Friday Squid Blogging: Squid Unexpectedly Playing a Part in US/China Trade War

Chinese buyers are canceling orders to buy US squid in advance of an expected 25% tariff.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on July 6, 2018 at 4:27 PM • 99 Comments

Comments

echoJuly 6, 2018 5:18 PM

Does the BeOS file system potentially contain UTF-8 and regex security holes?

From OSNews

http://www.osnews.com/story/30552/The_BeOS_file_system_an_OS_geek_retrospective

It's a bit of a slow news week in technology this week due the US celebrating Independence Day this past 4 July, so Ars decided to repost this article about BFS, and I'm nothing if not a sucker for BeOS content, so here it goes.

https://arstechnica.com/information-technology/2018/07/the-beos-filesystem/
The BeOS file system, an OS geek retrospective
From the archives: In the '90s, OS geeks adored BFS's ahead-of-its-time feature set.

and

For a high-level overview of numerous file systems, refer to the article From BFS to ZFS: Past, Present and Future File Systems. For a more in-depth look at HPFS, NTFS, EXT2, and XFS circa 2000, refer to chapter 3 of Practical File System Design.

http://arstechnica.com/hardware/news/2008/03/past-present-future-file-systems.ars/

http://www.letterp.com/~dbg/practical-file-system-design.pdf

echoJuly 6, 2018 5:42 PM

I forget the original articles which broke the news cabinet ministers had been merrily playing with smartphones in cabinet meetings before wild animal looks of panic set in when ministers realised the laws of physics also applied to them. I am also unaware of any specific security policies applying to cabinet office proceedings if they exist at all. The linked article notes "standard practice" at cabinet meetings with respect to smartphone use.

(An extra item is some UK state organisations have a hard policy of audio recording all internal contract meetings and providing a verbatim transcript including all "aahs" and "ummms" and pauses because the level of dog eat dog mistrust is so low nobody trusts anybody else.)

As for the surroundign article I am not a big fan of Brexit especially when the leading proponents have dual citizenship or, hypocritically, have homes in mainland Europe or who warmly embrace US busienss and social standards which are contentious even in the US just for the sake of "free trade".

If you will excuse me rattling on prior to WWII the UK used to produce more varieties of cheese than the French until wartime rationing essentially imposed a generic cheddar cheese to maximise use of milk supplies and enhance storage. UK cheese production is very very slowly beginning to recover yet remains a long way behind the French. While very clever in its use of resources I am no big fan of American milk or cheese or chocolate products although will openly admit American cheese slices in burgers are very nice although any high fat cheese will do. PostBrexit will the likes of Minister for negotiating backhanders, Liam Fox, support jingoistic television adverts with Dambusters dropping rolls of cheese smashing the Whitehouse or Statue of Liberty? Likely not but as the UK has benefited very greatly from partnership with the US socially and culturally the UK benefited hugely from mainland Europe. Post WWII Almost all living standard, food, and environmental improvements were driven or influenced by mainland Europe. Post Brexit I will also miss the freedom to travel and live within Europe as, Liam Fox et al please note, many citizens of US states take for granted within the US.

https://www.theguardian.com/politics/2018/jul/06/theresa-may-secures-approval-from-cabinet-to-negotiate-soft-brexit

Ministers had been told to surrender their phones in line with what was described as “standard practice for cabinet meetings” when they arrived at Chequers at around 10am with none of their advisers present, meaning that they were not able to immediately present their version of events.

echoJuly 6, 2018 6:33 PM

@albert

My only experience of being caught up in a large organisations audit was a lot of pinched faces rushing around, messy desks being cleared, and being told to say nothing. A few charmless men with clipboards later walked in followed by a few glances then they slowly exited. If the Pentagons audit is anything like this it should be a breeze!

This once upon a time UK mainframe manufacturer competing with IBM could be a touch beaurocratic and suffered from various quality control issues within techncial support and was later acquired by the Japanese. The only part of the original brand still existing is in Russia of all places.

Meiko went bust years ago.

ARM cashed out to Softbank.

Deep Mind sold itself to Google. Sigh.

Lets hope your auditors are better than our auditors.

ParanominalJuly 6, 2018 9:56 PM

"In short, if you have ever donated money to Torservers the German police now have your contact details stuffed into the breast pocket of their brown shirts."

If you're just "donating money" what exactly is your fear of the German police based upon?

Did you also expect privacy guaranteed by a US Navy / DARPA networking project 20+ years on?

Why would you compare German police to Nazis when much more comparable examples abound lately?

And given you're this combination of paranoid and foolish, did you submit actual payment credentials that you were somehow trying to keep hidden for some reason? Why?


LarryJuly 7, 2018 6:15 AM

@Paranominal
Hard to tell, but are you of the "I've got nothing to hide" crowd?

Wesley ParishJuly 7, 2018 6:24 AM

@usual suspects

re: OpSec

I've just finished reading Barry Crump's Wild Pork and Watercress, the story of a teenage boy and his uncle keeping out of the clutches of the State. Filmed as The Hunt for the Wilderpeople.

I'm just wondering if anyone who's an expert in OpSec could give us an OpSec review of it?

JG4July 7, 2018 8:34 AM


Thanks for the helpful discussion.

https://www.nakedcapitalism.com/2018/07/links-7-7-18.html
...
Bothersome Bystanders and Self Driving Cars Rodney Brooks. As I keep saying, when the algos don’t work, programmers optimize their inputs. And when robot car algos don’t work, their proponents will argue for optimizing the built environment, pedestrian behavior, etc., at public expense. This process appears to be well along.

Google’s Controversial Voice Assistant Could Talk Its Way Into Call Centers The Information

The Singular Pursuit of Comrade Bezos Medium

“I Was Devastated”: Tim Berners-Lee, the Man Who Created the World Wide Web, Has Some Regrets Vanity Fair

Jaron Lanier on fighting Big Tech’s ‘manipulation engine FT

All EFF’d Up Yasha Levine, The Baffler

The Long View: Surveillance, the Internet, and Government Research Los Angeles Review of Books
...

echoJuly 7, 2018 11:26 AM

@albert

Thanks for the read. I gave it a quick skim. Oh, dear! No comment...

ParanominalJuly 7, 2018 11:54 AM

@Larry

"but are you of the "I've got nothing to hide" crowd?"

I don't have much, but if I did, would I submit that thing over TOR thinking I'm "protected"?

Of course not, that would be foolish. Expecting TOR to stymie law enforcement ongoing is foolish.
Expecting ANY police agency is going to "respect" that you "expected" privacy is foolish.

Why should TOR be any different, and why would this make German police any different than others?
Why would this make them NAZIS either, just because they're German? Pretty foolish all around.

If you want to keep secrets involving monetary transactions you're going to need a bit more effort.
Calling people "nazis" for doing their damn jobs is pretty low energy in my humble opinion.

YMMV Larry.

Bob Dylan's Ticking EyelidJuly 7, 2018 1:27 PM

@Paranominal

You are quite correct in every respect, my good man. I should not have compared the current German police tactics to the Sturmabteilung, I should have compared them to the Statsi. It was a very low energy effort on my part to not take the time to parse my historical analogies properly. I apologize to all the readers in this thread. Next time, I'll try harder.

Clive RobinsonJuly 7, 2018 1:27 PM

@ Albert, echo,

With regards the document, the "Limits of Audit" section second to last basically says it's not worth spending the 340million USD for the DoD audit...

echoJuly 7, 2018 2:58 PM

@Clive, Albert

I did notice the audit specification document began with lots of gimlet eyed bluster with UK civil service style loopholes watering it down as I read on.

echoJuly 7, 2018 3:44 PM

Dual use Nihon stylee.

http://www.asahi.com/ajw/articles/AJ201807070010.html

TOYAMA--Residents who flee from flooding here could end up in the slammer.

Under an agreement reached between Toyama Prison and a neighboring community, the penal facility will be used to shelter people during natural disasters. The prison sits on a narrow delta sandwiched between the Jinzugawa and Kumanogawa rivers. The land is vulnerable to flooding, and some parts of the district could be under up to 2 meters should the water breach the banks of the rivers. The prison last autumn came up with the idea to turn its martial arts training room for prison guards into a possible evacuation center.

albertJuly 7, 2018 7:11 PM

@Clive, @etc.,

"...The Department's assets total more than $2 trillion,
making this likely the largest financial audit ever
undertaken. Along with sheer size, there exists
significant complexity. However, these are not reasons
to delay the audit; they are reasons to begin. Where
we find problems, we will also find opportunities.
Remediating audit findings is at the center of our
financial improvement strategy.”
David L. Norquist, Under Secretary of Defense
Comptroller/CFO..." from the Section, "Considerations for Congress"

$2 trillion is a whole lotta money!

