Friday Squid Blogging: Searching for Humboldt Squid with Electronic Bait

Video and short commentary.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on March 2, 2018 at 4:11 PM • 128 Comments

Comments

GoobermanMarch 2, 2018 5:10 PM

I am looking for software that I can use to symmetrically encrypt some tarballs prior to backup.

Google's search results suggest to me that most people use GPG or OpenSSL. Before I choose, I was wondering if anyone here can suggest a good alternative to consider.

Alyer Babtu March 2, 2018 5:37 PM

At what level - instruction, thread, process - are the Meltdown and Spectre hacks running ? Are/can versions of them work at any level ?

0805March 3, 2018 12:57 AM

Shortly after discussing if to communicate security holes to the vendor or to the intelligence the German government found an advanced persistent threat in its computer system. Roughly a week later they told they told in the news they don't want to show the guys who did it that the thread has been found and that they are "still watching". Sometimes it is easy to read between the lines.

Clive RobinsonMarch 3, 2018 7:23 AM

@ Gooberman,

I am looking for software that I can use to symmetrically encrypt some tarballs prior to backup.

There are a number of ways you can do this.

Firstly check if the software you use for backup can do symmetric encryption or can "shell out" to a commandline utility or script that will encrypt via an Interprocess Communications Process such as "unix pipes". If not see if you can find another backup program that will.

Secondly there are quite a few "command line" utilities out there that will do simple symmetric encryption. If your backup program can also be called from the command line, it would not be difficult to cut up a ten or twenty line shell script to first encrypt then backup files. Which you can when basically working add features to to your hearts content (ie if it makes life quicker then go for it).

Thirdly if you are a capable programmer there are quite a few libraries out there that you can write a simple front end for in any number of languages. But certainly both "ANSI C" and "Python 3.x" are well catered for.

That as they say is "the easy bit" the what at first looks easy but gets impossible real quick is Key Managment (KeyMan) doing this in a sustainable and secure way needs quite a bit of thinking. For instance how do you not only store keys securely, how do you recover them if something breaks, or securely deleate them. Then there is the generation (KeyGen) issues, auditing etc.

It's definatly KeyMan that will bite you at some future point.

Clive RobinsonMarch 3, 2018 7:46 AM

@ ALL,

A thought occurs about persistant encryption systems such as those used for Full Disk Encryption or User Home Directory Encryption.

In nearly all cases they store the encryption keys in core memory, which we now know is vulnerable to Specter and Meltdown attacks...

This means that most persistent encryption applications are vulnerable and that some non persistant utilities are likewise vulnerable for short periods of time. The likes of the "security enclaves" are also vulnerable thus the common protection methods will fail.

Thus we need a major rethink on nearly all crypto code used on machines that ever get used in some form of "On-line mode".

bttbMarch 3, 2018 9:16 AM

@Ismar
"Free tool to check your ISP perimeter network and look for hidden proxies"

For people without a Java runtime environment, they could try something like the live CD, USG Version 1.7.4.1, released 28 Feb 2018, TENS-1.7.4.1_public.iso, used as a virtual machine guest or not, of course.
USG DoD download site for TENS
https://spi.dod.mil/download.htm

I didn't try Tails.
The results appear to be interesting. For example, "popular names have a significant anomaly" were found.

Alyer Babtu March 3, 2018 10:31 AM

@Clive Robinson

It's definatly KeyMan that will bite you at some future point.

I was wondering if there was any merit for key management in the approach taken by

http://masterpasswordapp.com/

where there is one main password and all the others are generated from this and some kind of naturally memorable name of the thing in each needed instance. It seems like the main key could be kept offline, maybe even in one’s head.

echoMarch 3, 2018 10:51 AM

MI5 agents are allowed to break the law. In contast citizens have to crawl over broken glass for a judicial review and count themselves lucky if UK law is ruled incompatible with EU law.

https://www.theguardian.com/uk-news/2018/mar/02/mi5-agents-are-allowed-to-commit-in-uk-government-reveals

GCHQ has an establishment style nudge, nudge, wink, wink relationship with UK telecommunications companies and a hazy at best paper trail making verification of unlawful or inadequate survellience more difficult.

http://www.theregister.co.uk/2018/02/28/privacy_international_questions_oversight_of_uks_mass_comms_data_collection/

Russia rewarms old announcements of potential or in-development weapon systems to counter perceptions of US/Nato/Western aggression reminiscent of the missile race prior to the Kennedy era Cuban standoff.

https://www.theguardian.com/world/2018/mar/01/vladimir-putin-threatens-arms-race-with-new-missiles-announcement

UK citizens in the Netherlands are pushing for court action to prevent them losing their European Union citizenship status.

https://www.theguardian.com/commentisfree/2018/mar/01/eu-citizenship-brexit-ecj-netherlands

The German government has experienced sustained internet attacks which have compromised gigabytes of official data. While the hackers appear to be based in Russia the German parliament is questioning this/

https://www.theguardian.com/world/2018/mar/01/german-government-intranet-under-ongoing-attack

The Intel Spectre horror show unfolds another act as another Spectre vulnerability is discovered.

http://www.theregister.co.uk/2018/03/01/us_researchers_apply_spectrestyle_tricks_to_break_intels_sgx/

US taxcollectors are circling Bitcoin and demanding people using Bitcoin apply proper consideration to tax laws when filing their returns. The issue of code forking is also exposed as a factor in caclculating tax.

https://futurism.com/paying-taxes-cryptocurrency/

Sony Platsation 4 firmware has been cracked allowing unauthorised arbitrary code to run.

https://torrentfreak.com/new-ps4-jailbreak-hits-firmware-4-55-excites-the-masses-180228/

Switzerland is playign both sides against the middle as it neatly tacks American demands to enforce copyright action while dragging its feet as politely as possible.

https://torrentfreak.com/switzerland-hopes-new-law-will-keep-it-off-us-pirate-watchlist-180228/

American neo-fascist travels to Europe to add his support to far-right Italian politicians.

https://www.theguardian.com/world/2018/mar/01/steve-bannon-in-rome-to-support-far-right-candidate-matteo-salvini

The web of corruption surronding the Whitehouse continues to expand as investigations to expose dodgy deals and backhanders begin to develop traction.

https://www.vanityfair.com/news/2018/03/ivanka-trump-organization-vancouver

MrCMarch 3, 2018 11:24 AM

@ Clive:

Wouldn't your "snake eating its own tail" thing (the twin chaotically-indexed ring buffers that are XORed in registers) mitigate the problem? One could reimplement all of the basic math and bit-fiddling operations to use the snakey thing instead of memory (and being careful that nothing sensitive ever got written to memory), and then reimplement your crypto algorithms using your new functions.

On the topic of the snakey thing, could you spare a few words for the benefit of us less bright folks who would like to understand it better/implement it. Specifically, there are two things (that I know of) that I just can't figure out:

1. How do you map the output of a Lorenz attractor to the indices of an array? (Every implementation I can think of is either super sparse (and thus super memory inefficient), or in danger of repeating an index too soon, or both.)

2. How do you hide the Lorenz attractor's state (the value of t)? Is it just sitting in memory? Or a couple values that get XORed in register?

parkerMarch 3, 2018 11:43 AM

@Clive Robinson

re: "A thought occurs..."

Extremely true...others saying similar.

Gunter KönigsmannMarch 3, 2018 12:11 PM

@Clive Robinson: If the computer doesn't keep the key in it's memory: How can it read data from the disk without requiring constant input from the user?

It could encrypt the key or generate it as hoc out of data one can find in the system's memory. But even then the memory needs to contain data that allows easy (because fast) access to the decryption key...

D. BronderMarch 3, 2018 1:07 PM

https://theintercept.com/2018/03/01/nsa-global-surveillance-sigint-seniors/?utm_source=The+Intercept+Newsletter&utm_campaign=26982098db-EMAIL_CAMPAIGN_2018_03_03&utm_medium=email&utm_term=0_e00a5122d3-26982098db-132023917

The Intercept reports on its analysis of classified documents having to do with U.S. spying arrangements with foreign countries. In the article one can read about the concentrated efforts the group made against international sporting events. But we must be careful because we do not really know if those documents are completely accurate or partially accurate, genuine, etc. Let's presume they are genuine and unaltered.

Oh, oh, oh, those evil Russians at the Winter Olympics in South Korea! So shocking! Folks, that pish posh is ridiculous "news" to cretinize the debate about surveillance in the West on Westerners, and to put the public's understanding to sleep. As far as the U.S. goes, notice this: the U.S. Constitution is under threat.

"The core participants of the Seniors Europe are the surveillance agencies from the so-called Five Eyes: the NSA and its counterparts from the U.K., Australia, Canada, and New Zealand. As of April 2013, the other members were intelligence agencies from Belgium, Denmark, France, Germany, Italy, the Netherlands, Norway, Spain, and Sweden.

The alliance – which the NSA sometimes refers to as the “14 Eyes” – has collaborated to monitor communications during major European events, such as the Olympics in 2004 (hosted in Greece), the Winter Olympics in 2006 (hosted in Italy), and the soccer World Cup in summer 2006 (hosted in Germany)."

echoMarch 3, 2018 1:26 PM

@D. Bronder

This excerpt from your Intercept link is interesting...

“Some European nations may be leery about hosting a facility in their nation,” the NSA noted, partly due to “associated concerns for European human rights laws.” (Both NSA and its British counterpart, GCHQ, declined to answer questions for this story. GCHQ issued a statement asserting that it adheres to “a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate.”)

Clive RobinsonMarch 3, 2018 1:45 PM

Alyer Babtu,

At what level - instruction, thread, process - are the Meltdown and Spectre hacks running ?

Effectively they are running below not just the ISA but microcode levels as well.

Although not actually part of what the programer would consider the "core" of the CPU they use a seperate state machine down below the core CPU that interfaces between the cache and core memory, thus in effect running in parallel with the MMU thus directly connected to the core memory and at the same time bypassing the MMU's protection mechanisms. Thus it uses Register Transfer Logic/language in a similar way to the internal state machine of the MMU.

The result is that with a little skill there is no part of the core memory that can be hidden from the attacks, this includes the likes of the protected secure enclaves.

Specter and meltdown are going to be those Xmas presents that just keep giving throughout the rest of the year...

gordoMarch 3, 2018 1:57 PM

Putin Claims Strategic Parity, Respect
March 3, 2018 By Ray McGovern

During the U.S.-Soviet negotiations on the ABM treaty, a third of the CIA Soviet Foreign Policy Branch, which I led at the time, was involved in various supporting roles. I was in Moscow on May 26, 1972 for the treaty signing by President Richard Nixon and Soviet Communist Party General Secretary Leonid Brezhnev. I recall not being able to suppress an audible sigh of relief. MAD, I believed, would surely be preferable to the highly precarious strategic situation that preceded it. It was.


Cornerstone of Stability

In his speech on March 1, President Putin included an accurate tutorial on what happened after three decades, noting that Moscow was “categorically against” the U.S. decision in 2002 to withdraw from the ABM treaty. He described the treaty as “the cornerstone of the international security system.”

https://consortiumnews.com/2018/03/03/putin-claims-strategic-parity-respect/

---

Anti-Ballistic Missile Treaty: US Withdrawal

On December 13, 2001, George W. Bush gave Russia notice of the United States' withdrawal from the treaty, in accordance with the clause that required six months' notice before terminating the pact—the first time in recent history that the United States has withdrawn from a major international arms treaty. This led to the eventual creation of the American Missile Defense Agency.

https://en.wikipedia.org/wiki/Anti-Ballistic_Missile_Treaty#US_withdrawal

MDA History

The National Missile Defense Act of 1999 defined the mission for the BMDO, while the U.S. withdrawal from the Anti-Ballistic Missile Treaty (ABM) in 2002 lessened the restrictions to develop and test these technologies.


In 2002, the BMDO was renamed the Missile Defense Agency.

https://mda.mil/about/history.html

---

Almost three months to the day after 9/11 and making good on a Bush-2000-campaign promise, President Bush announced US withdrawal from the ABM Treaty. While we'll never know what Al Gore would have done with respect to the ABM Treaty and missile defense, the U.S. Supreme Court decision in Bush v. Gore gave the US, in effect, and with more to follow: Another Bush mistake.

See also: http://armscontrolnow.org/2012/06/12/2969/

Clive RobinsonMarch 3, 2018 2:09 PM

@ Alyer Babtu,

I was wondering if there was any merit for key management in the approach taken "masterpasswordapp.com"

It's a variation on a master password system. As such these systems are depreciated in use because they present a single point of failure. Also they do not scale very well and don't do key recovery or key deletion.

That is any key that has ever been generated with such systems can be recovered at any time just knowing the master password that can not be kept secret from the person who currently does the KeyGen and they will still know it after they have been replaced...

So no it's not realy suitable or secure for doing KeyMan in it's current form.

Yosemite SamMarch 3, 2018 2:45 PM

Emailed and snail mailed to the EFF and Tor organization this morning:

"But I sincerely suggest that the EFF host a booth at *every* NRA annual meeting/convention, including the one scheduled for May in Dallas.


Recognize many in your organization may hold strong feelings, but I'm still suggesting you hold your nose and just exhibit there...perhaps in tandem with the Tor organization. This convention would be good for both of you.

Try to remember a time when citizens could respectfully disagree in this country."


Now why wouldn't these organizations wish to exhibit there? They are always short of funding and influence.

If they did it, I can see some institutional revulsion taking hold - but can also see some grudging recognition of the role they play....and perhaps a few quiet "good deeds" being done on their behalf. ie "They hate us - but we mean them well..."

They'd probably get funding *and* volunteers if they would just show up within their "enemy's" camp.

Can you imagine a more stubborn Tor relay operator than an NRA member?


Clive RobinsonMarch 3, 2018 2:56 PM

@ Mr C,

Wouldn't your "snake eating its own tail" thing (the twin chaotically-indexed ring buffers that are XORed in registers) mitigate the problem?

The simple answer is yes if the hardware supports it. But even if the hardware does, who's implemented it or anything similar in an application that is in common use...

@ Gunter Königsmann,

If the computer doesn't keep the key in it's memory: How can it read data from the disk without requiring constant input from the user?

The simple answer is it uses what are secrets in core RAM the key to which are kept in a CPU register that is not available to unprivileged users. Further the secrets and the key are constantly changed by the likes of an interupt process that will also generate the encryption key in a register and copy it immediatly into the AES hardware write only registers, without putting it in core RAM.

I'll assume that you know the idea of "you need three points to describe a circle"? And how it's used for spliting keys into shares?

