treated as "we'll deal with it if it is a big enough problem".

Unfortunately, the general public thinks if it works, it must be OK, but as we know, that doesn't mean anything.

I'm surprised software doesn't break more often.

AnonFebruary 25, 2018 11:40 PM

To add to the above, that is not to say software is bug-free; I'm particularly adept at finding bugs, and frequently do in many packages (I'm not bragging; I consider it a curse, as if a bug exists, I'll invariably find it, and it will be a problem requiring some careful work to avoid in my own code).

maqpFebruary 25, 2018 11:46 PM

@Clive Robinson, @Nick P, @Thoth, @Sancho_P, @Figureitout et. al.


In the last week's FSB, I wrote about a covert channel in TFC I realized would exist were I to add command that allows user to retransmit packets that drop when retransmission from networked computer to destination computer is required.

This got to me to think about the possibility of being able to implement a covert
key exfiltration channel with following structure:

1. Malware on Destination Computer reads first bit of sensitive key
2. The malware causes Receiver Program to alter interpretation of external stimuli based on key bit
3. User performs an action on Transmitter Program based on the interpretation, that is forwarded to Networked Computer/Receiver Program
4. Networked Computer is able to interpret user's action and obtain the key bit.

Since Transmitter Program actions are the reaction to some external stimuli, the attack is done through packets delivered to Receiver Program. The program currently receives six types of packets from Networked Computer
1. Local keys
2. Contact status messages
3. Public keys
4. Messages
5. Files
6. Commands

Local keys and commands are not a suitable packets for attack because they do not invite user action on Transmitter Program, and user will detect the attack because they will know they did not issue the command themselves from Transmitter Program.

Rest of the packets allow some form of attack. There are two ways to perform them:

1. Attacker is not a contact of user: For every time-frame, attacker makes Relay Program claim an event has happened and forwards it to Destination Computer. Malware on Destination Computer makes Receiver Program display an interpretation of the event if key bit was 1. User enters something to Transmitter Program within timeframe, and Relay Program makes the interpretation of key bit based on what was output to it from Source Computer.

The problem here is however, user knows Relay Program displays a message for every packet it forwards to Destination Computer. This message acts as a "precommitment message". Relay program can't predict when Receiver Program has displayed the message (it's as hard as guessing the key and actually the same thing). For exfiltration of 256-bit key, Relay Program must display 256 events. In the best case scenario for attacker there is no noise, only random key. In that case the number of times Relay Program doesn't show a message when it should, is roughly 256/2 = 128. The more noise and activity happens, the harder the attack will be.

This works for Messages and files (malware waits for reply), public keys (malware waits for key exchange to start) and contact status messages (malware waits for user to initialize conversation / seize it). Each has many risks and factors that increase noise. Also, traffic masking defeats each attack in this case as malware on Networked Computer is unable to determine when message / file is output, outgoing public keys are omitted because key exchanges are not allowed. Last, interaction with contacts does not change because of contact status messages.

2. Attacker is a contact of user: The fastest way to attack is to deliver two questions inside each message packet and let compromised Receiver Program display the first one if key bit was 1. Attacker can then deduce the bit by playing Jeopardy! on reply it got from user. This works even during traffic masking.


So if Networked Computer has a vulnerability, attacker is able to exploit Destination Computer over serial to the point Receiver Program can be reprogrammed, there are some specific situations where attacker is probably able to exfiltrate sensitive keys over covert channel.

Adding extra key exchanges can slow this down and limit scope of attack. But since attacker is able to exfiltrate message history this way as well, there will be a limit to how long exfiltration of n messages will take.

I don't have an architectural fix for this problem, at least right now. The only consolation is, this is probably one of the hardest attacks I can imagine, and I'm taking for granted attacker is able to exploit an up-to-date OS with a click of a button.

Gerard van VoorenFebruary 26, 2018 12:10 AM

@ Dan H,

If you have got a personal vendetta with hmmm, please contact each other privately. That way not everybody else is being bothered with your 'hilarious' prosa.

hmmFebruary 26, 2018 12:36 AM

@Gerard Obviously the CIA got to you already. :p Thanks, I doubt it has much to do with me either.

Clive RobinsonFebruary 26, 2018 12:43 AM

@ maqp,

I'm taking for granted attacker is able to exploit an up-to-date OS with a click of a button.

After the release of some of the NSA tools and the subsequent malware attacks based on it... I would say "I'm taking for granted" is how should I put it an "understatment".

Personally I'd take it "as a given" when doing any kind of security design, and that is not just because of the incredibly poor record of commercial OS design.

It's becoming clear with the likes of the Jupiter Networks key leakage that certain people are directly developing implementation side channels in security products. Further that they also directly targeted standards with a similar key leakage attack. But also as with the AES competition they were able to rig it such that "side channel" infested code would end up in all but a few implementations of AES. Importantly those "few" would be the sort not to use AES in "on-line" mode anyway. It's why the NSA only rate AES for "data at rest".

With regards design of secure systems the old adage about "You are not being paranoid when they realy are out to get you!" applies. The TAO is a fraction of the NSA yet they are very clearly out to get everyone they can every which way they can. Likewise Blufdale shows "Collect it all" is most likely about as true as it gets on the information available. The turn up of those phone calls from Russia and Israel kind of lends weight to the idea of "collect it all".

Thus even the little old lady down the road does not have to be paronoid to think they are out to get her words, she might blaim her cat but it does not alter the fact thay her words are being stored.

One of the major mistakes designers of security systems make is "going with the accumulator odds". That is the old mistake of multiplying individual step odds such that ten, even odds steps, becomes a one in one thousand chance, thus can be treated as such. When dealing with a sentient opponent it's only the "weakest link" odds that count. Thus those ten even odds steps just stays at even odds, because that's how hard it is for a sentient attacker to attack each part of the system. It might take them ten times as long but then they can throw in ten times the resources to get that time back.

That's how you have to view things when doing security design, and trust me when I say that thinking that way hurts but it is necessary.

Try looking at it this way, there is a big treasure chest with ten entirely different locks on it each requiring a different length of time to pick. You bring in ten lock picking experts and asign each a lock. The chest will be open after the hardest lock to pick is picked, not the total time to pick all the locks.

Thus if something can be done to attack a system it will be done in parallel with all the other somethings that can be attacked.

maqpFebruary 26, 2018 1:49 AM

@Clive Robinson

I would imagine TAO's priority are targets that cheaper, ubiquitous surveillance doesn't have access to. In addition, they add redundant surveillance methods for valuable targets in case existing methods stop working. Not everything TAO does is yet automated and I don't think basic security economics ever stop applying. Like @Bruce said, NSA's not made of magic.

I understand the issue. The attack is not parallelizable, but increase in it's complexity is polynomial. Outside cryptographic strength, consumer's computer security is just layers of protection. The first condition in TFC that needs to hold true for this attack is the only condition that needs to hold true when compromising Signal, Ricochet etc.

Like I said, I don't have a solution, and my conjecture is there isn't one unless it's possible to guarantee Destination Computer can not be taken over with some magic packet delivered over data diode. This "works securely on all inputs" is AFAIK called "the security problem" and it's an unsolvable problem for Turing machines, similar to halting problem. A Turin incomplete system that's formally proven correct might work, but that's not something I'm able to deliver. The world runs on much less secure systems (although NSA's Nitro Zeus is a good example how entire countries can run at the mercy of another).

Regarding the future, I'm asking you and everyone else to think about this problem. If a solution should appear, I'll make the necessary updates. In the meantime, it's another section to threat model on attacks TFC is not secure against. If documentation warns about adding contacts user doesn't personally know and trust, and instructs user to keep an eye on Relay and Receiver Program notifications (we already know there's no way to automate public key fingerprint verification, so user has to be willing to learn), the attack is going to require HUMINT, infiltration to trusted network of peers. At that point TEMPEST / implant is probably a less risky close proximity attack.

(On a side note, interestingly with TFC the exact point in time when message encryption starts is hidden (and randomized with CSPRNG during traffic masking), and the entire decryption process is completely mute to network. I think TFC's architecture is least dependent on side-channel security of algorithms. (Just in case, TFC uses libsodium's XChaCha20 via cffi, which is side channel-free, or at least constant time).

bttbFebruary 26, 2018 3:21 AM

Here are some nuanced, controversial, or thought provoking, imo, views of the Mueller investigation and/or Russia’s election influence operation in the USA and its aftermath

Glen Greenwald:
“That’s exactly what is being done by those who keep declaring the U.S. to be “at war” with Russia, and especially those who invoke the worst attacks in U.S. history when doing so, all while refusing to state what they think should be done in response. It’s simultaneous reckless and cowardly.”

"JAMES RISEN AND GLENN GREENWALD have both won Pulitzer Prizes. They both have found themselves in the crosshairs of the U.S. government for their journalism. And they both write for The Intercept. But Jim and Glenn have taken very different approaches to covering the Trump/Russia story. This week on Intercepted, they go head-to-head in a debate. Glenn is one of the most high-profile critics of the official story that has been put forward by the U.S. intelligence community, the Democrats, and many media outlets, including some of this country’s most powerful papers and news channels. Jim battled both the Bush and Obama administrations — under threat of imprisonment — for refusing to name his sources in some of the most sensitive national security reporting of the modern era."

