Friday Squid Blogging: Bizarre Contorted Squid

This bizarre contorted squid might be a new species, or a previously known species exhibiting a new behavior. No one knows.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on April 27, 2018 at 4:37 PM • 106 Comments

Comments

yet another BruceApril 27, 2018 5:34 PM

Anyone brave enough to venture an opinion on Ray Ozzie's "Clear" PKA device key proposal?

JimmyDApril 27, 2018 6:51 PM

@godoverdjinn

Yes, when I was younger I was exceptionally stupid. My father was the genealogist of the family and when he died I took over the role as one way to honor his legacy. As part of that effort I caught the very early wave of ancestry testing (years before 23 and me) and in order to fill out some missing parts of the genealogical chart I spread my DNA far and wide on the internet. Well, not only did I never discover any of those long lost relatives I totally destroyed whatever genetic privacy I may have had. The entire situation has been a consistent reminder for me of how much our notions of privacy rest on contingent historical and cultural artifacts. Nothing in the case in the article you linked to surprises me other than how long it took for someone else to figure it out.

I suppose the upside to my terrible blunder is that I have no future as a mob hitman.


god over djinnApril 27, 2018 6:56 PM

Relatively neat new feature on the United States Postal Service website usps.com I just discovered. Now it's been known that all mail is photographed, but now you can view the photographs of mail coming to your mailbox and receive email alerts for all said mail. I suppose this won't be a problem unless your usps.com account becomes compromised or if usps.com becomes compromised or if people start setting up accounts in other peoples names. But hey it's just metatdata.

god over djinnApril 27, 2018 7:10 PM

@JimmyD

Well I participated in a genetics study for a genetic disease in my family back in the early 90's along with other members of my extended family (though not all) identifiable by case number (double blind?) though I suppose the record could be unsealed. Also funded by NIH so they have info. Then also the police have my fingerprints which I won't go into. So no life of crime for me either.

ThothApril 27, 2018 7:41 PM

@Some Anon

It ain't need any magickal chip :) .

My proposal (above) makes all the magick goes *poof* because all the necessary technology already exists :D .

There isn't even a need for some additional chip. In fact, all our smart devices (running on ARM Cortex A series or Intel or AMD) already are suitable candidates.

My scheme makes Clear's scheme looks too wasteful and covers things like Escrow Key Management, governance of key usage, reduction of costs, reusing of existing infrastructure and resources ... all the things that Clear simply doesn't even have in their patent papers and makes it look absolutely not worth investing in Clear's patents at all.

Of course, the caveat is the scheme I proposed "only is good for moderate use" scenarios and is designed to problematic in international treaties and the effect of implementing *ANY* Key Escrow in any country and any scheme (regardless mine or others) probably would drive up international tensions.

Peter S. ShenkinApril 27, 2018 8:45 PM

@god_over_djinn @JimmyD

It's bad enough that you no longer can look forward to a life of lucrative or sensational crime. But what's worse, you've closed off that career opportunity to all your relatives as well, "unto the 10th generation."

By the way, #metoo.

CassandraApril 28, 2018 8:12 AM

@Thoth

Thank-you for your exposition.

What worries me is not whether your description of a workable system has flaws, but that it looks 'good enough' for politicians to implement. The more that politicians think that 'responsible encryption' or 'LEA back-doors' are possible, the more likely they are to try and implement them. The (eventual) effect on society is not one that I would look forward to, but then again, I am an old stick-in-the-mud.

Cassandra

ThothApril 28, 2018 8:32 AM

@Cassandra

Read the last part of my design and my other comments relating to this subject.

I have given warning about the use of such blueprints and designs when carelessly pushed into existence.

It has the potential to spark political and economical impacts and so politicians has to think clearly whether to pull the trigger or not.

Why will the Exceptional Access trigger political and economical impacts ?

Imagine if USA implements these Exceptional Access, China, Russia, India and other powerful nations would not sit ideally because they will develop an impression that the USA might use these Exceptional Access with the excuse of legal access, to hack into their countries' networks and infrastructure.

Similar, can you imagine what if Xiaomi, Huawei, ZTE, OnePlus et. al. were to implement a Chinese version of Exceptional Access and everyone starts implementing their own version, it would hinder sales of these consumer electronics overseas and have an impact on trade and economics.

It will push more growing suspicion, more negative perceptions, more nationalism and a closed off societies and a more tense global atmosphere.

I believe most politicians don't look at this side of the impact of implementing Exceptional Access.

With an Exceptional Access mechanism in place, I am skeptical that the country that "owns" the Exceptional Access mechanism would hand it over due to it's usefulness in SigInt operations (dual-use scenarios) and this would also trigger the above backlash on the economics and political front.

Also, Comey, the ex-FBI director, had a taste of Trump kicking him out and probably he is now a "wanted" man in Trump's eye and he should have felt the pressure of surveillance that he and other government officials helped pushed which is probably now turned against him ?

Talk about turning the tables ....

Most politicians do not care about the deeper consequences and also do not consider themselves in the position that the tables are turned against them and they are actually under surveillance by the systems they implemented.

They are mostly very shallow.

I would predict that if the powers that be wants it done, it can be done within one single year to use the fClipper design I described or faster since most of our computing devices have some form of surveillance we gladly accept into our lives (i.e. ARM TZ, Intel SGX, AMD PSP et. al.) without giving much thought and these firmware running off at Ring -N layer can be pretty easily updated over the air by doing a signature on an update that implements the fClipper firmware and then pushing it down en masse and without anyone knowing by enabling an encrypted code package option too that I forget to mention in the design which effectively means you have a signed and encrypted firmware that only the baked in ARM TZ/Intel SGX/AMD PSP hardware keys can easily decrypt the encrypted and signed blob and install the "latest and greatest" :D without yours truely knowledge :) .

Douglas L CoulterApril 28, 2018 8:54 AM

In light of the comments about DNA above...
Recently I've gotten some calls from what purports to be a branch of the DoD wanting a sample of my DNA to see if some bones, supposedly from WWI of an extremely tenuously connected relative are from "my family".

Seems to be the real DoD from the franking mail and letterhead, and they do indeed have the geneology I know about due to a grandmother who was *fanatic* on the subject correct. She didn't dig up this guy or that whole branch of Coulters, however (and she was alive in the 1800s). Hmmm....why would the government want a database with my (end of this genetic line) in it, or everyone else's for that matter? Government DNA-book?

Do people really care if an nth cousin nth removed both horizontally and vertically on the family tree is someone who died many wars and a few generations ago? (N is big here). Is it some scam to collect some debt that person had? I kinda doubt some doughboy left a bunch of money or intellectual distinction.

Just seemed like a very strange use of my taxes even if legit. Aren't there MIA's more deserving of attention, due to having family members who knew they were even alive once?