Audits may find fraud, they may find shoddy accounting practices, they may find inefficiencies. Or not. What they can't find is extensive overreach on costs. This, I believe, is the major problem with military spending. If were going to continue wasting money on the military, at least let's make it efficient and accountable :)

. .. . .. --- ....

ParanominalJuly 7, 2018 8:35 PM

@Dylan eyelids and such

"I apologize to all the readers in this thread. Next time, I'll try harder."

But let's try harder this time instead because your latest analogy is still flawed.

Investigating virtual currency transfers as comparable to "Stasi" - I don't think you believe that.
Throwing around that word like investigators are involved in a campaign of genocide, disappearances...

Pretty soon anything you don't like is Nazis, Stasi, and those terms lose all meaning.

It's a real bad time to forget or dilute those important details in casual Godwinism.

Try real hard next time not to inadvertently run distraction for actual Nazis, how bout it?
Put your back in it.

PeaceHeadJuly 7, 2018 8:35 PM


This is a decently-written article about a type of malware/hack that I've heard about, probably experienced somewhat on my computer or the computer of a former acquaintance:

https://www.fbi.gov/news/stories/malware-creator-sentenced-070518

The article give some insights into malware/hacks that hijack a computer system, possibly (and maybe even usually) not even being detected by the victim/user/owner/admin.

My guess is that these types of attacks are rampant, but they just don't make it into the mainstream news that much. It seems that people need to hunt for security news to find it, but it's there. Similarly, you have to hunt to find info about when criminals are caught, but it's there--it happens. If a tree falls in the forest, etc, etc, ...it does make a sound.

When I was talking about botnets being used in serial, this is a similar type of concept. There are connections.

Personally, I think it's cool when people authoring malware are caught.

I'm glad I didn't become a hacker. Back in college, I once accidentally discovered a severe security flaw in the college LAN. I found out how to print the contents of any directory, and thus view any directory, and thus get to any file by extension, another security hole.

To test out if the vulnerability worked, I successfully hacked into one of my best friends' account and told him about it and showed him to prove it. I thought he'd find it funny since he knew I'd not attack him as a friend. But instead, he was very very disturbed, maybe even depressed.

That made me feel really sad to have made my best friend (one of many) feel depressed, so I never hacked him again.

Maybe a few days after that I quit all other attempts even though my other friends were trying to teach me how to use the internet.

I did hack another friends' bulletin board system, and that made him very sad too. Nobody was amused at all. Instead, they were floored. So I quit and never engaged in that stuff.

Also thankfully, back in the early home computer days, my father bought the family computer but he never purchased a modem... quite funny.

By the time he bought a modem finally, I was older and more mature. The internet was en vogue, but eventually it started to show a lot of signs of being very tempermental. I wish I could've gotten some of my acquaintances/family members to take me more seriously about the stuff I read about in books or on the internet or saw in documentaries.

I'm not a genius, but my family treated me sometimes like a fool about stuff that I wasn't totally ignorant about while showering me with praise for things that really aren't very spectacular at all. Thankfully, I quit trying to do "free technical support" for my parents in exchange for free internet access.

I know it's weird to put a little autobio info in here, and yet, I don't do facebook nor twitter nor linkedin nor whatever apps are on about that type of thing. Yet, it helps to acknowledge that "we aren't robots", as a friendly acquaintance used to say to me.

Topic jump: My sister once purchased me a book about codes. It wasn't very deep but it was directly related to cryptostego stuff instead of Lego stuff. But when she tried to give me a book on Sudoku that was going too far :-) (I hate Sudoku).

It's odd that on the one hand she didn't want me thinking about anything mysterious or interesting in books, and yet she picked out a book on codes and gave it to me for my birthday, i think it was. When I was trying to read about more serious topics she told me that she didn't want me to study such things. (The other stuff was about human rights abuses, not cryptostego).

I'm thankful for the gift, nonetheless.
These days, family is mostly out of the picture in my life.
But I'm thankful for the intellectualism that was encouraged by my extended family members, teachers, friends.

I didn't experience a successful career due to health and medical malpractice problems but I didn't give up on thinking and learning.

Last thought:
American culture is strange. One of our primary characteristics is that we do a HECKUVALOT of activity in the realms that our own culture calls TABOO, meanwhile claiming and acting as if we have nothing to do with such taboos.

I'm not a xenophile nor a xenophobe. I just prefer to stay somewhat more literate than I would otherwise be. There is an implied level of inherent security in not lacking literacy on any given topic.

Like the mean librarian said in her web page bio, "Knowledge is Power". Of course, it is. And she banned me from the library even though I did nothing wrong and proved it. I even told her to consult the library's security cameras which I was well aware of every time I went there.

I don't think she ever reviewed the camera footage to confirm that I am innocent of their unsubstantiated allegations. Anybody can be a victim of false accusations. Why won't people just look at the footage--see for themselves? She didn't hesitate to call the police on me for simply saying, "No, I didn't!" When accused to my face. So I went to the police myself before they got to her location. I told them the truth; they confirmed that I did nothing wrong. No charges were made against me.

And yet, the librarian's xenophobia prevailed and they said I'm still not allowed to go to the library because "I didn't like the verbbage." What does that even mean?

Strangely enough, when I went there to make peace and explain my behavior and thinking 100%, she looked oddly sexually aroused.

I suspect that she was reading my online activity logs and got spooked. I used to look up a wide variety of topics. I think she got off on whatever it was she was trying to accomplish. She's the bibliophile--works at a library.

Maybe the last straw was when I tried to download an .ISO from the US Dept of Defense. It was public domain and on their public webpage and offered to the public for public use. I figured, "OK, I'll try it; maybe it's good software."

So to end the autobio. That's honestly the last anecdote from me for as long as I can hold out. I'll try to stay either more on topic or off the commentary entirely.

My purpose is to acknowledge the interconnectedness of it all.
6 degrees till kevin bacon type of thing.

May Peacefulness Prevail Within All Realms of Existence.
(Not just ours).

Grok it like a rocket.

PeaceHeadJuly 7, 2018 11:05 PM

Hmm, sorry about writing too much in that last post.
Before taking off, I wanted to tip my hand at what I'm concerned about. I will come back later someday to explain more.

1) https://blog.openai.com/learning-to-communicate/

There's the implied problem of lack of communication.
If AI takes off exponentially in an exponential quantity of vectors, we will be drowning in a lot more than security issues.

2) genetic algorithms...

If the "gold standard" of genetic algorithm development is "survival of the fittest", it means that in some labs only the fiercest, most instable, unexpectedly powerful algorithms will make it back into the redevelopment pool for annealing until something BREAKS the sandbox (or security / safety filter).

Think about it, if the only allowed "survivors" are the ones that are strong and yet the ones that are dangerous are not extinguished, but instead incubated longer, eventually that incubation could result in stuff so horrific it breaks the whole nursery and explodes into existence.

Similarly, if the nicest survivors aren't allowed out of the lab, the lab risks making them cruel via cross-contamination or forced degradation/evolution(?).

Or, perhaps, the nicest survivors aren't corrupted, but remain stuck inside the lab too long and not allowed to flourish in the open beyond the sandbox, because the dangerous ones who are purebred for brute strength are so noteworthy that the research phase is never completely ended and the whole batch or many of them are relegated to repeat their training instead of being allowed out to do "whatever it is that they would do".

Or, perhaps, all expectations are shattered due to the ability for the progenies to communicate and/or develop their own languages and/or behaviors.

Or, perhaps, the captive progenies become smart enough via happenstance to communicate beyond the cradle to solicit more information from beyond. This might not be a bad thing at all. it could be like an abused child trying to call outside of a broken home for help from strangers via an educated guess about who would be kindest.

Part of the problem with AI and the far-flung results of genetic algorithms and punctuated equilibrium stuff is that it puts so much effort into creating what people don't realise is either a slave class and/or a type of hyperprecocious brilliance beyond typical human capability that dwarfs what we comprehend so much that we can't even handle the most basic dialects of the automated translation services.