From Amy Goodman and Democracy Now:
"On Thursday, I sat down with the prize-winning Russian-American journalist Masha Gessen, a longtime critic of Russian President Vladimir Putin. Her recent book, The Future Is History: How Totalitarianism Reclaimed Russia, it won the National Book Award in 2017. Gessen recently wrote a piece for The New Yorker magazine headlined “The Fundamental Uncertainty of Mueller’s Russia Indictments.” I began there, asking her about these indictments.
MASHA GESSEN: So, you know, for somebody who actually has read the indictment in its entirety, and, actually, the Russian reporting that is almost entirely repeated in the indictment, it’s really hard to square that with the way that it’s been portrayed as, you know, a sophisticated, bold effort. I think H.R. McMaster is correct in saying, yes, there’s “incontrovertible” evidence of Russian meddling, but to call it bold, to call it sophisticated and to imply that we now know that it actually had an influence on the outcome of the election is absurd. It was not bold. It was not sophisticated. And it—we don’t know, and probably never will know, whether it had any impact.”

“AMY GOODMAN: And Trump saying, talking about these indictments, that they’re sowing, creating—”If it was the GOAL of Russia to create discord, disruption and chaos within the U.S. then, with all of the Committee Hearings, Investigations and Party hatred, they have succeeded beyond their wildest dreams. They are laughing their asses off in Moscow”?
MASHA GESSEN: You know, after a little bit over a year of Trump, there’s a tweet that I actually agree with. I don’t know what to do with myself now.”

HmmFebruary 26, 2018 3:45 AM

I see a lot of dithering about what is "bold" or "sophisticated" - but the fact is you can call the "translator" project at IRA a sophisticated and funded effort of the Putin regime being used in an unprecedented capacity to try to achieve a result, and that in fact was successful to some degree. What exact degree cannot be known. The numbers given by FB and Twitter have varied over the course of the investigation also, new realizations are being made all the time.

I think there's an expectation that a "sophisticated" attack would be more technical niche exploit expertise rather than the more blunt social campaign we witnessed. That's valid in a sense, but in another sense it's irrelevant. A successful attack is one that achieves the objective, minus the operational cost and blowback fallout potential. They achieved quite a considerable spam effort linked to nationalist anti-migrant groups which also 1:1 are linked to groups pushing the Brexit campaign, which was similarly pushed by Kremlin-backed groups like this.

It was a close vote also. It divides the UK from Europe, damages all, weakens NATO.
If Russia had any hand in helping achieve that, and evidence says that's reasonable,
it's a major coup even compared to the Trump charade.

echoFebruary 26, 2018 5:35 AM

@Jim Jeffries

Gadaffi misspelt Gadaffi. I remember news shows where the spelling of his name came up as a topic. Apparently, Gadaffi had been asked for a correct spelling but always refused to give an answer and changed how he spelled it or said nothing about which version in printed media was correct.

Ergo SumFebruary 26, 2018 6:10 AM


As I see it, most mass-market software is written as quickly as possible by the lowest bidder. The end result is code quality is poor, system design is non-existent, and possible problems are, at best, treated as "we'll deal with it if it is a big enough problem".

Yes, that has been going on for awhile. There are other aspects of the "quick/cheap" to market software development; interacting with the OS and other software are not even given a consideration and/or just very minimal. This causes system stability issues and/or application crashes. The sad part in it is that this is the new development model for Microsoft and others.

Take for example Windows 10, the perpetual Beta software pushed on everyone. It used to be that the Beta tester for Microsoft were voluntary, but that's no longer the case. Just look at some of the events brazenly logged by Windows, like the event ID 916:

DllHost (4148,G,0) The beta feature EseDiskFlushConsistency is enabled in ESENT due to the beta site mode settings 0x800000.

And no, this is not from the Insider Preview installation...

echoFebruary 26, 2018 6:18 AM


I read an article the other day on toxic metals discovered in e-cigarettes. I also read late last year among the e-cigarette community this is a known thing if the e-cigarette coil begins too burn. (I'm guessing because of too much current or not enough vaping liquid.) These articles do not mention stainless steel coils which are believed to be safer and don't impart a metallic taste. The study is skewed because it's looking backwards and ignoring new developments.

When considering the number of people who have successfully given up using e-cigarettes the net public benefit would still be higher even if there was a percentage risk of metal contamination?

Dan HFebruary 26, 2018 6:52 AM

Your brain boils every time you think of Trump sitting in the White House, that's awesome! Thankfully, Hillaryous isn't there.

@Gerard van Vooren
You're hilarious.

@Jim Jeffries
You're not too bright if you don't get humor. But if you want to play the game, I've also seen it written as al-Qaddafi.

echoFebruary 26, 2018 7:13 AM

Here is a dialogue with Seth Loyd. He produced a paper on which the D-Wave quantum computer is based. The dialogue covers the conceptualisation of quantum computing to various technologies at various stages of development and avenues of further research. This article is not new but still a good summary of where things are at.

Quantum Hanky-Panky
A Conversation With Seth Lloyd

Bong-Smoking Primitive Monkey-Brained SpookFebruary 26, 2018 8:19 AM

@ Dan H, @ Jim Jeffries:

Leave Arabic to those who have a clue. There are a handful of people here that know what they're talking about on this subject, and neither of you freakin' qualify. Without further ado...

You misspelt Gaddafi.

And ...

I've also seen it written as al-Qaddafi.

You're both wrong. His name is: معمر القذافي
Proper Arabic Pronunciation: Moamar Al-Qathafi ('th' sounds like the 'th' in 'the')
Libyan Colloquial Arabic Pronunciation: Al-Gaddafi

Derived from the root-word: قذف: Qathaf, with several meanings -- the most prominent of which is: throw anything by the hand.

Meaning: Long-Living Far-reaching Arrow thrower -- That's the 'good' meaning.
The not so good meaning, one could say: Ever-lasting ejaculator.

vas pupFebruary 26, 2018 8:36 AM

Mind-reading algorithm uses EEG data to reconstruct images based on what we perceive
The technique developed by Dan Nemrodov, a postdoctoral fellow in Assistant Professor Adrian Nestor's lab at U of T Scarborough, is able to digitally reconstruct images seen by test subjects based on electroencephalography (EEG) data.
"It could provide a means of communication for people who are unable to verbally communicate. Not only could it produce a neural-based reconstruction of what a person is perceiving, but also of what they remember and imagine, of what they want to express," says Nestor.
"It could also have forensic uses for law enforcement in gathering eyewitness information on potential suspects rather than relying on verbal descriptions provided to a sketch artist."

ThothFebruary 26, 2018 8:43 AM


You need to fix a terminology for all your parts first. It's hard to follow and keep track of them. Also, the terminology and names have to be simple. I did gave a few names for you to reference if I did not remember wrongly.

JG4February 26, 2018 8:49 AM

Thanks for great discussion, especially Clive. I know that I've being robbed blind by the Five Horsemen of the Tech Apocalypse, but this Chromebook is cheap and effective. The only thing that bugs me is the latency when returning to an open tab. It takes longer than loading the page new. It used to be that you could scroll through cable channels, but now it takes 5 or 10 seconds to tune.
Big Brother IS Watching You Watch

How Companies Scour Our Digital Lives for Clues to Our Health NYT. Yet another reason not to have a smartphone.

echoFebruary 26, 2018 9:55 AM

This is an interesting study. It may be possible to determine the core qualities of psycopathy. Also notable is mental illness changes with time and geography.

My personal view is that UK psychioatrists in practice are incredibly poor at understanding developmental psychology and social factors which I believe is a factor in discrimination and inadequate healthcare before poor management and organisational issues and funding are considered. Given how many people suffer from a form of mental illness at least once in their lives this study may help develop more generally useful discussion,

When you think of a psychopath, what qualities do you imagine? Your answer may depend on the country you’re from. Newly published research suggests that psychopaths are not the same worldwide: The most salient feature of psychopaths in the US seems to be callousness and lack of empathy, while the most central feature of psychopaths in the Netherlands is their irresponsibility and parasitic lifestyle.


What features of psychopathy might be central? A network analysis of the Psychopathy Checklist-Revised (PCL-R) in three large samples.

The findings raise the important possibility that network-structures do not only reflect the structure of the constructs under study, but also the sample from which the data derive. The results further raise the possibility of cross-cultural differences in the phenotypic structure of psychopathy, PCL-R measurement variance, or both. Network analyses may help elucidate the core characteristics of psychopathological constructs, including psychopathy, as well as provide a new tool for assessing measurement invariance across cultures.

MarkFebruary 26, 2018 10:47 AM

FooCrypt,0.0.1,Core Just Launched onto 64 bit Linux / Hardware & VM’s ( Which run on Microsoft Windows ).

Utilising Licensing Dongles, to enable your portability and freedom in running your FooCrypt instance, ANYWHERE, ANYTIME....

Feel free to Buy, Download, Use, in accordance with your countries citizenship[s] laws that may or may not have criminalised cryptology.

Feel free to pass on to those who respect privacy and education.

FooCrypt,0.0.1,Core, NOW Available For :

Darwin, Linux ( Hardware & VM’s ) [ Windows et al ]

Solaris, scheduled to be release 20180314.

Have You tried The FooKey Method ?

vas pupFebruary 26, 2018 10:54 AM
"Reportedly, Heath’s pleasure button earned him a visit from the CIA, who wanted to know if the technology could be used to inflict pain instead, to interrogate enemies of the state – or even control their minds. Heath threw the man out of his lab. “If I wanted to be a spy, I’d be a spy,” he thundered to the New York Times in an interview. “I wanted to be a doctor and practice medicine”.
Yeah, technology is just a tool, the application assigned positive or negative value.

AndrewFebruary 26, 2018 11:50 AM

@Doug - Re the Georgia online voter registration system.