What you end up with is two arrays in memory that are circular buffers that contain only two of the three numbers needed to describe a circle and thus know it's radius and center. The third is kept in a privileged register along with a pointer.

Each time an interupt happens the pointer is incremented and the radius and center are worked out. The two points stored in the arrays are randomly recalculated and then stored back in the arrays.

You can do a similar sort of thing with "data shadows" from basic functions like XOR, ADD, SUB etc.

The trick is also changing the hidden value as well which I will leave to you to work out.

Anyway when a user needs to use encryption or decryption it calls a software interupt that rebuilds each part of the key in the internal CPU register that then gets immediately copied to the write only key register of the CPU's internal AES engine. It then immediately clears the CPU register and moves onto the next part of the key.

That way the only time the users AES key is in core RAM is when they type it in. But there are ways that this can be avoided as well using other methods.

Clive RobinsonMarch 3, 2018 3:15 PM

@ D. Bronder,

Next time you post a link you might want to consider choping of the part that indirectly identifies you.

Angus LordieMarch 3, 2018 3:22 PM

Oubliette Password Manager

Just a brief question to the community: I still use Oubliette password manager (version 1.9.5.159) on my Win 7 Pro and Win XP machines. It provides two quite strong algorithms.

What is your opinion? I know the pwd manager is a bit outdated. Do you consider it safe? Thank you for your responses.

Alyer Babtu March 3, 2018 3:44 PM

@Clive Robinson

Specter and meltdown are going to be those Xmas presents

Is the speculative out of order part actually necessary for the attacks, or could something like them work even when no speculation is allowed ?

The speculative optimized runtime executable is only desired because it takes advantage of low entropy i.e. guessable information in the data-computational instance.

But if there were some other way to benefit from the low entropy, that did not involve actual runtime speculation, would one be better off ? Or is the game lost anyway ?

RatioMarch 3, 2018 7:53 PM

Señor K: Russia and Argentina split over mysterious drug smuggling case:

By the time Andrey Kovalchuk stepped off a Cessna in Buenos Aires in late 2017, authorities had already found and replaced the $60m in cocaine he would later be charged with stashing in a Russian embassy school complex.

According to reports in the Argentinian press, police had for some time been following the man who would later become known as Señor K – a Russian who told some people he was a cigar salesman living in Germany, others that he was a technical worker for the Russian embassy in Buenos Aires, and still others that he was a Russian intelligence officer.

Kovalchuk is now in a German jail, fighting extradition back to Russia as the suspected mastermind of a drug smuggling plot that stretches halfway around the world in a case that has seen the Russian and Argentinian governments flatly contradict each other.

[...]

[...] the two sides disagree over whether the flour [used to replace the cocaine] was eventually carried back to Russia as diplomatic cargo and whether it was taken aboard a Russian government jet probably used by senior officials traveling to Argentina.

When Argentinian law enforcement officials released photographs and video of the fake cocaine being put onboard the government plane, Russian officials said the images had been doctored. Argentina insisted the pictures were real.

[...]

Leaked phone transcripts released in the Argentinian press suggest that Kovalchuk and an accomplice sought to persuade a Russian embassy employee to transport the drugs from the school to the airport, but that the employee refused.

They also suggest Kovalchuk only started having transportation issues after falling out with Viktor Koronelli, a.k.a. the Russian ambassador:

“Y pero si antes las trasladaba, ¿por qué ahora no puede?”, le pregunta el policía. “Y porque ahora se peleó con el embajador. Antes él le brindaba un auto, autobús, con papeles de correo diplomático. Y ahora no sabe qué hacer”, le responde Chikalo.

See last week’s Squid for more (in Spanish).

MrCMarch 3, 2018 10:22 PM

@ Angus Lordie:

Is that a joke?

If so, I don't get it. I don't see how it's humorous.

If not, then the simple answer to your question is "no." Less than 2 minutes on any search engine will tell you that Oubliette uses Blowfish or IDEA, and that both of these algorithms are deprecated, broken under certain circumstances, and teetering precipitously enough that an announcement of a full-on break would not be surprising if it happened tomorrow.

65535March 3, 2018 11:43 PM

@ Clive Robinson, Alyer Babtu Gooberman, parker and All

Re: Meltdown and Spectre

I am no expert on CPU and cache construction but here is my take. Both are vexing problems because the MMU or its derivations are placed on the Intel CPU die. This makes isolating and fixing a problem hard. As Clive R. notes the attacks can involve microcode that controls the low level instructions programmed unto the CPU.

Here is a extremely crude drawing of the placement of the MMU

https://en.wikipedia.org/wiki/File:MMU_principle_updated.png

Here is a old Load All command which could expose all memory both real mode and protected mode in very old Cpu’s.

https://en.wikipedia.org/wiki/LOADALL

Both Spectre and Meltdown are in theory possible. Both hit low level performance enhancements by Intel that trade a bit of security for speed of execution.

Specter involves scamming the Translation Lookaside buffer for traces of important data such a encryption keys as Clive R notes in his Key Management lectures. The MMU and the lookaside buffers allow translation of physical memory space to virtual memory space – memory can be large on modern computers, This also possible involves the famous Prefetch and Superfetch features of the Wintel combination of Cpu and OS workings. Those cache buffers can be 16GB, 2TB or higher – which bits could be peeked at during operations such as backup.

Prefetch and Superfetch appear to speed up processing greatly. Nobody wants to give up speed. That’s a big problem for data centers and such.

[Wikipedia]

“On the newer eighth generation Core platforms, benchmark performance drops of 2–14 percent were measured…”

“The Spectre paper displays the attack in four essential steps:

"1. First, it shows that branch prediction logic in modern processors can be trained to reliably hit or miss based on the internal workings of a malicious program.

"2. It then goes on to show that the subsequent difference between cache hits and misses can be reliably timed, so that what should have been a simple non-functional difference can in fact be subverted into a covert channel which extracts information from an unrelated process's inner workings.

"3. Thirdly, the paper synthesizes the results with return-oriented programming exploits and other principles with a simple example program and a JavaScript snippet run under a sandboxing browser; in both cases, the entire address space of the victim process (i.e. the contents of a running program) is shown to be readable by simply exploiting speculative execution of conditional branches in code generated by a stock compiler or the JavaScript machinery present in an extant browser. The basic idea is to search existing code for places where speculation touches upon otherwise inaccessible data, manipulate the processor into a state where speculative execution has to touch that data, and then time the side effect of the processor being faster, if its by-now-prepared prefetch machinery indeed did load a cache line.

"4. Finally, the paper concludes by generalizing the attack to any non-functional state of the victim process. It briefly discusses even such highly non-obvious non-functional effects as bus arbitration latency.

"The basic difference between Spectre and Meltdown is that Spectre can be used to manipulate a process into revealing its own data. On the other hand, Meltdown can be used to read privileged memory in a process's address space which even the process itself would normally be unable to access (on some unprotected OS's this includes data belonging to the kernel or other processes).”-wikipedia

https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)

Meltdown can exploit the important ability for average privilege programs to read high privilege kernel page tables.

[Wikipedia]

"Meltdown is a hardware vulnerability affecting Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors.[1][2][3] It allows a rogue process to read all memory, even when it is not authorized to do so. Meltdown affects a wide range of systems. At the time of disclosure, this included all devices running any but the most recent and patched versions of iOS,[4] Linux,[5][6] macOS,[4] or Windows. Accordingly, many servers and cloud services were impacted,[7] as well as a potential majority of smart devices and embedded devices using ARM based processors (mobile devices, smart TVs and others), including a wide range of networking equipment. A purely software workaround to Meltdown has been assessed as slowing computers between 5 and 30 percent in certain specialized workloads,[8] although companies responsible for software correction of the exploit are reporting minimal impact from general benchmark testing.”-wikipedia

https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)

[Virtual machines in large data centers though to be secure]

“…Fogh made the case again at Black Hat Europe, in early November 2016 in London, this time to Graz researcher Michael Schwarz. The two discussed how side-channel attacks might overcome the security of "virtualized" computing, where single servers are sliced up into what looks, to users, like multiple machines. This is a key part of increasingly popular cloud services. It’s supposed to be secure because each virtual computing session is designed to keep different customers’ information separate even when it’s on the same server. Despite Fogh’s encouragement, the Graz researchers still didn’t think attacks would ever work in practice. "That would be such a major f*ck-up by Intel that it can’t be possible," Schwarz recalled saying… In January 2017, Fogh said he finally made the connection to speculative execution and how it could be used to attack the kernel. He mentioned his findings at an industry conference on Jan. 12, and in March he pitched the idea to the Graz team… Fogh, a 22-year-old wunderkind at Alphabet Inc.’s Google called Jann Horn had independently discovered Spectre and Meltdown in April. He’s part of Google’s Project Zero, a team of crack security researchers tasked with finding "zero-day" security holes -- vulnerabilities that trigger attacks on the first day they become known. On June 1, Horn told Intel and other chip companies Advanced Micro Devices Inc. and ARM Holdings what he’d found. Intel informed Microsoft soon after. That’s when the big tech companies began working on fixes, including Graz’s KAISER patch, in private. By November, Microsoft, Amazon, Google, ARM and Oracle Corp. were submitting so many of their own Linux updates… On Dec. 3, a quiet Sunday afternoon, the Graz researchers ran similar tests, proving Meltdown attacks worked. "We said, ‘Oh God, that can’t be possible. We must have a mistake. There shouldn’t be this sort of mistake in processors," recalled Schwarz. The team told Intel the next day… Intel put the statement out at 12 p.m. Pacific Time on Jan. 3 and held a conference call two hours later to explain what it said was a problem that could impact the whole industry. “Our first priority has been to have a complete mitigation in place,” said Intel’s Parker. “We’ve delivered a solution.” Some in the cybersecurity community aren’t so sure. Kocher, who helped discover Spectre, thinks this is just the beginning of the industry’s woes. Now that new ways to exploit chips have been exposed, there’ll be more variations and more flaws that will require more patches and mitigation.”-bloomberg

https://www.bloomberg.com/news/articles/2018-01-08/-it-can-t-be-true-inside-the-semiconductor-industry-s-meltdown

The question is what are the chances of the average Jane/Joe being exploited? Probably little on your personal machine with proper updates… but I suspect if you use a “cloud” provider and the NSA has targeted said cloud provider you data has a higher chance of being exploited. That is just a guess.

If any of you have different estimates please speak up.

[Next]

‘@ D. Bronder, “Next time you post a link you might want to consider choping of the part that indirectly identifies you.”’-Clive R.

I Think Clive R. means use

https://theintercept.com/2018/03/01/nsa-global-surveillance-sigint-seniors/

and fracture or completely omit

?utm_source=The Intercept Newsletter&utm_campaign=269xxx98db-EMAIL_CAMPAIGN_2018_0x_03&utm_medium=xmail&xtm_term=0_e0xxxx22d3-2698209xxxxxxx.

We don’t know how many K street PR groups are watching this blog or Fort Meade members. It is best to use a bit more OPSEC.

Excuse all the mistakes. Iam not at the top of my game.

MrCMarch 4, 2018 12:19 AM

@ Clive:

Are you aware of any hardware available today that has such a "privileged register" available to the user?

Also, did I entirely misunderstand the business about Lorenz attractors from your earlier posts?

TheRealAnonMarch 4, 2018 12:29 AM

@Clive Robinson: that was my first thought regarding Spectre/Meltdown. I had similar thoughts about the more general Rowhammer attack, too.

@D. Bronder: Adding to @65535 's point, in web URLs generally anything after and including the ? can be stripped without affecting the page. It's often used for passing tracking information and other junk so when unsuspecting users just copy/paste URLs, they can be tracked.

Web browsers are the biggest piece of junk software in existence.

Gunter KönigsmannMarch 4, 2018 12:36 AM

Even worse: If your computer contains "one" secret register that can hold a 3rd of a key as soon as you start a 2nd or a 3rd safe encryption program the register is already in use and the excess keys will be entirely stored in the RAM.

Also if one process can use the secret register: can the others do so, too?

Constantly doing complicated things that change how the key is stored might help against attacks that read a bit at a time if the key is changed faster than it is read.

RealFakeNewsMarch 4, 2018 12:58 AM

What about randomizing the memory address of each bit of the key? That way a program might be able to dump memory, but it can't know what is a key bit and what isn't.

Performing a type of steganography, you generate as many random bytes as bits in the key. You then set the LSB or MSB as desired to the bit of the key.

The random bytes are distributed randomly throughout the process memory space.

When the key is required, the program reassembles the key in a register. This should be fairly quick to do, and doesn't necessarily need to be in order.

RealFakeNewsMarch 4, 2018 1:11 AM

To add to the above: if the attacker can dump the whole process memory, and determine where the key bits are by simply running the program, it's a bust.

This is almost an indefensible attack, as you can't store anything on the machine you want to use.

The only real fix I see is to attach an external processor where the encryption/decryption is done (e.g. Arduino). This assumes restricting access to the key is more important than the cleartext.

Clive RobinsonMarch 4, 2018 1:50 AM

@ Alyer Babtu,

Is the speculative out of order part actually necessary for the attacks, or could something like them work even when no speculation is allowed ?

It is not the speculative out of order part that is the real root of the problem.

The real problem is actually the speed of light. Which should give you a clue as to why it's going to be tough to fix the root problem.

There is a well known formular that converts frequency to wavelength which is,

Wavelength = C / frequency

From this it can be seen that as frequency increases wavelength decreases. The formular is actually only true in a vacuum in most other cases due to dielectric effects the wavelength is reduced by a normalised version called the dielectric constant.

For digital signals to work in Printed Circuit Boards (PCB), you need to know a few other bits of information. In most PCB material used the dielectric constant is such that the wavelength is considerably reduced and digital signals require the odd harmonics of the clock frequency to have the fast rising edges that give low jitter performance. Which means that in practice you need PCB traces that are of considerably higher bandwidth than the clock signal.

Without going into all the messy details it means that either the memory has to be very very close to the CPU or it needs to have a much much slower clock speed than the CPU.

The current solution is registers and caching memory. That is you have very high speed memory built into the CPU (registers) and memory slightly further away (L1-cache) that work at the full clocks speed of the CPU or slightly slower. You then have have your core RAM working at maybe 1/10 of the CPU which is often called the Front Side Bus (FSB) clock speed in "Intel speak". In practice the FSB in IAx86 is not directly connected to the memory but the memory control hub called the "Northbridge" as shown in this diagram,

https://en.m.wikipedia.org/wiki/File:Motherboard_diagram.svg

Ignoring for a moment the extra gate delays the northbridge adds there is another problem which is known by engineers as the "round trip delay". Simplified it means that it takes twice as long to get a response as it does to send the request, which if you only request a single location from core memory it arives at half the FSB clock rate.