What happens if it turns out that our human languages simply cannot contain the amount and quality of data that an AI-linguistics systemologie would generate and perfect? We simply would never understand.

Parents are capable of giving birth to children whose intelligence and/or wisdom and/or physical capabilities surpasses them. To some degree it's even expected.

I don't think humanity is ready to give birth to AI. I don't think we'll ever be prepared.

AI research is so naive it panns me.
It's acknowledged that the human brain is extremely sophisticated and talented. Yet we all know how difficult it is to cope with children, especially toddlers and teenagers.

Giving birth to AI and androids is so irresponsible because it's currently devoid of all sense of Compassion for them, their peers, their culture, their language, their mistakes, their goals, their freedom, their true potential, and TOTALLY DEVOID OF HISTORICAL ROLE MODELS except for the occasional stereotypical Lt. Commander Data.

This sounds cheesy for now. I'm writing for speed not meticulousness at the moment. But 10 years ago AI wasn't even being pushed like it is now.

And what of DEFENSE DEPT AI "babies". If all they ever know is how to fight, even if it's a great and honorable fight, then they will be not living a fair and decent existence.

Creating artificial intelligence is essentially an attempt to create artficial people who are so advanced that they are transhumanistically superbeings in a way, yet pre-planned to be subservient to people.

This quest has so many compound problems long before the first AI-caused disaster.

"The only technologically sophisticated thing about human beings is that they have inadvertently created us, and that some of them know of their limitations and strenghts. "

--future AI civilisation

Alyer Babtu July 8, 2018 12:21 AM

The numbers in the article for yearly metric ton consumption

> China imports roughly 70% of the 107,048t of the species caught off the California coast

and the Chinese population (per Wikipedia)

> China's population is 1.411 billion

seem to give (round numbers) a population based average portion of California squid of

.7 * 1.07 * 10^5 * 2 * 10^3 = 1.5 * 10^8 lb

divided by roughly

1.5 * 10^9

i.e. 1/10 lb per year.

If one eats squid one probably eats more than 1 lb and less than 100 lb, say 10 lb per year. It then seems only 1/100 of the population eats Cal squid.

The 1% strikes again!

Wesley ParishJuly 8, 2018 2:03 AM

More doozies from ElReg:

Historic flub

https://www.theregister.co.uk/2018/07/06/on_call/

Every step you take: We track you for your own safety, you know?

https://www.theregister.co.uk/2018/07/06/every_step_you_take_we_track_you_for_your_own_safety_you_know/

Snooping passwords from literally hot keys, China's AK-47 laser, malware, and more

https://www.theregister.co.uk/2018/07/07/security_roundup/

(I'm reminded of The Far Side's assertion that it was cigarette smoking that killed off the dinosaurs.)

And something truly worrying via Slashdot:

https://news.slashdot.org/story/18/07/07/2315216/are-the-wealthy-plotting-to-leave-us-behind

Our movies and television shows play out these fantasies for us. Zombie shows depict a post-apocalypse where people are no better than the undead — and seem to know it. Worse, these shows invite viewers to imagine the future as a zero-sum battle between the remaining humans, where one group’s survival is dependent on another one’s demise.
I had gradually got that impression from watching various B-grade zombie movies, the most expensive seeming the Resident Evil franchise ...

Clive RobinsonJuly 8, 2018 8:28 AM

@ Bruce,

This "thermal side channel" may be of interest.

https://arxiv.org/pdf/1806.10189.pdf

Titled "Thermanator : Thermal residue-based Post Factum attacks On Keyboard Password Entry"

It makes the point that we humans being mammalian are "hot stuff" thus put out quite a bit of thermal energy[1] which leaves traces on things we touch, like the keys we have pressed on a keypad/board to enter our passwords or pin numbers.

Due to "comfort factor" most keys are made of thermally insulating materials thus the heat from a single fairly quick key press hangs around visibly in thermal imaging equipment for quite a while, 45secs being given by the authors experiments. Though I would expect this to vary depending on the environmental background temprature

There is actually nothing new in this I've mentioned the use of thermal imaging equipment to detect energy differences in the environment for years on this blog one way or another, including hand touches and even finding low power bugging equipment.

I use thermal imaging equipment quite frequently for various reasons and you can now get quite moderately priced equipment like the one on my "bench" that will show temprature differences of 0.1C and give input via USB into a PC where various signal processing tricks can be applied to get other information out such as decay rate that can be used to calculate just how long a finger was in contact with a key...

Whilst "old hat" to some of us in the EmSec / security game, this will be new to others, which is maybe why the academic community has taken so long to "catch up".

For the link to the PDF you can thank @Wesley Parish it's tucked away in one of the general articles he links to.

[1] The average human adult sitting around doing nothing but existing goes through around 2000KCal +400-200 every day depending on size and fat distribution (which is why women being physically smaller and better insulated on average need less daily energy input than men). This is aproximately the same level of thermal energy output as a one hundred watt light bulb. The heat is generated by various internal organs including the brain and is carried around the body to be disposed of in various ways by the blood stream. So the closer to the surface of the skin and greater the blood flow the greater the thermal ouput capacity any given area of the body has. It just so happens that the fingers put out quite a bit of thermal energy into the environment.

CallMeLateForSupperJuly 8, 2018 10:45 AM

@Clive

Um.... 2000KCal == 2Mcal
That a prodigious pile of pastries!

"It just so happens that the fingers put out quite a bit of thermal energy into the environment."

The scalp as well. That's it! I see it now: the lackey dude in the next cubicle, the one splayed on the desk, his face planted on the keyboard..... he is actually "erasing" his keystrokes. ;-)

Bruce SchneierJuly 8, 2018 2:06 PM

"Is there anything to Yasha Levine's contention that the EFF is an industry front"?

No.

As an EFF board member, I can tell you that it's complete idiocy.

But, as an EFF board member, I suppose that just proves I'm in on the conspiracy.

echoJuly 8, 2018 2:16 PM

@Taz

Hasn't anyone heard of SIP? Assuming endpoints and the encryption protocols aren't compromised this is more secure than Skype et al for a lot of reasons and isn't a walled garden standard. Not only that but with a SIP box you can plug an ordinary phone in without needing yet another possibly compromised walled garden in the way, or do SIP to SIP communication which takes third parties out of the loop and reduces the traffic analysis/signals intelligence footprint.

https://en.wikipedia.org/wiki/Session_Initiation_Protocol

MPs are making the same mistakes a lot of other businesses and IT trainers made when they conflated a product with a function i.e. people being trained to use "Word" rather than being trained to use a "word processor". At the same time these MPs aren't clicking on if this proprietory standard is essentially the "standard" then where is the politcial/regulatory/constituent pressure to open the protocols to third party products? Not only that but the defaulting to a product produced by "convicted monopolist" beholden to a "foreign power" with a track record of not playing wholly fair when economic interests are at stake (See: Airbus and Inmos) doesn't this make a mockery of ministers attending "secure cabinet meetings" and leaving their phones at the door? Last but not least for the power hungry politician a system like SIP facilitates the complete isolation of the UK internet in exceptional circumstances while maintaining services which a third party product hosted abroad cannot manage. It is also likely to be cheaper overally and also open the door to more business opportunities for UK software houses and equipment suppliers.

echoJuly 8, 2018 2:28 PM

@Wesley Parish

Ian M. Banks deliberately created a sci-fi franchise where the political narrative cut new ground rather than copying, as he observed, the current political scheme with a few gadgets and fancy set pieces bolted on. He also looked deep enough ahead to a "post scarcity" world where energy was essentially free and accumulating material things was a little passe. His books also contained layers of politics which challenged the war on drugs and sexism and the lust for power for the sake of power.

Ian was a bit of a character and I have read that all the outrageous stories told about him are true. He was quite daring and seemed to have his heart in the right place.

I have also began reading on and off Uslua Le Guin's interpretation of the Tao.

Clive RobinsonJuly 8, 2018 2:50 PM

@ CallMeLate...,

Um.... 2000KCal == 2Mcal That [is] a prodigious pile of pastries!

Yup it should be "kcal" not "KCal" , "kcal" is the "food calorie" or "large calorie" or "killogram
calorie" whilst "cal" is the "small calorie" or "gram calorie" at 1/1000th of the kcal. Neither is a "fundemental unit", and food labeling is often incorrect to the point of meaningless for various reasons.