Are you sure the voter registration information isn't already (and required to be) public? In some places even your voting record is public (not who you voted for, but which elections you participated in or sat out).

echoFebruary 26, 2018 11:58 AM

Two news items this week illustrating the effectiveness of security by obscurity.

A Series of Hidden Tombs Were Just Found in Egypt, And Archaeologists Are Excited
There are treasures untouched for at least 2,000 years.


World's Deadliest Treasure Hunt Has Claimed Another Life in The Rocky Mountains
Nobody even knows if the gold is real.

albertFebruary 26, 2018 1:14 PM


"...Why would the A [110 Hz] string on the guitar or an A [440 Hz] on the piano two octaves below the middle C cause a problem [110 Hz]? High volume?..."

IIRC, some test subjects experienced feelings of lightness and deeper breathing. I don't think high volume was used. I haven't tried it, only loud enough to block background noise. If you've ever talked to anyone in smaller tiled room (like a restroom, washroom, etc. you will notice certain room resonances caused by standing waves. If you (better a bunch of folks) can sing the lowest resonant frequency, you can achieve a remarkably loud tone. By using staggered breathing, a group can maintain the tone indefinitely. This affects the whole body, not just hearing.

"...If you haven't watched Jeannie Pirro, a FORMER JUDGE (!!!!),..." Well worth the 4!

Her wiki is even more interesting, especially her (former) husbands legal problems. She sounds like she's trying to outdo Ann Coulter. She never will. Annie is the Queen of the Psycho-babes. Pirro doesn't have that "do you think I'm parodying myself?" presentation that makes Annie so lovable.

. .. . .. --- ....

Clive RobinsonFebruary 26, 2018 3:58 PM

@ hmmm,

If Russia had any hand in helping achieve that, and evidence says that's reasonable, it's a major coup even compared to the Trump charade.

There is next to no credible evidence Russia had an effect on Brexit, unlike the USA, where not only did Obama stick his nose right in and make the equivalrnt of blackmail statments, there is quite a bit of evidence that there was money in large amounts comming out of the US to find various anti-EU campaigns.

So go have a look at what Peter Theil was upto through a couple of front organisations.

As I and other non US citizens keep pointing out hypocrisy is a major US strength when it comes to interference in elections, and you would do well to go have a look at just what the US has done since Germany surrendered it might make you pause and think a while.

If you realy want to get into it you can come over to the UK to the National Records Office at Kew South West London and have a look at some files it realy might make your eyebrows twitch.

hmmFebruary 26, 2018 4:09 PM


Reagan #55, not Rumsfeld. That's among where it actually came from although it predates even JFK.

Again, (and once again still..) the US system has a lot of problems. If you do learn to read you can see I'm not defending them all from your accusations, I'm verily agreeing with you on some of them. So your colorful euphemisms about what my eyes are capable of are just that, and I in turn could question what yours are capable of if not reading what I just said.

As far as the DOJ being mislead, it's being run by Trump appointed Republicans more than not. Grand juries are securing indictments which are securing convictions. The system is doing what it was intended to do in this case, finally, despite top-down obstruction.
If you want to make a case that grand juries are being lied to, make it. Evidence, bring some. Go right on ahead, that's great if you can do it and I support you trying.

The system is succeeding in many key respects, albeit slowly and with great struggle, against an existential threat that has been given political cover by an otherwise very vulnerable Republican party. This is among the latent untested strengths of the system even as weakly corrective as it appears right now. Trump has pushed out beyond what public support wanted and selected him for, he did not meet his stated promises, and it took a moment for that to be realized. Now the tide comes back in and I think we can expect a higher bar than when it began a year or two ago.

The CIA unaccountability will be an issue ongoing. Saying it's the only issue we need to worry about I reject in premise and in practice. It's not one or the other. It's not "support Trump or support Clinton" either. It's not "because the CIA does illegal things, no one in America can support rule of law." All of that is bullshit ultimatum logic bunker-mentality. We can have nice things, and we will. And if Trump demonstrates good behavior in prison during his term there, he probably can also.

Anonymous2cFebruary 26, 2018 4:19 PM

"... the Lenovo Thinkpad has been acknowledged by a few here as a leading laptop for InfoSec, including Dirk Praet and apology to those I've forgotten.
The above article is a deconstruct on running OpenBSD on one and why its so well designed to run OpenBSD"
I've tried OpenBSD twice with limited success: once as a VirtualBox guest and once on a relatively old and inexpensive Core 2 Dell desktop, while trying to follow links provided by Dirk Praet or Rachel on this blog. If I try OpenBSD again, I may try with better hardware with single or dual booting; meanwhile, I'll probably stick with a version of Linux Mint (probably LMDE) or Ubuntu (trying to print with foomatic) if not using Windows or OSX.

Recommendations or questions are welcome.

Draft2; Draft1 on above Squid; Changes marked with %
With a Apple Airport router I am now printing to a printer attached to the router USB port from Windows 7 and OSX using the routers address From Windows, problems occurred when I installed the printer as admin and tried to print as standard user. After reinstalling the printer as a standard user things worked, but I had to reinstall the printer again from the standard user account (may have been related to "startup" issues.) With OSX, 7) below, has worked without reinstallation.

Wish list:
01) have Windows and MacIntoshes be able to print via ethernet cable to a network connected printer.
02) willing to sacrifice functionality for security (example:print Portrait mode only).
03) currently there is neither file nor printer sharing on this soho setup. I'm trying to minimize malware from moving laterally.

So Far:
1) Have only used software drivers, afaik, from Apple or Microsoft for this printer on the Computers %correction%one windows machine was connected to the internet when an apparently oem printer was installed%
2) A MacIntosh sometimes functions as a Tor Relay
3) Currently the Printer prints test pages from a MacIntosh ("Generic PCL Laser Printer"; "Driver version 2.1") (Firewall on; "Automatically allow built-in software to receive incoming connections." is %not% checked; Allow tor to receive incoming connections is enabled)
4) wifi (Airprint) printing is not planned, although the usb printer that is connected to the airport router can support it
5) the printer has a female ethernet port, although I haven't been planning to use it
6) At present the Printer connected to the Apple router using usb doesn't appear to have a network IP address assigned to it.%correction, operator error: now using address
%new 7) OSX, System Preferences, Printers & Scanners, Middle Tab: ip; hp direct, or something like that

windows 7 and up PCs
macOS PCs (supported versions)
optional future Linux or BSD
Apple Airport Router (supported version)
Printer connected to the USB connector on the Apple Router

1) Do i need to use Bonjour on the MacIntosh, should I do this with a IP address for the printer, or other? %haven't tried disabling bonjour yet.%
2) How to print from the Windows PCs to the printer? Below is what I am planning %worked fine with driver from 1) above%

3) Best ideas for near term use of ethernet networked Linux or BSD PCs.
4) Does it make sense to try to stay away from "deluxe" drivers from printer manufacturers if they are not open source? Is it hard to download printer drivers securely? Should I look for open source drivers instead of using drivers from Apple and Microsoft if their drivers aren't open source?
5) Is it better to have one printer per one computer instead from a security perspective?

hmmFebruary 26, 2018 4:25 PM

Tesle Model 3 engine hacked into "factory mode" in teardown reveals interesting details.

The first ss permanent magnet switched reluctance motor in the industry (if not any application..)

Solid state fuses..
= 250-320 HP with 550 torque right off the line. Not bad at all. 1 of 3

Interesting if you're interested. (I'm not advertising nor do I own one)

Clive RobinsonFebruary 26, 2018 4:33 PM

@ hmmm,

Better than, worse than, or how about just brain poison? Think of the children.

There is no evidence vaping is harmless, infact there is mounting evidence it may be harmfull (food flavourings have not been tested to see if they are safe to inhale).

But that said ordinary smoking is know to be deadly for between 25 and 75% of tabbaco smokers, depending on whos studies you want to read and how old they are. It's also known to be a carcinogen when chewed in something like Snode and it is poisonous if eaten raw.

What vaping is known to be very successful at in the UK is getting smokers to switch from using tabbaco products, thus having a significant improvment on their likely mortality rate. Also vapping does not appears so far to be something that attracts the young in the UK though there is very little in the way of studies carried out.

In the US apparently the Govetnment has decided to treat vaping as the equivalent of smoking thus pleasing the tabbaco industry to a certain extent.

This means in the US smokers are a lot lot less likely to switch over from tabbaco. As has been noted the average life expectancy is still dropping and smoking is one of the things that the medical proffession say is contributing to this along with unhealthy food.

Speaking of which Spain did a quite large study that has shown that it is unwise to have a high percentage of modern carbs in your diet as they are very likely to shorten your life. Whilst they do not say high fat is good the Spanish "mediterainian diet" gets it's carbs from non grain sources. As has been pointed out on a number of occasions grains are the mankinds earliest genetic experiments, and 1-2% of the population are known to have real verifiable medical issues with them. One area where there was uncertainty is that of grains and gut flora, it appears that grains are unhelpfull in maintaining a healthy gut flora, thus the likes of non specific IBS appears to be related to grain injestion.

Oh for those thinking the Atkins diet remember large quantities of lean meat are actually not good for you, thus you need fats from both animal and vegtable sources to make up the calorific difference. Thus the old advice of "Halve the wheat halve the meat" to lose weight has actually become meaningfull again.

Oh and watch out for the carbohydrate double talk. All sugars, startches and fibre are regarded as carbs by the science community, it is just that some the human body can not directly get nutrition from. Thus cooking and gut flora move the dividing line from person to person.