No, I didn't submit DNA. They can ask in person if it's that important.

keinerApril 28, 2018 9:39 AM

@DL Coulter

Go to the doc, leave a blood sample for whichever purpose to be send to a lab. Who can guarantee these labs don't have a contract with Google for second use of some drops of blood for a DNA database? Don't be evil, you know... ;-)

gordoApril 28, 2018 9:52 AM

Are You Really the Product?
The history of a dangerous idea.
By WILL OREMUS
APRIL 27, 2018

On March 21, at the height of the scandal over Cambridge Analytica’s harvesting of Facebook user data for political targeting, CNN’s Jake Tapper tweeted a quote that he attributed to the computer security expert Bruce Schneier:
Bruce Schneier: . “Don’t make the mistake of thinking you’re Facebook’s customer, you’re not – you’re the product. Its customers are the advertisers.”
[. . .]
In an email, Schneier told me he recalled popularizing the phrase but said he didn’t believe it was its originator.
[. . .]
He’s right: Just a month earlier, the tech media magnate Tim O’Reilly had retweeted his colleague Bryce Roberts, who had plucked a quote from the comments section of a post on the discussion site Metafilter. The Metafilter post was not about Facebook, but about a disastrous redesign of the news site Digg, which was also free and ad-supported. The quote came from a commenter named blue_beetle, who summed up disaffected users’ sentiments thusly: “If you are not paying for it, you’re not the customer; you’re the product being sold.” O’Reilly’s retweet of that quote may have been its entry into mainstream tech criticism, although O’Reilly told me via email he had no idea he’d been instrumental to its rise.
But even that isn’t where the story begins, because “you are the product” had been deployed to criticize media decades long before “social” entered the equation. Whether or not blue_beetle knew it, a version of the quote predates not just Facebook and Digg but the entire modern consumer internet. The invaluable online resource Quote Investigator traces it all the way back to 1973, and an unlikely source: a short film by the arists Carlota Fay Schoolman and Richard Serra called “Television Delivers People.”
[YouTube video embed: Richard Serra "Television Delivers People" (1973) 6:55]
The most famous quote about Facebook isn’t actually about Facebook—it’s about television
[. . .]
If we don’t like how Facebook is treating us, we shouldn’t throw up our hands and call ourselves the product of a system over which we have no control. We should act like people—customers, workers, citizens, whatever—who have the power to demand change.

https://slate.com/technology/2018/04/are-you-really-facebooks-product-the-history-of-a-dangerous-idea.html

A transcript of above video is here.

echoApril 28, 2018 10:34 AM

The first article highlights instititional issues with racism and healthcare for mentally ill people. (I also have additional local newspaper sources who are painting a similar picture with other incidents and have done for a couple of years now.) As the old guard disappear to collect their pensions another article by Johnathon Freedland discusses the issue that each generation needs to learn the same lessons. (See also skeuomorphic versus flat design.)

The third article delives into Cold Warhistory and diplomacy and some technical details of Novichok which may shed a little more indirect light on what is largely a none public UK intelligence report which led to current political positions.

https://www.independent.co.uk/news/uk/home-news/vpolice-custody-black-minority-deaths-uk-numbers-un-warning-racism-united-nations-a8324886.html
Amber Rudd under new pressure after UN criticises ‘racism’ of British police forces

Ethnic minority people are three times more likely to be Tasered than white people, report finds.

https://www.theguardian.com/commentisfree/2018/apr/28/windrush-toronto-old-hatreds-racism-sexism

From Windrush to Toronto, we’re fighting old hatreds all over again.

A troubling amnesia means past victories on racism and sexism are not secure. Must each generation win them from scratch?

http://www.spiegel.de/international/zeitgeist/novichok-has-long-overshadowed-moscow-washington-relations-a-1204481.html

The Fraught Cold War History of Novichok.

The attack on former spy Sergei Skripal thrust the nerve agent Novichok into the spotlight. For many, it was the first time they had heard of the poison, but it has long been a bone of contention between Moscow and the West.

Steve April 28, 2018 10:37 AM

just wanted to post a plishing attempt and I tried to report it to samsumg but I cannot seem to find a way to do this. Anyway I got an email this am:

Samsung account

Your account has been suspended for login purposes.

Dear Customer,

You have entered an incorrect ID or password more than 7 times.

• Sign-in attempt : 2018.04.28 AM 07:42 (GMT+00:00)


The account has been suspended to protect private information; please reset your password if you want to use the Samsung service.
If you have already changed your password, you do not need to reset it again.

Reset password

Don't have a Samsung account?
Another user may have registered the wrong email address by mistake. Please click the link below, if you didn't create a Samsung account.

I want to protect my email information.

from samsung-mail.com which almost got me as I was half asleep still from trying to build a shed yesterday solo.

just a heads up. I assume its just a probe type scam thing but you never know. Of course I went to real site and rest passwords to be safe and use LastPass with LONG complex passwords and hope for the best.

thanks
Steve

CassandraApril 28, 2018 10:56 AM

@Thoth

Thank-you for your long and considered reply to my short posting.

Indeed, yes, I had read the last part of design and other comments, which is what prompted my rather gloomy outlook.

Part of my disquiet is knowing, like you, that the seals are only good for 5 atm. Anyone who works on the basis that that is waterproof is due a nasty surprise, and, being unprepared for the incursion of water, suffers more than someone who had a more far-sighted view.

C.

David MillerApril 28, 2018 11:43 AM

The president of one of the TV networks in the 1950s, Pat Weaver (father of Sigourny) used to say something like "Remember, our job is to deliver eyeballs to advertisers"

wumpusApril 28, 2018 12:10 PM

@godoverdjinn

between the Golden State Killer and the Dr. Gerald Mortimer case (guy has a lot of children from his artificial insemination practice), it is important to know that not only can you be tracked by any DNA samples you provide, but also by any relatives who provided samples. My guess is that with just a few related doners, Ancestry.com could spit out a narrow pool of possible matches (you *know* a prosecutor will run with just that, hopefully juries are smarter than that*).

My father sent a sample in to Ancestry.com. He got back a bland racial/national guess of his DNA plus several names of people he likely already sent in to Ancestry.com as relatives. If they do it *right* they should be able to track DNA samples as mentioned, but I'm less certain their systems are all that accurate (you would presumably need an associative database the size of google's).

@gordo

While you are obviously the product for anything you don't pay for, you should equally be prepared to be the product for anything you buy. Long before facebook, Bezos was famous for chuckling at all the data he was collecting from book sales and searches. I'm certain that such hasn't stopped. There's a strong school of marketing that says that any customer has already "bought in" enough that their cost to leave is high enough that they can be milked for all they are worth. Certainly privacy would be the first thing to milk, as nearly all consumers give it zero value.

---

Does anyone know what "Galois Field NI / Galois Field Affine Transformation" do in Intel Skylake server processors? I know galois fields are used in Reed Solomon error correction and that the math is vaguely similar to elliptical fields (although probably ends with "over a field", my understanding of the math wasn't strong for either when I looked them up). Is this some sort of new public key crypto system?

ThothApril 28, 2018 12:10 PM

@Cassandra

The thing about Exceptional Access is it's a literal Pandora's Box. It has never been about whether it is technically feasible or not.

It is actually technically feasible no matter which angle you look at it and the fact is we refuse to face the reality of it's probably creation because we don't wish to lose our last vestige of liberty and rights.

Also, all electronics are considered dual-use where it can be use for military/govt/political nature or for personal/commercial use. Imagine an Exceptional Access in a smartphone and everyone carries one including any world leader or high ranking official and such an implementation would be suicidal economically, diplomatically and on many fronts including breaching human rights conventions with lots of side effects.

Imagine the next day you wake up and find that you could somehow wiretap a world leader's conversation with his/her loved ones and probably even the movement of a particular world leader and then use it for some other purposes.

These officials who are lobbying for Exceptional Access should have clearly realized that they too will be caught in this global dragnet sooner or later and once they are not in office anymore or they stand on the wrong side of a powerful person or organisation or they fall out of favour, these tools they that help built would be turned against it's crerators and they should have already contemplated on the likelihood that they will become preys of their own creations and they better not act recklessly as this sort of technological dragnet is bound to hit them back really hard.

psychohistorianApril 28, 2018 12:30 PM

Hello,

I am a long time reader but first time commenter. I once had CCNP certification and so know enough networking to be dangerous and curious...grin

I am asking folks here to go observe the comment posting error (also provided below) that seemingly all are getting since last night at a blog I frequent called Moon of Alabama http://www.moonofalabama.org It is run by a German (currently ill) and might be considered "radical" or the truth, you decide.

The error is



404 Not Found

Not Found
The requested URL /.services/json-rpc was not found on this server.


If you repeatedly try to post a comment occasionally one did get through but not so far this morning for me

Is this a network thing or is the web site hosed, maybe both? Given the geo political nature of the site I consider nefarious actions as well.