Part of the solution to this is to get more than one memory location per memory request. This is often called "burst mode" however it's used as a generic term to cover a number of techniques to speed up memory fetching. Put simply the more memory locations you get for each request the more efficient it is (up to a point). But you have to put this fetched data somewhere and currently it ends up in the L3-Cache or further up the caching mechanism.

Where caching gets realy complicated is the use of the Memory Managment Unit (MMU) which is the fundamental security mechanism as well as providing Virtual Memory (VM) that is used via a "paging mechanism". The L1-cache is actually two caches one for instructions and one for data as this alows the CPU core to run much faster, thus L1 is on the CPU side of the relatively slow MMU, the cache(s) holding the FSB fetched data are on the other side of the relatively slow MMU.

Thus "speculative fetching" is used as well as "speculative execution" due to differences in the size and location of page boundries these may not align with the boundries of speculative fetching of memory...

To get at this memory just requires a way around the relatively slow MMU security mechanism... I'll leave you to guess what various CPU manufactures have done but if speculative execution gives a security breach mechanism, it is an odds on certainty that there is a speculative fetch security breach thus there may be other mechanisms by which the data can be accessed.

There are alternative architectutes where such issues do not arise but currently they are more or less theoretical. I've discussed one such system architecture in the past on this blog which I was investigating for other reasons. You can find it by searching for "Castles-v-Prisons" or it's shortened forms C-v-P or CvP.

lucaMarch 4, 2018 3:13 AM

Hi all,
The web host of this site is now blocking connections coming from PIA (Private Internet Access) VPN servers (most of them, not all yet).

Shouldn't we support privacy instead of impeding it?

Clive RobinsonMarch 4, 2018 3:54 AM

@ 65535,

I am no expert on CPU and cache construction...

Nor would it appear are Intel and other CPU manufactures when it comes to security... Just "speed freeks".

Both Spectre and Meltdown are in theory possible. Both hit low level performance enhancements by Intel that trade a bit of security for speed of execution.

What has happened becomes clear when you draw a diagram on a piece of paper.

Immagine the MMU as a wall for security, but it's in effect a bottle neck. So you come up with the idea of having two data streams in parallel the slow traditional one through the MMU and a fast one that bypasses the MMU does some activity involving the cache and then there is another security wall after that at a faster data handeling part of the CPU.

In effect you have the two parellel streams each with a security wall thus from one view point --the wrong one-- data can not get to the CPU other than through a security wall, thus everything is "A OK". What their viewpoint has missed is the part between the two offset security walls is not in reality two parallel and sepetate streams, they share hardware such as cache memory. Thus unchecked data in the fast stream can cross over to the checked by the MMU slow stream via side channels thus missing both the security walls...

|
Fast-------\------/-CHK---\
| Shared | CPU
Slow---MMU-/------\-------/
|

Whilst simple to see that way after the fact, it may not have been clear prior to the discovery of a viable side channel

The obvious but not wanted solution is to double up the "shared" resources and split them apart so they are neither shared nor have any side channels...

In the old TEMPEST / EmSec design days this would have been called "segregation" there would also have been other techniques put in place prior to the CPU to prevent other side channels.

The thing is such techniques have been known since the 1960's but appear to have been forgoton or ignored in the quest for speed that the majority of customers realy don't need.

neillMarch 4, 2018 4:08 AM

@Clive Robinson

i have not done machine code in a while, but 'back in the day' we were able to disable interrupts via mnemonic eg 'di'

i'm not sure in today's hardware that you can disable interrupts in ring 0 and then use your timeslice e.g. 1 ms to 'do your thing' with encryption, transmit etc, and have time left to 'clean the cache' and the TLB etc with dummy code

just an idea in regards to repotline ...

Clive robinsonMarch 4, 2018 4:14 AM

Sorry the diagram got totaly snarled.

But does not look much better using the "pre" tag, as it is double lining


                     |
Fast-------\------/-CHK---\
| Shared | CPU
Slow---MMU-/------\-------/
|

If anybody has suggestions as to a better way to display "monospaced" or "teletype" style text, I'm sure I won't be the only person who would like to know.

Clive RobinsonMarch 4, 2018 4:42 AM

@ neill,

i'm not sure in today's hardware that you can disable interrupts in ring 0

It's processor specific. But you should be able to disable any interupt that is not a "Non Maskable Interupt" as the privileged user either outside of or inside of an interupt

This is so you can implement "atomic actions".

If the CPU you are using has "Ring 0 only" registers that do not get "pushed to stack" on a task or privilege switch then the "secret" and "pointer" should never appear in core memory after you have first created them and then cleared them.

You can then use this as a "master key" system so you can keep other keys in memory securely encrypted by it.

Whilst the principles of the method are fairly easy to describe, getting down and dirty with any particular CPU architecture quickly becomes overly cloudy with specific details.

The reason is that most CPU designers do little or nothing about real security, the assumption is that nobody can get to core memory except via the MMU thus security can be safely left to the OS... When you talk about cold boot and memory freezing attacks the attitude is that the OS designer or the system designer is at fault...

Some microcontrolers actually do consider security a little bit more and actually encrypt the contents of RAM whilst that will stop memory freezing attacks and might stop cold boot attacks, it will not stop "on-line" or "in-operation" attacks unless each process space uses a different encryption key... The assumption of microcontroler designers is that they are for single user systems in industrial control systems etc...

Yes there are more secure chips made but,

1, You are not aloud them.
2, You can not aford then.
3, You have to build the entire system yourself including multilayer PCBs.
4, They are slower than a one legged dog.

16383March 4, 2018 5:33 AM

Evil Genius of Social Media
How do we consume as much of your time and conscious attention as possible?

Nowhere is dopamine more routinely name-dropped than in Silicon Valley, where it is hailed as the secret sauce that makes an app, game or social platform “sticky” – the investor term for “potentially profitable”.

“These unnaturally large rewards are not filtered in the brain – they go directly into the brain and overstimulate, which can generate addiction,” explains Shultz. “When that happens, we lose our willpower. Evolution has not prepared our brains for these drugs, so they become overwhelmed and screwed up. We are abusing a useful and necessary system. We shouldn’t do it, even though we can.” Dopamine’s power to negatively affect a life can be seen vividly in the effects of some Parkinson’s drugs, which, in flooding the brain with dopamine, have been shown to turn close to 10% of patients into gambling addicts.
https://www.theguardian.com/technology/2018/mar/04/has-dopamine-got-us-hooked-on-tech-facebook-apps-addiction

RatioMarch 4, 2018 6:51 AM

Isis follower tried to create jihadist child army in east London:

A dangerous extremist who attempted to build an army of child jihadists by radicalising pupils has been convicted of a range of terrorism offences.

Umar Haque, 25, taught an Islamic studies class despite having no teaching qualifications and being employed as an administrator. He was allowed to supervise classes of 11- to 14-year-olds on his own, during which he re-enacted attacks on police officers and showed students videos of beheadings.

Police fear Haque attempted to radicalise at least 110 children, some of whom he was in contact with at the Ripple Road mosque in Barking, east London. Thirty-five of the children are receiving long-term support.

Haque also worked at the £3,000-a-year Lantern of Knowledge Islamic school, where he was again allowed access to children alone under the pretence of teaching Islamic studies when he was in fact employed as an administrator.

[...]

Six children gave evidence in court. The trial was shown video of a police interview with a child, who said: “He is teaching us terrorism, like how to fight.”

The boy said: “He has been training us, kind of. Apparently fighting is good. If you fight for the sake of Allah, on judgment day when you get judged for your good deeds and bad deeds, fighting is good.”

Apparently, indeed.

How a teacher sought to recruit a terror 'death squad':

In hours of secret recordings from March 2017, played to the trial, Haque eulogised Khalid Masood, the man who had just carried out the first of 2017's terrorism attacks on London - and he outlined to his friend Muhammad Abid his ambitious plans to do the same with the help of radicalised London children.

Haque told his friend that they would be a "death squad sent by Allah" and he aspired to attack Big Ben, Westfield shopping centres, Heathrow Airport and other locations, as well as the media, Shia Muslims, far-right groups and the Queen's guard.

Shi’a? Well, I never…

MarkMarch 4, 2018 7:04 AM

Does any know how long it takes to brute force a file encrypted once with the blowfish algorithm ?

Clive RobinsonMarch 4, 2018 7:36 AM

@ Mr,

Also, did I entirely misunderstand the business about Lorenz attractors from your earlier posts?

Not entirely. They are however better implemented in hardware for various reasons. There used to be a commenter here called @RobertT who did chip design. He was reverse engineering a chip that had used hardware Lorenz attractors to perform a similar secret hiding task.

If you look at the Lorenz attractor formulars you will see you have three input constants "beta, rho, sigma" and three variables that hold the three dimensional state "x, y, z" all of these are floating point numbers and need to be sufficiently large interms of bits to ensure the behaviour is sufficiently chaotic. Worse only some values of beta, rho and sigma will produce continuous chaotic output. Other values whilst looking chaotic to start with will eventually settle at one of the two attractors.

Whilst it would be possible to embed sigma and beta, rho would act in part as one of the secrets along with x,y and z. Thus there is the issue of hiding away four large floating point value as well as the issues of adding and multiplying them if an embedded floating point maths hardware is not in the CPU chip.

It was with secure enclaves possible to tuck these away out of reach of all but the secure process thus render them secure from a remote online attack. Likewise they could in effect be "encrypted" with a value held in one or two registers made secure from a cold boot or memory freeze attack. However since Rowhammer and now Meltdown that option is nolonger available as an attacker can in effect interact with the process to deduce the secret values.

Likewise any complex operation not compleatly supported in the CPU with the use of one or two hidden registers is now susceptible to an online monitoring attack.

Which is why XOR, ADD and SUB are the way to go currently with a couple of hidden registers.

For instance the register used as a pointer would be mainly wasted as only the bottom few bits would be required to point to arrays used in a circular manner. The top part can be used as a form of counter similar to that used as a simple random number generator of the for

N+1 = C + N

Where C is infact a composit number where C mod M = 1 where M is the number of values in the array and the other part of the pointer is 1 or a odd prime, so that the upper bits will eventually cycle through every value. There are variations on this idea but the point is you want both parts of the pointer value to increment through all values.

SpellucciMarch 4, 2018 8:36 AM

@Clive Robinson: I nested pre inside blockquote and got what may be a serviceable diagram.

                     |
Fast-------\------/-CHK---\
        |   Shared   |     CPU
Slow---MMU-/------\-------/
        |

Clive RobinsonMarch 4, 2018 8:49 AM

@ Gunter Königsmann and RealFakeNews,

Sorry missed your comment for some reason,

Even worse: If your computer contains "one" secret register that can hold a 3rd of a key as soon as you start a 2nd or a 3rd safe encryption program the register is already in use and the excess keys will be entirely stored in the RAM.

The issue is storing "KeyMat" in core RAM so it either can not be read out or is usless to the attacker if it is read out. Thus the problem is how to make one or more pieces of KeyMat secure whilst held in memory.

Obviously getting KeyMat into a computer leaves an opening for an attack, there are however ways to deal with this that are an entirely seperate issue which I'll not go into currently (as this is taking up a lot of blog space as it is).

The simplest way to store KeyMat in core RAM is if it is encrypted, reading it out will give you less than if you monitored a comms line with encrypted traffic.

Thus you could encrypt all the KeyMat in RAM with a Master Key, provided it is not stored in RAM in a usable form. Which means you only need store one key via the secret held in a CPU register that is not visable to the users.

Which brings us to the issue of how to use a master key which is part of your reasoning,

Also if one process can use the secret register: can the others do so, too?

Yes they can if you take certain precautions. Which is one of the reasons for putting the code in the interupt structure. In many CPUs --but not all-- the way you call OS routiens is via "soft interupts" in effect all you do is put a pointer to a data struhcture in U-space and call the OS via a software interupt. The interupt just like most other OS tasks either performs the task or passes the pointer into U-Space to K-Space and the kernal blocks the process untill such time as the task is done.

In the case of encryption/decryption three U-Space pointers would be passed. The first to the Encrypted Key, the second to the input buffer the third to the output buffer (the buffers would in effect be null padded Pacal strings) As the user proces is blocked by the kernel when the crypto task is finished the kernel unblocks the process.

With regards,

Constantly doing complicated things that change how the key is stored might help against attacks that read a bit at a time if the key is changed faster than it is read.

The reason for keeping the pointer in a hidden CPU register and using a fast interupt to change the master key shadows / parts in memory is that when the attacker dumps or freezes the core RAM they have no idea what state the shadows in core memory are in. This adds uncertainty to the recovery process.

I hope that makes things a little clearer.

@ RealFakeNews,

Sorry I missed you as well.

Starting with your last point,

The only real fix I see is to attach an external processor where the encryption/decryption is done (e.g. Arduino). This assumes restricting access to the key is more important than the cleartext.

This would be another way to do it, but rather than use an ordinary CPU, as @Thoth has indecated a secure smart card would be a better option.

However encryption / decryption would be "two legged dog slow" thus looking at how to secretly transfer the KeyMat from the smart card to the AES hardware in the CPU would probably be faster for all but trivial encryptions/decryptions.

What about randomizing the memory address of each bit of the key? That way a program might be able to dump memory, but it can't know what is a key bit and what isn't.

I pointed the same thing out originally when first describing the system some years ago. Whilst it works fine for cold boot and freezing memory attacks, it does not work as well when the attacker can sit there for an unknown period of time watching memory and how it changes. Eventually the pattern of accesses must repeate ---if only to get a key back-- and this will give the attacker knowledge of which memory locations are currently active.

To add to the above: if the attacker can dump the whole process memory, and determine where the key bits are by simply running the program, it's a bust.

Running the program will only help if the two secret register values are still the same as they were when the memory dump was achived. If not then the process will just produce garbage and the attacker is left with no knowledge of which memory location contains which part of the Key and what state it is in.

Clive RobinsonMarch 4, 2018 8:57 AM

@ Spellucci,

I nested pre inside blockquote and got what may be a serviceable diagram.

That works well enough for me, I can't say for others.

Thanks for that.

@ Gunter Königsmann,

Sorry I messed up the blockquotes on my reply to you, I guess I'm getting tired :-( and need some "beauty sleep"... Though how that will work for some one who is 6'6" and looks like a cross between a Klingon and Karl Marx having a bad hair day I don't know ;-)

CassandraMarch 4, 2018 4:38 PM

@Clive Robinson

I am certain your thought has been thought by many people recently.

