Robert M Thomas March 8, 2018 9:58 AM

Where does your INFOSEC knowledge come from?

The common lineage of all modern Information Security can be traced back the the NSA “rainbow series” of standards. Published in the mid 80’s, seems like just yesterday.

329 ASA Co. forward deployed, Dom Pradit, Nam Yuen District, Ubon Ratchathani, Thailand

David Rudling March 8, 2018 11:03 AM

Well spotted. From even a superficial skim through this looks like a very interesting piece drawing on many hitherto publicly unavailable sources.

echo March 8, 2018 5:19 PM

What caught my eye from skin reading this article is the similarity between American post-war intelligience gathering and today. There is the same sense of superiority and collecting everything which isn’t nailed down plus subverting political-admin-technical systems and processing archived material when encryption is defeated. There are other highlights such as the British being ahead along with the old and very valuable imperial telecommunications routes being used in exchange for use of American resources, and French diplomats being chatty, and the sheer number of compromised countries. All of this is already known.

If anything has changed I think the one thing is perhaps the emphasis has changed from politics to economics.

I didn’t pay much attention to the rest of the historical information.

I personally would welcome a more rounded view including pulling together fragments since the post war period to the modern day which better illuminate and reflect the practices of other nations.

NapalmForNarratives March 9, 2018 12:03 PM

Access Denied
You don’t have permission to access “” on this server.

Reference #18.58df02cc.1520618501.6dd0e7f

Summary: a pdf they don’t want accessible via TOR.

Clive Robinson March 9, 2018 2:04 PM

@ echo,

There are other highlights such as the British being ahead along with the old and very valuable imperial telecommunications routes being used in exchange for use of American resources

The reaaon for that was not even a handfull of people at Bletchly Park. All through WWII the British were short of everything for the same reason it nearly came to lose WWI. Submarines sinking shiping. Britain had been more or less dependent on imports sinc the 1800’s payed for with “finished goods” that were exported back. Contrary to what politicians say the UK is still way more dependent on manufacturing than it is on the vagaries of the “service industry” like Banking and the Financial industry. Manufacturing as it happens is also more democratic than the very autocratic service industry, because the skills it relies on are almost always in the hands of the many rather than the power of a few.

So it was with Bletchly Park, what it did like all manufacturing industry was take a raw input (intercepts etc) and using a value added process produce reliable intelligence reports and other products of which other parts of Bletchly such as the “registry” was an internal customer who inturn supplied other customers that produced “probables” and the biggest secret of all “traffic analysis”.

Much of Bletchly was built not by administrators but a few individuals seeing bottle necks and a need for information processing in effective and efficient ways. Effectively the mathmeticians, scientists and the young ladies of privilege brought up to run large houses and the attendent large staffs.

What this less than a handfull of people realised was that they did not have the hidden resources for the job. Things were moving from the mind to the hand of control on machines built to be reliable and effective. These machines needed resources the British did not have. Thus the question of what to trade in return. The British politics had fallen into a bad habit of giving away the family silver for a quick fix (something we are stupidly doing today). The list is long and the longterm loss unimaginable. The less than a handfull realised that what Britain had was brains and knowledge what the US had was brawn and resources. The trick would be to stop the brains getting eaten by the brawn or worse sold by the pound as dead meat by the politicians.

What the less than a handfull came up with was the British USA (BRUSA) agreement which in a way was to turn the British inteligence operation into a service industry. The difference being that it was a Value Added service industry which acted in part as a consultancy. Knowledge and processes would be commoditized and likewise the roads the knowledge travelled.

Whilst still bloody, the collapse of the British Empire over all was in a way a similar process leaving a Commonwealth of more or less cooperating nation states that still looked to the UK for knowledge, processes and education that facilitated trade and cooperation between the new nation states. In many ways a service it still provides. Other nations with empires either abandoned them or in effect went to war with them thus did not get future benifit or cooporation of the new nations that arose from their collapsing empires[1]. likewise the new nations got little benifit either as they went their own often compeating ways thus becoming vulnerable and suffering anew (something Cecil Rhodes not just realised but ruthlessly put in place then exploited in Africa).