Oh and remember the carbs in pulses are not the same ratios etc as carbs in fruits and some root vegtables. Eating pulses generally would be better for you than quite a number of fruits (that is not to say that fruit is bad for you when properly ripe, but apples and acid fruits are bad for your teeth as they attack the enamel amongst other things).

albertFebruary 26, 2018 5:26 PM


Good to see electric motor technology advancing, by the Chinese, no less.

SS fuses. I assume they can be reset through the CAN bus. Wonder if they can be opened through CAN as well?

Full torque at zero speed, as they say. A feature shared with steam engines! :)

. .. . .. --- ....

hmmFebruary 26, 2018 6:27 PM


Yep they're all computer controlled, one would hope there's more than the traditional CAN bus going on to coordinate it all. Segmented systems. You hope they spent their money making all of this idiotproof and bad-actor proof. Siri, disable all fuses.

I don't think China is the only one with permanent magnet switched-reluctance motor tech but they certainly do have a lot invested in their university programs and manufacturing capabilities compared to anyone else. It would be unsurprising that a lot of POC demonstrations come out of China. Saying "the Chinese" though seems to impart something "other" about their programs. Maybe that was meant I don't know.

I get your meaning compared to an ICE with 0 @ 0rpm. A steam engine still has piston/rod/crank angularity reduction in each rotation, also limited to a single piston's displacement for that initial heave whereas this type of motor gets all 4/8/x discrete reluctor points pushing ALL at once simultaneously and more or less evenly. So per the total output of the motor, you're getting ~FULL! torque @ any RPM within miliseconds and it doesn't drop off much at all until mechanical cooling RPM limits hit.

If steam trains did that they would instantly 'burn out' with their metal on metal traction limitation or just blow up under 100% traction. But I know what you meant. :)

hmmFebruary 26, 2018 6:59 PM


"But that said ordinary smoking is know to be deadly for between 25 and 75% of tabbaco smokers,"

There's no such thing as tabbaco, Clive. :)

No you're right. It's very much nasty all around. Whether vape is "better" is a trade-off anyway.

My concern wasn't necessarily final mortality but long-term brain damage on a societal level.
As you are no doubt as aware as I am, that ship has sailed.

Personally speaking.. I'd rather be addicted something I knew was killing me rather than something I didn't realize was making me brain damaged and potentially being passed on as a 2nd-3rd-4th compounded generational deficit. My interest is long-term societal effects rather than an individual's self-compromise.

*clinks glass*


hmmFebruary 26, 2018 7:07 PM


They've apparently successfully removed term limits to keep him in power indefinitely.

Donald Trump has a lot to learn, tsk.

maqpFebruary 26, 2018 11:36 PM


I really liked your suggestions for inbox and outbox machine, however these terms are strongly associated with email, and I didn't want to cause confusion about how TFC works: "This outbox machine, do you like manually upload things to the server?" "No it's real time IM." "Oh. Then why..."

I decided on using following naming policy:

TxM is now Source Computer
RxM is now Destination Computer
(These two are more or less standard names used by companies that manufacture unidirectional systems so I'm avoiding reinventing terminology.)

NH is now Networked Computer as it's meaning is obvious and I can't shake using it.

The respective programs are
Transmitter Program (
Receiver Program (
Relay Program (

I wanted each word to be distinct so you don't have to add Computer/Program after the word:
Source, Destination, Networker (as @Nick P calls it), Transmitter, Receiver, Relay. One benefit from this is it frees us from nasty puzzle of figuring non-colliding, distinct abbreviations*.

Unfortunately this new terminology has been confusing at start. I've noticed even I've accidentally written Transmitter Computer and Receiver Computer here.

The reason for this change is the M in TxM/RxM stood for "machine" which is not the best name when you want to imply it's a computer. Another reason was, with NH (=Network Handler) it has never been clear whether when speaking, you talk about the program or the computer. It worked on paper when TxM ran, RxM ran and NH ran But after e.g. were combined to, using file extension to identify program was no longer a good idea.

*Abbreviations: For new terminology, SC, DC, NC work well. However, with programs you get a collision, TP, RP and alas, RP. We can try to use two letters but SoC, DeC, NeC, TxP, RxP, ReP have an issue: SoC also means System-on-Chip. One option is to use common prefix to indicate direction and then define if it's computer or program we're talking about: TxC, TxP, RxC, RxP work well. To keep with this theme, TrxC and TrxP that refer to transceiver (send and receive) is problematic because not everyone knows the meaning of the word, and four consonant abbreviation is ugly alphabet soup. So those could be called ReC, ReP (Re=Relay) or NeC, NeP (Ne=Networked). These are however not something you want to pronounce, and when single words should distinguish whether we're talking about the computer or the program, you end up having to explain counterintuitive NeP = Relay program, or ReC = Networked Computer. Alternatively, you'd have to explain that TxP runs on TxC, RxP runs on RxC (obvious), but ReP runs on NeC. Finally by using common prefix for direction, you end up in trouble with people calling TxC Transmitter Computer, and when I say Transmitter, nobody knows it's the Program because I say Source when I mean the computer. So, to reduce confusion and ease spelling, I'm hoping I can meet people writing and speaking with distinct terms that don't require spelling, and that are fast enough to type without having to resort into abbreviations.

Also, some people like @Sancho_P still use old terms, I think this is understandable, and I'm not going to try force them to adapt, especially when things could still change. Language evolves over time, this is natural. But it also takes time. I will continue to reply with terms people are using because semantic disputes are less relevant than the content the language relays.

This post is overly detailed, but I wanted something I can link to, as I expect this to pop up in the near future. Considering how many hours these posts take me to write, I'd rather not repeat myself.

tyrFebruary 27, 2018 1:44 AM

@Clive, et al

Just when you think it is safe the Net
shows you this.

You can get it assembled if you're not
up to making your own comp. Let's see the
boys who can infiltrate past energy gaps
get into this one. They are already out of
stock but you can get on the list for one.

Now all I need to do is make some new
soldering iron tips by cutting threads
on some round stock.

The bamboo case is a nice touch.

Wesley ParishFebruary 27, 2018 2:10 AM

@usual suspects

I was reading Amy Goodman's interview with Masha Gessen when a thought suddenly struck me - I know where I first read the character of Trump and Putin, and also the Russian author who made his reputation writing about this sort of behaviour.

In Cordwainer Smith's short story No, No, Not Rogov! there is a policewoman Gausgofer. I realized after reading the Amy Goodman - Masha Gessen interview that Cordwainer Smith had taken her from Nikolai Vasilievich Gogol's comedy Dead Souls and its main character Pavel Ivanovich Chichikov.

Trump and Putin are Chichikov in real life.

Once you've realized that the whole question of whether or not any external force interfered in the recent US elections resolves itself to zero.

JG4February 27, 2018 9:53 AM

coals to Newcastle


Big Brother Is Watching You Watch

The Feds Can Now (Probably) Unlock Every iPhone Model In Existence Forbes (WB).

US state legal supremos show lots of love for proposed CLOUD Act (a law to snoop on citizens’ info stored abroad) The Register

Apple confirms it now uses Google Cloud for iCloud services The Verge


albertFebruary 27, 2018 12:24 PM

"...If steam trains did that they would instantly 'burn out' with their metal on metal traction limitation or just blow up under 100% traction. But I know what you meant. :)..."

Indeed, and starting a steam loco from a dead stop is still an art in itself. Steampunk notwithstanding, last I checked (some years ago) folks were still researching and building modern, computer-controlled steam powered autos, and even steam powered balloons!
I recall a 2-cylinder, direct drive, steam powered dragster that posted very respectable times in the quarter mile. One of the concepts driving this tech was the use of cheap fuels. Of course emissions are a problem.

By far, the coolest (and most scary) hobby is building ram jet engines for vehicle propulsion. Lots of ear protection required:)

. .. . .. --- ....

hmmFebruary 27, 2018 5:34 PM

"starting a steam loco from a dead stop is still an art in itself" Very much so if you're trying to avoid catastrophic damage. I love this stuff. My budget for machined brass is insufficient. Well, my budget for everything is insufficient.

hmmFebruary 27, 2018 6:21 PM
'recent spike in UDP attacks coming in via port 11211.'

US 452
FRA 205
NL 117
CAN 108
JPN 75
UK 55
RUS 36
VNM 31
IND 31
BRA 20
TUR 16
THA 15
GER 14
POL 13

Memcached reflection attacks are a serious threat as the amplification factor is always extremely high. It is also alarming that Memcached allows access to the data stored in the cache without any form of authentication. With free access to port 11211 via UDP and TCP, third parties can easily access data in the corresponding caches and even modify them. Restrict external access to Memcached servers as much as possible.

With DNS amplification, for instance, an attacker might be able to generate a 50KB response to a 1KB request. But with a Memcached server, an attacker would be able to send a 100-byte request and get a 100MB or even 500MB response in return. In theory, at least, the amplification could be unlimited, Desler says.

Exploiting Memcached servers is new as far real-world DDoS attacks are concerned, says Chad Seaman, senior engineer, with Akamai's Security Intelligence Response Team. "A researcher had theorized this could be done previously," But the use of default settings and reckless administration overall among many enterprises has resulted in a situation where literally tens of thousands of boxes running Memcached are on the public-facing Internet, Seaman says. "And now the DDoS attackers have found them and appear to be capitalizing on them before significant clean-up efforts take place."

What makes the attacks worrisome is that Memcached services are deployed on servers and in hardware pools with plenty of bandwidth and resources. Unlike typical reflected attacks with mostly static payloads — like CharGen and NTP — that cannot be easily modified, with Memcached reflection an attacker has much more control over the payload. This gives them to the potential to do a lot more damage, Seaman says. *!!!