Thanks for your thoughts

echoApril 28, 2018 12:40 PM

@wumpus

Speaking of Skylake (and Meltdown and Spector vulnerabilities) a daft question popped into my head...

Is is possible for an exploit to be hidden within an encryption algorithm? The answer is yes of course but what I mean, obviously, is it possible for code which passes examination for being cryptographically secure to contain some kind of sidechannel attack on the underlying system which would sneak through?

HmmApril 28, 2018 2:20 PM

" is it possible for code which passes examination for being cryptographically secure to contain some kind of sidechannel attack on the underlying system which would sneak through? "

This is the definition of a side-channel attack, for the purpose.

HmmApril 28, 2018 2:26 PM

@phychohistorian

Misconfigured servers are far more common than not. It's not on your end so don't worry about it.

echoApril 28, 2018 3:04 PM

@Hmm

Yes but I meant a side channel attack buried in the encryption algorithm itself (like some of mathematical voodoo hiding somethign akin to the CPU and memory exploits we've heard of) not a broader implementation issue.

HmmApril 28, 2018 3:30 PM

@echo

https://en.wikipedia.org/wiki/Dual_EC_DRBG

Well I doubt they're going to put x86 level exploits into a generally agnostic crypto function...

But if authors can predict where the algorithm will fail due to default configurations being weakly implemented or faux-entropy subroutines (by themselves perhaps unnoticed) "stacking" into ~yottaflop-predictable collisions, (IE buried rainbow tables) then they don't really need or even want x86 last-mile exploits baked in. That would be a static limitation. They could inject those into your data at any point down the line.


echoApril 28, 2018 3:48 PM

@Hmmm

I'm asking if it is theoretically possible to embed a sidechannel exploit in an agnostic function specification not whether anyone would or wouldn't.

Bearing in mind people's psychology can shrink entropy (i.e. different programmers may arrive at essentially identical functions, and psychology habits and the limitations of fingers can create patterns with random keypresses) there may be a significant percentage chance of the exploit being sucessfully implemented.

If this is theoretically possible I would expect someone would note this somewhere if for no other reason than it may be useful one day. It might just be a curiosity and further analysis may even prove it to be a dead end for any number of reasons. However, curiosity and process of creativity does need to run its course sometimes and jumping in with reasons not to do something can interfere with this process which is why sanity checks and so forth tend to best be done slightly later.

BooferyApril 28, 2018 3:49 PM

@Thoth

I read some interesting commentary about the recent Russian attack on Telegram. What it argued was that the real purpose of the attack was not to shut down Telegram but to weaken it enough that the Russian-state sponsored messenger could get a toehold. Apparently Iran also has a state-sponsored messaging app.

This seems to me the wave of the future, at least among totalitarian regimes. Think of it like a state religion. No one will be forced to use the state sponsored messenger app to pray but anyone who doesn't will be deemed a suspicious person. This does an end run around the entire encryption debate by using peer pressure and social pressure....

"Government officials have recently begun promoting domestic versions of foreign messaging services like Telegram, Viber, and WhatsApp, citing security concerns they say come with using foreign apps. Judiciary officials and the Supreme Council of Cyberspace have also recently praised Iranian-made apps."

https://en.radiofarda.com/a/iran-messageing-apps-intrusion/29130441.html

The state doesn't need to control the hardware or need a backdoor if it can control the interface.

HmmApril 28, 2018 5:07 PM


"I'm asking if it is theoretically possible to embed a sidechannel exploit in an agnostic function"

Of course.

I thought you were asking if RSA-etc groups could/were NOW doing so using modern crypto functions everyone uses already, (cough.. gulp.) and my point was that they wouldn't need/want to put the final end-target exploits in the crypto algorithms because they want your long-term adoption of those without interruption. Especially if they put the time in trade to backdoor them and get pseudo-vetted and signed off on by NIST, etc.

They want people persistently playing in the crypto function sandbox under observation, then they can use other exploits or conduct side-channel attacks USING that sigint superiority all day long without the target realizing. If you put any other black-box code in the sandbox (crypto function) "itself" the chances of people discovering that goes up significantly, eventually users start to ditch the sandbox, and you're back to square 0 trying to engineer and push adoption of new expensive ultrasecret backdoored sandboxes.

Stop me if we're not talking about the same thing. I need a drink either way.

echoApril 28, 2018 7:34 PM

@Hmm

I don't know! I may be too clever for my own good. Speaking of weaknesses and exploits many have been discovered as we know. The US tend to yack a lot more than other nations. What's interesting is how military systems have been susceptible to Russian countermeasures. One supposes systems of his kind were not deliberately designed to be compromised but it highlights the assymetry of competencies for what are both social and logistical reasons.

It's interesting (and horrifying) to observe what unchecked specialising does.

https://www.sciencealert.com/what-popular-dog-breeds-looked-like-before-and-after-100-years-of-breeding

65535April 29, 2018 6:12 AM

Cont. from last week.

FF 60 and encrypted DNS:

“@65535 Why would you want to encrypt the DNS lookup? I mean, where is the advantage, is it security? Privacy? Both?”-Sancho_P

https://www.schneier.com/blog/archives/2018/04/friday_squid_bl_621.html#c6774449

[and]

'@ Sancho_P

'Look at Boofery’s post. It has been discussed on various forums. It is for security reasons first and privacy second. It is a project in progress. Who knows if it will work.'- 65535

“The Mozilla Foundation is testing a new mechanism for securing domain name server traffic that uses the encrypted HTTPS channel. It is an attempt to speed up the internet, reduce the threat of man-in-the-middle attacks and keep prying eyes from monitoring what users do online.”- Threatpost

https://threatpost.com/mozilla-tests-dns-over-https-meets-some-privacy-pushback/130765/

Is FF 60’s possible encrypted DNS good? Bad? Any more information on the subject.
See:
https://www.schneier.com/blog/archives/2018/04/friday_squid_bl_621.html#c6774451

Clive R. thinks ISPs will kill it.

@ FF experts and others:

Any other comments?

Sancho_PApril 29, 2018 7:38 AM

@65535

”It is for security reasons first and privacy second.”

I think their arguments to encrypt DNS are void.
It doesn’t solve any problem, it’s a marketing blob.
This is why I asked for your point(s).

To claim security / privacy is noble, but are there any facts to support it?
Please see @Bruce’s original thread Oblivious DNS
and the comments over there.

maqpApril 29, 2018 7:55 AM

@All Regarding Telegram


Today there was a major outage in Telegram service when a server overheated in Amsterdam. The effects of this were apparently felt all the way in UAE. Assuming this was the case I want to express my concern over the implications of this.

Telegram uses two kinds of encryption:

Between smartphones, in one-on-one conversations, opt-in end-to-end encryption.
Everything else: every conversation on every other platform, plus every group conversation, and all one-on-one messaging by default, uses TLS-encryption.

The difference is, with TLS, Telegram service provider can see what users are saying. It's also the case Telegram can see which users care about their privacy enough to turn on end-to-end encryption. They argue this is adequate protection because no third party that observes the traffic can tell who is using end-to-end encryption. I haven't checked if the packet sizes are different, so let's assume it's not the case. The trouble is, Telegram as a service, can still tell who cares more about their privacy. With services like Signal and WhatsApp, TLS+end-to-end encryption is on by default. What this means is, not even the service provider can tell who cares end-to-end encryption is available.

Telegram argues their security model is fine, because anyone has the possibility to stick with their phones the service requires anyway, and use secret chats. That's bad design. Having no end-to-end encryption for desktop or groups makes almost every user more likely to use TLS-only protection. i.e. no protection at all. This is because TLS is inherently insecure. It's the reason why we use end-to-end encryption in the first place.

http://telegra.ph/Why-Isnt-Telegram-End-to-End-Encrypted-by-Default-08-14

This stupid article by Pavel Durov demands a closer inspection. It's completely irrational and justifies TLS-only approach with absolutely weird chain of thought: It first bashes security problems of WhatsApp, and the justifies lesser security of Telegram with that. It's especially horrible considering they don't make any comparison with Signal that has fixed the issues, they only label it as "niche app" and ignore the fact is has more than 10 million daily active users.