Thus in the Five-Eyes the stranger in the nest is the US whilst it provides many raw resources for the machines, it is dependent on the Commonwealth nations to provide the raw resources for it’s product in more ways than perhaps they realise. Thus what the less than a handfull saw and put in place has outlasted them and continues to this day in effect cooperation as partners not be sold by the pound and consumed. However UK politicians as short sighted as all their brethren want to “fire sale” such assets so they can “fail to fix the mistakes they made yesterday” demonstrating the form of insanity Einstein cautioned against. One such major failing was British Education another the UK NHS. There is an incorrect belief in politicians especially that “we can do it the US way” without actually having any kind of understanding of either system. Instead what we have is politicians selling their immortal soles cheap to self interested consultants and the real paymasters of the consultants. The result of which has given us recession after recession and transfered power from the politicians to the corporations of which “to big to fail” is just one asspect. Thus the inmates have not just taken over the asylum, they have escaped and taken over the nation and turned it into an asylum (via “deregulation” etc).

Thus you can compare the results of the two systems, of longterm cooperation and short term greed and see which provides the lasting benifits for all, cooperation or greed.

[1] Much like the Monty Python sketch of “What did the Romans ever do for us” you can ask questions about what was left of an empire. There was a nice line from a Vietnamese Diplomat once when asked that about France. After a moments thought he replied “Buildings and bread” paused and then effectively said “The buildings crumble a little more each day but the bread we make anew each day”. Which made the same point about “teaching a man to fish” that it’s knowledge and how to apply it that is the lasting legacy.

echo March 9, 2018 5:26 PM


Thanks for your enterianing essay. I’m sure we could talk for days (or weeks) about this.

King James I tried to establish a single unified kingdom. Parliament scuppered this driven in large part by the City. Elizabeth I rags to riches rule was enabled largely by English manufacturers of canon which is an interesting story all in itself. Backtracking from the UK-USA agreement and the work by Gordon Welchman et al there is the Henry Tizard mission to America too.

Ho, hum.

justinacolmena March 10, 2018 3:57 PM



The original URL was https. TOR or no TOR, why would you try to access the file via http or assume it is available that way? Or was that the response of the server when you did attempt to access the file via https?

@~~all in general

Interesting. An early precursor to NSA, especially for its WWII-era European operations, which are ongoing to this day under extreme secrecy. U.S. troops are still stationed in Germany.

We are once again having trouble with a 21st-century Germany//European-Union//Canada AXIS. The U.S. cannot break into their “free trade” cartel, no matter what we try, and Trump saw no alternative but to impose the steel and aluminum tariffs in an effort to support our own floundering industrial production, which is needed for U.S. warships and war planes. Trouble, trouble, and more trouble.

Hmm March 10, 2018 8:33 PM

“which is needed for U.S. warships and war planes.”

The US has way more ships than anybody by a large factor.

You could make the argument that cost or availability of steel or aluminum isn’t a limiting factor.

“The U.S. cannot break into their “free trade” cartel, no matter what we try, and Trump saw no alternative”
– Yes yes, Trump saw no alternative from what Trump wanted to do uninformed & without looking, yes.

Brexit is another example of Trump-style protectionism without a care or thought about repercussions,
founded initially and entirely in rhetoric and nothing else, and pushed by adversaries somehow also.

Why don’t you ask Nigel Farage to fix the trade problems? Surely he’s got the answer.

Trump’s tariffs “of course will work” and US steel and aluminum industries will rebound – like coal!
It’s such winning, trade wars you just jump right into while your economic advisers quit. So easy!

(God I can’t even bring about competent sarcasm anymore, way too completely on the nose)

justinacolmena March 10, 2018 11:16 PM


A lot of malicious pleasure but no name. I don’t have too many “buddies” here and none like that.