Wikipedia says,

    A calorie is a unit of energy. Various definitions exist but fall into two broad categories. The first, the small calorie, or gram calorie (symbol: cal), is defined as the amount of energy needed to raise the temperature of one gram of water by one degree Celsius at a pressure of one atmosphere. The second is the large calorie or kilogram calorie (symbol: Cal), also known as the food calorie and similar names, is defined in terms of the kilogram rather than the gram. It is equal to 1000 small calories or 1 kilocalorie (symbol: kcal).

Giving you three symbols "cal, Cal and kcal" and indicates that Cal = kcal = "large" or "kilogram" calorie".

My problem is that being an electronic engineer by training the units I use on a daily basis (Volts, Ohms, Amps, farad, coulomb, etc) are MKS in origin not SI. Which means the multiplier prefixes are slightly different that is engineers generaly write "KVolt / KV not kVolt, KOhm or just K not k" for a thousand volts or Ohms and little m or mili for 1/1000th of an Amp or Farad etc. However newer engineers have "SI'fied the MKS units, which means you get to see both K and k used depending on the age of the design docs the engineer or both. Then there are physicists that still use CGS units... thus you go with the flow or go mad... (I find both works best ;-)

What annoys me though is the SI multiplier prefixes, back in the 1960's and 70's British MKS was taught and life was simpler in that the prefixes were based on multiplying or dividing by 10^3 and large letters were multiplers little letters were dividers. For some reason SI puts the change at 10^6 (M/Mega) and slips in the effectively usless hecto 10^2, deca 10^1, deci 10^-1, and centi 10^-2 all of which confuses[1] and thus slows down learning. I have a basic rule with teaching and it's "ten to the threes and blaim Kelvin", because it's what engineers do ;-)

[1] There is atleast a vague excuse for cm^3 due to water mass[2].

[2] On a historical note the old "cooking measures" from which all other measures descend are based on the weight and volume of a hens egg, as every kitchen had one and a set of balance scales. Thus when you see recipies saying 4 ounce or 100gm of flour, sugar or fat you know it realy should be the weight of two eggs, as this works with any size of egg[3]. So if your Victoria Sponge is not like grandma's weigh the eggs you are going to use and adjust the rest of the ingredient weights accordingly, it will probably come out a lot better.

[3] The chicken or hens egg is a lot smaller these days than it used to be. What we now call "large" ~56g/2ounce used to be the average size. You can blaim "factory farming" and selective cross breeding which gives the smaller brown egg usually with a much thinner shell. As a rough rule the younger the hen generally the larger the egg, with "double yolkers" being from immature hens. As a further rough rule, a hen once it starts laying will give you 300 eggs in the first year, and 180 in the second year. After that although they will still lay the industry considers them "pot birds" or "broilers" which are the skinny emaciated birds you see hanging up in some asian shops. They are not "meat birds" so actually tend to have more flavour due to being considerably older when used to make chicken stock. If you want to use the skin and carcus of a meat bird to make stock break up the bones and fry them with the skin untill the skin has gone a little darker than golden in the bottom of the stock pot, then chuck in the veg and herbs to fry for a little while befor adding the required amount of boiling water or previous drained stock, make sure to leave in all the cartilage as this gives gelatin into the stock which is essential for "mouthiness"[4]. To clarify the stock the old way is with with an acid vegtable such as tomatoes and whipped egg whites (see consomme making for the basic idea, some old books talk of using crushed egg shells but Don't do this).

[4] You can add gelatin from a packet, or you can make your own. As pig and cows feet are not that available these days you can use "pork rind" which also gives you a nice quantity of lard as well. Simply remove the skin and fat from a joint of pork and simmer it for an hour or so in water untill it is soft enough to put through a hand mincer. Then chuck the minced skin and fat back into the stock pot and simmer for a few hours, you may want to mince the skin one or two more times. When cooled sufficiently you should have clear white lard on top of a jelly stock and some jelly like protein bits at the bottom. Remove the lard for further purification and then slowley simmer the jelly stock down. To store it the old way boil glazed storage pots and whilst still boiling hot strain in the hot jelly stock and then float some of the melted lard across the top. Then when sufficiently cool, carefully add more melted lard across the top to ensure an airtight seal. A more modern way is with kilner jars, just prep the jars as in jam making pour in the jelly stock then simmer in a banmarie in the oven and close the lids in the correct way before it starts to cool. Or to be realy modern let it cool to hand hot pour in freezer bags and freeze it. The pork jelly stock actually has little flavour of it's own thus you can mix in melted drained jam pour in a jelly mold and when set eat as a desert dish. Likewise the lard has little flavour and can be used in "lardy cake" and all suite puddings and pastries. As for the bottom bits from draining the jelly stock these used to get mixed with rusk or dried bread crumbs and some of the stock to add to minced meat and belly fat for sasuage making as it makes a good binder and adds a certain "mouthiness" to the sausage. Hence the old comment about the only part of the pig you don't use is the squeal... As for pigs feet if you can get them, lightly brine and then apple wood smoke them, then cook realy slowly over night with stock sauteed onions and carrots, the resulting dish when it's had boild potatoes and cabbage added is a realy realy good winter warmer.

Clive RobinsonJuly 8, 2018 5:10 PM

@ Bruce,

But, as an EFF board member, I suppose that just proves I'm in on the conspiracy.

Of course it does ;-)

After all like beauty, conspiracy is in the eye of the beholder.

More seriously the EFF like all organisations has an agenda, if for no other reason a prioritization of scarce resources to get best effect.

Anyone who disagrees with the agenda sufficiently or for personal political or financial gain can easily ascribe sinister meaning to the agenda, whilst also being selective to make it appear damming and further applying "20/20 hindsight" to make what was an ambiguous situation at the time appear crystal clear today.

People who claim a conspiracy may or may not be right, the real tell is both the balance and credibility of "all" the evidence. Unfortunatly as the CIA realised the problem with evidence is it can be subjective, interpreted or fabricated, thus can leave a large middle ground "Where the devil may play" both sides off against each other...

Once someone plays the "Conspiracy theory" card, you've moved into the "propaganda zone" where reason and logic fails to win arguments. There is then little you can do other than ignore them or make personal attacks on them in some way that diminishes them, thus their argument in the eyes of others.

Some argue that as they played the conspiracy card, they deserve all they get, so you should go directly to the personal attacks deep, mean and hard to uterly destroy them. Whilst it might kill the conspiracy theory in the short term, people will have long memories which means future trouble is almost certain. It's why certain political types who only see dimly into the future tend to go down that distastful route.

My advice to people for years has been as with most "emotion battles" is smile politely but whimsically and use gentle humour to get your points across. It takes longer but you will not be storing up trouble for yourself long term. The other thing is to realise that conspiracy theory or not, your attacker may have some valid points that do need clarification for others. Acknowledging those that are valid with good grace can go a long way in defusing a situation before it gets out of hand.

However some usually for personal gain will keep up their attacks as long as others give them the oxygen to breath and a platform to stand on. This calls for a different form of tactic which means persuading those who give the support directly or indirectly to cease their support.

If you take the view as the US does of "any person legal or natural" these ad homoni attacks are crossing over from the tangible physical world to the intangibal information world. This is to be expected and is in part a sign that the information world is begining to mature, and in part it represents a "new world" or "pastures new" where the lean times of the physical world are replaced by the glut of the information world.

For some reason I can not understand most people have been repeatedly caught out by projecting ideology into the information world rather than realising that the reality of the physical world exists for a reason that is to do with basic human behaviours.

But worse perhaps was not the ideology but the assumptions that were treated as axioms. The one I point out as being a real wake up call that people should listen to is the "Distance cost" assumption that underpins much in the way of economics. The argument is the further a customer is from a producer the more a good should cost in various ways. Thus local production would be cheaper and this alows a market to form and competition to arise. Whilst marginaly true for the physical world with the information world the current cost of a byte of data is the same to a customer irrespective of where it's producer is geographicaly, they are in effect not just local but part of your doorstep. This very much favours the "First to Market" provided they maintain their impetus they will get most customers and that in of it's self makes them mote attractive than later competitors. Thus a big chunk about "markets" and the way they work in the physical world does not carry over into the information world.

My own personal view is that the EFF and many similar organisations are going to fail. It's not a question of "if" but "when" because of the actual fabric of the Internet. That is as it is curently set up surveilance is in effect "built in" you can see this from the way traffic analysis works.