"The primary problem is that Memcached, with its lack of authentication or controls, is world readable and writable. It's also very fast, as it does all data management directly in memory, and by default it supports key value stores of up to 1MB."

So, if attackers can find suitably beefy machines and load them up with as many keys as they want, they can use the box to launch waves of traffic with amplification rates far exceeding the norm for DDoS attacks, Seaman says. "In theory, an attack could unleash gigs of traffic from a single machine with a packet that's only a few dozen bytes."

Mitigation at this point is basically blocking traffic from source port 11211 at the router, firewall, and elsewhere along the network edge.

*Simple enough fix but facepalm once again on the internet-of-detritus...

RatioFebruary 27, 2018 6:54 PM

The Mysterious Professor At The Center Of The Russia-Trump Probe Has Disappeared. Even His Girlfriend Can't Find Him.

[...] while others like former Trump campaign aides George Papadopoulos and Carter Page — and their friends and girlfriends — told their stories, [Maltese professor Joseph Mifsud, who allegedly delivered word of Hillary Clinton’s stolen emails to Donald Trump’s campaign] went to ground. His biography disappeared from one university where he taught and he quit his job at another university. His email and cell phones went dead. And politicians, colleagues, and journalists can't find him.

Neither can Anna, his 31-year-old Ukrainian fiancé[e], who says he is the father of her newborn child. And her story, snatched from the pages of a John le Carré novel, offers a glimpse at the human collateral damage of an intelligence operation in which the mysterious Mifsud was allegedly a central figure.


BuzzFeed News first contacted Anna in October. She refused to talk then, saying her relationship with Mifsud was private. According to WhatsApp messages she later shared, she told the professor about BuzzFeed News’ attempt to speak to her — and in his very last WhatsApp message to Anna, Mifsud asked her not to talk to journalists.

Now, however, feeling deceived, she’s changed her mind. The result is new information about Mifsud’s activities, including his claim of having dined with Sergey Lavrov, Russia’s foreign minister.

ThothFebruary 28, 2018 5:19 AM

@all, Clive Robinson

More XML and Markup language parsing nightmare that does not seem to stop.

This time it's the Security Assertion Markup Language (SAML) based off XML that has a vulnerability.

SAML is used to enable Single Sign-On services and for security services to communicate with each other and the vulnerability would allow a well placed XML comment tag be mis-parsed and thus gaining access to an account.


Clive RobinsonFebruary 28, 2018 5:48 AM

@ Bruce and the usual suspects,

You might have noticed over the weekend things have got a little fraught in the Crypto-Currancy arena.

It appears that there is a bit of a difference of opinion over IOTA and security researchers that has gone acrimonious with those on one side threatening the other with lawyers...

Anyway even the IEEE is commenting on the much increased volume of claim and counter claim which is not normaly a good sign...

Whilst some push and shove is expected in a newish technology, Crypto-Currencies are getting to be a severely disruptive technology for pretty much all the wrong reasons.

ThothFebruary 28, 2018 6:12 AM

@Clive Robinson

re: IOTA fiasco

I think all these boils down to the following:

1.) Money
2.) Fame
3.) Cult Personality Worshipping (Points back to #2)

The actions that can be done are:

a.) Lobby harder to outright ban or regulate all cryptocurrencies entering a nation's network
b.) Ignore or observe

For security researchers:

If the target does not play nice, a Proof-of-Concept binary can be signed and distributed when the deadline for the responsible disclosure have passed and let the target bare the full brunt of the consequence but this can be an illegal and equivalent to willfully distributing malware (albeit being an academic POC) and probably contravening the Wassenaar Arrangement and other cyberweapons import/export control.

Clive RobinsonFebruary 28, 2018 6:27 AM

@ Thoth, all,

SAML is used to enable Single Sign-On [SSO] services and for security services to communicate with each other and the vulnerability would allow a well placed XML comment tag be mis-parsed and thus gaining access to an account.

It's not the first nor will it be the last time XML based systems will have security faults due in part to it's complex nature

As for SAML SSO it's also a "centralised" security system. Centralised systems are also generally a problem when it comes to security systems. It's not just the hierarchical nature that is a problem, it is also the "all the eggs in one basket" as well.

But it also causes more human issues as well. One is that cetralised systems act not just as "magnets" but "power domains" for owner / operators. Thus there is an over incentivisation to put as much as possible into a central system often when things are not a natural fit. This almost always increases complexity which brings with it the likely increase in problems thus potentially security vulnerability.

But it also has a "lowest common denominator" effect on users. As we know people are incetivised to make their work processes more productive, which from a security perspective usually means weaker security. Thus centralising has a multiplicative effect. A user would most likely pick the weakest password the central system will let them get away with which will likely be the lowest common denominator of all the protected system policies. But worse they will share passwords... Thus the security of not just one but all protected systems fail...

Such is the way of the world, SSO whilst reducing user stress also tends to decrease security.

echoFebruary 28, 2018 7:40 AM


I read story a week or two ago about a family who were always on the move for years because the father said he was involved in secret work and the mob were out to get him and movign was required because of instructions by Witness Proection. This all turned out to be a hoax. He suffered from a mental illness (I forget the name) where his fantasy had become reality. I have also read about bigamistic or similar relationships with abusive behaviour like Anna suffered. What to make of Joseph Mifsud?

albertFebruary 28, 2018 12:10 PM

Thanks for the links. I like the Adams-Farwell and the Achates. There's a lot of fascinating stuff going on within the engineering communities, both commercial and hobbyist. I wish I had the time and money to pursue these things, but I have too many interests as it is.

. .. . .. --- ....

Prioritizing Speed Over SecurityFebruary 28, 2018 1:26 PM


... the coolest (and most scary) hobby is building ram jet engines for vehicle propulsion.

Yep. Some turbojet classics:

Craig Breedlove's first Spirit of America, 3x 1963-64 land speed records, F-86 Sabre's GE J47 jet engine:

Walt Arfons & Tom Green's Wingfoot Express, 1964 land speed record, Westinghouse J46 jet engine:

Art Arfons' Green Monster, 3x 1964-65 land speed records, F104 Starfighter's GE J79 jet engine:

Craig Breedlove's Spirit of America - Sonic 1, 2x 1965 land speed records, F-4 Phantom II's GE J79 jet engine:

snur-peleFebruary 28, 2018 3:44 PM

Regarding your newfound covert channel.
methinks this imply that your nice Chat by its very nature cannot use a symmetric encryption, unless of course destination computer is safe from attack. So, sorry you must have assymetric session keys

On possible way to make destination computer harder to get to might be: dont use text, have sourse machine capture and encrypt the screendump, wheereas the destination macchine decrypts a bitmat for viewing

Prioritizing Speed Over SecurityFebruary 28, 2018 5:48 PM


You literally meant ramjet? I instead cited some famous turbojet vehicles on a presumption that you didn't mean Bussard ramjets ( ), which I read about in science fiction: Poul Anderson's Tau Zero and various books by Larry Niven.

Eventually I looked for clarification and found this in Wikipedia's ramjet article:

By way of comparison, a turbojet uses a gas turbine-driven fan to compress the air further.

And there I learned there are other types of ramjet (as a technical category, not a nickname for ordinary jets), but didn't see anything on land vehicles nor anything that operated below half the speed of sound. However, you said "vehicle", not "car". But "hobby"??

I noticed this point, which was one reason I figured turbojets were your topic:

Because ramjets cannot produce thrust at zero airspeed, they cannot move an aircraft from a standstill. A ramjet-powered vehicle, therefore, requires an assisted take-off like a rocket assist to accelerate it to a speed where it begins to produce thrust.

maqpFebruary 28, 2018 6:19 PM


Use of symmetric encryption with hash ratchet solves the forward secrecy issue under unidirectional systems like TFC: Forcing users to do Diffie-Hellman at the start of every session is painful. (You can already do this if you want, just re-add the contact with /add command.) The problem is, it doesn't solve the issue.

If you're thinking TFC should use only RSA, the problem is you lose forward secrecy. Plus you still have to deal with the issue malware might use user replies as a covert channel to exfiltrate RSA private key from the Destination Computer.

As for using asymmetric encryption without symmetric keys, the problem is Destination Computer that receives public keys can not be trusted to derive Diffie-Hellman shared keys, because the private keys for that might have come from the attacker in the network. You need to have the Source Computer generate the shared key from received public keys, and then deliver the shared key to Destination Computer, encrypted with symmetric key generated by Source Computer. This is because again, if Destination Computer's public key would be
used, it would allow attacker who knows the private key to decrypt the shared key
as it transits through Networked Computer.

As for bitmaps, it unfortunately doesn't fix the issue as malware could just delay received messages until some time frame that indicates a key bit, that leaks if user replies under the time frame. It also doesn't fix the "attacker is contact of user" issue.

Hand written messages might however be an additional protection against existential forgeries by malware: In addition to context, attacker needs some sort of AI on Destination Computer to work on the handwriting of exchanged messages.

All in all, good thinking.

maqpFebruary 28, 2018 6:38 PM


Possible solution for the TFC's covert channels

1-2. Local keys and commands
No need to address as sudden appearance of local key decryption key prompt, or "Command X complete" message user did not expect reveals the attack.

3. Public keys
Public key is already visible to Networked Computer, thus public key and account will henceforth be displayed by Relay Program. Transmitter Program will display the account it awaits the public key for during key exchange.