I have a thought that part of the way out of the problem may be akin to David A Wheeler's Diverse Double-Compiling method of countering the 'Trusting Trust' attack. He briefly mentions the possibility of applying the DDC technique to hardware and says "Countering subverted hardware is definitely an area for potential future research."

Using dedicated en/de-cryption co-processors* simplifies the defender's job from trying to secure a general purpose operating system into trying to secure a single-task piece of dedicated hardware (which is one of the reasons GCHQ like in-line encryption boxes e.g RAMBUTAN), but the attacker still needs only to subvert one device to get the key.

Secure multi-party computation techniques may also help if encryption and decryption methods can be spread across multiple processors.

Unfortunately, general prevention of attacks like Rowhammer, Meltdown and Spectre will probably need changes in hardware design which will be a long time in coming, as far as I can see.

Cassandra

*I was thinking of possible hardware implementations, and realised that simply entering a 256 bit AES key into a co-processor independently of the host system is a non-trivial task. You'd need 64 rotary hex-digit selectors, for example. Typing in 64 hex digits into an MK14 style (showing my age again) device would also be too much of a trial. Many thanks to those working on external encryption devices.

ThothMarch 4, 2018 6:21 PM

@RealFakeNews, Clive Robinson

Re: Encryption with hardware

I usually recommend using Ledger devices linked below.

These Ledger devices are essentially a smart card chip with a screen and input attached to give you a way to securely display hashes and accept input. The Nano S series uses 2 buttons as input with OLED display while the Ledger Blue is a touchscreen device. The Nano S requires to be attached over Micro USB to a host computer for power and data.

The Nano S operates over a Micro USB cable while the Blue has an in-built battery which allows it to operate on it's own and with Micro USB or BLE connection to a host computer.

The pricing on those stuff are more expensive these days due to very high demand and it sells out quite easily.

They have a OpenPGP encryption applet for you to install into the Ledger device for securing your PGP private key and using the private key securely in the smart card chip embedded in the security device. I havent gotten it to work on Windows OS if that is any concern for you.

Overall the devs are quite nice to talk to and I have offered them many ideas since the inception of the product and a disclaimer, I am not related to them by any means.

They have a Github repo you can dig around in as well linked below relating to the devices.

Links:
- https://www.ledgerwallet.com
- https://github.com/LedgerHQ

sfanMarch 4, 2018 6:55 PM

Is Google snooping on WhatsApp message content (and more)?

This morning I was on a WhatsApp chat on my android phone discussing geology and what was, to me, an obscure small town, Needles, CA. My friend is visiting there and I was about to make a quip about Needles and cactus. I had never heard of the town of Needles and wanted to know more. So I switched from WhatsApp to the Google Search bar.

It is fair to say that I can't ever remember doing a search with the keyword "needles" and have definitely never before searched for the town of Needles. Yet using the Android search bar, after typing just the letters "need " the suggested search included Needles CA (five suggestions down).

Note, the phrase "Needles, CA" was only in the WhatsApp message my friend sent. I had typed the only word "Needles" in my draft/unsent reply. How did Google Search guess that I might be interested in Needles CA without being aware of the content and context of the WhatsApp conversation?

In the grand scheme of indexed web pages with the word "Needles", the town of Needles CA, should not be a probable result. In my case I don't live in and was not searching from within the US. Indeed, cleared of cookies and session information, a laptop Google Search for "Needles" gave no result even related to the California town until the 10th page (100th result).

Therefore the fact that Needles CA was suggested on my phone doesn't seem likely to be any of: a coincidence, a natural index result, nor Google's deep knowledge of my search history.

Obviously, the phone's keyboard needs to work with all applications and the Gboard is clearly doing some combination of dictionary, history, and machine learning in attempting to predict what I am trying to type. The question then becomes, to what degree should Gboard's knowledge be available to another application?

I presume from all this that Google's keyboard is now recording every interaction with my phone, including keylogging my typing in a non-Google apps, and using that to "optimize my experience" in (at least) other Google apps.

But in this case it also means that, potentially, all the end-to-end encryption architecture and design of WhatApp would now rendered moot to Google, and possibly others.

There is nothing in Gboard's permissions that covers this scenario. Diving into Gboard's settings I see that Gboard has built-in Google Search. I have now disabled that and will see what I notice. Is Gboard's "Google Search" a more private and secure version or is the same Google Search that logs my search history?

The privacy policy on Gboard's page in Google Play links to Google's general privacy policy and gives no indication of what Gboard may or will not share between apps and Google.

Is what I've described a known privacy & security vulnerability? Is there any other likely explanation?

Hopefully Gboard is highly locked down, it keeps its suggestions to itself, and away from prying eyes. I assumed as much but now have doubts.

ThothMarch 4, 2018 8:46 PM

@sfan

Re: E2EE Security

E2EE scheme is a message security scheme. Only the plaintext delivered in the message packet is secured. You can still attack the endpoints with malware to capture memory, screenshot it, text logging etc.

The E2EE security is only as secure as the user interaction, end point security and algorith. Any of the three criteria fails will inevitably break the security model. Thus, for your case and many E2EE apps, they can suggest whatever secure protocols but as long as you mismanage the cryptokeys or have weaknesses in endpoints, it's still a fail.

Truely secure E2EE comms must be referenced from military and diplomatic communication implementation where the provisioning and managing of crypto keys to the use of secure hardware and protocols where they cover all aspects.

AlejandroMarch 5, 2018 7:49 AM

@sfan

Re: "after typing just the letters "need " the suggested search included Needles CA (five suggestions down)."

I did the same search, don't have whatsapp, know nothing about Needles CA and after typing "needles", google responded with Needles, CA as the SECOND choice after "needless to say".

Regardless, would google suck up whatsapp content? Unless there is a specific law against it, I would say, absolutely 'yes'!

That's America these days. I am hoping the EU came tame Google, FB, Microsoft, Twitter et al from their intimate, intense surveillance and data collection, but in the USA it's the wild west.

(My biggest disappointment right now is MS, the scrutiny in intense. I try to not think about how they monetize the data, my tinfoil hat starts to glow red hot when I do.)

ZucMarch 5, 2018 7:56 AM

@Hmm:

No surprise that the phone system has terrible security. The news to me is that apparently 5G actually has some security built in. Does anyone have any details? My first assumption is that it is also full of security holes, since the 'powers that be' won't easily give up their ability to snoop, spoof, and hijack mobile comms.

CassandraMarch 5, 2018 8:19 AM

@sfan

I think you can regard Gboard as behaving pretty much like a key-logger with its default settings. There is a little discussion here: Configure Gboard Privacy (Google Keyboard).

If Google's software has control of the keyboard, then obviously it can record and send to Google all the keystrokes, including those sent to the WhatsApp application. This can be done entirely without the co-operation of the writers of the WhatsApp application - they can only rely on what is given to them by the operating system of your phone, which Google, not WhatsApp, have control over.

Some people regard sharing with Google everything they type into all applications as a price worth paying for the convenience of improving text-prediction and pro-active search. Others, including most of the contributors here would probably disagree that the benefits outweigh the disadvantages. It is your decision. Some people never bother learning how their phones work, or bother reviewing the defaults chosen by Google and application writers, simply using their phones as convenient tools. You can decide to do differently, but you are likely to find things a great deal less convenient. Such is life.

Cassandra

65535March 5, 2018 8:57 AM

@ Clive Robinson

'@ 65535, I am no expert on CPU and cache construction... Nor would it appear are Intel and other CPU manufactures when it comes to security... Just "speed freeks"'

Yes, one of the real problems is kernel memory tables accessible by user space programs in an attempt to speed CPU execution. I don’t really know how to completely stop it and verify said complete separation of kernel pages for the average Jane/Joe. The underlying micro code must be examined at all points of MMU and then basically all data lines and controllers for said lines.

“Their [Chip/CPU makers] viewpoint has missed is the part between the two offset security walls is not in reality two parallel and sepetate streams, they share hardware such as cache memory. Thus unchecked data in the fast stream can cross over to the checked by the MMU slow stream via side channels thus missing both the security walls”- Clive R.

True.

"Yes there are more secure chips made but,
“1, You are not aloud them.
“2, You can not aford then.
“3, You have to build the entire system yourself including multilayer PCBs.
“4, They are slower than a one legged dog.”- Clive R.

I agree. I would guess data centers in a profit oriented company would prefer to keep their relative fast and inexpensive equipment and let their customer’s data including encryption keys get exploited and hope their PR department lay the blame the damage on third parties.

Speed/bandwidth is major selling point for everybody from hosting companies to search providers and so on. Security is secondary. I don’t see that changing soon.

If I am correct about the above, I doubt your encryption of RAM and/or cache L1 – L3 will be implemented properly or even done in any fashion.

@ Spellucci

+1 for your nested pre inside blockquote technique.

@ sfan and Thoth

Good points.

Am wondering if Ajax and JSON are a link in this type of screen scrapping/keylogging while online. I was thinking if auto-spell check is always on then all keystrokes could be captured and sent back to the mother ship.

“Garrett explained that the following technologies are incorporated:
• HTML (or XHTML) and CSS for presentation
• The Document Object Model (DOM) for dynamic display of and interaction with data
• JSON or XML for the interchange of data, and XSLT for its manipulation
• The XMLHttpRequest object for asynchronous communication
• JavaScript to bring these technologies together
Since then, however, there have been a number of developments in the technologies used in an Ajax application, and in the definition of the term Ajax itself. XML is no longer required for data interchange and, therefore, XSLT is no longer required for the manipulation of data. JavaScript Object Notation (JSON) is often used as an alternative format for data interchange,[15] although other formats such as preformatted HTML or plain text can also be used.[16] A variety of popular JavaScript libraries, including JQuery, include abstractions to assist in executing Ajax requests. Asynchronous HTML and HTTP (AHAH) involves using XMLHTTPRequest to retrieve (X)HTML fragments, which are then inserted directly into the Web page.”-Wikipedia

https://en.wikipedia.org/wiki/File:Ajax-vergleich-en.svg

https://en.wikipedia.org/wiki/Ajax_(programming)

Can AJAX be block from sites? How would you do it and unsure it us completely blocked? Any ideas?

Excuse all the errors I am not at my best.

GoobermanMarch 5, 2018 8:58 AM

@ Clive Robinson

"Secondly there are quite a few "command line" utilities out there that will do simple symmetric encryption."

That is exactly what I was looking for, but since I am not a programmer, I have no way to evaluate the relative worth and correctness of one program over another. i asked the question here because I have come to respect the opinion of this site's commenters.

Let me ask the question another way: if you needed to select a pre-existing open-source command line program for symmetric encryption, that was not GPG or OpenSSL/LibreSSL, what would you select based of your knowledge of the field?

echoMarch 5, 2018 10:29 AM

A generous woman paid for 19 hotel rooms to house homeless people during snap cold weather which was described as "exceptional" and which attracted multiple "red alterst" and warnings of life threatening conditions. The hotel refused these guests citing "legal" and "security" reasons.

http://www.independent.co.uk/news/uk/home-news/premier-inn-homeless-people-turned-away-customer-paying-westonsupermare-a8240171.html

One of the UK’s largest hotel chains has been accused of “clear discrimination” against homeless people after it turned away rough sleepers who had been offered free rooms by a paying customer.

and

A spokesperson for Premier Inn said: "For legal, as well as obvious guest safety and security reasons, we need the names of everybody staying in our hotels and the lead booker must be accountable for all guests.

Mark 42March 5, 2018 1:14 PM

A new report on the security of Brazilian voting machines by Prof. Diego F. Aranha and others: https://www.researchgate.net/publication/323470546_The_Return_of_Software_Vulnerabilities_in_the_Brazilian_Voting_Machine

The restrictions applied to the researches are particularly amusing.


Paper abstract: This paper presents a detailed and up-to-date security analysis of the voting software used in Brazilian elections. It is based on results obtained by the authors in a recent hacking challenge organized by the Superior Electoral Court (SEC), the national electoral authority. During the event, multiple serious vulnerabilities were detected in the voting software, which when combined compromised the main security properties of the equipment , namely ballot secrecy and software integrity. The insecure storage of cryptographic keys, hard-coded directly in source code and shared among all machines, allowed full content inspection of the software installation memory cards, after which two shared libraries missing authentication signatures were detected. Injecting code in those libraries opened the possibility of executing arbitrary code in the equipment, violating the integrity of the running software. Our progress is described chronologically , to illustrate difficulties and limitations in the testing methodology chosen by the electoral authority, and to inform how teams participating in future challenges can optimize their performance. We trace the history of the vulnerabilities to a previous security analysis, providing some perspective about how the system evolved in the past 5 years. As far as we know, this was the most in-depth compromise of an official large-scale voting system ever performed under such severely restricted conditions.


Face in a crowdMarch 5, 2018 1:41 PM

(27-ply tinfoil hat ablating)

Are those facial characteristics datasets being gathered by phones etc. using facial recognition increasing risk relative to thumbprints and other authentication data ?

echoMarch 5, 2018 2:45 PM

This seems a bit odd. AformerRussian spy who was convicted and jailed then later pardoned is suspected along with a female companion to be been posioned. A genuine incident? Hoist by his own petard? An attempt to smear the Russians? I have no idea.

Russian spy critically ill after being 'poisoned' by unknown substance in Salisbury

https://www.telegraph.co.uk/news/2018/03/05/alleged-former-russian-spy-critically-exposure-unknown-substance/

A man who is critically ill after exposure to an unknown substance in Salisbury, is a former Russian spy, it is understood. Sergei Skripal, 66, who was jailed in Russia for treason, but later came to the UK as part of a 'spy swap', collapsed in a shopping centre in Salisbury on Sunday. He and a woman were rushed to hospital where they are still being treated. It is thought the pair may have been exposed to the powerful synthetic drug, Fentanyl, which is up to 10,000 times more powerful than heroin and has been linked to scores of deaths in the UK. A major incident was later declared at Salisbury hospital and its Accident & Emergency unit had to be closed.

Clive RobinsonMarch 5, 2018 4:10 PM

@ echo,

I guess we are going to have to wait and see with regards the powder. As I've mentioned befor Russia has a law that says they can go and execute people in other jurisdictions, thus if it was an execution and those who did it get back to Russia they are safe from penalty.

But Russia is not the only country that sends out executioners sadly the list is long and includes a number of Western Countries as well.