NapalmForNarratives March 11, 2018 2:08 PM


That was its response to the https get. The url is still https. The server elided the ‘s’ in its response.

vas pup March 12, 2018 8:51 AM

Got the message? Your brainwaves will tell

Neuroscientists measure brainwaves to determine whether people understand what they hear.
“The way this happens is quite similar to comparing two sound files on your computer: when you open the sound files, you sometimes see two figures with sound waves. Tom Francart: “Now, imagine comparing the original sound file of the sentence you’ve just heard and a different sound file derived from your brainwaves. If there is sufficient similarity between these two files, it means that you have properly understood the message.”
My take: let say somebody claims he never been outside of particular country and did not learn language of the other country, but actually was born outside and has knowledge of foreign language. Then I guess if audio input provided on that foreign language, and EEG shows understanding, then you may do logical conclusion on actual person’s origin. IARPA should pay attention to this research.

Cassandra March 13, 2018 5:01 AM

@vas pup

Unfortunately, the study is behind a paywall, so I can’t look at the methods. Inferring something from EEGs is not something to be undertaken lightly, and to my mind, at first sight, relying on correlations in waveforms between sounds and EEG recordings has a lot in common with ‘sympathetic magic’.

To give a (famous) example, the following poster was presented at a Human Brain Mapping conference:

Neural correlates of interspecies perspective taking in the post-mortem Atlantic Salmon:
An argument for multiple comparisons correction

As the media reports gleefully explained, the experimenters put a dead salmon in an MRI machine and ran a functional MRI (fMRI) experiment using the dead fish as a subject to determine it’s brain response when presented with pictures showing various social situations. A naïve analysis showed a activation of particular areas of the dead salmon’s brain corresponding with particular social situations.

The point of this was to show that if you ran improper analyses of your data, you would get spurious results. The work got an Ig Nobel Prize.

Details here:

Discover:Neuroskeptic:fMRI Gets Slap in the Face with a Dead Fish

Wired:Scanning Dead Salmon in fMRI Machine Highlights Risk of Red Herrings

Scientific American:IgNobel Prize in Neuroscience: The dead salmon study

As the original paper regarding intelligibility of speech is behind a paywall, I can’t evaluate whether similar mistakes have been made. Unfortunately, many talented experimenter’s grasp of statistics is looser than it should be, so I would be careful about reading too much into media reports of a single paper.

I am not an expert, but I do know that the correct and proper use of statistical methods is an area of concern in many scientific disciplines, but that is off topic for this blog, and a huge subject matter in itself. If you are interested, try reading about p-hacking*, HARKing and Questionable Research Practices (QRPs).

*There is an xkcd comic about this. If you need to have it explained, this might help.

vas pup March 13, 2018 11:14 AM

That is interesting research (not on dead fish 🙂
Computer reads brain activity to find out the music each person is listening to:

“It may sound like sci-fi, but mind reading equipment are much closer to become a reality than most people can imagine. Researchers used a magnetic resonance machine to read participants’ minds and find out what song they were listening to. The study contributes to improve the technique and pave the way to new research on reconstruction of auditory imagination, inner speech and to enhance brain-computer interfaces for communication with locked-in syndrome patients.

In the experiment, six volunteers heard 40 pieces of classical music, rock, pop, jazz, and others. The neural fingerprint of each song on participants’ brain was captured by the MR machine while a computer was learning to identify the brain patterns elicited by each musical piece. Musical features such as tonality, dynamics, rhythm and timbre were taken in account by the computer.

After that, researchers expected that the computer would be able to do the opposite way: identify which song participants were listening to, based on their brain activity — a technique known as brain decoding. When confronted with two options, the computer showed up to 85% accuracy in identifying the correct song, which is a great performance, comparing to previous studies.

In the future, studies on brain decoding and machine learning will create possibilities of communication regardless any kind of written or spoken language. “Machines will be able to translate our musical thoughts into songs,” says Sebastian Hoefle, researcher from D’Or Institute and PhD student from Federal University of Rio de Janeiro, Brazil. The study is a result of a collaboration between Brazilian researchers and colleagues from Germany, Finland and India.”