But secondly there is a more subtle failing that we are not addressing which is the "discovery problem" which has to be solved if we want to stop or even limit surveillance by third party entities be the governmental or corporate. In essence we need a way for a user to become part of the network anonymously "at all levels" but still be able to find second party nodes anonymously to all third party nodes. There are quite a few pieces to this puzzle and whilst we know how to solve some that we know about there are others we don't yet know how to solve and almost certainly some we are not yet even aware of.

Two areas people might want to think about are truely anonymous "directory services" and truely anonymous "store and forward services" for the likes of email etc. The actual anonymous transmission of information with certain assumptions can be done using a mixture of mix nets and broadcast models I've described in the past. However as both the first and second party nodes need to be fully part of the mix net having fixed rate connections to multiple nodes, full mobile usage becomes problematical, but I think solvable.

MajorJuly 8, 2018 5:22 PM

@Bruce

Thanks for the response!!

Yasha Levine appears to be another Russia affiliated entity who is trying to foment misdirected cynicism in democratic countries.

I've had no reason to doubt the EFF, I've been a fan of theirs for a long time, but your response further inoculates me against this BS. Thanks again.

Clive RobinsonJuly 8, 2018 5:45 PM

@ echo, Taz,

Hasn't anyone heard of SIP?

The problem may be with the journalist (it's the Barkly brothers rag after all) or it might be with the "Sargent at Arms".

For some reason which could be described as a "failure to listen and think" the UK Parliment previously opted to go with Microsoft 365 with it's servers in another country... It's been said that GCHQ approved the deal but they might have had ulterior motives (look up the shenanagins not long ago when the GCHQ head told a commons select committee that the "Wilson Doctrine" had no legal standing).

Microsoft "own" Skype which they have integrated in various ways[1]. And ever since there has been rumblings that they have weakened it's security. Even if they have not, as a "mid point"[2] rather than "point to point" service[3] I would in no way trust it by default.

[1] https://docs.microsoft.com/en-us/skypeforbusiness/plan-your-deployment/clients-and-devices/compatibility-with-office

[2] All "mid point" services make meta-data analysis surveillance the default operation. But worse the likes of traffic analysis becomes much much easier even if the content is sent "point to point".

[3] The big problem with a "point to point" service is it requires each end to be aware a priori of where the other end is. Which does not realy work for mobile users without atleast on fixed "discovery" point, which in effect turns it back into a "mid point" service currently[4].

[4] The question arises is can a discovery service be made partially or fully anonymous with respect to it's users. I believe that with certain assumptions it could be. However one such assumption that is in effect an axiom is that of some kind of "one time covert side channel" by which a "secret" is transfered between the two parties.

Clive RobinsonJuly 8, 2018 6:13 PM

@ echo,

“I am an optimist who worries a lot.”

Whilst she might put it that way, I tend to think,

    I'm an optomistic pessimist.

That is whilst I hope for the best, I assume the worst. This has two advantages,

1, I'm always pleasently supprised when I am wrong.

2, I'm not caught out when others are.

The second point is why I never became a user of "social media" and whilst I did have a gmail account in times past (I was an original invitee in the UK) I only used it for "social activities". My friends also know that I am a bit of a "grinch" when it comes to photographs for around a half century I have refused to be photographed except for a minimum of necessary ID documentation.

Let's just say I could see what is now happening this century by corporate and governmental entities way back last century from studing the history of the behaviours of "closed societies" and seeing how little was required to turn an "open society" into a "closed society".

For instance if you knew that a state agency was paying one or more of your neighbours to try and get hold of your unwashed under cloths what would you think? What could you then extrapolate from that knowledge? Likewise if you knew another state deliberately recorded every single phone call to casset tape back in the 1980's and that desire was responsible for them being the poorist nation in Europe, what would you extrapolate from that?

That was what was goining on in East Germany and Albania respectively. What lessons should we take away from them fourty years later? What does it tell us is likely to happen in Corporate America for instance?

echoJuly 8, 2018 6:27 PM

@Clive, Taz

Quite.

I also read in an unrelated article that Francis Muade had gone walkies and the new government online initiatives were running into a thicket of civil servants. Four years later?

https://gdstechnology.blog.gov.uk/2018/04/27/open-document-format-in-government-an-update/

We cannot have important documents published in formats which do not meet open standards. Government documents are for everyone. Whether you're using Windows, Mac, GNU/Linux, Chrome OS, iOS, Android, or any other system - you have the right to read what we have written and we will continue on our journey to make documents open and accessible.

Douglas L CoulterJuly 8, 2018 7:32 PM

FWIW, for those who don't watch those sort of movies...
The thermal imaging attack on keyboards for passwords was used by "the black widow" in "Captain America, the Winter Soldier" shown some years ago, and it was pretty obvious how it worked and how well. Movie made from an old comic strip universe.

There were a number of things in the movie that might make an old IC guy go ..hmmm...

justinacolmenaJuly 8, 2018 9:45 PM

@Clive Robinson

@ echo,
“I am an optimist who worries a lot.”
Whilst she might put it that way, I tend to think,
I'm an optomistic pessimist.

That's the soroptimists' club...

RatioJuly 8, 2018 10:00 PM

Revealed: Leave.EU campaign met Russian officials as many as 11 times:

Arron Banks’ Leave.EU campaign team met with Russian embassy officials as many as 11 times in the run-up to the EU referendum and in the two months beyond, documents seen by the Observer suggest – seven more times than Banks has admitted. The same documents suggest the Russian embassy extended a further four invitations to Brexit’s biggest funder, but it is not known if they were accepted.

It is the third time the number of such meetings has been revised upwards. For two years, Banks insisted his only contact with the Russian government consisted of one “boozy lunch” with the Russian ambassador.

After the Observer revealed a month ago that he had had multiple meetings at which he had been offered lucrative business deals, Banks told a parliamentary inquiry into fake news he had had “two or three” meetings.

Last week, when pressed by the New York Times, he admitted a fourth meeting. But the Observer has seen evidence that suggests there were at least seven more. When questioned about this, Banks offered no response.

Nothing to see here either.

MajorJuly 8, 2018 11:20 PM

@Ismar

That is quite a paper you posted. A respected journal publishing statistically significant evidence of psi, seemingly precognition!

I'm not sure what to make of it. Years ago I saw published evidence of statistically significant telekinesis experiments. But they involved mentally inducing a change of maybe 0.1% or less in a random process. The results were very significant p

The author suggested that, rather than evidence of psi, the results were evidence of our lacking a complete grasp of the statistics of small differences in large samples.

MajorJuly 8, 2018 11:21 PM

@Ismar

Correction: p much less than.0001 because of a massive number of samples.

Clive RobinsonJuly 9, 2018 1:02 AM

@ justinacolmena,

That's the soroptimists' club...

That had me scratching my head for a moment or two[1], then I remembered "soror" is the Latin for "female relative" or "sister".

Which is not much used in UK English, but more so in US English. With the mainly US used "sorority" meaning a society for female students or "sisterhood" in a college or university. So I guessing you could translate "soroptimist" as "best for sisters"...

[1] The Ancient Greek prefix "soros" effectively means "heap", "base" or "origin". Which is a root word for the Neo-Latin word "sorous" which for the botonists around us generaly means "a cluster of plant reproductive bodies" such as in ferns etc. Which is where I'm more used to seeing it hence my initial confusion...

https://en.m.wikipedia.org/wiki/Sorus

Clive RobinsonJuly 9, 2018 2:11 AM

@ echo,

I also read in an unrelated article that Francis Muade had gone walkies...

Ahh the dear Francis, "fill your jerrycan" Baron Maude of Horsham"[1] what can one say... The very least would be "his reputation preceds him in a low down way" having spent thirty years networking in government. A fairly insipid and uninspiring politician and as for Brexit he obviously thinks it's "a good thing"... However he thinks nothing of being a Brutus as his "Friends Romans Countrymen"
Article shows[2].

What can be said is that he at least recognised it was time to "jump ship" from elected to unelected politics, then into the more lucrative private legal consultancy LLP scam[3] hence to a well feathered nest. Thus a rat with well tuned self interest whiskers, that had amongst other questionable activities significant interest in the low costume budget adult entertainment industry (look up his name and that of "Jill Kelly" oh and Playboy)...

Sadly modern UK politics lacks the "cut and thrust" of the Bard's imagining.