On another note, having read your link I see this link,

https://www.telegraph.co.uk/news/2018/03/05/trevor-baylis-inventor-wind-up-radio-dies-aged-80/

Back in the 1980's there was a group of home inventors in Twickenham and Hampton near where I then lived, I and a few others used to go and help them out building prototypes, doing first product runs and manning stands at shows. Trevor was one I worked with from time to time, he appeared a but gruff at times but was actually quite good natured when he'd got to know you. His wind up radio also had a lamp and was kind of intended for sailors and the like originally but it got into other places and for some years was used in Africa in small villages so children could get some form of education. Others have copied the idea and you will find all sorts in Out-Door / Camping / Survivalist shops. It's sad to think hes gone.

AresMarch 5, 2018 8:02 PM

"But Russia is not the only country that sends out executioners sadly the list is long and includes a number of Western Countries as well."

Spies for the west are being murdered in Russia long after retirement, to make it an actual equivocation?

Whataboutism (also known as whataboutery) is a variant of the tu quoque logical fallacy that attempts to discredit an opponent's position by charging them with hypocrisy without directly refuting or disproving their argument, which is particularly associated with Soviet and Russian propaganda. When criticisms were leveled at the Soviet Union, the Soviet response would be "What about..." followed by an event in the Western world.


Alyer BabtuMarch 5, 2018 9:17 PM

Ad hominem forms, such as the tu quoque, while indeed fallacies if taken logically, are not really intended logically, rather are rhetorical, to cast doubt on the standing of the opponent. For that they may actually be a just response.

RatioMarch 6, 2018 12:12 AM

From The New Yorker, Christopher Steele, the Man Behind the Trump Dossier:

Steele worked out of the British Embassy for M.I.6, under diplomatic cover. His years in Moscow, 1990 to 1993, were among the most dramatic in Russian history, a period that included the collapse of the Communist Party; nationalist uprisings in Ukraine, the Caucasus, and the Baltic states; and the dissolution of the Soviet Union. Boris Yeltsin gained ultimate power in Russia, and a moment of democratic promise faded as the K.G.B.—now called the F.S.B.—reasserted its influence, oligarchs snapped up state assets, and nationalist political forces began to emerge. Vladimir Putin, a K.G.B. operative returning from East Germany, reinvented himself in the shadowy world of St. Petersburg politics. By the time Steele left the country, optimism was souring, and a politics of resentment—against the oligarchs, against an increasing gap between rich and poor, and against the West—was taking hold.

After leaving Moscow, Steele was assigned an undercover posting with the British Embassy in Paris, but he and a hundred and sixteen other British spies had their cover blown by an anonymously published list. Steele came in from the cold and returned to London, and in 2006 he began running its Russia desk, growing increasingly pessimistic about the direction of the Russian Federation.

Steele’s already dim view of the Kremlin darkened in November, 2006, when Alexander Litvinenko, a former Russian K.G.B. officer and a Putin critic who had been recruited by M.I.6, suffered an agonizing death in a London hospital, after drinking a cup of tea poisoned with radioactive polonium-210. Moscow had evidently sanctioned a brazen murder in his own country. Steele was put in charge of M.I.6’s investigation. Authorities initially planned to indict one suspect in the murder, but Steele’s investigative work persuaded them to indict a second suspect as well. Nine years later, the U.K.’s official inquiry report was finally released, and it confirmed Steele’s view: the murder was an operation by the F.S.B., and it was “probably approved” by Vladimir Putin.

Steele has never commented on the case, or on any other aspect of his intelligence work, but Richard Dearlove, who led M.I.6 from 1999 to 2004, has described his reputation as “superb.” A former senior officer recalls him as “a Russia-area expert whose knowledge I and others respected—he was very careful, and very savvy.” Another former M.I.6 officer described him as having a “Marmite” personality—a reference to the salty British spread, which people either love or hate. He suggested that Steele didn’t appear to be “going places in the service,” noting that, after the Cold War, Russia had become a backwater at M.I.6. But he acknowledged that Steele “knew Russia well,” and that running the Russia desk was “a proper job that you don’t give to an idiot.”

Clive RobinsonMarch 6, 2018 2:10 AM

@ Ares,

...is a variant of the tu quoque logical fallacy that attempts to discredit an opponent's position by charging them with hypocrisy...

Unfortunately it can be misapplied as you have done and worse you pre distorted it with deliberate conflation to your view point by what is a strawman argument.

You are first making a false argument that @echo is an opponent in an argument.

Secondly you are falsely claiming I'm accusing @echo of hypocrisy.

Thirdly you are falsely claiming I am trying to excuse an entities actions.

So having disposed with your false "tu quoque" argument how about you actually correct your statment?

As for the facts of the event there are few given, but there is much speculation. However what we know is,

At the time of the press release the powder had not been identified (a point I noted). As both people were apparently alive at the time the report was put together it was not by definition an execution but at most attempted. Further the authorities have not yet made any claims as to what has happened, although most news outlets are speculating on what they think happened, then using that speculation for getting quotes from people who likewise do not know what has happened, only what the journalist have told them (such behaviour has caused issues in the past and as such is not regarded as good journalism).

As the powder has not yet been identified there is a small possability it may be inert. Atleast one hospital in England (Lewisham[1]) went into full lockdown when somebody threw a powder at people in the reception area. The powder was later found to be a harmless substance. I know this because I was visiting somebody in the hospital at the time. So despite the small posability it does happen.

The minimal description of the two peoples symptoms could be caused by a number of substances but it sounds like it is a central nervous system depressent with Hallucinogenic properties. They are signs seen in opioid overdoses particularly in some such as the "China White" variants of the opioid analogue Fentanyl which is rapidly becoming a very serious addictive drug issue in the West, especially with drug dealers mixing it in with other less dangerous opioids.

It is known that the Russians have performed experiments with such substances for supposadly "non-lethal" weapons also called incapacitating agents. They deployed one when hostages were taken in a Moscow theater back in Oct 2002[2]. That was belived to be a fentanyl in a halothane base. Because the authorities did not say what it was many people died of respiratory issues that could easily have been saved by the administration of an opioid blocker.

Fentanyl is a very potent drug[3] it's various forms are quoted as being between 75 and 10,000 times that of morphine. It is also dangerous in that it is easily absorbed through the skin or by inhalation and acts within seconds. Accidental contact with used medications containing Fentanyl has killed quite a few people. There is a known opiate blocking drug Naloxone that can be sprayed into the nose to limit the effects of Fentanyl.

Thus Fentanyl can be used as a quick and effective incapacitating agent for kidnapping people.

Thus it might not have been an attempted execution but kidnapping, or something else possibly compleatly bizar involving illegal drug supply and usage. We just do not know, however as it happened in a public place video footage may come to light which could give more information.

Again at the time of the news report of the two people only information about the man is known not the woman who is apparently half his age. Thus we do not know if he is the only potential target for an attack.

Thus we don't have sufficient information to make a valid assumption. Just some base facts that the authorities will consider in their investigations to uncover more facts and move to what probably happened.

Gathering facts and not jumping to conclusions via suposition is something I repeatedly say in various forms on this blog and have done so for years along with cautioning about claimed evidence.

Yet despite that a number of people behind what are anonymous handles since the US has been on it's "existential threat" FUD fad, claim that I am pro-Russian or Anti-American despite long standing evidence I am neither pro or anti any nation, I make comment on the actions facts and evidence available.

I guess it realy says more about the anonymous commenters biases and message pushing actions and their inability to take responsability for their actions than it does anything else. Which is sad realy as it brings the quality of the blog down.

Oh and for the record with regards this incident I have made two factual statments about Russia that I susspect some readers will think makes me "anti-Russian". Thus it can be seen what a stupid game claiming bias is, unless of course the desire of those claiming bias is to suppress free speech.

Are you of the anonymous handle @Ares trying to suppress free speech because of your biases?

Oh and is the @Ares handle in effect a sock puppet handle?

Perhaps you can point out other comments you have made under that handle from pre the US election?

[1] This is the same hospital who's staff had a number one UK singles chart Xmas Charity record.

[2] https://en.m.wikipedia.org/wiki/Moscow_hostage_crisis_chemical_agent

[3] It has been reported that Fentanyl deaths in some areas are comparable to road deaths and are rising rapidly. So much so that there is an enquirey as to if Naloxone should be reduced from prescription status to effectively over the counter status.

Clive RobinsonMarch 6, 2018 2:27 AM

@ Ratio,

Remember that after the Steel Report came to prominence it was his ex MI6 colleagues that dropped suggestions he had gone off the rails.

It was then that certain of his actions about getting the report finished and accepted in the US were made public that further made him look of the rails.

His current work colleagues distancing them selves from him after he had gone into hiding made it look worse.

Thus the question of if he has gone off the rails arises, to which there are a number of answers.

Only one indicates he has not, by insted saying he has been targeted to be discredited by the IC community...

Not a nice place to be in what ever the truth of the matter, as he has been effectively burned and will have to change what he does by way of employment.

Proof if you like of the reason for the old saying about messengers and messages.

echoMarch 6, 2018 5:42 AM

@clive

I found the other media covering the spy story a little later. Other papers have a better spin on things.

Yes, I caught the Trevor Bayliss obituary in the Guardian (and Independent?) later. It's sad he has gone. He seemed like a fun and decent guy. I hestitated about posting this news as I wanted to share this with you. Thanks for posting this.

The way Trevor was ripped off was very sad. Therehas been talk of reforming the UK patent system and access to business advice and investment capital for lone inventors but as far as I can tell this has just been talk. There has been no serious momentum for meaningful change.

The rise of managerialism and marketing and accoutnants is well known. I note some contributors to this blog have commented on product brainwashing taking the place of craftsmanship and skill and education. Tomorrows World on which Trevor Bayliss first gained exposure is no more along with the likes of William Wollard and the old school Top Gear are gone too. As for the Americans they are fighting their own "right to repair" battle.

echoMarch 6, 2018 6:00 AM

@clive

I read an article the other week when there was a tug of war between the various American political wings over the veracity of allegations. One comment said the substance of what Steele reported has held up while the other side said it's valueless. It's a bun fight wrapped inside a ball of string hidden within a squabble.

Shooting the messenger and vested interests do seem to have momentum at the moment. Apparently, there are funny goings on on the environmental side with vested interests and regulatory capture trying to block certain pesticides from being named as culprits in crucifying the bees and insect population which the flowers and birds we depend on for the food we eat. There's nothing like sawing off the branch you are sitting on is there?

echoMarch 6, 2018 6:25 AM

@ares

I don't disagree with Clives observations on the alleged spy poisoning story.

I note Fentanyl is naughty substance of the week which caused me to suspect the quality of the story given Fentanyl has a headline only the week before.

I also posted much earlier in the topic links to stories about the UK security services being authorised to committ criminal acts and also failures of regulation with respect to survellience.

ThothMarch 6, 2018 8:31 AM

@all, Clive Robinson

Vulnerability in the WebUSB feature of Chrome browsers have been shown to be able to target once thought of as 'phishing-proof' Yubikey hardware tokens.

The problem with these tokens are their apparent lack of screen and buttons to allow checking of the authentication which I have always banged on and the other problem is now Web technologies are bleeding into Native platform interfaces via the Web ASM language to allow issuing of Assembly commands over JavaScript and now the new and shiny but flawed WebUSB to allow JavaScript access to all your USB interfaces.

It's about time these bleeding of unnecessary and potentially dangerous technologies should come to a halt.

Also, the FIDO protocol, if carefully studied is flawed cryptographically in my opinion as they do not attempt to create an End-to-End Authenticated and Encrypted channel. In fact, the FIDO protocol simply places trust on the use of valid and secure SSL/TLS certificates and channels and makes a heavily flawed assumption that the SSL/TLS channel it relies on the Web Browser is secure. It explicitly does not take into account the fact that SSL/TLS has routinely been spotted with fatal flaws in implementation and design.

By making the fatal assumption of trust on the SSL/TLS "protected" webpage for login and to transmit authentication challenges relying on the SSL/TLS of the login page, the FIDO protocol thus is as good as a one-way signature scheme of authenticating the user but not allowing the user to authenticate the server as well.

In fact, one of the known weaknesses in FIDO authentication is the incapability of guaranteeing the session from being hijacked despite it's claims of being resistant. Since FIDO protocol is simply a digital signature over a simple challenge-response of nonces while relying and assuming security of the SSL/TLS channel.

One example which is the nonces that have to be signed by the FIDO token can be intercepted by a malware in the endpoint and the stolen 'signed challenge' can be transported to another computer and fed to the server which if the attacker and victim's computers are behind the same external IP addresses, the server cannot tell if the signed challenge originates from an authentic token holder's computer. The suggestion is to use SSL Channel ID binding to bind the SSL/TLS Channel ID but this has been acknowledged as a stand-in temporary stop-gap and not 100% foolproof.

In a scenario where a SSL Proxy or Intercept Device is used to intercept and decrypt SSL/TLS packets and then re-encrypt the SSL/TLS packets, an adversary capable of such (i.e. a TLA or HSA) can and will exploit their position of controlling Root Certificates and force the installation of 'Lawful Intercept Root Certificates' to enable SSL Proxying and defeating SSL traffic and thus breaks the TLS Channel ID binding and the ability to steal signed nonces for whatever purposes it maybe (i.e. impersonation).

As usual, I have tried to point out the fatal flaws but it usually goes down the drain because those who promote FIDO says that despite the flaw, FIDO still is 'better than passwords' and thus fulfilling it's role as being a 'not-so-low-hanging-fruit' argument.

The better way to go around for FIDO protocol's weakness is to have it open it's own Secure Channel end-to-end while authenticating the server as well as the client as per proper End-to-End security does and terminating the security not at the endpoint device which is considered compromised but to terminate the security at the security token where only the security token knows the security nonces being exchanged for challenge-response and to have a secure display and input to show the status of the session.

FIDO protocol is an attempted try at passwordless access but it's really a half-baked effort with so many dangerous assumptions in an effort to get business up and running just like any other businesses.

Link: https://www.wired.com/story/chrome-yubikey-phishing-webusb/

RatioMarch 6, 2018 2:56 PM

@echo,

stor[y] about the UK security services being authorised to committ criminal acts

Someone did not understand this sentence before writing a story: “The Investigatory Powers Commissioner shall keep under review the application of the Security Service guidelines on the use of agents who participate in criminality and the authorisations issued in accordance with them.”

(Today's riddle was brought to you by the letter “A” and the digit “6”.)

RatioMarch 6, 2018 3:28 PM

From Russia With Blood (2017):

Lavish London mansions. A hand-painted Rolls-Royce. And eight dead friends. For the British fixer Scot Young, working for Vladimir Putin's most vocal critic meant stunning perks – but also constant danger. His gruesome death is one of 14 that US spy agencies have linked to Russia – but the UK police shut down every last case. A bombshell cache of documents today reveals the full story of a ring of death on British soil that the government has ignored.