Cassandra March 14, 2018 4:46 AM

@vas pup

The original paper appears to be Open Access, and is an interesting read:

(Nature)Scientific Reports: Identifying musical pieces from fMRI data using encoding and decoding models

The original voxel size is 3.75 × 3.75 × 4.75 = 66 mm³. According to the Wikipedia article on fMRI “A voxel typically contains a few million neurons and tens of billions of synapses, with the actual number depending on voxel size and the area of the brain being imaged.”, so you are correlating music with the aggregate behaviour of a few million neurons smoothed over a number of seconds for each data point.
I’ll stress I am not an expert in this field, but I am slightly worried that they have not made reference to the ‘multiple comparisons’ problem highlighted in the ‘Dead Salmon’ paper, and not used the key phrase “(Bonferroni) Correction of Pearson’s Correlation” or similar. There is a background on this here:

The thing about using Pearson’s correlation is that it assumes a linear relation between the things being tested. This does not always hold, as Anscombe’s Quartet amply demonstrates. In other words, you need to justify why a linear relationship is the correct one to choose to test.

Now this is all the kind of stuff you would expect a referee to check before a paper is published. Sadly it often does not happen, and referees themselves can be blissfully ignorant of the correct statistical methods to use.

Essentially, what fMRI studies are saying is: we can see changes in blood flow in real time to particular regions of the brain. When we present a stimulus to people in fMRI machines, we see the blood flow changes. We think that there is a correlation between the blood flow, brain region, and stimulus, which we demonstrate with a lot of processing of noisy information.

What we don’t see a lot of is how people have rigorously excluded false positives, and nor do we see papers on occasions where no correlation was found. It would also help if experiments were replicated by independent research groups and getting similar results.

All that said, I will underline that I am not an expert, and the paper may well be founded on excruciatingly correct statistical methods, and I am insufficiently knowledgeable to tell. It is like cryptography – I am not a cryptographer, and at some point I have to trust that people who are cryptographers (and programmers) are doing their job well. And, just like in cryptography where someone in their ignorance might design a weak cipher, experimenters can be ignorant of crucial things too. It makes things hard to decide.

Having wrenched things sort-of back on topic I will now close this interesting side discussion.


Cassandra March 14, 2018 5:06 AM

@vas pup
I hope I do not fall foul of the moderator, as this is off topic, but I cannot resist pointing out this little gem that I had been searching for, but not found until after I submitted the previous posting:

Autodesk:Same Stats, Different Graphs: Generating Datasets with Varied Appearance and Identical Statistics through Simulated Annealing

It was actually a link from the Wikipedia article, and in contrast to some of the dry references above, it makes its point (with animation) very clearly.


Clive Robinson March 14, 2018 6:12 AM

@ Cassandra, vas pup,

Speaking of brain imaging for lie detection etc, well how about going a bit further, in fact a lot lot further pushing on the boundries,

I’m sorry if it makes either of you feel queasy, but there is something almost inevitable behind the idea and in some respects it’s way worse than what the “beware of AI” pundits are saying. This harks back to the ancient ideas of Human Sacrifice to ensure an eternal after life with the Gods…

Cassandra March 14, 2018 6:33 AM

@Clive Robinson

Thanks, I was aware of that. It looks to be way of extracting money from rich people*. The technology depends on using some yet-to-be-invented technology in the future that is capable of reading your ‘brain-state’ from the glassified remains of your brain after submitting yourself to their process.

If you want to get queasy, read about Roko’s Basilisk


*I particularly like the scheme set up by some non-(particular sect)-Christians in the USA. Certain adherents to the idea of ‘The Rapture’, believe that when they are taken up bodily into Heaven, their pets must be left behind, along with all the people who were not chosen. So a group of people who are pretty certain of not being chosen to be taken up bodily into Heaven sold/sell a service where they promised to look after the pets of people who did ascend after the owners has ascended. It seems serious. I am not connected with them in any way, just in case anyone thinks this is a subtle plug for their services: (According to their FAQ, they are not the only such service.)

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.