With that being said it's important to observe their claims about the protection of TLS. This is important. Really important. What that stupid article says is Telegram uses something called "distributed cross-jurisdictional encrypted cloud storage".

What they would like to imply with that is that somehow, magically, the TLS-encryption keys sit on the other side of the world, and that the encryption still somehow magically protects the users.

But we have now learned that when server goes down in Amsterdam, it affects at least us in Finland, and most likely those in UAE. So everyone in the range from Amsterdam to UAE are using the same server: That's 5185km or 3222 miles for you. This fits the entire population of Europe (738 million potential users).

Doesn't sound like very distributed to me. This is extremely worry-some.

There is zero transparency or documentation to how the

1. Keys are distributed across countries
2. What cross-jurisdictional implications there are that protect the users
3. If Telegram uses e.g. pinned TLS public keys

So to me it's one of two cases: 1. The plaintexts are much more centralized than what we are led to believe and they are sort of lying, or 2. More servers went down simultaneously, meaning Russia, Russia, or possibly Russia is able to DoS the service down at will. This does not inspire confidence in "cyber security" of Telegram, because that would mean they would not tell us about it, and in that case they would also not tell us about them getting their user data hacked.

My long-term conjecture is Telegram's special TLS-only protection is bullshit. I have never heard of a server application that can perform Diffie-Hellman key exchanges (where the DH public value is signed by the long term private key that must be protected) by magically summoning the private key from server in another country. It's much, much, much more probable that they are merely making claims, and that the key sits in the working memory of the Amsterdam server, which means that there are both legal ways in, and that insanely massive data sits in plaintext on that server, just waiting for a hacker with zero-day exploit. The one thing that surprised me while reading the book Cyberspies by Gordon Corera, was that major nation states constantly trip over each other when they hack Internet Exchange points, servers etc. So it should be assumed major governments from US to Russia and China are already inside Telegram servers.

@Clive Robinson, @Nick P: You seem to know the most here, any thoughts on if it's possible to achieve the magic Durov claims Telegram implements?

wumpusApril 29, 2018 10:15 AM

@hmm, @echo

Intel's RDRAND function appears to have a back door (with presumably a considerable overlap between people who didn't believe the NSA had the keys to Dual_EC_DRBG after MS Labs showed them exactly where the backdoor was). It is particularly cunning in that the design per layout works exactly per spec (with 128 or whatever bits of entropy), but with careful process (chip manufacture) manipulation can be limited to 16 bits of entropy. Since it isn't in the layout, x-raying the chip won't tell you how many bits you have in RDRAND.

A little more digging indicated that the Galois instructions are for 64 bit multiplication over the Galois field, so it should be rather easy to test compared to individual instructions and could only be backdoored if the appropriate AES authentication scheme is backdoored. I have no idea if that can be used to perform smaller multiplication or how that can be used to create Reed Solomon schemes between 8 bits and 64 bits (RS shouldn't scale much better than O**2, so 64 bits would imply something like the sparse scheme used in red book CDs)

echoApril 29, 2018 12:44 PM

@wumpus

My brain barely follow this kind of thing but have a slight idea what you are saying. So they have exploited the boundary between software and hardware? It all gets a bit clever doesn't it?

Anyway,... I repaired my backup laptop with a new mainboard. (Worryingly I have a pile of screws left and I'm not sure I have enough holes remaining!) I have applied the serial number and am updating new firmware including updating AMT (which is turned off so just to be sure). A newer Meltdown/Spector firmware update is available too and another AMT firmware update due very soon. Just to be sure I will double check the AMT ports are blocked by my router.

BooferyApril 29, 2018 1:22 PM

@Sancho_p

I can't speak for @65535 but as for me the major issue it interests me is the privacy aspect. My threat model is not the NSA or the FBi, it is my ISP. I don't want my ISP to monetize my DNS traffic. To be sure this means that I have only thrust my privacy onto a third party like Cloudflare and there is always a risk that Cloudflare's promises are wholly empty. But I'd rather take the risk of an empty promise from Cloudflare than the open hostility from my ISP. It may not be much...it may only be a bandaid on a gaping wound...but it is /something/. So I reject your claim that arguments against encrypted DNS are "void". They are not void to me.


Denton ScratchApril 29, 2018 2:30 PM

@Sancho_P "It doesn’t solve any problem, it’s a marketing blob."

I think you are right; but I'm not clever enough to figure it out properly. Maybe it might solve problems, for some protocol groups (e.g. email). [shrugs]

65535April 29, 2018 2:51 PM

@ Boofery

“…for me the major issue it interests me is the privacy aspect. My threat model is not the NSA or the FBi, it is my ISP. I don't want my ISP to monetize my DNS traffic.”-Boofery

I agree.

The majority of my clients would also agree but for a slightly different reason. My clients would not be happy to have their attorney client, accounting-banking, taxation, medical and customer lists communications DNS lookups recorded constantly. That gives away a lot of sensitive information – in theory.

I am not connected to Firefox in any way and I don’t know the actually methods FF will use to secure DNS.

There was an exchange with Clive R. last week but it really did not cover much on the FF 60 actual mechanics of DNS encryption. There is already DNS Sec. that should have closed most holes but did not.

I will say that any addition way of securing DNS for the average Jane/Joe is a step forward.

I will say the using Https does give away some information and is far from perfect. If encrypting DNS would require a four-way handshake on each lookup I am not understanding how this will speed up the internet. I would like to hear from Firefox experts on their take of the FF 60 method of securing of DNS.

Since this is a work-in-progress project I would like to wait and see the outcome first before saying positive or negative things. This doesn't apply to FF experts who know the mechanics of the project.

BooferyApril 29, 2018 2:58 PM

https://openmedia.org/en/applying-us-visa-extreme-digital-vetting-could-be-about-get-worse

Just came across this. Trump administration to require five years of social media history on US Visa application.

Torn about this. On one hand I think that ICE would be remiss if they didn't do any due diligence of visa applications and given how prevalent social media is I can't see how one excludes that. Also agree that this is going to be very chilling on speech, which is bad. My hope is that there is a sane compromise here but not sure what it is...

gordoApril 29, 2018 3:59 PM

@wumpus,

Certainly privacy would be the first thing to milk, as nearly all consumers give it zero value.

That sums up the situation quite well, as does the FT quote, below:

What impact will Facebook scandal have?
Full transcript of FT City Network debate
Patrick Jenkins, Financial Editor

Anne Richards, M&G
3) There is an inherent information asymmetry in that our individual data contains little information, but in the hands of someone with the individual data of a LOT of people, the information content can be huge — and used exploitatively. So the individual does not know as much about themselves as the organisation to whom they have given their data, nor are they necessarily aware of how they can subsequently be manipulated for profit. This information asymmetry can make them vulnerable to exploitation.

https://www.ft.com/content/666d50ae-47dd-11e8-8ae9-4b5ddcca99b3

. . . or what we might call "information asymmetry as moral hazard."

ThothApril 29, 2018 5:25 PM

@maqp

I wouldn't even trust Signal to handle anything sensitive, let alone Telegram.

The only thing useful about Telegram is it's API where you can implement a Box-in-a-Box security by doing your own secure comms by using Telegram only as a router and a possibility to implement TFC over Telegram since not everyone might want to use Jabber/XMPP these days.

One imagined setup is to replace the laptop based NH with a smartphone baaed NH with a Telegram as a message router if that is possible and the TX and RX does not host their own chat application. They only host a lightweight encryptor software that encrypts and decrypts messages by communicating to the NH over some one way traffic protocol where the NH will receive the TX encrypted messages over the one way channel and then uses it's Telegram API and sends it out. This means you have a more portable setup but also meant that you have to re-work the hardware layer to incorporate smartphone based NH.