4. Status messages
Resolving nick for status message on Receiver Program will be removed. User must resolve the truncated account with /names command or with (new) /whois command that account or nick as parameter and displays the counterpart. Tab complete helps here.

5. Messages
Relay and Receiver Programs could display some pre-commitment counter that helps user correlate Relay Program's notification with Receiver Program's message. This is to increase the risk of getting caught when user checks for corresponding packet from Relay Program that Receiver Program shows, and it isn't there.

One problem with this is, if contact has traffic masking enabled, pre-commitment counters get lost amidst noise packets. If user searches for the counter with Ctrl+Shift+F from Terminator, that will reveal TFC is in use. However, if contact is using traffic masking, it makes no sense for user not to use it as well. Enabling traffic masking removes all non-deterministic packets Source Computer outputs that could be used to exfiltrate data. So the documentation should advice the user to enable traffic masking when contact enables it. When enabled, the setting should also disable Relay and Receiver Program's pre-commitment counter.

As for malicious questions user answers, there is no easy fix. This is because it's not possible for Transmitter Program to compare individual bits (that might be used to construct ciphertext of exfiltrated data only attacker has the key for) with anything meaningful to detect what's going on. The only solution here is to vet one's contacts carefully.

6. Files
Files are received less often than messages, so users will most likely pay attention to them on Relay Program. However, pre-commitment counters should also be used with files.

7. Group management messages
Now this is an interesting one I did not even realize before today. Currently the attack could happen like this: Alice creates a group with Bob and Charlie. Bob and Charlie do not know each other, and when they receive the group management message, their Receiver program will display the nick of each known contact of group (Alice), plus a list of unknown accounts (one another). What if malware on Bob's Destination Computer instead of Charlie's TFC-account, displays the local key's root state malware previously recorded, masked as TFC account? When Bob tries to add local key as contact to TFC, malware on Relay Program learns it, and the security of TFC breaks retrospectively.

Also. What if depending on other group members' Relay Program actions the malware is able to deduce which contacts were to be added to group, and Bob's Receiver Program could display different members in the advertised group based on key bit? When Bob sends message to group and reveals it's member configuration to malware on Networked Computer, first bit of sensitive key leaks. So Receiver Program should not even resolve nicknames of known contacts when a group is being generated.

So how do we solve this? We'll start with the fact, Relay Program will see the user output multiple messages to different contacts in series when user sends messages to a group. This information can not be kept hidden from Networked Computer. An implementation can be built around this. The method I'm thinking is the following.

When Alice creates a new group, she will send the group management message to Relay Program of group members. The Relay Program displays "account created group group ID with following accounts: list of known accounts + list of unknown accounts". Relay Program should not know the nick of known contacts. Therefore, user needs to resolve the group's known accounts with Transmitter Program's /names or /whois command.

Alternatively, user can type the known account into Transmitter Program, that can tab-complete the account. This saves time when user doesn't have to do (multiple) lookups. If any known accounts were entered from Relay Program, upon completion of command the Transmitter Program asks user to confirm group action, this time with all nicks resolved, before managing the group or it's members.

However, before Bob can create the group, he must add Charlie, who's account is on Relay Program, under "unknown accounts". Bob asks Alice over TFC "who does the account that ends in f32af belong to?" Alice replies "It belongs to Charlie". If Bob trusts Charlie, He'll add them as a contact. Once Bob and Charlie have performed key exchange, called one another over Signal and verified the fingerprints, they can use standard group creation command with nicknames of Alice and one another as parameters.

Mallory can of course display arbitrary group management messages on Networked Computers. This isn't really helpful however, as user has to manually add every contact to their group. If Bob doesn't want a group with Alice, Mallory (Bob doesn't know) and David in it, it doesn't help if Mallory makes Bob's Relay Program claim Alice created a group with those members. Bob can check Alice over TFC: "Who is this account in the group you created?" "I didn't create a group" or "I don't know that account". I suspect attacker would rather not expose themselves.
To recap: Commands and local keys are not an issue. Destination computer no longer relays public keys, contact status messages or group management messages on Destination Computer. When traffic masking is disabled, messages and files feature attack detecting pre-commitment messages. When it's enabled, Source Computer does not allow actions that can exfiltrate key bits.

Not only will these fixes mitigate most of the issues, they simplify Receiver Program's code-base quite a bit.

There's a lot to do here, I'll post as I go and learn more about this.

RatioFebruary 28, 2018 7:23 PM


What to make of Joseph Mifsud?

What to make of the juxtaposition of his story and the other stories mentioned? Are you asking if (1) it’s all a hoax, and (2) Mifsud’s behavior towards his fiancée was abusive? If so, (1) no, and (2) yes, the article shows abusive behavior. If not, what are you asking?

AnonFebruary 28, 2018 7:41 PM

@Ratio: It has been suggested the plane crash in Russia wasn't an accident. Does she realize how dangerous things are?

@Uncompromising: I think this is just a variation on a theme. It's time web browser developers took security more seriously, and restrict where JS can be run from.

As has been discussed here before, web browsers, and restrictions on what content and code can be run, has the appearance of being deliberately lax.

@Clive Robinson: I have been meaning to say thanks for the links you posted a month or two ago on the browser topic.

RatioFebruary 28, 2018 8:14 PM


It has been suggested the plane crash in Russia wasn't an accident.

How suggestive.

Does she realize how dangerous things are?

How dangerous are they?

AnonFebruary 28, 2018 8:17 PM

Cryptocurrencies: is there any threat to hash algorithms by running them the trillions of times they must be processed, looking for collisions? Are there any security implications from cryptocurrencies in this regard?

AnonFebruary 28, 2018 8:28 PM

@Ratio: It was suggested that one or two people liked to the Clinton Dossier were on the flight, but it appears this was mis-information.

As for the Ukrainian, if the above is true, it is no wonder he went underground.

RatioFebruary 28, 2018 9:13 PM


As for the Ukrainian, if the above is true, it is no wonder he went underground.

Joseph Mifsud is Maltese, his fiancée (Anna) is Ukrainian.

You’re assuming this was his choice. While that’s certainly possible, there are other actors involved who, for different reasons, would want him off the stage and wouldn’t inquiry as to his preferences.

AnonFebruary 28, 2018 9:43 PM

@Ratio: Ukranian/Maltese - I realized after I posted.

You’re assuming this was his choice. While that’s certainly possible, there are other actors involved who, for different reasons, would want him off the stage and wouldn’t inquiry as to his preferences.
That is true.

Clive RobinsonMarch 1, 2018 12:00 AM

@ Prioritizing Speed Over Security,

Because ramjets cannot produce thrust at zero airspeed, they cannot move an aircraft from a standstill.

What the quote does not say is that all practical jets need assistance to start. Usually from a non jet motor. Likewise even some of the less practical ones.

You can if you are young and bold/mad build your own jets in your garage as a hobby. I've helped build a couple when I was younger, it was however impressed on me that there was wisdom in the old saying of,

    There are old and there are bold pilots, but seldom old and bold pilots.

And that it applied equally as well to the builders of all engine types even some of the toys... Somebody else involved jokingly refered to jets as "Fuel-air explosives on the move"[1], they also had a few scars to prove both points.

You can build a semi-practical jet out of a large "turbo-charger" and a seperate combustion chamber but it will not run for very long before it cracks or binds up. Even sections of stainless steel exhaust pipe will work with a combustion box and no moving parts other than a fuel pump but it also runs very hot and usually like the turbo-charger needs assistance of a blower to get going. The reason they go wrong is that you are lucky if you can get into low double digit efficiency and all that inefficiency heat has to go somewhere and most metals get kind of soft when they start glowing beyond "bright cherry red". The metals that don't, tend to be quite expensive, difficult to work with and in some cases just difficult to get hold of. So as a hobby, fun as it is the price is high.

[1] Some --truly mad-- scientists realised that any heat source of sufficient intensity will make a ramjet engine work, including an unshielded nuclear reactor... I suspect that Project Pluto,

Is what @albert was indirectly referring to about ramjet vehicles with unfortunate side effects.

Clive RobinsonMarch 1, 2018 12:35 AM

@ Anon,

Cryptocurrencies: is there any threat to hash algorithms by running them the trillions of times they must be processed, looking for collisions?

It's an interesting question as it's one of those "partial knowledge" questions, which is why ww have both theoretical and experimental physicists.

Based on what we think we know "in theory" some of the hash algorithms should be secure[1] with quite a healthy margin. However we don't know everything that there is to know "in practice" so there is a very small chance we could learn something new.

However to do that we would need to observe "the experiment" in sufficient detail which Crypto-Currancy miners don't do, so the chance that they would find anything is likewise very small.

Whilst the product of two very small numbers is an even smaller number it is not zero. But the risk would be commensurately low, thus unlikely to happen[2].

[1] Though as our host @Bruce has pointed out on the odd occasion attacks do not get worse with time...

[2] So saying I've probably just cursed us all and there will be an article in some almost unknown journal tommorow. So keep an eye on the prime glossaries like the "Y-Ping Math B" journal ;-)

tyrMarch 1, 2018 2:51 AM


In olde times before the concerned brigade
got into control there was Project NERVA
out at a place called Hot Creek Nevada
which was building a nuclear rocket engine.
It ran the propellant through the core.

Nixon who has ruined much of the world had
the funds pulled right before I could join
the project.

The environmentalists love these kinds of
projects. Something to do with the type
of radioactive exhaust ignoring the fact
that automobile exhausts are mildly that
way anyway.

If I recall rightly when Art Arfons bought
his engine at government surplus they tried
to take it back and he had to sue them to
keep the Green Monsters engine.