Apparently I neglected to link to this story when I read it last year.

HmmMarch 6, 2018 3:49 PM

That just asks more questions than it answers, what do they mean "hand-painted" Rolls Royce?

:/

Clive RobinsonMarch 6, 2018 4:01 PM

@ Hmm

I can not pass comment on WashPo stories they are firewalled.

It's fairly obvious that you now have a policy of attacking anything I say in any way you think you can which is how shall I put it politely indicative of a stalkers mind.

As for Mr Steel going back to work he owns part of the company he works for but that does not change my point of,

    he has been effectively burned and will have to change what he does by way of employment.

Which for some reason you don't appear to understand. It's about what he does not who he does it for.

For instance he still has two court cases to deal with as a minimum.

Firstly he's got the Russian businessman Aleksej Gubarev, who filed his charges against Buzzfeed in Florida over the Dossier, which Mr Steel's lawyers are trying to stop,

http://www.independent.co.uk/news/world/americas/us-politics/trump-dossier-christopher-steele-latest-lawyers-say-testimony-could-hurt-uk-national-security-a8195926.html

http://nationalpost.com/news/world/russian-billionaire-seeking-to-force-testimony-of-british-spy-behind-trump-dossier

You will see that as part of the US action, a case has been started in the UK courts, but... Mr Gubarev has a second case pending in the UK against Mr Steel and the company he works for.

Then there is that slow rumbling of the GOP inspired Republican senators, Lindsey Graham and Charles Grassley refering Mr Steel for "lying to the FBI" over contacts with journalists based on those London Court documents.

From the past two court cases I've been involved with at director level they occupy months of your time, at full time or above. You stop running the company or doing your other activities, even your social life. But that is usually the point of such cases.

But all of that does not resolve the issue of the fact his face is "known to the world" and that makes him a valuable target now. So his travel abbilities are very limited at best. He will even have to be carefull what routes he flies to where he can go. Which means as I said he "will have to change what he does by way of employment". But you don't appear to have thought about that, or any other of the very many changes Mr Steel is going to have to make.

If you don't understand that basic point then you need to do a bit of reading, there was an article about what it ment when he got burnt the first time whilst still working at MI6, you should hunt it out.

For instance one of the reasons Mr Steel got challenged was that he was using intermediaries to get some of the intel because he can not go back to Russia as he was burned there some years ago. Whilst "hearsay evidence" is not particularly of interest in intel reports when it comes to court cases it's a rather different matter and because of that investigative journalism as well.

As I have patiently explained to you and others on this blog the type and quality of evidence matters not just for courts but when a nation makes public accusations against another nation. Thus extrodinary claims need extrodinary evidence. Prior to the Obama administration that is what generally happened all the way back to the Cuban Missile Crisis. It's why I keep reiterating the point about HumInt and Internet attribution that you still do not appear to grasp.

I am whole hartedly sick of your sniping over your distorted party political view point.

As I've repeatedly said I do not do party political nonsense nor do I do my country right or wrrong. What I do do is evidence at a level where it can be considered such by legal evidentiary procedures and practices.

You obviously take exception that I don't buy into your party political view point and you hide behind an anonymous handle and waste god alone knows how much time doing the equivalent of trolling. Your most recent attempt being,

https://www.schneier.com/blog/archives/2018/03/russians_hacked.html#c6771535

Have you actually read the Moderator comments about "Party Political"? It's increasingly looking like you have not.

And others are complaining about your behaviour as well. The fact that you make multiple serial comments indicates either you are not making your thoughts clear before you post, which means amongst other things you clutter up the 100 latest comments page which from recent discussions on this blog is likely to upset quite a few people, which might be your actual intention. And no doubt other users of this blog will be getting upset with me trying to politely tell you to stop your behaviours.

HmmMarch 6, 2018 4:42 PM

"It's fairly obvious that you now have a policy of attacking anything I say"

Very funny Clive. You and I know that's not true.

HmmMarch 6, 2018 4:50 PM

Chris Steele is not a spy, Clive. He was not spying when he procured the facts in the dossier.

Nor was he 'undercover' or wearing a disguise or any of it. He can still investigate things.
That's his job. He did take a break for a while due to unfortunate spotlight problems.
That can't really be helped given all, and he had no idea his research would lead to that.

So you're asserting that Steele has "a damaged reputation" "can't do his job" etc...
It's a bit much when he's back at his old job, doing exactly what he did before.

I cited that for the reason of illustrating that it's a fact. You STILL have issues with that!

You go out of your way REPEATEDLY on this blog to try to smear Steele with NOTHING.
If you aren't doing it intentionally I figure you still should be confronted with it.

It's not personal, and no I don't take offense or issue with 99% of what you say here.
Honestly and from my heart.

HmmMarch 6, 2018 4:51 PM

"You obviously take exception that I don't buy into your party political view point"

False. You can have any opinion you want. You don't get a separate universe.

HmmMarch 6, 2018 4:58 PM

"As I have patiently explained to you and others on this blog the type and quality of evidence matters "

And bringing none in fact matters plenty as well.

"Whilst "hearsay evidence" is not particularly of interest in intel reports when it comes to court cases it's a rather different matter and because of that investigative journalism as well."

None of the dossier is being used as anything but a jumping-off point for further investigation.
The investigation into Russian collusion was neither started by nor built on the dossier alone.

Learn this fact so that you can clear your head "politically" or however you wish to feel about it.

But it's a fact you need to take heed of, and that's also not personal Clive.
You are among a lot of people who are dismissing what they themselves know to be true.

Why you do it, I can't say, but in your case it does appear political because you keep raising my factual rebuttals of what you're saying as if my only interest is political. I can say that "politically" I do have an interest in justice being upheld and liars being held accountable. If you want to damage Chris Steele, prove him a liar.

Studying how you are convinced of what you think you know in this case could be a case study of itself.
I don't want to prove anything about you personally because this isn't about you, or myself.
In fact I rather like you, albeit not from this angle.

HmmMarch 6, 2018 5:18 PM

Last on this from me -

You are now trying to censor me for disagreeing with you on the merits. Not so nice.
You've made unreasonable accusations about my motives given what I've said and cited.

That's something that I'm not going to feed into just because I disagree with you on certain facts.

I'll live, we'll see what happens and what turns out to be provably true. It's not decided here.
I think it's below you to do that. You decide what you believe.

HmmMarch 6, 2018 6:19 PM

@ Moderator

I've said my piece but I felt a need to defend myself from accusations. I hope that is apparent.

JG4March 6, 2018 6:50 PM


In case anyone couldn't guess where the previous link came from. It will be very handy if room-temperature superconductors are practical.

https://www.nakedcapitalism.com/2018/03/200pm-water-cooler-3-6-2018.html
...
News of The Wired

“Surprise graphene discovery could unlock secrets of superconductivity” [Nature]. “A sandwich of two graphene layers can conduct electrons without resistance if they are twisted at a ‘magic angle’, physicists have discovered. The finding could prove to be a significant step in the decades-long search for room-temperature superconductors…. ‘We can expect a frenzy of experimental activity over the next few months to fill in the missing parts of the picture,’ says Robert Laughlin, a physicist and Nobel laureate at Stanford University in California.”

“The Benjamin Franklin Effect: The Surprising Psychology of How to Handle Haters” [Brain Pickings]. Do them a favor!

“Why I’m not on board with quiet carriages” [The Spectator]. “The quiet carriage, when you think of it, is akin to the idea of a safe space. Just as in a quiet carriage the rules are set by the single most neurotic person on the train, in a ‘safe space’, the terms of acceptable discourse are set by the thinnest-skinned 0.01 per cent of the population. And like the quiet carriage, this simply does not work.” It works fine. Now, get off your cellphone before I call the conductor.

...

echoMarch 6, 2018 7:39 PM

@JG4

Thanks for the links. I am intrigued by superconductivity. I was also scratching my head tonight wondering what the name of a blog was which I used to read because I wanted more variety and up Brainpickings pops! Before I collapse into my keyboard I must read your links tomorrow.

Mads M.March 6, 2018 8:58 PM

Clive Robinson

Thank you for your comments regarding the communications of @hmmm
I agree

@hmmm

Have you ever travelled outside of your country (I am not presuming to know which country you call home)
When one is in a foreign land, one adopts a temperate and somewhat circumspect attitude, for one is sensitive to the conventions of the locals and it is understood one is a guest. Humility, openness, and moderation: in a foreign land these are key for courtesy and indeed longevity. There are rules everywhere and one must adapt to them.
All those whom have achieved emotional maturity, meeting on this forum, practice such moderation here. Some may be wild in their views yet she is successful whom is gentle in communicating them.
Your receptivity to these facts will be of benefit to you and those you wish to converse with. Absorb them and your life will not remain as it currently is.
Anyway don't you have some gardening that needs doing? Fixing the car or, repairing the roof or something?


Alyer Babtu March 6, 2018 9:17 PM

The nakedcapitalism link above also mentions robot clothes making. Shima Seiki has sold automatic computerized 3d knitting machines for 20 years. A documentary I saw 3 or 4 years ago seemed to show a recent model taking a scan of a person’s body, converting the scan to a program for the knitting machine, then running the program and producing a perfectly fitting dress in a single piece.

HmmMarch 6, 2018 9:51 PM

@ "Mads"

I don't believe we've spoken much at all previously. I should remember such a facially polite (if dishonest) encounter.
Actually yes, I'm aware that various world places have rules - laws even. I've seen this firsthand in fact.

"Anyway don't you have some gardening that needs doing? Fixing the car or, repairing the roof or something?"

I was too busy getting important life advice from a mature well-travelled stranger on the internet who I haven't spoken with at any length, who also doesn't seem to see my point of view as valid, and who doesn't speak much on this forum (that I can casually find to reference) except to give such sage advice to me - but only after a moderator has already told me to stop engaging, interestingly. This the second time. It's hard to know why that is exactly.

It's in fact night time where I am; I live in the US, I'll be presumptuous enough to disclose that.

That makes roofing quite difficult, and gardening at night is kind of an odd thing also.
Perhaps not where you're from, I won't presume worldly nighttime roof gardens aren't a thing.
My vehicle runs, though BMW has made it difficult to continue repairing it myself ad infinitum.
Another suggestion run down. Knitting perhaps? I don't, sadly, if you're about to suggest it.

I suppose you could tell me to take a hike alternately, but you choose to be "so polite" instead.
Night hikes, I do actually enjoy. It might be the most valid suggestion of the group.

I do read though, and what I read varies from this very blog full of wonderful ideas and new paradigms and interesting worldly people who I value even if I don't say that constantly, including today various aspects of Ethereum I hadn't before considered... which often leads me down various paths of my own self-edification.

I value this blog, I value Bruce's insights and those of the internet at large. I understand that this implies I'm agreeing with foreigners, and I'm very ok with that. Not all "muricans" as myself are hostile towards other cultures, though I could see why you'd assume that about me having never met or discussed anything with me except after I've just finished with an argument on the merits about something you weren't involved in and don't discuss at all...

Sometimes, when reading in fact, I come across things that contradict. It does happen.

Polite as I try to be, the ends don't meet in the middle. Something is not as represented, sometimes.
In exploring these discrepancies, sometimes it's easy to lose sight of what's important or how to demonstrate it.

I admit, I have made mistakes in my approach in arguing various things. Sometimes merely pointing out that something isn't factual really doesn't bear much fruit in certain soils, somehow, maddeningly enough. I've matured in that realization, you can be assured, as you've demonstrated your care for how I spend my time.

I'd love to have more discussions with you in the future, preferably not directly right after Bruce has told me to stop arguing a point with someone that I still maintain I was arguing on the merits, and to wit's end as I went out of my way to bring the discussion back to the factual basis of the argument at hand. It just seems an inappropriate time right now, because I said I would disengage and you can read that above.

So allow me to disengage, but not after wishing you a very mature and worldly evening as I actually do take your words to heart, despite perhaps the obviously false intent in your putting them to me as you did, right now.

Let's talk again soon about my life as we both understand it.

Clive RobinsonMarch 6, 2018 10:32 PM

@ Ratio,

With regards the buzzfeed article, this quote just about sums it up,

    The reasons for Britain’s reticence, they [17 intel operatives] said, include fear of retaliation, police incompetence, and a desire to preserve the billions of pounds of Russian money that pour into British banks and properties each year.

If you want to know more about UK "police incompetence" you might want to start with Surrey Police and "Deep Cut Barracks". The Met Police and a whole host of undercover operations that got blown open because an undercover oparative could not keep it holstered and fathered a child with a woman he was investigating. As for Yorkshire Police just google them and the word scandle or incompetence...

As for the money, it's not just the Russia's the UK provides the criminals and politicos with a revolving door laundromat, via the likes of "Limited Liability Partnerships"(LLPs). The London property market is massive with few houses worth less than 1/2millionUSD equivalent. If you walk down any suburban London street every three houses on average represents 1millionUSD equivalent of mortgage debt... The reason the price of property is so high is that "foreign investers" courted by the past few political encumbrants have been buying it all up and creating artificial shortages. How much of this money is from criminals and politicos on the take is unknown but at one point it was possible to find out which properties had been purchased through LLPs and it was astonishing.

The UK government has a problem in that much of the supposed wealth of the UK is tied up in property debt, if the bubble was to burst, well maybe the idea that this Sceptred Isle is unsinkable would be severly challenged as it went for a swirly.

The question is of course with Brexit devaluing the UK currancy drip by drip day by day, how long before the money comes out of the laundromat door to another laundromat somewhere else in the world? There's a reason they call such things "bubble markets".

Thus I can understand people pointing out there might be a political reason for these "alledged" events over and above incompetence.

Less clear is the case for Russian reprisals I suspect that the Kremlin has a reasonable idea that the investment in Russia from the UK has a goodly proportion of Russian money backstoping it indirectly. But the Russian's need foreign investment to keep the country afloat. Trying any financial reprisals would likely cause a withdrawal of investment funding into Russia which would not be what the Kremlin needs as fiscally it's one a bit of a knife edge due to welfare and military funding. The Putin speech at the beginning of the month brought out a whole load of financial predictions from various sources indicating that the books are going to be difficult to balance even without his pre-election promises...

As I noted the other day Russia has laws that effectively alow for executions outside of their jurisdiction, thus any executioners that make it back to Russia are guaranteed not just that they are safe from extradition but that they will be "looked after" as well.