Sancho_PApril 29, 2018 5:54 PM

@Boofery, 65535

OK, privacy in respect to your ISP.
But your ISP is your gate to the Internet. Even if you can hide the content of your DNS communication, you will have to connect to that service through your ISP.
FF 60 will do it immediately after the DNS.

But you may do it later, so that there is no immediate context between your DNS request and visiting the site, but when you do your ISP will know you do.
TLS does not help, as the host name (the domain you want to access) must be transmitted in plaintext, before encryption starts (to transmit the particular certificate).

I’m by far no expert in these things, however, what will help is using Tor, but you’d not need to encrypt DNS then.
But (not only) your provider would know you are using Tor.

A DNS request is a prerequisite to access a server / service. I think you want to hide the access, not the DNS.
From thousands of “random” DNS requests no one could infer what you really want to access.
Only you have to access through your provider ...

BooferyApril 29, 2018 7:23 PM

@Sancho_p


What you say is true but it is a half truth. What you are missing is the cost imposed on the ISP. Encrypted DNS doesn't make the job of the ISP impossible, it makes it more expensive. That's important because all data collectors are in the business of making money.

Too many people look at privacy from the perspective of security. They ask themselves the question "can this information be discovered?" and if yes then the the answer is "game over". That may be true when a nation-state is in one's threat model but it is not true when a profit-making business is in one's threat model. Encrypted DNS raises the ISPs costs of doing business because it makes them process their data in more expensive ways. So can the ISP find out the data from some source other than the DNS server as the data travels across their network? Of course! Will they spend the money to do that? Maybe, maybe not. It's different question though than the one you keep focusing on.

cheeperApril 29, 2018 7:52 PM

@Boofery

Wouldn't that potentially make it slightly cheaper for the ISPs? They're already getting the domain name from the SNI needed to access the website, but now their DNS servers are processing less requests (and consuming less power) if users move away from the default ISP DNS server.

Milo M.April 29, 2018 9:13 PM

@ Douglas L. Coulter:

https://dpaa.secure.force.com/dpaaOurMissing

They list 7 Coulters unaccounted for -- 5 from WW II, 2 from Korea.

The most likely link is the lone Navy serviceman, Joseph May Coulter. He was on a ship that was recently found by Paul Allen's search team.

https://en.wikipedia.org/wiki/USS_Juneau_%28CL-52%29

"On 17 March 2018, the wreck of Juneau was located by Paul Allen's research crew onboard the RV Petrel at a depth of about 4,200 m (about 2.6 mi) off the coast of the Solomon Islands."

http://www.honorstates.org/index.php?id=108187

"According to our records Pennsylvania was Coulter's home or enlistment state.

Enlisted in the Navy. Served during World War II. Coulter had the rank of Enlisted. Occupation or specialty was Seaman Second Class. Service number was 6501733."

The point is that the request is likely legitimate, since the wreckage was recently found and they may be preparing to recover and try to identify remains.

Whether or not you feel motivated to respond is your own business. But it sounds like it's a potentially legitimate request.

Clive RobinsonApril 29, 2018 10:04 PM

@ Ismar,

Clive what do you think ?

I hope they continue rolling back Mrs May's ludicrous surveillance legislation to the point it's fully defenistrated.

echoApril 30, 2018 12:10 AM

I remember Theresa May appearing on an Andrew Neil show. When the subject tilts briefly towards power her eyes lit up with a worrying degree of enthusiasm. Theresa's psychology is a discussion in itself as is the psychology of the men she surrounds herself with.

Some of the survellience legislation is very invasive although some aspects more propoganda than reality to scare people without alternative arrangements or good legal advice. It also contains a few sidechannel attacks on data the government cannot directly monitor. In other aspects various state investigating authorities have hamstrung themselves with deeply ingrained attitudes which create investigatory black holes.

RockLobsterApril 30, 2018 12:52 AM

@Sancho_P
DNS is not a prerequisite to accessing a server.
It is only necessary if you don't know the ip address of that server.
For example, disable DNS in your network settings and then use this link, the direct ip address to connect to Schneider.com
https://66.33.204.254:443

The telephony equivalent to DNS would be directory services. If you already know the phone number you don't need directory services.

Sancho_PApril 30, 2018 10:03 AM

@Boofery re US extreme digital vetting

Since years, when applying for a travel authorization (ESTA), we aliens are asked whether we are planning a crime or attack on US soil - or not (checkbox, yes/no).

Probably they could simply add a question whether we love America, the land of the brave and free, or not?

Sancho_PApril 30, 2018 10:11 AM

@Boofery re encrypted DNS

Um, I’m afraid I can’t follow your argument(s) around the triad of privacy, money and secrecy.

The reason maybe:
- I did not understand what you exactly mean by
”I don't want my ISP to monetize my DNS traffic.”,
or
- You overestimate the worth of your DNS traffic in general,
or
- else [of course].

Your DNS traffic is costs to your provider, whether you use their DNS or someone else's, encrypted or not. It is either external or internal traffic, plus running their DNS resolver, used or not. Asking Comcast may drive your ISP’s resolver to idle, that may spare them some expenses.

The information itself (the DNS request and result) is of no real worth, as the provider could ask for it themselves. It is public knowledge, only consuming time and traffic.
Also you can ask for thousands of domain to IP transformations, there is no other info to gain as you asked to transform X to Y. All that traffic will pass your ISP, encrypted or not.

But who knows why you do?

Resolve stjosephsa.org, schneiers.com, foreignpolicy.com, youporn.com, wired.com, google.com, independent.co.uk, dhs.gov, what does it mean that your router requested this addresses?

It isn’t feasible to find out if this was you, your daughter or any visiting friend, probably the could distinct between your fridge or RasPi.

In contrast, your visiting of any of these sites, your surfing the news and other (commercial) sites, the timing of, your following links and your posting questions and comments - this may be valuable information, ready to exploit by adware, especially if there is personal identifiable information to find in that potpourri (or just to assume, e.g. by your router looking for diapers or baby food).

And exactly this info you can’t hide from your ISP (but by Tor).

vas pupApril 30, 2018 11:15 AM

Body cameras deter attacks and abuse at Welsh hospitals:

http://www.bbc.com/news/uk-wales-43725809

My take: body cameras should be mandatory for any LEO(local, state federal- except when contact with CI), prison/jail guard, security officer in mental health facilities and other similar environment when real unbalance of power exists and possibility of violence on both side is high in order to protect rights of citizens/patients and LEOs/guards.

echoApril 30, 2018 11:34 AM

@vas pup

The emphasis is always on staff being the "authority" and at risk of abuse and attack. The reality is the regimes can be authoritarian and stalinistic (which at least two reports in the last year have indicated) and that patients can be abused or bullied into inadequate healthcare against consent and best practice. When staff control where and when cameras will be used this can feed into a cover-up.

Staff taking shortcuts and making assumptions, canteen culture, undue pressure placed on patients to cover up budget pressures (again the subject of published reports) and you have to ask who is monitoring the sitation in the patients best interests? This doesn't even include staff bullying other staff, complicity, and blatant disregard for published standards, nor staff going out of their way to place the blame on or become as obstructive as possible, nor the wall of silence which descends when a patient complains of inappropriate behaviour or mistreatment. A quality control form or public enquiry doesn't help much after after an abuse nor if the patient is dead.

VinnyGApril 30, 2018 3:49 PM

@RockLobster @SanchoP re: IP vs DNS - easy enough to bookmark the IP address once known. However, in FF at least, this confounds TLS vetting, because the certs are evidently organized by domain, not IP, and (again FF) it may be necessary to register a browser exception to gain access. Once on the site, TLS *appears* to work normally. However, willy-nilly registration of TLS exceptions in the browser is not on my list of good ideas...