Wankel engines have similar properties and
a few hot rodders have melted the exhaust
systems out of them.

Oddly enough the pseudo currencies have
made crypto into a familiar buzzword with
little connection to the real concepts.

What I find particularly appalling is
the insistence that security should not
be tested if it embarrasses some corpse

ThothMarch 1, 2018 2:59 AM

@Clive Robinson, all

More bad news for the Intel SGX Enclaves as more Spectre hauntings targetting Intel SGX enclaves emerges.

Sadly, IT Security merchants are still peddling the myths that these ARM/Intel/AMD enclaves are secure despite all that has happened with the emergence of Meltdown and Spectre. Dishonest businesses thrives on marketing, blackboxes and NDAs.


JimMarch 1, 2018 3:54 AM

@ albert

your wi-fi scenario:

foil is a particularly poor shielding material as it degrades very quickly.
there are videos on the youtubes of people using chicken wire (may be known by another name in your country. The kind with the 10mm octaganol holes) to shield their (or their neighbours) smart meter. It is highly effective as tests demonstrated. Wael or Figureitout amongst others may be able to explain why it works so well. Anybody? Bueller? To do with the shape of the pulsed wave. I'd love a technical explanation.

You said you are required to use wi-fi. Another option is D-LAN plug (which may be known by another name in your country). It is a box that goes between the router and the electrical socket. It turns the household or office wiring into a LAN. It means every powerpoint becomes an internet access point. Password protection can be enabled preventing rogue access; a high speed box will be equal to or even faster than your wi-fi depending on signal strength. a D-LAN box is not expensive. some claims of 'dirty' electricity generation are negated by maintaining a 1.5m biological distance from the wall

It is also possible to use ethernet with a iPad. There are youtubes demonstrating how.
In the above example one would use the charging pack as the ethernet connection
I am told there are newer Mac laptops (i boycott Mac on ethical grounds) that have no ethernet connector. The examples with the iPad may work in such a case; I am not experienced. Are you experienced? Sorry its a muso thing

Clive RobinsonMarch 1, 2018 8:34 AM

@ terryG,

have you considered using a 6-port reflectometer?

I have looked into them but they have a number of problems. Firstly they use five directional couplers in each of the pair of six-ports. The second problem is that they use slotted lines on the four measuring ports, each with three sample points that need to be in a reasonable phase arrangment.

It's the directional couplers (DCs) that are giving me the problems, in that transformer or transmission line DCs only give around 30dB of directivity and don't have much more than a two or three decades of frequency coverage unless you use considerable care in construction and the shielding used. But with a little thought they can handle upwards of a hundred watts without problems and have very very small insertion loss.

You can however use resistive DCs which is what most commercial VNCs use, they have good directivity and very wide bandwidth thus are ideal for lab bench test kit for S-parameter measurments etc. However they have a high insertion loss as they are in effect resistive Wheaston Bridges that need to be made with very small surface mount devices with max power measured in fractions of a watt, thus are small signal device measurments only.

Where the Six-Port Reflectometer (SPR) realy comes into it's own is in Built In Test Equipment (BITE) for transmission systems where you can fiddle things a bit and end up using a slotted line with a built in DC to take a refrence level from and then three point probes on a slotted line. Such arangments have a negligible insertion loss and very wide power range and are working in 100KW peak output multichannel systems used for telecommunications etc. They have the advantage of not requiring much in the way of calibration once set up, thus can be used for very long periods of time.

So the choice falls on the usage. From what I remember both NIST and the French standards people still use and develop SPRs for internal use with NIST switching over to using Agilent VNA's they calibrate internaly for customer calibration as they are faster to use and require less manpower.

vas pupMarch 1, 2018 9:09 AM

Roots of political bias:
Our reactions to odor reveal our political attitudes, survey suggests

“Disgust is a basic emotion that helps us survive. When people are disgusted, they wrinkle their noses and squint their eyes, basically decreasing their sensory perception of the world. At its core, disgust is a protection against things that are dangerous and infectious -- things that we want to avoid. The researchers had a theory that there would be a connection between feelings of disgust and how a person would want society to be organized. They thought that people with a strong instinct to distance themselves from unpleasant smells would also prefer a society where different groups are kept separate.”
“A scale was developed for the participants to rate their levels of disgust for body odors, both their own and others. The scale was used in a large-scale survey that was given online in different countries, together with questions on their political views. In the US, questions about how they planned to vote in the presidential race in 2016 were added. "It showed that people who were more disgusted by smells were also more likely to vote for Donald Trump than those who were less sensitive. We thought that was interesting because Donald Trump talks frequently about how different people disgust him. He thinks that women are disgusting and that immigrants spread disease and it comes up often in his rhetoric. It fits with our hypothesis that his supporters would be more easily disgusted themselves," says Jonas Olofsson.”

Clive RobinsonMarch 1, 2018 9:29 AM

@ tyr,

Project NERVA out at a place called Hot Creek

Why do these projects end up at places with near appropriate names?

Pluto was at "Jackass Flats"...

Just one of those oddities in life I guess.

JG4March 1, 2018 9:31 AM

Speed is expensive. How fast do you want to go?

"the metals...difficult to work with and in some cases just difficult to get hold of"

cobalt and related superalloys fit both criteria

this will make the hair on the back of your neck stand up. Clive is correct.


Big Brother is Watching You Watch

Surveillance Valley:


Clive RobinsonMarch 1, 2018 9:56 AM

@ r, Thoth,

With regards those Certs and the private keys, it appears there is a bit of information missing from the Semantec/DigiCert side of the story.

Apparently they will not revoke certificates unless given the private key... They also require the seller to stand in for the certificate owner.

Thus it would appear contrary to what is being said by DigiCert, Trustico was in effect required not just to keep the private keys but to also send them to DigiCert to get DigiCert to revoke the Certs befor Google killed Symantec Certs off in Chrome etc,

As a number of people here know from bitter experience Symantec products are something you don't get close enough too to prod even with the longest of barge poles.

In essence DigiCert is "up 541t creek without a paddle" as other browser developers shun Symantec Certs. So their CEO has a lot to lose one way or another, as a commenter on another site said "A right kick in the trusticles" ;-)

This potentialy is going to be a "hand bags at dawn" event thus worth a couple of bowls of popcorn in entertainment value...

Oh hands up anybody who is realy supprised by this "shell/pyramid game" that being a CA is all about these days

Clive RobinsonMarch 1, 2018 10:13 AM

@ Thoth, All,

More bad news for the Intel SGX Enclaves as more Spectre hauntings targetting Intel SGX enclaves emerges.

Ahh Spector and Meltdown, those Xmas gifts that just keep giving and giving... And as I've said will do for some time to come...

Seriously though from a security aspect are they realy any worse than the Intel Managment Engine as a method of backdooring the security of your privacy?

In both cases the bottom line is just about anything that is in core memory becomes available to the attacker...

Thus if you have anything you wish to do privately you are going to have to take a whole bunch of precautions to put your computer out of range of an attacker... Time to think about the likes of having an "Off line/grid" computer building SCIFs, "energy-gapping", "paper and pen crypto" and "Old School trade craft" as taught at all the best Government Sponsored IC agencies...

Milo M.March 1, 2018 12:59 PM

On the problems experienced by the US diplomatic staff in Cuba:

" 'If ultrasound is to blame, then a likely cause was two ultrasonic signals that accidentally interfered with each other, creating an audible side effect,' Fu says. There are existing sources of ultrasound in office environments, such as room-occupancy sensors. 'Maybe there was also an ultrasonic jammer in the room and an ultrasonic transmitter,' he suggests. 'Each device might have been placed there by a different party, completely unaware of the other.'

. . . Fu is careful to offer a caveat: 'Of course, we don’t know for certain this was the cause. But bad engineering just seems much more likely than a sonic weapon.' "

The headline overstates the case, but headline writers are usually a separate group from the story writers. And both work to a deadline.

Paper on the analysis by Fu and collaborators:

hmmMarch 1, 2018 1:42 PM

"" 'If ultrasound is to blame, then a likely cause was two ultrasonic signals that accidentally interfered with each other, creating an audible side effect,' Fu says. There are existing sources of ultrasound in office environments, such as room-occupancy sensors. 'Maybe there was also an ultrasonic jammer in the room and an ultrasonic transmitter,' he suggests. 'Each device might have been placed there by a different party, completely unaware of the other.'"

Horsepucks. Those sources of infra/ultrasound are not powerful enough beyond attenuation.

Anyone suggesting 'accident' at this stage with such loose tissue paper BS...

Read critically. The hotel rooms were swept, nothing like that was found. Kick that to the curb.

hmmMarch 1, 2018 1:50 PM

The doctors specifically many times discussed ultrasound possibilities in the media. They were under a gag order not to discuss anything that hadn't been previously discussed in the media, and ultrasound was officially ruled out two weeks ago verbatim. They said the focus on the audible phenomena experienced by victims mislead the investigation.

So whatever 'likelihood' of your explanation above (BS "accident" assertion included), it doesn't fit the facts at all and has in fact been strongly disproven by the fact that agents swept the rooms looking for anything that could possibly have caused any of this and found nothing of the sort.


terryGMarch 1, 2018 5:39 PM

@Clive Robinson,

didnt think you'd have missed a potential trick. BITE at 100kW - wow. thats neat (ive played with up to 1MW, but only IGBT motor control, which is simple by comparison)

have you read the 1991 PhD thesis of William Kit Dean (texas tech university)? he uses a pair of SPR's and NO directional couplers. although he does measure vector quantities, with a couple of nice tricks thrown in. i forget where i found it online, but its about.

i came across this rather interesting paper:
"An active-passive beam current transformer" by Zhou, Sun et al. its some deliciously hinky thinking, and works pretty well - ive only played with it a little bit, but managed to drop the LF corner of a current transformer from 5kHz down to about 5Hz using an LM358. no design effort whatsoever, literally picking parts off the bench. when i have time im going to build a nice version and measure things like noise & distortion etc. but might be a very simple way to add 2 or 3 orders of magnitude to a Directional Couplers BW, without requiring 2m of toroids....