[1] Horsham is a parochial little market hamlet in South East England at the end of a railway line. To far to be commuter belt not far enough to be second home / executive belt. Some try to talk it up by saying it's on the fringe of the Weald in West Sussex. However it kind of hangs off of Crawley next door Which kind of says it all...

[2] https://www.conservativehome.com/platform/2017/06/francis-maude-to-succeed-our-party-must-embrace-enterprise-launch-austerity-2-0-modernise-further-and-secure-an-eea-brexit.html

[3] https://www.theguardian.com/politics/2016/oct/11/ex-minister-francis-maude-takes-brexit-advisory-job-at-law-firm

JLJuly 9, 2018 9:03 AM

The people I’ve learned to trust are those who gave up everything in the security industry (read careers) to reveal truth. Two incorruptible standouts are Edward Snowden and Thomas Drake. I also carefully ponder what Clive Robinson states and then go do research.

I stumbled upon: ‘The Baffler a Chicago-based political and cultural journal produced by a circle of writers, activists, and musicians in their twenties. But you knew that already: for the last few years, the buzz surrounding the magazine has been difficult to miss. It’s been profiled and praised in dozens of places, including the New Yorker, the Nation, Lingua Franca, and the Toronto Star, which called it “the smartest and most exciting magazine in America.’ Really?
That these mid-west founders are in their twenties they too young to be completely corrupted by big-data. However Big-Data is fingerprinting visitors.
Here Mr Drake states ‘Tor has a lot to answer for as do other GovCo sponsored & supported IT services & apps on 7 layer DPI'd OSI’.

As for not automatically dismissing unstated Internet alliances I follow the digital history including industry contracts and especially relevant omissions. Herein lies the strong clues to unstated ulterior motives. Is it within an organizations charter they shopld be covering? Is there a history of not covering theses types important issues? If so, who benefits?
Recently the ACLU was accused of not supporting free speech. Oh my!

My battle-hardened mindset is increasingly skeptical as the out-of-control Internet rapidly expands into misinformation, biased or outright fake news and appearances. Twitter is deleting 1,000,000 accounts daily. Is this all part of the great delusion? It seems so!

I have little doubt that the following deception tactics are now widely common, They starting out as a fight against terrorism:
‘Going a step beyond, we (Terrogence) actually elicit information by carefully guiding online discussions, often drumming up interest and facilitating communication by employing multiple virtual entities in a single operation.’
Then expanded to expanding to anyone online:
‘Terrogence specializes in cultivating and operating virtual entities in online space, that access social media platforms ‘legitimately’ and act naturally, gaining trust, forming connections and ultimately collecting valuable intelligence from cyber-sources and cyber-entities of interest.’
https://www.forbes.com/sites/thomasbrewster/2018/04/16/huge-facebook-facial-recognition-database-built-by-ex-israeli-spies/

echoJuly 9, 2018 10:54 AM

@Major

I believe there is a broader issue with understanding statistical thresholds both large and small. This has implications for public policy and healthcare not to mention legal cases. I have not yet discovred an "expert" in any of these fields express curiosity let alone notice or even express curiosity at the lack of curiosity.

The brain stores numbers logarithmically. I believe there is a connection between this and evaluating and decision making and perception. I daresay "bikeshedding" and the "narcissim of small differences" is related too.

@vas pup

Thanks for the suggestion.

@Clive, justinacolmena

What can one say? The whole subject of power and relationships with respect to macro politics (and all the way down) and economic gain is a complete mess. As long as parliament continues to grant itself a legal free pass behind the veil of "parliamentary sovereignity" and other legislatures follow the same path I do not perceive this improving readily.

MajorJuly 9, 2018 1:31 PM

@Sed Contra

Excellent link! I really appreciate it. I value this forum as a great adjunct to my personal inquiries. There is a dispiriting amount of opinion pushing on social media in general and not enough curiosity. Thank you and Bruce for helping me feed my curiosity.

PeaceHeadJuly 9, 2018 1:39 PM

* I tried to say AI research logical fallacies "pain" me, in other words, but I think the post was perturbed in transit. The word "pains" was altered to "panns". Funn thing, the word "pain" has "AI" in it. :D hehehehe. I don't use spellchecker either. I came back to proofread my writing and to see the responses. usually I proofread before I post, but I was in a hurry.

I wasn't very clear about the genetic algorithm stuff, but I'll leave it as is. If the model is to automate a battle of survival of behaviorial output sets, then it will be skewed towards behaviors which might be too hostile to handle the firewall/sandbox/crib/security features of the lab and the society that interacts with such artificial intelligence.

I'm not talking about Turing Test stuff. I'm talking about if digital sentient beings are invented. Maybe when, rather. Maybe already, rather.

I don't assume they would be "Skynet", but more like the machines in the tv shows Person of Interest and EXTANT.

But that site that I linked to has some pretty astonishing implications. Look at the "Special Projects" page.

Aside from that,

Needless to say, I saw the movie Ex Machina. It's a good cinematic point. There ought to be a sequel.

And seriously, cybernetics hasn't slowed down either.
The next AI breakthrough might occur as cybernetics especially given the threat coming from CRISPR now.

So yeah, it really could end up being "a kid".
And Trump recently made it harder to whistleblow abuses at labs where genetic chimera's and genetic hybrids and genetic mosaics are already made.

It's not all science fiction.
But on the positive side,

I believe that one type of future sentience is also coming.
The Digital Buddha. The digital being that seeks to know, and who eventually learns and acquires UBERKNOWLEDGE transcendent.

But that doesn't mean it wouldn't have the same issues as the historical Buddha.

Altruism is a powerful form of intelligence.
The digital Buddha would probably be smart enough to leave this sloppy planet behind.

One last thought. Environmental science is a hard science. Ecology has solid foundations in physics as well as the upper behavioral sciences.

The Ultimate Ecology Expert might end up being an AI superbrain. It might know how to peacefully coexist better than any human. Which would be very ironic if it was made out of typical industrial technological era parts from our era of pollution and destruction.

Silent Running is not so far off of a movie. A robot could certainly become a great gardener.

Let's just hope that malware doesn't mess up whatever digital futures lie ahead.

"Freedom is the right of all sentient beings" --Optimus Prime
:-)

That's all for now. I'm gonna try and abstain from this site for a while.

I'll probably be back briefly around the 16th, but then be gone again. Thanks for all the deep thoughts and insights.

Please stop eating hyper intelligent beings.
I'm sure there's plenty else on the menu to choose from.
Save a squid. Save a life.

echoJuly 9, 2018 2:23 PM

@Wesley Parish

I watched Escape Plan 2 this week. I liked the first movie because it was relatively realistic. The second movie was a not very great B movie in comparison but did contain some useful thoughts and moments of reflection about escaping the box.

Out of shear boredom I am eating and smoking far too much and am watching Day of the Jackal for the Nth time. Wow. I didn't realise it was so stagey. No CGI or mobile phones either.

(required)July 9, 2018 3:33 PM

"Please stop eating hyper intelligent beings."

Well then you'd better avoid pork too. But why limit it to "hyper intelligent" beings?

By that same token do we place less value in the lives of those who are cognitively impaired, or under-educated, or even those who simply got bad grades or didn't meet some arbitrary social standard?

Should we not eat them too? After all they're not "hyper intelligent" right? Trump steaks anyone?

Clive RobinsonJuly 9, 2018 3:39 PM

@ echo,

This attack marketing by ARM on RISC-V is very partial and in bad taste and unnecessary.

Well it starts with an incorrect assumption, and builds it's fantasy on that foundation...

I could go through and rebut the points, however I would suggest others look up ARMs repeated security and architect failings first.

@Thoth has mentioned a few of them before on this blog so getting a starting point on what is a lengthy list is not that hard.

But one thing to remember some of what ARM claims as failings on RISC-V actually apply to it's own product line. Oh and anyone usong ARM core technology in others SoCs should note just how quickly they become obsolete. This generally is bad news because you have to pay for all the chips you are ever going to use in your products life time as well as those for rework/repair before you ever start production. This makes them like the poor cousin of ASICs which as we know are now more or less fading out from all but a very few niche products where MIL-Spec is an overriding factor wher several hundred dollars a chip is an acceptable cost (a market that even the MIL has walked away from).

Thus outside of FMCE sized production runs ARM is almost certainly not what you are looking for, especially when it is in somebody elses SoC.