VinnyGApril 30, 2018 3:59 PM

@vas pup re: body cameras - Not sufficient to require wearing a camera. In the US, nearly every day I read of an incident involving possible or likely abuse by an LEO in which a body cam was worn, but switched off. Use needs to be monitored and there need to be toothsome penalties for failures. In addition, I'd like to see a presumption of guilt in any case where proof of lawful or unlawful behavior by such an official would likely be shown by a cam and it was turned off. Again in the US, you'd need to fight FOP and PBA (cops unions) tooth and claw to get any of that changed. The immediate result would be the tired, hackneyed, strident and dramatized, but unfortunately almost invariably successful, appeal to public safety.

echoApril 30, 2018 6:48 PM

Abuse of patients is rampant especially within mental health services which these two artciles publishised a few horus after I commented help explain. While many doctors and doctors organisations are blaming poor law and lack of resources the real question I believe is why are doctors (and other staff) enabling abuse or complicit with abuse of patients? Doctors really need to get their house in order because the worst abuse is often doctors and their culture of empire building and cover up and resistance to change.

https://www.theguardian.com/society/2018/may/01/report-finds-serious-issues-with-use-of-mental-health-act

https://www.independent.co.uk/news/uk/home-news/mentally-ill-mental-health-act-detained-physical-violence-threats-treatment-a8329891.html

In a similar vein a Facebook security engineer used his position to stalk women.

https://motherboard.vice.com/en_us/article/kzxdny/facebook-investigating-employee-stalking-women-online

maqpApril 30, 2018 8:06 PM

@Nick P, @Clive Robinson, @Sancho_P, @Thoth, @Figureitout, et. al.

Unfortunately my personal life has very recently taken some major turns that mean I'll have to stop developing TFC for an extended period. Thank You for years of support, extensive knowledge, interesting ideas and tough critique that have made the project what it is today. I will return.

Wesley ParishMay 1, 2018 6:11 AM

Slashdot pointed this article out:

https://www.theatlantic.com/technology/archive/2018/04/vatican-secret-archives-artificial-intelligence/559205/

The technology's sound, it has a definite application in digitizing handwritten texts, and if India gets around to using it to preserve the thousands upon thousands of Sanskrit, Pali, Prakrit, Tamil, etc, texts that are in the public and private libraries in India, it will be well-used.

The security implications of breaking down written script into glyphs which the AI can then decipher, should be obvious to all concerned. I should not need to belabour the obvious.

Bob PaddockMay 1, 2018 7:01 AM

@wumpus

"Does anyone know what "Galois Field NI / Galois Field Affine Transformation" do in Intel Skylake server processors?"

Galois Fields are also the math behind figuring out the useful generator polynomials in CRCs.

I've read far to many papers about Galois Fields and Syndrome Lengths looking for a simple formula that will tell me how many bits must be in polynomial to cover a given block size, for an N-bit CRC. I have never found it. Anyone know what it is? I know a 16-bit CRC is good for a block size of 4K minus one bit. What is the math to come up with that (Admitting Math is not my strong suite)?

JG4May 1, 2018 7:24 AM


been busy or you'd hear from me more often. happy to be healthy.

https://www.nakedcapitalism.com/2018/05/links-5-1-18.html

...

Imperial Collapse Watch

The Spy Who Came Home New Yorker (furzy). Important.

Big Brother is Watching You Watch

‘Forget the Facebook leak’: China is mining data directly from workers’ brains on an industrial scale South China Morning Post. Lambert linked to this yesterday, but this is in the “Not to be missed” category. Wait till Jeff Bezos gets his hands on this…

WhatsApp CEO Jan Koum quits over privacy disagreements with Facebook Guardian (Kevin W)

From Richard Smith:

You wake up late, because the alarm app is on the blink. Your house is curiously dark...
Hugo Rifkind @hugorifkind
On reflection, I may have got a little carried away with my intro.

...

Sancho_PMay 1, 2018 12:53 PM

@VinnyG

You can bookmark some addresses, but following external links would be a pain in the … (additionally to the TLS issue).

Bookmarking the IP addresses also will not prevent your ISP from learning your surfing habits (they know the domain to your requested IP address w/o you telling them).
So your ISP could monetize it if they want, but at least in the EU this would constitute attempted suicide: No one can successfully strip “personal” from collected data without destroying their value, it might severely dim their business if caught at collecting at all.

However, @Boofery claimed “[DNS] privacy in respect to the ISP” as reason to encrypt DNS, and later added some desire to raise the costs for his ISP.

I still cant understand that idea, but instead of bookmarking (or edit the host file) I’d suggest to add a DNS resolver to your local LAN, either by SW only or a dedicated machine (RasPi) + SW. That should speed up your Internet access and somehow obfuscate your DNS traffic (the latter with without real benefit).
See @albert’s intent:
https://www.schneier.com/blog/archives/2018/04/oblivious_dns.html#c6774237
or:
https://www.1and1.com/digitalguide/server/configuration/how-to-make-your-raspberry-pi-into-a-dns-server/
or check:
https://en.wikipedia.org/wiki/Pi-hole

Sancho_PMay 1, 2018 12:55 PM

@Ratio

Oh, sorry for that, I thought that was your hair-splitting alter ego, my bad ;-(
And sorry @RockLobster, seems I was a bit confused, as always …

Sancho_PMay 1, 2018 12:56 PM

@maqp

Sad Info, hopefully you’ll be back on track soon, all the best!

gordoMay 1, 2018 5:17 PM

Rein in Facebook like we did AT&T
The 1956 consent decree that forced Ma Bell to share patents is a smart way to go
Roger McNamee April 27, 2018

As a long-time technology investor, I believe that effective regulation of large internet groups must address the problem of market domination. The giants tell us they are platforms, not traditional media companies, so we should look at past experience with communication platforms.

https://www.ft.com/content/942020c6-4936-11e8-8c77-ff51caedcde6

Such patent sharing might well engender much needed progress with algorithmic transparency.

JG4May 1, 2018 11:25 PM


A few minor flaws in the old transfer functions. Nothing that a little feedback couldn't fix, but the paths don't even exist.

https://www.nakedcapitalism.com/2018/05/200pm-water-cooler-5-1-2018.html

...

From “Behind Human Error: Cognitive Systems, Computers and Hindsight” (PDF).

...

That’s a good quote. On the other hand, The New Yorker is legitimizing the extremely dubious role the intelligence community has placed for the past decade-and-a-half or so, as the spooks now, er, “embed” themselves in domestic institutions. Color me extremely skeptical.

...

“Exterminating Sparrows: A Lesson From History” [Birding Beiing]. “The effectiveness of the [“Four Pests”] campaign [to eradicate rats, flies, mosquitoes and sparrows] was such that the Tree Sparrow population was decimated. And without the sparrows to curb the insect population, crops were being devastated in a way far worse than if birds had been spared. At least partly as a result, agricultural yields that year were disastrously low.”

Big Brother Is Watching You Watch

Just like the Telescreen™:

...

“Silicon Valley Can’t Be Trusted With Our History” [Evan Hill, Buzzfeed]. “Information ephemerality, and our lack of a model for noncorporate control of digital information, has been a blessing for governments looking to rewrite history and a curse for those trying to document the truth in environments where it is being contested every day.”

...

“Motherboard Made a Tool That Archives Websites on Demand” [Vice]. Should be handy for the next Joy Reid episode, assuming a clear chain of custody.

“IRS Warned Congress of “Catastrophic System Failure” Six Months Before Tax Day Outage” [IEEE]

...

ThothMay 2, 2018 1:06 AM

@Starbucks WiFi

Just dump a fake credential. You can easily Google and make up some addresses and keep couple of standby fakes scribbled.