Which raises the question of could the UK actually keep such people out of the UK? I suspect the realistic answer is no. Which raises the question of who the Russian's might target for execution. So far it could coldly be said "it's their own" with the implication that it is acceptable. But under treaty law which the UK has signed upto that is unacceptable. But for the sake of argument there is no reason why the Russian's could not start notching it up all the way to UK Politicians. Could the UK stop that realistically no. The only leverage the UK realisticaly has is financial via sanctions and stopping investment, neither of which will provide a "short sharp shock"... Plus sanctions realy don't work, in fact they have been known to cause the opposite of the desired effect, causing a nation to become hard line with the citizens actually backing their governments acts.

The other alternative of the UK sending in it's own executioners won't realy work as Russia has way better border controls and less people crossing them as well as being a lot less ethnically diverse.

It's a mess with no easy way out for the UK. Which is what I expect the Kremin relies on. You can see how little the UK options are from the mouth of our current Foreign Secretary,

https://www.theguardian.com/politics/2018/mar/06/boris-johnson-uk-will-respond-robustly-if-russia-poisoned-spy

But it should be noted that the UK acting as a fiscal laundromat has got it into this sort of trouble before. It's not that long ago that London was a major meeting point for terrorists, arms dealers, serious organised crime and a whole range of other nasties. The view point appeared to be "if you leave us alone we will leave you alone"... As history shows in any group there is always one that acts against the rest of the groups interest, thus you don't get left alone when you turn a blind eye...

As for some of the executions they were clearly ment to send messages thus the poisons used other than acting slowly enough to alow the perpetrators to get out of the country were ment to be found. There are a whole range of other poisons that do mimic natural causes and don't show up in normal toxicology screens. Unfortunatly for an assassin they tend to be quite fast acting like neuromuscular blocking drugs based around acetylcholine that break down into chemicals that would be found naturaly in the body (sux apparently being the one of choice). But they leave traces such as the wound at the injection sight and other abnormalities which will show up sufficiently at a forensic autopsy. There are other chemical poisons such as dimethylmercury, but they are so dangerous it would as likely kill the assasin as it would the target there is no antidote and the death is realy unpleasant and can be quite drawn out,

https://en.m.wikipedia.org/wiki/Karen_Wetterhahn

Which makes the originally reported events around the Russian Sergei Skripal and his daughter Yulia in Salisbury odd. But as I expected it appears the "facts" are changing as things become clearer, though there is still a lot of people speculating,

https://www.telegraph.co.uk/news/2018/03/06/russian-spy-may-have-targeted-deadly-nerve-agent-experts-claim/

But one thing people should remember is that Russia executing people for political reasons is not new, it's been going on for just over a century and almost as long as Russian Communism has existed. Often it was brutal beyond belief.

https://en.m.wikipedia.org/wiki/List_of_Soviet_and_Russian_assassinations

Clive RobinsonMarch 6, 2018 10:46 PM

@ hmm,

Chris Steele is not a spy, Clive. He was not spying when he procured the facts in the dossier.

What a very curious statment for you to make.

A simple search of this page shows that of the two of us you are the only one to use the word "spy" or "spying" with refrence to Mr Steel.

So yet another of your unfounded allegations against me...

As I've worked my way slowely up the 100 latest comments I find them over and over even when I've repeatedly asked you to stop with your behaviour, yet you persist... You realy are a troubled individual.

HmmMarch 6, 2018 11:15 PM

@ Clive

I persist with my citation of the factual record, Clive, if that's your question.

I can't really get into it again after your complaint above and Bruce's admonition.

I'm going to send a couple hundred random characters now just to test my prcg:

[I meant not still a spy, he's an ex-spy working as a professional legal investigator now for years..
Therefore being "burned" is less of a thing, because he's mostly interviewing people "as himself."
They know who he is, so yes the argument could be made that limits his ability to go incognito...
but that's really not how he got his information in the dossier or generally, from what I gather.
Unless you have the back of a Mad magazine that folds into something interesting to point to?]

I'm not supposed to be engaging.. yet I can't.. make it so.. (@Bruce, Apology sincere)
http://i0.kym-cdn.com/entries/icons/original/000/000/554/picard-facepalm.jpg

"As I've worked my way slowely up the 100 latest comments I find them over and over even when I've repeatedly asked you to stop with your behaviour, yet you persist... You realy are a troubled individual."

On one hand I'm being spoken to directly by you, on another hand I've said I won't respond.
Bravo. You win, checkmate, I cannot respond. Sometimes the best move is not to play.

You seem to be taking advantage of this fact, I'll suggest anonymously, watching for flying bricks.
It's worth noting also that you're above calling for me to be moderated as I was.
If you want to make a liar of me, this is kind of a tricksy way to accomplish it.

I'm done fighting over things that neither of us can actually decide or even really determine.
The factual record doesn't need my help to win in the end. This is a blog! What was I thinking?

My apologies for ever doubting your sources, should you later mention any that make your case.
Let us now enjoy our evenings, eh Clive? There's no point in poring over historical opine really.

Mind one thing : a fact is apolitical by itself. It doesn't care.

RatioMarch 7, 2018 7:41 AM

The Breach from the East (Der Spiegel):

[It’s still unclear when or how the FSB-linked group known as “Snake” or “Turla” managed to penetrate the Federal Academy of Public Administration in the town of Brühl, just south of Cologne.] What is clear, though, is that after they first infiltrated the system in Brühl, the hackers were able to comb through the German Federal Administration Information Network, or IVBB, which is used by key legislative and government bodies. Eventually they reached their objective: Department 2 of the Foreign Office, the section that is responsible for German foreign policy within the European Union and for Germany's relations with the countries of Europe, North America and Central Asia -- including Russia.

[...]

A foreign partner agency brought the IVBB attack to the Germans' attention on December 19 last year. On January 5, the [Federal Office for Information Security, or BSI] discovered the breach at the Academy in Brühl. Since then, the security agency has surreptitiously allowed the attacks to continue in a bid to identify the perpetrators and learn about their methods. To do so, BSI experts isolated, mirrored and simulated the communication of the compromised computers so the attackers would have the impression that everything was still proceeding according to plan. They couldn't cause any more damage anyway.

According to a story in the Süddeutsche Zeitung (in German, titled So schleusten die Hacker Daten aus dem Auswärtigen Amt), the hackers used email for command and control:

Die Mail, die die Angreifer an den schon infizierten Rechner schicken, enthält einen Anhang. Solche Anhänge werden von Outlook heruntergeladen, ohne dass der Nutzer mit ihnen interagieren muss. In diesen Dokumenten [...] sind versteckte Informationen enthalten. Das sind Befehle wie: "Hacke den nächsten Rechner, verschicke ein Dokument!"

Das heißt: Die Schadsoftware, die sich auf dem infizierten Rechner befindet, bleibt zunächst passiv. Sie scannt das Postfach und wartet auf Instruktionen. Eine Sprecherin von Microsoft wollte den Fall auf Nachfrage "zu diesem Zeitpunkt nicht kommentieren."


Finally, Der Spiegel also mentions the following:

According to intelligence sources [...] the computer system of the Bonn-based International Paralympic Committee was hacked [by APT28 in the past few months]. The culprits had no problem gaining access: They loaded the malware onto the Android smartphone of one of the committee's delegates while he was staying at a Moscow hotel. The hackers used the hotel's WiFi.

Anonymous2cMarch 7, 2018 1:45 PM

OT
In looking for a 'recent' post by Clive R. I learned that there are fifty one hits for Clive on this thread.

Clive RobinsonMarch 7, 2018 2:09 PM

@ Hmm and others,

Well, shoot.

The Intercept article kind of also describes what people in industry were trying to do on a smaller independent basis. You might remember the time when talk of "hack back" and other digital vigilantism was rife because the open ICT community felt as though they had been abandond to their fate by the their Governments the USG in particular?

The small advantages the NSA had being mainly one of resources, and freedom from prosecution. But the FBI was rumoured to be getting into the act as well due to "hacker recruitment by plee bargin"... (apparently more myth than actuality).

Neither the NSA or FBI were of any real help to anybody and eventually various ICTsec companies started cooperating with each other, and due to lack of resources and fear of prosecution the only route legitimately open to them was analysis. What got them doing this was probably Stuxnet, it kind of made them realise they were never going to get help from governments so they had to get their acts together and also grab a bit of glory for themselves in the process. Out of that the APT numbering system started but as you can see from the Intercept article there are many problems you can not even get close to solving without "reaching out" but even that has it's problems.

You asked a little while ago how I "know things" some of it is in part the way I look at problems and thus independent research, which I have been doing since the begining of the 1980's. Quite a few engineers do this but they rarely talk openly and almost never publish papers because of legal issues.

So onwards as to why there are real problems with "reaching out" / "Hack Back", thus digital attribution.

In the early 1930's Kurt Gödel published two papers on mathematical systems limitations. They apply equally as well to logical systems that had at that time not been realy thought about.

On the history side a century before Kurt Gödel's papers Charles Babbage had sadly been a statistical blip. That is a man well before his time which is why his lasting claims to fame would be that he caused standardized threads (Whitworth) to come to be and the penny post. However everything that needed to be in place to make more generalised computers was in place in terms of Boolian logic De morgans logical extensions and electro mechanical relays. But it would have to wait for the work of Alan Turing and slightly later Konrad Zuse to turn it into the first electro mechanical computer and Tommy Flowers who designed the first fully electronic switches that could opperate at a suitable speed and importantly with high reliability, No mater how many roadblocks the electro mechanical brigade threw up along his path.

What Kurt Gödel's two works tell you is that there is no algorithmic system that can show it is consistent. By logical extension it tells you that no computer can tell you if it has malware on it or not... A point that is quite important to a person using unauthorised access to a computer. They can only see what the computer has been programed to show them, whilst it would be difficult to fake a computer within a computer and survive front pannel access, as virtual systems have shown, it can be done quite easily when people access via the network or serial ports etc (see the honeynet projects for simple versions of this).

The next point to understand is that you can only see as far as the next node in the system/network. That is if the node upstream of you sends you false data then you have know way of knowing that it is doing so with only that channle of communications to work with

The upshot is even if you get what you think is a toe hold on a computer you actually have low confidence about what it tells you. That is the computer could be an effective honeypot or tarpit you have no way of knowing without some kind of verifiable channel where every node in the path can be verified. Doing that is not only very difficult it's very resource intensive which makes it very far from stealthy thus easily detected with moderate equipment by a defender.

But there is another issue, whilst you might be able to bounce a signal down the transmission line it will only give a reflection off of an incorrect termination (look uo Time Domain Reflexometery and "return loss" or VSWR). It is also possible to "vampire tap" a transmission line in such a way that the return loss from say a ditectional coupler is too low to be measured reliably, thus as an attacker you have absolutly no idea if what you are doing is being received on instrumentation in the communications channel or not. Having designed, made and tested such vampire taps and had them tested by customers with "exacting standards" I'm reasonably confident that they cannot be detected by either a down stream or upstream node without more specialised equipment. When used in a system correctly individual packets and streams can be switched into a tarpit or honeytrap and false returns generated etc. As the technology not just exists but has customers you can start seeing why I know that attribution on data on the network is actually a lot lower in accuracy than many including supposed experts think. You can chat to any reasonable comms engineer and have this confirmed, as for computer security experts, they generally know very little about communications technology other than there's a socket in the wall with wires behind it that goes to a patch panel... The moral chose the right domain experts to ask questions

But lets say you have actually got to a node in a circuit from an attacker, how do you tell if it is just an inline node to another network node or an end point node?

The simple answer is you can not as a simple example will show. You've got into a *nix box, and you see a "suspect process" you need to find how it is being controled. There are various ways it can be done ranging from a tty device, via one of several IPC methods including "unix pipes" or via files in the file system that can be on the *nix box or brought in from some other box across a network. Lets say that after sluthing around, the *nix box indicates to you it's via a real tty device. Assuming the *nix box is reporting honestly, you then have a problem of working out what is on the other end of the "serial line". The simple answer is if it goes into an appropriate issolating device you will find only that it speaks some form of VT52 etc protocol which if it's in an appropriate mode will not give you any timing information you can use (which is the principle way to find distance). For instance I could put a simple store and forward device in the line that gives a near instantanious hardware flow control indicating that that device is very local but a higher level signalling protocol gives a time delay of say two seconds which implies that the next node is anything upto 300,000Km away which is of no use what so ever because any point on the earth would be within ~40,000Km... But again that store and forward device could have response scripts etc that could be set to any response time from uS to close to a timeout period of another protocol. Thus you only see what the defender wants you to see. In a modern computer system a USB to RS232 converter is at most 10USD, and you can get microcontroler development boards from 10-100USD that you can program in about a week to do a VT52 protocol with a store and forward back end. As there is no OS to hack and you can instrument the RS232 connection you can "mandate the channel protocols" and anything you do not alow will raise an alarm that will cause a shutdown or other change of behaviour. Which means that an attacker is very limited in what they can do beyond passively listening. Again if you look back on this blog you will find I've developed and built such devices for providing a strongly mandated communications path to a gapped computer.

Thus even the NSA get stuck in that tar-pit and their only way around it is via a very resource expensive process --black bag job-- that won't get them much of anything at all if the defender has abticipated it.

Thus electronic attribution of code, data etc is very far from what people are led to believe by so called experts. Likewise falsification of the real end point location is almost trivial. It's well within the abilities of that proverbial 400lb teenager sitting at home on their bed, if they had the sense to get off of their backside and do a little work in somebodies void space such as that in hotels, guest houses and even toilets in shopping malls and cafes. As they say "been there done that" had some fun.

It's why I point out the work of the Dutch and Isreali SigInt entities is very important to take note of. They know that such data based attribution tells them little or nothing of worth unless they are surveilling the unwary. Thus they go after the next best thing which is "HumInt across the wire" by going for the Human Computer Interface where possible on what they believe is the end point. The Intercept article mentions it a couple of times but unfortunatly they do not follow it up which is quite remiss of them (and the "experts" they talked to). But then you have to know the right questions to ask to get the right answers.

The thing is the wary know that old school terminals don't do video and audio only cadence of typing and display, and a store and forward device kills those channels dead for HumInt purposes. So the attackers try for the next best thing which is other devices on the same subnet or on other subnets that are payed for by those who pay for the suspect subnet. Hence the incorrectly issolated IP-Cams assumed to be in the same building. But hears the rub the IP protocol only goes down to the layer above the "physical layer" as anyone who has worked with older telecomms equipment knows the IP network may well be sitting on top of a circuit switched network that has routing protocols of it's own. Thus there is actually on the technical side low confidence that two adjacent IP addresses are even in the same zip code let alone building or room...