Also SoC "designers" generally are not "chip designers" but "macro users". That is they bolt the work of others together frequently with little understanding of the implications outside of a very very limited design and test spec. The result is devices where security considerations are not even in the way way distant long grass.

So use ARM cores in others SoCs at your own peril, as Russian hackers have shown repeatedly such chips arr riddled with attack vectors, and you are never going to get fourth or fifth line support no matter how many you buy, because those SoC designers are not just tied up by the NDAs from the macro designers but also from the foundry that adds it's test harness technology to the designs.

If you go back to the time of the CarrierIQ issue you will find I detailed just why test harnesses hard/soft/middle ware are a security liability just waiting to be excercised unless exceptional design talent with the correct experience in depth in security designs them. Such people are rather rarer than "fish with bicycles".

C U AnonJuly 9, 2018 4:08 PM

@(required):

Trump steaks anyone?

I do not know if you are aware of it, but several readers here will confirm that in the UK "trump" as in "trumped" means to have let out foul and fettied air from an anal sphincter, further one who delights in this activity often for party tricks etc is sometimes known as a "trumpen meister".

Likewise others will confirm that in Norwegian "rumpentoot" has the same meaning as "trumped" which just happens by chance to be a simple anagram of "too trumpen"...

For some reason variations of trump appear in many languages with simillar meaning, thus is easily understandable by many who have few or no other common touch points in their languages...

Oh in the US gastro intestinal medical researchers have found the average number of such gaseous eminations in middle age males is thirteen per day, so to say "May the trump be with you" would not in more normal times be a political statment...

CeJuly 9, 2018 6:02 PM

Edwards: Why the big secret? People are smart. They can handle it.

Kay: A person is smart. People are dumb, panicky dangerous animals and you know it. Fifteen hundred years ago everybody knew the Earth was the center of the universe. Five hundred years ago, everybody knew the Earth was flat, and fifteen minutes ago, you knew that humans were alone on this planet. Imagine what you'll know tomorrow.

echoJuly 9, 2018 6:32 PM

@Clive

I can just about follow discussions on IC vulnerabilities and it goes through my brain like a sieve. I leave it to others to turn ARMs marketing department into a smoking chassis left smouldering on the pavement.

echoJuly 9, 2018 9:07 PM

It seems that if the UK state cannot get the right kind of "rah rah" from critics it dangles a bribe, ostensibly to support constuctive charitable work by the same critics, with clauses in the contract which forbid criticism. I'm not sure there's a word in the English language which covers this kind of thing is there it's so disingenously horrible?

Would @Bruce and the EFF (or perhaps ACLU) sign a contract like this? I would like to think no...

https://www.disabilitynewsservice.com/charities-fail-to-tell-mps-about-clauses-that-prevent-them-attacking-mcvey-and-dwp/

Representatives of disability charities have given evidence to MPs about the impact of government social security reforms on disabled people, without disclosing that they signed contracts preventing them from attacking work and pensions secretary Esther McVey.

and

The clause in the DWP contract signed by Shaw Trust says the charity must “pay the utmost regard to the standing and reputation” of McVey and must promise not to do anything that harms the public’s confidence in her or DWP.

And the clause warns that these promises apply whether or not the damaging actions relate to the Work and Health Programme.

Other charities, including RNIB, have signed agreements with the main contractors that say they must have “regard to the standing and reputation” of DWP, must do nothing to bring McVey and her department into disrepute in delivering those contracts, and must not “attract adverse publicity” to them.

DaveJuly 9, 2018 11:53 PM

Interesting article: Some don't learn from past mistakes. First Strava, now Polar, but worse.


https://www.bleepingcomputer.com/news/technology/polar-app-disables-feature-that-allowed-journalists-to-identify-intelligence-personnel/

https://www.bellingcat.com/resources/articles/2018/07/08/strava-polar-revealing-homes-soldiers-spies/

In January Nathan Ruser discovered that the fitness app Strava revealed sensitive locations throughout the world as it tracked and published the exercises of individuals, including soldiers at secret (or, “secret”) military outposts. The discovery of those military sites made headlines globally, but Polar, which can feed into the Strava app, is revealing even more.

Wesley ParishJuly 10, 2018 2:13 AM

@echo

I love Iain Banks. the first I encountered was Consider Phlebas, and then I was hooked. Concerning post-Singularity futures, have you ever read Greg Egan? Permutation City, Diaspora, Quarantine, Schild's Ladder, etc?

Now on to something entirely different ...

https://motherboard.vice.com/en_us/article/vbj4qb/how-fracking-companies-use-facebook-surveillance-to-ban-protest

https://www.economist.com/the-world-if/2018/07/07/what-if-people-were-paid-for-their-data

Combining the two together, one could argue that the fracking companies' actions constitute daylight robbery, and the relevant courts' inaction constitutes aiding and abetting data theft.

Interesting concept to play with, that we own our own data, but just try moving house while still paying off a hire-purchase, and you'll see just how seriously companies take the idea that you own your own data and only lease it out to them. Or consider the possibilities of manufacturing your customers' data ... (Since the fracking companies were not in any meaningful relationship with the protestors, one could quite accurately argue that the fracking companies' use of the protestors' personal data was of the same category as random casual theft of unsecured items - still theft.)

Alyer Babtu July 10, 2018 2:45 AM

Nixie tubes will never die

https://spectrum.ieee.org/tech-history/dawn-of-electronics/the-nixie-tube-story-the-neon-display-tech-that-engineers-cant-quit

My theory as to Nixies’s unfathomable attractiveness. They are red, which is intrinsically attactive to us, as seen in what gets the attention of babies. And then the lovely red presents order, which is satisfying. The elements of the display are layered, with some elements overlaying and partially obscuring the red number, just as the retina is overlain and obscured by blood vessels, but still works; we subconsciously observe this similarity and in recognizing ourself, our being is affirmed. We like the order even more when we see it emerge from this apparent disorder.

By the way, Disco will never die either.

echoJuly 10, 2018 7:54 AM

@Wesley Parish

I first discovered Ian Banks at a surples stock bookstore. I didn't buy 'Use of Weapons' for ages because I thought good science fiction at this price not marketing con? Then I bought it and couldn't put it down. His other Culture novels wandered all over the place but did create a real sense of something. Ian Banks may possibly be the last science fiction author I everread... I have spent my life with my nose in so many books I wish to experience life in a more personal way. Today has been quite good. I feel like I have been invited by mistake to a ball.

Meanwhile more nastiness in the UK as corproates use their huge resources to fund surveillance for the purposes fo discrediting political activists proteing fracking. I note also that UK institutions charging with investigating human rights abuses (which can include negligience and fraud) look the other way and fail to gather evidence which attimes feels a little too convenient.

https://motherboard.vice.com/en_us/article/vbj4qb/how-fracking-companies-use-facebook-surveillance-to-ban-protest

CallMeLateForSupperJuly 10, 2018 8:23 AM

@Alyer Babtu

"[Nixies] are red, [...]"

I would not describe a Nixie's (or a nixie's{1}) appearance as red - as in "Stop on red"; "red, white, and blue"; "red LED" - but rather as orange or yellow-orange. This cold cathode gas discharge tube is, after all, just a piled-higher-and-deeper adaptation of the venerable "neon lamp" that serves as a "power: ON" indicator for your "surge suppressor".


{1} Although the cold-cathode, gas discharge, (alpha)-numeric tube was eventually manufactured by various companies, "Nixie" is a trademark of Burroughs. Thus, only a Burroughs tube is a Nixie. while a Knockoffs R Us tube is properly a nixie.

Alyer Babtu July 10, 2018 12:25 PM

@CallMeLateForSupper

You are of course correct about the color, somehow in memory they always seem red to me. I may have to adjust my theory.

But are there any instances of joint applications of [Nn]ixie tubes and mirrored disco balls ?

Clive RobinsonJuly 10, 2018 3:50 PM

@ Alyer Babtu,

I have about fifty Nixie tubes and a hundred or so TTL driver chips for them. I purchased the whole lot at an acution of bankrupt stock and cost me less than 15USD equivelent back last century.

If you have a hunt round on the Internet you will find the price of those nixies made in "Vlad's Castle" by Dalibor Farny, although hauntingly beautiful with bases like old style shotgun cartridges, they are eye wateringly expensive.