Clive RobinsonMay 2, 2018 5:14 AM

@ maqp,

Unfortunately my personal life has very recently taken some major turns that mean I'll have to stop developing TFC for an extended period.

Life does throw us curve balls from time to time, thus I hope you get on back on the path you want to be as quickly as you can.

As they say in some places,"Don't be a stranger" and drop by from time to time, even if it's just to say "Hi".

All the best for the future and hopefully hear from you soon.

73 de Clive.

vas pupMay 2, 2018 9:06 AM

Drones to the rescue:
http://www.bbc.com/news/business-43906846
“British start-up Unmanned Life has developed software to send out multiple autonomous drones at the same time to gather information during a crisis, such as when a building is on fire. One drone hovers in the air providing 4G coverage, while another flies around the building providing live video. A third equipped with heat sensors creates a heat map of the building, while a fourth uses sonar to map structural damage. Swarms of co-operating drones, each with different tasks, help address the flight-time issue because single-function drones can be lighter. And they can be lighter still if many of their computational and sensing functions - navigation for example - are undertaken by computers on the ground "talking" to the drones wirelessly.”

Good idea to make them specialized.

gordoMay 2, 2018 11:33 AM

Good conversation...

Open Source with Christopher Lydon
April 12, 2018
Facebook & The Reign Of Surveillance Capitalism [49:57]
Guests: Shoshana Zuboff, Moira Weigel and Ben Tarnoff

ZUBOFF: Capitalism has products and customers; capitalism has reciprocities with its populations; it needs people to be its customers; and it needs people to be employees. Surveillance capitalism doesn't have that.

http://radioopensource.org/facebook-the-reign-of-surveillance-capitalism/#

[mp3 podcast/no transcript]

vas pupMay 2, 2018 12:12 PM

@VinnyG: Interesting - when you turn off your electronic device somebody could activate your camera remotely without your knowledge, but why by the same token Internal Affairs could not secretly turn on body camera of LEO (option 1) or as soon as camera turned off by LEO; instant message sent to the next person in the chain of command who could/should require immediate reporting the reason why camera is off by other means of communication(option 2). By the way, in the article in initial post security guards (as I recall) have to have camera on the whole shift (no turn off button).

RatioMay 2, 2018 1:00 PM

ZUBOFF: Capitalism has products and customers; capitalism has reciprocities with its populations; it needs people to be its customers; and it needs people to be employees. Surveillance capitalism doesn't have that.

Surveillance capitalism has products and customers; surveillance capitalism may have reciprocities with its populations, once I figure out what that’s even supposed to mean; it definitely needs people to be its customers; and it needs people to be employees. Surveillance capitalism has all that.

Also, both capitalism and surveillance capitalism hate, hate, being anthropomorphized.

Sancho_PMay 2, 2018 1:12 PM

@Starbucks WiFi

Cancer is salvation!
Only the never ending growth can save the world. Our canoe will grow, too!
”We are in this for the long term” (Schultz)

So don’t hesitate to give them an address, they need it so dearly for growth -
But don’t forget to change it every time you visit,
otherwise their growth wouldn’t be endless!

To receive and check emails see:
https://www.mailinator.com

Nick PMay 2, 2018 1:52 PM

@ maqp

re Telegram

I haven't seen any reason to trust them before these claims. So, I still don't trust them. That's not to say it can't be done. I'd just want to see a reliable party openly describe what they're doing with evidence it works. That's for anything.

re you and TFC

I hope you get through whatever it is coming out on top. I thank you for all the hard work you did on TFC. Also, especially for listening to prior principles of high-security design to apply them rather than ignore them. I've recommended TFC to implementers looking for a project wherever I could. It's stayed in back of my mind for future work. I had to put it off since hackers focusing more on hardware meant I'd have to do some reevaluation of how best to implement an appliance version. Also, been working on high-level form of techniques that could positively impact a lot of security-focused projects, including TFC. Figure I should get those working first for wider benefit with one of next projects being using them to support a secure implementation of TFC. Just keep your code and docs up.

Also, I submit all the CompSci finds these days to Lobste.rs given there's a strong crowd of programmers in groups ranging from OpenBSD to Galois Inc that might build on them or give insights. I do more formal methods than anything else but also other stuff. Archive is here. So, just keep an eye there or on the general site for interesting stuff to relax with as you handle the bigger things in life. :)

gordoMay 2, 2018 4:58 PM

@ Ratio,

Zuboff might have been more precise to have literally said: "Surveillance capitalism doesn't have [all of] that." She calls surveillance capitalism a "subspecies of capitalism", so, yes, products and customers. Zuboff otherwise speaks to your objections, except maybe the last one, in her article, The Secrets of Surveillance Capitalism. Below are my takes on your objections.

Surveillance capitalism has products and customers;

Insofar as bids on the surety of a person's behavior are taken and monetized.

surveillance capitalism may have reciprocities with its populations, once I figure out what that’s even supposed to mean;

People using such services have not knowingly signed up to be subjects of ongoing behavior modification exercises.

it definitely needs people to be its customers; and it needs people to be employees.

Theoretically, AI solves that problem.

Also, both capitalism and surveillance capitalism hate, hate, being anthropomorphized.

Thus, the Burning Man icon?

JG4May 3, 2018 7:12 AM


I think that someone, who may be me, posted something about the brainwashing experiments on Jose Padilla. What is old is new again.

https://www.nakedcapitalism.com/2018/05/links-5-3-18.html
...
The toxic legacy of Canada’s CIA brainwashing experiments: ‘They strip you of your soul’ Guardian (UserFriendly). Today’s must read.
...
Big Brother is Watching You Watch

Cambridge Analytica closing after Facebook data harvesting scandal Guardian. Kevin W points out Cambridge Analytica is not dead but merely reconstituting: “Key sentence – ‘Although Cambridge Analytica might be dead, the team behind it has already set up a mysterious new company called Emerdata.'”

Tech giants hit by NSA spying slam encryption backdoors ZDNet

Australia’s Commonwealth Bank lost data of 20m accounts BBC (Kevin W)

Watch Samantha Bee rip into Facebook and tell Mark Zuckerberg to ‘get this shit under control’ Recode. Lead story as of now. I watched the entire clip, which is rare for me.
...

MarkHMay 3, 2018 4:01 PM

Can a "glitch" have a duration measured in months?

Today, Twitter recommended that its third of a billion users change passwords.

For "several months," Twitter's systems were writing plaintext passwords to log files before hashing them. Of course, they claim that nobody actually looked at the passwords, so no harm done!

They apparently characterized this massive, negligent security failure as a "glitch."

Well played, lads.

A Very Nice Human BeingMay 3, 2018 10:06 PM

@Grammar Nazi

How do you respond to allegations you've been defenestrated in a back alleyway?

Clive RobinsonMay 4, 2018 2:02 AM

@ MarkH,

Can a "glitch" have a duration measured in months?

You can not use "the computer ate my homework" excuses in the UK any longer, as British Gas found out some years ago in a Law Lords ruling in a harassment case brought against them by someone who had had enough of being bullied by them.

In essence the rulling was computers are tools created by man and programed by man, therefore men were responsible for the computers actions. Further that senior managment have a duty of care just as they do with their employees to ensure that the computer is not breaking the law or committing other acts in the company name that senior managment had not sanctioned...

The judgment was a bit of a rude shock for quite a few utility and financial companies and I suspect it might be on the TSB's senior managment mind or atleastthat of their legal team.

Thus "a glitch" which is realy a programing error of any sort / duration would be inexcusable in a UK court if a harm occurs because of it. The only excuse available would be a genuine "act beyond senior managment's control" such as a lump of rock from out of space hitting their computer facillity, ie what the insurance industry used to put down as "acts of god". Mind you that said the shareholders could sue even for those seeing as "Disaster Recovery" is part of "ordinary practice" not "best practice" and Twitter have a legal duty of care to their share holders. As for the users, well as they do not pay for the service contract law would probably come into play first to decide their standing and the duty of care Twitter has to them. And any harm caused by the "glitch" would have to be clearly established which might be difficult...