That's were as the attacker you have to start using the equivalent of traffic analysis on what little HumInt you have and over a period of time build up an association diagram. This was highly classified information untill recently. It might take you a year or more to build up the analysis but if those being attacked are not sufficiently wary it will give you a degree of circumstantial evidence. Which is fine for intel work but insufficient to use as primary evidence for court action.

These sort of techniques were classified as above secret for obvious reasons until the US burnt both the Dutch and Israeli "methods and sources" for political reasons... Now even that 400lb teenager sitting on the bed knows they have to up their game a little bit. So what was a very valuable intel tool is now not much more than a pile of cinders in the fire place of history. I'm guessing the various intel agencies will still keep looking though, because whilst individuals can be smart, even the 1% of geniuses collectively can do some quite dumb things.

Doing a false flag with additional "HumInt" decoying is actually possible but it ends up a bit like those old spy TV programs with the CCTV tape loops. If an attacker is observant they will notice identical frames and the like and know they are being had. CCTV from a university however can be used providing you have some measure over course control. That is you can make students appear at certain times and places and if the video feed is outside of a computer lab you can use facial recognition systems to identify students automaticaly. A few years ago there was someone working at Kingston University developing facial recognition tracking systems for Transport for London to amongst other things identify people loitering in underground stations. TfL were looking for beggers and other undesirables automatically to alert platform staff etc. The last time I looked at the system it was more than capable of being used to do such video false flag operations provided you added a 10-15 second delay to the video feed an attacker can see.

But there are also semi-old school techniques that uses some quaint names like "Pole Jobs" I've mentioned some of them on this blog before, along with discussing how to make your own long distance private network using the likes of raspberry pi computers WiFi and Mobile Broad Band dongles and HF through to UHF and beyond transceivers some of which can be purchased for 20USD ready to go from Chinese manufactures. These you can then put on the likes of municiple high rise car park lift shaft motor rooms. You use an appropriate metal box stick an appropriate engraved contact information plate on the front cable it in neatly and the chances are good nobody will give it a second look and if they do the chances are very high they will just ring the contact number and take it no further if you talk to them in the right way. Because in the main humans are helpfull not suspicious. As for getting a valid but untracable phone number that is no more difficult than it is a server or IP address in another country.

You can also do the equivalent of "a rock that talks" it has been reported by the Russian's that they had found a plastic rock in a Moscow park that "British Inteligence" was using as a high tech version of a "Dead letter drop" to communicate with spys they had recruited in Russia.

Obviously nobody is confirming or denying the story but you can build your own for not much more than 150USD I've built a couple of such devices for "geo-tag" players, it's a cross between amateur radio "fox hunting" and "orienteering" using low power ISM Band equipment and WiFi enabled smart phones with GPS. You can build your own talking rock using the OpenWrt software on an appropriate WiFi AP and a "gell-cell" batery" in a plastic "Tupperware" type lunch box with airtight seal for around 100USD and the time it takes you to write a few shell scripts.

The list of things you can do for under 200USD will suprise many people. For instance you can build an amateur radio QRP rig for 80m band and a magnetic loop antenna like an Alexloop and a Raspberry Pi running PSK31 / RTTY software that will give you upto 500Km radius coverage which is good to cover most countries. If you make minor modifications so it works slightly out of the 80m Band you can hide it in amongst commercial traffic. If you want to use the Marine Band and a NVIS mode antenna from "a hole in the ground" it will be quite difficult to DF and in quite a few countries there is a distinct lacking in skills and resources in the authorities to do anything about it...

The point is the technology is out there at quite low cost to make the real end point almost impossible to find or attribute to anyone. It's also fairly easy to get hold of quite a few hacking tools from the Internet so that you can hide further behind those.

As I've said because this stuff is all doable by an individual at modest cost if they have the knowledge it blows the standard Internet attribution out of the water. Which is why the smarter SigInt entites are trying to do HumInt, and it was working for them before the US burnt their "methods and sources" so publically... So all it takes now is the time required to find a few bits of information on the Internet that have been around for years on this blog and other places...

I hope that answers some of your questions.

Clive RobinsonMarch 7, 2018 2:21 PM

@ Anonymous2C,

In looking for a 'recent' post by Clive R

Aw heck, that's likevasking for a needle in the proverbial hay stack...

What was the topic of discussion?

Alyer Babtu March 7, 2018 5:15 PM

@Clive Robinson

two works tell you is that there is no algorithmic system

Total amateur on this topic, but I recall from long ago university days that systems that are so weak as not to be able to formalize arithmetic multiplication can be internally decidable, e.g (quick peruse of Wiki) Pressburger arithmetic, propositional logic, etc. Perhaps what is needed for provable security on a computer system might fall under these ?

Also, the incompleteness/consistency theorems seem to use infinite aggregates, whereas there is no infinity in a real world system.

HmmMarch 7, 2018 5:55 PM

"The point is the technology is out there at quite low cost to make the real end point almost impossible to find or attribute to anyone."

@Clive

There are a lot of various capabilities to do such things, feasibility was never the argument.
I've never questioned or doubted your knowledge of some of these capabilities
There's a lot more going on than either of us will ever know, without question.

What I did question and do continue to doubt is pure extrapolation from capabilities to what happened here, with-vs-without evidence, in contradicting a forensic analysis done by international professionals, in addition to what seems to be a narrative of doubting certain several such reports (beyond forensics attribution) also without such necessary evidence to assert that.

That's a point of faith (or fail) in any investigation, argument, anything. It may insert enough doubt in a court of law to a jury's mind in determining "beyond reasonable doubt" where there is not any solid evidence to point to otherwise, but that's really not the case here. They have a lot of evidence from several international sources, and a series of vetted international teams have investigated the details of it. Were the theory correct that this was a false-flag perpetrated by the US to frame Russia, it's likely there would be some modicum of mistakes or failures or artifacts in that evidence that could very well make your case.

Without that however, it's still just a theory being compared to an internationally compiled forensic analysis. That was the gist of my point before we got lost in the weeds. The theory is plausible, evidence is non-extant to support it yet. We can both wait and see, but chances are (I'm guessing) pretty good the attribution will stand at this point and not be overturned on some smoking gun. Not impossible, I'll cede again, and probably not unprecedented either.

However if in the end the attribution stands, and Russia is as now considered responsible for this attack, it seems to me (even now) you might be more inclined to offer some denunciating doubts or counter-theories than accept the consensus of expert analysis that pored over this specific evidence in context and came to the conclusions they did. I see no reason why if you doubt that attribution now, that you would not continue to forever despite any and all evidence to the contrary - ongoing.

As attribution stands, (and it's standing now) IS there NOW any direct evidence to really doubt it?

Not available capability, not possible motive, not historical themes or past events from WWII on... but is there now ANY reasonably solid, hard evidence specifically to discredit this attribution directly on any of the (voluminous) points of correlation with previous Russian attacks? Because to my eyes without that evidence a null-hypothesis theory cannot go anywhere or reasonably be offered as "more plausible" even in casual online conversation. That's all I was getting at.

The Christopher Steele thing we can agree to disagree about. If you really think he's less credible and more damaged than Trump's dogged defense, so be it. I disagree. All will be laid bare in the end - with plenty of evidence for all to see and decide for themselves, for as much as that matters in the end.

I really didn't appreciate calls to be censored because of a disagreement on the merits.
I'll live, I forgive you for going there. I can be annoying and misunderstood at the same time.
We should try to be more accepting of opinions we disagree with for our chosen reasons.
And we might also try to separate those opinions from facts, just for good measure.

Cheers.

ThothMarch 7, 2018 8:58 PM

@all

The chip they claim is ... some X Chip ... that's very dishonest. Trezor makes clear they use STM32 chips while Ledger makes clear they use ST31 chips but some magical X Chip and the claim of hack proof Bluetooth connection is clearly something fishy.

Clive RobinsonMarch 8, 2018 1:48 AM

@ Alyer Babtu,

Also, the incompleteness/consistency theorems seem to use infinite aggregates, whereas there is no infinity in a real world system.

Actually there are only positive integers of size 2^N in computers, all other numbers are composits or complements or shifts of positive integers. Both 1's and 2's complement are integers that have been complemented at some value point. People forget that having two zeros in 1's complement alows you to make one a NaN value. Oh and a whole bunch of other stuff few ever get to realise.

It might be of interest to know that both Kurt Gödel and Alan Turing used Cantor diagonals in their major works and in both cases it was used to make a point about algorithms.

We rarely think of algorithms as anything other than sequences of instructions that are themselves integers that purely by dint of their position in memory become instructions some of which --immediate-- embed integers within them or attached to them.

JG4March 8, 2018 7:03 AM


@Clive - It is a short step from treating number sequences as algorithms to von Neumann's work (with others) where equations in the elements of vectors create tensor fields. I have started to think in terms of superpowers, where Feynman's were diagrams and path integrals. Can't recall if I related the story of my brother meeting up with a wrestling team where each member learned only one takedown move, one reversal move and one pinning move. Even when you know exactly what is coming, it is difficult to beat a neuromuscular memory etched that deeply. John Boyd would approve, but he took maneuvering to a more general level that considered the aircraft differential capabilities. von Neumann's superpower clearly was math, but there must be elements within it where he excelled. My superpowers are writing and systems, but my math skills are weak and my programming skills have atrophied.

https://www.nakedcapitalism.com/2018/03/links-3-8-18.html
...
Big Brother is Watching You Watch

UnitedHealthcare adds the Apple Watch to its fitness-tracking reward program The Verge (E. Mayer). E. Mayer: “All part of the preconditioning intended to pave the way to no-longer-optional-ness.”

EFF: Geek Squad has been working with the FBI for a decade Engadget. Furzy: “The Geeks stole our UBS card # when we used them in CA, charged tickets to Italy….”

Italy’s political earthquake will shake the old European hegemony to its foundations Telegraph

...

ShavedMyWhiskersMarch 8, 2018 2:41 PM

@ Gooberman,


I am looking for software that I can use to symmetrically encrypt some tarballs prior to backup.

You offered two choices both decent.
Both are 'free' and offer multiple encryption methods.

Tarballs (*.tar) files are more efficient than common file systems for storing data. They also compress as well as the data allows which is often very good.

Select an encryption tool that runs on all of your devices. It is OK to run it in a VM or a container. But you need to be able to extract the data tomorrow and perhaps five+ years from now.

Pick an encryption method (OpenSSL apparently needs twofish and threefish :( )

Devise a key management system. A lost key is lost data.

So, tar [stuff]; compress stuff.tar, encrypt stuff.tar

Practice, practice practice.

* building the bundle and extracting the bundle.
* re-encrypt with alternate method, new key, new key length.
* encrypt with PGP decrypt with OpenSSL and the reverse.

Backup the tools and the source for the the tools.
Beware compression bombs hidden in your data.
Benchmark for time and space.

ShavedMyWhiskersMarch 8, 2018 2:48 PM

@Clive Robinson

Perhaps a simple question.
Just above the form we have to type a comment is a box
to check "Remember personal info?"

Q: Where does this check box remember data?

I ask in part because you made the observation that encryption keys are no longer "safe" in system memory and some handy system tools to open an encrypted device, file, or other storage are not as safe as they once were. Your insightful question about where the key is kept before, during and after got me thinking.

ShavedMyWhiskersMarch 8, 2018 2:56 PM


Just found this.

Danna Staaf: "Squid Empire: The Rise and Fall of the Cephalopods" | Talks at Google == Published on Mar 7, 2018

Yes you can search for this YouTube video and not follow the link.

https://youtu.be/ZwK2pBQm6s4

echoMarch 9, 2018 1:08 PM

Further research suggests the incident in Cuba which affected diplomats cannot be ruled out as a malicious action but also that the incident may have been self-inflicted harm by accident.

On Cuba, Diplomats, Ultrasound, and Intermodulation Distortion
University of Michigan Tech Report CSE-TR-001-18
Chen Yan, Kevin Fu and Wenyuan Xu
Department of Systems Science and Engineering, Zhejiang University
Computer Science & Engineering, University of Michigan

https://spqr.eecs.umich.edu/papers/YanFuXu-Cuba-CSE-TR-001-18.pdf

Conclusion:

While our experiments do not eliminate the possibility of malicious intent to harm diplomats, our experiments do show that whoever caused the sensations may have had no intent for harm.

echoMarch 9, 2018 1:15 PM

Here is a new OS release for anyone interested in capability based security.

http://www.osnews.com/story/30222/Genode_18_02_introduces_Sculpt_OS

The just released version 18.02 of the Genode OS Framework features the first version of Sculpt, which is a Genode-based general-purpose operating system. To our knowledge, it is the first usable open-source general-purpose OS that facilitates capability-based security from the ground up.

Clive RobinsonMarch 9, 2018 3:07 PM

@ ShavedMyWhiskers,

Q: Where does this check box remember data?

Because I don't have Javascript enabled I do not see the check box. Therefore I assume that part of any activity involving that checkbox is "local" to your computer or more correctly your browser.

As you might have noticed I have a very poor oppinion of the security of both Javascript and the newer HTML and way way less confidence in browser developers to implement them either correctly or securely.

Therefore I would assume that such information that is kept localy is in a way that is most convenient way for a browser developer. That is as "plain-text" in a well known location with easy access to the code running an individual browser tab/window...

Further even if it is not currently insecure it will be in the near future when code gets refactored for some reason. Because refactoring is most frequently "for utility not security". People tend to forget that technical debt has two sides lost opportunity due to lack of utility and lost reputation due to lack of security. The emphasis is almost always on the short term "utility" view, as reputation loss apparently counts for nix in the software industry currently.

So I would both assume and plan for the worst, that way you will not get hurt the painful way.

ModeratorMarch 10, 2018 1:56 AM

@echo, I don't know why; they're not in the moderation queue. Please try again.

echoMarch 10, 2018 6:15 AM

@moderator

Thank you. I noticed the two posts appeared and disappeared when I viewed and/or refreshed the page. This has happened before and usually corrects itself. Straight after I posted a moderator notice they appeared again. I do not know if this is a content management system bug or browser bug, or user error.

HmmMarch 10, 2018 5:01 PM

There's a delay between posting and having it cache propagated I think, maybe 3 minutes.
I've tripped on that one.

Post a comment, leave the page (not using back/forward) and navigate back.
The comment you just made won't be there, but hit refresh and it shows up.
After the ~3 minutes it will be there without needing to refresh.
I've noticed at certain times it takes a little longer.

echoMarch 11, 2018 11:47 AM

@hmmm

Yes this must be the reason. I will watch out for this. If this is confirmed perhaps a note by @moderator by the submit button to warn messages may take time to propogate?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.