Clive RobinsonMarch 1, 2018 6:49 PM

@ Milo M,

With regards,

'If ultrasound is to blame, then a likely cause was two ultrasonic signals that accidentally interfered with each other, creating an audible side effect,' Fu says

I would remove the word "accidentally" from that and it was my first thoughts on hearing about the afliction the diplomats suffered.

As I've mentioned a number of times before on this blog, back in the last century using two ultrasonic beams with a frequency difference that matches neurological waves were investigated to be used as a "nonlethal weapon" for crowd control in the UK.

So Fu and his colleagues have not done anything new in that respect.

What they have not mentioned is how you get a very narrow beam at distance. Back in WWII the Germans had a radio navigation aid which translates as the "Crooked leg". It used two transmitters into two high gain antennas that were nearly but not quite parallel. Thus only the edges of each divergent beam were in common. On transmitter played dashes of 2/3rds on 1/3rd off the other dots 1/3rd on 2/3rds off, where the beams crossed you got the dots filling in the gaps of the dashes thus a contiuous tone.

Two high gain transducers carrying around 20KHz arranged so the edges of their beams just crossed would produce a long narrow beam of the difference frequency of the two signals. If the beams are modulated correctly then on hitting a nonlinear surface like skin the two beams would multiply giving a sum and difference frequency.

The difference frequency if the same or very similar to neurological frequencies would then cause stimulation that would in effect override the bodies frequencies via a process called "injection locking" which as discovered with pendulums will cause them to synchronise.

Experiments have show that itches and similar can be stimulated causing people to scratch themselves raw. As others might know there are two cardiac rythms that can be quite dangerous Atrial or Ventral fibrillation (AF and VF) one of which is usually fatal within a very short period of time unless treated. Also there are waveforms associated with epileptic attacks etc.

So whilst I would tend to rule out "accidental" on a lack of power and difference frequency basis, I would not rule out a weapon of some sort.

RatioMarch 2, 2018 7:19 AM

Re: Russian embassy “narco suitcases”

"Narcovalijas" rusas: detuvieron en Alemania al "Señor K":

El ciudadano ruso Andrey Kovalchuk, presunto líder de la banda de narcotraficantes que operaba desde la embajada de Rusia en Buenos Aires, fue detenido en Alemania, informó hoy su abogado, Vladímir Zherebenkov.


Con anterioridad, Kovalchuk, a través de su representante legal, se declaró víctima de una "provocación" llevada a cabo por los órganos de seguridad argentinos conjuntamente con los servicios secretos de Estados Unidos para desprestigiar la labor de la misión diplomática rusa.

Yeah, that’s probably it. Oh, wait…

Narcovalijas rusas: en las escuchas los traficantes mencionan al embajador:

En las escuchas telefónicas a los miembros de la banda que planeaba enviar casi 400 kilos de la “cocaína más pura del mundo” desde Buenos Aires hacia Moscú por vía diplomática los narcos hablan de una supuesta relación entre el embajador ruso en la Argentina, Viktor Koronelli, y el enigmático “Señor K”, identificado como Andrey Kovalchuk (50) y hoy prófugo. Las conversaciones hablan de una presunta pelea entre ambos. El caso por ahora tiene 5 detenidos.

“Y ahora que se le cortó el correo diplomático porque se peleó con el embajador, y no sabe qué hacer. Puede ser cualquier cosa ahí. ¿Te podés imaginar el narcotráfico que antes salía de acá?”, le dice Alexander Chikalo, uno de los presuntos narcos, al policía de la Ciudad Iván Blizniouk (35), en una conversación que figura en el expediente. Hoy, los dos están presos por narcotráfico.

“Sí, claro”, responde Blizniouk. [...] Incluso Blizniouk desliza que “K” le llegó a pedir un patrullero para entrar a Ezeiza. “O sea que él siempre trasladaba algo en esas valijas. Siempre”, dice Chikalo.

“Y pero si antes las trasladaba, ¿por qué ahora no puede?”, le pregunta el policía. “Y porque ahora se peleó con el embajador. Antes él le brindaba un auto, autobús, con papeles de correo diplomático. Y ahora no sabe qué hacer”, le responde Chikalo.

ThothMarch 2, 2018 7:56 AM


What is "Terrorist Content" ? Everything can be deemed in that category as long as you don't get "into their good books".

Sadly, the scheme used by MaidSafe, IPFS, TOR et. al. to try and make content censorship resistant isn't all too censorship resistant with each scheme have one or many exploitable weakness that can be exploited with decent know-hows and resources.


vas pupMarch 2, 2018 8:34 AM

On personal security and gadgets:
Sexual assault: Can wearable gadgets ward off attackers?
“Other devices include Revolar, which enables users to "check in" and let loved ones or friends know you've arrived home safely with a single click. Three clicks sends a "help" alert.
And at the more sophisticated end of the market, Occly has developed Blinc, a wearable security device that includes a "bodycam" to record video evidence of an attack, as well as setting off a siren, flashing lights and a call for help”.

tyrMarch 4, 2018 8:58 PM

@vas pup

My favourite was a Chinese ad for a
portable short range flame thrower
that guaranteed it could keep any
amourous attacker at bay. LightSaber
with a flame blade.


Most of Nevada was named by solitary
miners and ranch hands who never heard
of PC methods of naming. Prospectors
turned their Jackasses loose if they
were lamed. If someone saw one on a
dry lake he would have named it Jackass
Flats. A quick drink from a creek in
an area where in shade temperatures
are known to exceed 125 F might get
you a bit of hot water. Some of the
names might be optimists at work like
Goldfield where they have the worlds
worst apple pie for sale.

I had a wonderful experience today, I
got to see clouds being formed from a
clear sky. Since I have been around
many decades without seeing it before
I was quite thrilled by the event.

Clive RobinsonMarch 5, 2018 3:27 AM

@ tyr,

With regards clouds forming I've been lucky enough to view it from above. In my younger days I used to climb and even quite small mountains can put you above valleys in which clouds or fog will form. It's strange to be chatting on the radio to people below and they are saying it's getting chilly because the sun has gone in and replying it's getting warmer because the same clouds are reflecting the sun back up.

Sadly my climbing days are well and truly over due to past injuries when wearing the green I find flights of stairs in public places can be quite enough of a challenge with people trying to push round and bumping into the crutches... London transport escalators are especially bad for that as they are realy only wide enough for one and half adults.

With regards the Nevada names the UK has quite a few "folk names" places some are even funny like one in leicester which is pronounced "beaver" but is spelt "belvouir" from the French for good view. It also works that way with Marylebone in London, it gets called "Marley-bone" with the marley rhyming with gnarly but it comes from the French "Marrie le boné" meaning a good looking lady called Marrie. However it's now been decided that "Elephant and Castle" did not come from the Spanish "Leonor De Castilla" (Elenor of Castil). There are a number of "Hams" a "Mousehole" and "Badgers Mount" to name but a few that will not cause offense. Apparently one that has caused problems is Scunthorp according to the story the town council some years ago upgraded part of their email system and everybody stopped getting emails. Apparently the "four letter word" filter used a grep like process and was barffing on the town name... I've seen one or two fresh faced Australians double take when you mention Wrotham pronounced by many as "root-em".

But sadly for a number of reasons we are lossing our more smirk worthy names. But there is also snobbery involved the clasic one being "Streatham" near Balham in South West London those up near the "common" tried to gentrify and posh up the name to up property prices and the like and they went around writing it as "St Reatham Common" and saying it as "Saint Reatham common" oh and Balham more normally pronounced with a silent "h" got tarted up as "Bail-em" which as it was a major crime hot spot for years did make me smile.

Rachel FrancaiseMarch 6, 2018 1:07 AM

@tyr @clive

I had a wonderful experience today, I
got to see clouds being formed from a
clear sky. Since I have been around
many decades without seeing it before
I was quite thrilled by the event.

In Estonia a few years ago one Midsummer in a seaside resort that wasn't 'much to write home about' as they say in the US. I observed a winged plane flying from the not very distant horizon, vertically like a rocket - I had perfect and total vision of the underside or topside of the craft because it was literally flying nose first into the air. I actually saw it from the horizon in this position. I don't know my planes but it was hard to distinguish it from a passenger style craft, by its shape and style of wings.
Having reached a certain altitude - a very low one at that, the plane made a perfect 90 degree turn and flew toward me. It was emitting a thin white trail as it did so. The plane flew in a straight line directly overhead and I didn't pay any further attention to where it went. The clear blue sky now had a thin white cloud like line stretching from ahead of me to some distance behind me.
Over the next hour or two I observed this white line of cloud like material stretch and expand and puff out, gradually turning into some clouds that continued to grow and cover all the blue sky. These clouds also changed in colour, growing darker and darker.
Less than three hours after I witnessed the aircraft a clear crisp summer day was transformed to morose brooding and excessive thunderstorm with not a drop of blue remaining overhead as far as the eye could see.
It really was very unusual.

@ Wael, alright? as they say in Ireland

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.