JG4May 4, 2018 10:10 AM


Thanks for the continued excellent discussion and for all the fish.

https://www.nakedcapitalism.com/2018/05/links-5-4-18.html

...

This is what the Warren Buffett empire looks like, in one giant chart MarketWatch

Fewer dark corners for dirty money to hide in FT

The Gambler Who Cracked the Horse-Racing Code Bloomberg

Former Oklahoma Police Pension Fund Chief Charged With Seven Felonies Governing

Amazon halts plan for office tower in Seattle over proposed tax Reuters (EM).

AI researchers allege that machine learning is alchemy Science

A critical security flaw in popular industrial software put power plants at risk ZDNet (CL).

Twitter: No big deal, but everyone needs to change their password The Register. On World Password day, no kidding!

Dark Side of Computers, Smart Phones and Tablets: Blue Light Causes Cancer, Ruins Your Eyes and Makes You Toss and Turn at Night Washington’s Blog. Any blue lights I have taped over, and my machines are set to night mode as well.

...

Big Brother is Watching You Watch

De-Briefing Academics: Unpaid Intelligence Informants (PDF) James Petras. Academics returning from Latin America, but one might imagine academics returning from the flyover states are also debriefed….

Our Famously Free Press

Online anger is gold to this junk-news pioneer PBS (Bill B).

...

Imperial Collapse Watch

It’s Not Just the Forward Deployed U.S. Naval Institute

Weapons Training Likely Causes Brain Injury in Troops, Study Says WSJ

Ranks of Notorious Hate Group Include Active-Duty Military Pro Publica (UserFriendly).

‘Homeland’ Review: Finale Ends a Magnificent Season 7 With a Radical Message for America IndieWire (EM). EM: “I only watched Homeland through season 4 (don’t get Showtime so would buy used DVDs of each season maybe a year after they came out), but while searching for something else on IMDB, happened across this gag-worthy bit of life-needs-to-be-more-like-a-Hollywood-show propaganda:

“Homeland’s” president has never been a Donald Trump stand-in. She’s her own character emblematic of much more than our Cheeto-in-Chief. But her action is the kind of thoughtful, idealistic, self-sacrificing move that he would never make, even if it’s easy to argue he needs to — would the world not be a better place if instead of focusing on when and how Trump’s lies will be exposed (and it’s quite clear he has lied), that he step aside and let the country’s mass healing begin? Would the effort alone, whether or not it works, be admirable? His few remaining proponents may argue otherwise, but it’s hard to dismiss the gesture seen in this fictional (yet studiously relevant) take on America.

And of course the baddies in season 7 – the ones who drive our heroic CIA gal to madness – are the deplorable Rooskies!” Lambert here: “Healing.” Another word to watch out for. Generally the people calling for healing are highly unlikely ever to have been injured.

...

Clive RobinsonMay 4, 2018 12:10 PM

@ Bruce and the usual suspects,

It appears "the beat goes on" with Intel CPU bugs. To quote the article title,

    Spectre-NG - Multiple new Intel CPU flaws revealed, several serious

And a bit further down,

    A total of eight new security flaws in Intel CPUs have already been reported to the manufacturer by several teams of researchers. For now, details on the flaws are being kept secret. All eight are essentially caused by the same design problem – you could say that they are Spectre Next Generation.

As I guessed in early Jan "this is the xmas gift that is just going to keep giving and giving"... But it looks like we are going to have to wait for the "full monty". So fill and put on the popcorn machine and draw up the Lazy-boy stretch out relax and enjoy the show... after first having got your wire cutters out and chopped that network connection and WiFi antenna off your computer ;-)

https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html

Clive RobinsonMay 4, 2018 12:35 PM

@ Bruce and the usual suspects,

You might find this of interest, it's a couple of newish PRNG's based on XOR/Shift/Rotate (XSR)

http://xoshiro.di.unimi.it

I don't think there is enough information to say if it is upto CS-PRNG standards.

But as we know few hardware TRNG's are even close to CS quality which is why the likes of Intel use "magic pixie dust" hashing etc to get sufficient psudo quality to pass the likes of Die Hard etc.

So the use of entropy pools and crypto functions to mix things up a bit and spread entropy about is a not exactly an untried or untested process.

Clive RobonsonMay 4, 2018 3:37 PM

Rowhammer via Javascript on GPU's on Android.

Most here remember rowhammer for fliping bits in adjacent DRAM rows. It needed lowish level access to the CPU.

Well it appears that others have found a way to do Rowhammer attacks. Dubbed GLitch it works via a GPU co-pros using javascript on Android platforms to do a Drive by attack.

https://arstechnica.com/information-technology/2018/05/drive-by-rowhammer-attack-uses-gpu-to-compromise-an-android-phone/

So yet another good reason for turning that godam awful Javascript off and consigning it to the Filling Cabinate 13 of history, and all those web designers go out and learn how to do things securely on their servers not insecurely on other peoples computers.

Alyer Babtu May 4, 2018 4:02 PM

@ A Very Nice Human Being

Provided you are in Prague, the correct response is in the pluperfect subjunctive “Had I not come to Prague, I would not have been defenestrated”. In any other location, one can respond in the negative indicative, since in those places one is merely thrown out of the window rather than defenestrated.

Clive RobinsonMay 4, 2018 4:05 PM

It's Friday, your working week is winding down I hope.

Thus you might be in need of something more than a beer or three and a packet or two of salted peanuts at lunch to restor your normality[1]...

So for those with an engineering bent, this series of "truths" might raise a wry smile,

http://spacecraft.ssl.umd.edu/akins_laws.html

[1] Yes it's a nod to Douglas Adams HHGTTG and the destruction of Earth to make way for a hyperspace bypass ;-)

Alyer Babtu May 4, 2018 6:15 PM

@Clive R - spacecraft

Thanks for the link to the refreshing Akin’s Laws. Engineers must be among the minority of modern holdouts against the intellectual evils of Cartesianism! Many of the laws remind one of observations in Aristotle, regarding virtue (the good) as a mean between extremes, and discernment of the appropriate exactitude in any situation as a sign of a cultured mind. Andronov, Vitt, and Khaikin make similar sounding comments about the appropriate use of mathematics in modeling in the Introduction of their book “Theory of Oscillators”. Years ago a speaker addressing fruitfulness when using quantitative methods pointed out that in WWII Pacific, the best at anti-submarine warfare tended to be geologists, rather than people from physics or math, since they were schooled in making useful extrapolations from incomplete information.

Starbucks WiFiMay 8, 2018 5:30 PM

@Alyer Babtu, Thoth, Sancho_P

Thanks for your feedback.
For some of your ideas, I assume mac addresses would need to be changed at a minimum.
FWIW
Javascript is required for login page; Starbucks didn't use to require Javascript.
Correction: Phone number is not asked for.
I think I read that Dunkin Donuts might not require login. I haven't tried McDonalds recently.
Finally wsj.com has some recent articles about Starbucks.

A few sites involved with Starbucks login include:
https://sbux-portal.globalreachtech.com/signup? ...
https://sbux-portal.globalreachtech.com/terms.html
https://www.starbucks.com/about-us/company-information/online-policies/privacy-policy

The last link includes numerous links to Starbucks, Google, Facebook, PrivacyShield, Etruste, smartsheet.com and others.

Starbucks WiFiMay 12, 2018 5:08 PM

Based on a very limited sample size, Panera and McDonalds allow you to connect to 'free' wifi w/o an email address and while using NoScript. Elsewhere I read Peet's Coffee is a possibility, as are libraries, of course.

FWIW, sometimes I have to choose another web site, or try to force http, not use https, to connect to free WiFi, perhaps a httpseverywhere related issue.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.