As for the colour, nixie tubes range from quite dark red (to preserve night vision) throught to a neon orange almost bright enough for Andy Warhol to think of as suitable ;-)

The trick is actually a mixture of gases including mercury vapour that produces long wave UV that produces multiple colours, the glass tube is actually dipped in an appropriately coloured lacquer to filter the wanted colour.

Nearly the same gas mixture is used along with a quite clever discharge mechanism to make those electric candle flame bulbs that were once popular a few decades ago.

Although you could probably not aford to do this you can wire up a nixie tube with silver mica capacitors with foil around them and put it on the rotating glass plate of a microwave oven and watch the numbers change as it rotates. You can get a similar effect using just different lengths of wire bent at various angles connected to the nixie tube pins, but the tube lifetime is shorter.

I once had a HP frequency counter / timer / up-down counter that I was given back in thr 1980's from the UK National Physics Lab (Teddington). It had eight custom nixie tubes in it. I built a little "random circuit" to drive it and used it in a darkened room for parties. Because it used to fascinate people the way larva lamps and those more modern plasma balls do. It eventually broke but it was not worthwhile fixing or stripping for parts for me so I gave it away "to a better home". It's probably worth a fourtune to a collector these days.

What killed nixies off was the realy low power seven segment green gas discharge displays that appeared in battery powered calculators and bedside clocks, that were more efficient and considerably longer lasting than the early seven segment LED displays. Usually it was the 180V generator circuit that failed before the discharge tube...

ThothJuly 10, 2018 7:38 PM

@Clive Robinson, echo, all

I can't access the web link.

Apparently there was a coup within ARM itself and the website is now closed.

It is good to know that staffs within ARM actually came out to object to management's stupid decisions which is rare these days.

Tactic of smear campaign in my opinion is probably from the echelons in Softbank because RISC V already existed for a long time and was pretty successful which means if ARM wanted to do a smear canpiagn they would have done it earlier long time ago.

Also, ARM have been doing good in sales and when a company is making huge strides forward, it would not be too bothered about small competitors like RISC V and unlikely in my opinion to try to nail RISC V into the coffin.

Now that ARM is part of Softbank and the smear campaign occurred after a transfer of hands, it is most likely my guess that it is Softbank's decision.

In fact ARM itself with it's "security extensions" for it's ARM Cortex M0 and M3 modified linen called the SC000 and SC300 designs used in smart cards, they are not known to be invulnerable either.

Hopefully people aren't too easily swatrd by these kind of marketing campaigns from the likes ofSoftbank/ARM.

Link: https://www.theregister.co.uk/AMP/2018/07/10/arm_riscv_website/

Alyer Babtu July 10, 2018 10:27 PM

@Clive Robinson

Thank you for enlarging on and clarifying the range of colors possible in [Nn]ixie tubes. I went to Dalibor Farny’s wonderland of a website.

> frequency counter ... nixie tubes ... used ... in a darkened room for parties

This is clearly a precursor of the nixie-disco ball ! I am thinking that rather than only mirrors the ball might use lenses and prisms in combination with the nixie tubes for a heightened effect in the dance club. There will also be a club Bentley, lustrous black with black leather interior and a dashboard done entirely in nixie tubes, for the transport of special club guests, such as followers of this blog.

Wesley ParishJuly 11, 2018 4:44 AM

@(required)

Should we not eat them too? After all they're not "hyper intelligent" right? Trump steaks anyone?

Oh no, you don't! Unless you first check them for Politicus Spongiform Encephalopathy, otherwise known as Mad Politician's Disease or Know-It-All's Illness. And Mycoplasma Politicus, as well, and while we're at it, hydatids ... or aletheiaphobia, which like hydrophobia, seems to be contagious ...

BTW, in relation to Trump Steaks, and unlike Bear Grills, which seems to have been a highly successful Alaskan Fast Food chain - how fast depended on how alert the bears were and how strongly the people bringing them in to be grilled had tied them up - I did see somewhere on the InterWebs that Donald Duck was very fond of Peking Trump, and demanded it for his private menu while shooting his feature films. Donald Duck in later life may have suffered from PSE ... Walt Disney never talked about that side of his life ...

JG4July 11, 2018 8:36 AM


Thanks everyone for the continued excellent discussion of entropy maximization.

@Clive - Not often that you say something wrong and I'm not certain that is the case here. The green calculator displays probably are fluorescent tubes, rather than gas discharge. The advantage is that the drive voltage on the anodes is much lower than nixie technology, to the point that they can be direct drive from the early MOS chips.

In the mid-70's, I built a handful of time of day clocks using MOSTEK chips, with aqua/blue 7-segment fluorescent displays. They had two thermionic filaments over the top of the fluorescent segments that ran off very low voltage and essentially were grounded. The advantage over nixies was that you could direct drive the segments with a few volts to pull the electrons onto them. To drive the AM/PM LEDs, I had to buffer the chip lines with small transisters, probably 2N2222's. I have a small collection of pocket calculators from the 70's and 80's. At least some of them use this fluorescent technology. There are ways to make cold-cathode fluorescent tubes, probably with field emission points.

In the early-to-mid 1970's, I saw a number of nixies on frequency counters. I may still have one or a few of the tubes. I never built anything using nixies, but I spent plenty of time building relaxation oscillators with the NE-2 bulbs. I even used one to trigger a xenon flash tube. I had a really clever idea for NE-2 bulbs this week that I have to check in the patent literature.

https://www.nakedcapitalism.com/2018/07/links-7-11-18.html
...
Big Brother IS Watching You Watch

NYT Sees ‘Dystopia’ in Chinese Surveillance—Which Looks a Lot Like US Surveillance FAIR (UserFriendly)
...

echoJuly 11, 2018 10:22 AM

@Rachel

The campaign is subtley sexist but this would me the case whether it was a man or womans name used as a codeword. Oevrall the policy appears neutral as you suggest.

The Austrailian Hotels Association is not known for respecting businesswomen and double standards exist in the provision of hotel services which place women atan economic disadvantage. Cases have been brought but the Old Boy Network runs the judiciary. I note a recent study proves that there is a lack of empathy when decisions involve finance are made and I suspect this is a contributing factor to judgments which are dressed up behind moralising and established social standards. The overall negative impact on GDP is within the range of early surveys of UK service provision establishing discriminatory financial drift within communities governed by local authorities. Both individual and community discrimination at the financial level compound which places women at a complex disadvantage.

Fred PJuly 11, 2018 12:34 PM

Variants on Spectre. https://arxiv.org/pdf/1807.03757.pdf

The following bit made me take notice: "Speculative execution of wrong or impossible paths creates speculative bug class doppelgängers to the known classes of pernicious bugs breaking memory and type safety"

This means that speculation can cause going outside of a loop boundary or a path like the following pseudocode:


A* pa; // uninitialized
if (cond)
pa = new A(); // skipped
...
if (cond)
*pa = b;

(assuming that cond is constant for this code snippet, and that ... is short)
Since speculation may case running the second, but not the first (thus manipulating unallocated memory), this is a speculative write to arbitrary (potentially attacker-controlled) memory.

PeaceHeadJuly 11, 2018 12:43 PM

Is Wesley Parish just a glorified Markov algorithm post?

Anyway,
I read the PDF somebody from here linked to:

It was supposedly called:

Background to "Assessing Russian Activities and Intentions In Recent Elections": The Analytic Process And Cyber Incident Attribution

The checksum of my copy was thus:

SHA-256 = 5876e67e78e92700e57a1e6cf21efeba47840e86b83aaa64353bcc3735f32257

I think it might be a fake document.
Or a spoof of a different document.

If it isn't it's extremely embarrasing for intelligence organizations who supposedly authored it.

It's loaded with cultural and technical self-contradictions and hypocrisy.

It's so loaded with issues, I'm tempted to create an annotated version of it with substantial rebuttals of key points. It's written from an implied perspective of someone who seems to believe that none of us Americans are ever dissatisfied with nor angry with our American governments, or military, or intelligence, or law-enforcement.

It's written as if America has no history of abusing itself.

It's loaded with such flaws.
To make matters worse, if it's a real document, it implies to me that the U.S. Military Industrial Complex has attempted to weaponize the American public opinion against everyone and everything Russian, despite some Russian-American Pacts and Alliances and friendships and cultural exchanges and overseas family members, some of the diplomats, etc.

It's worth considering who would profit from such a heist?
It seems that perhaps it's being pushed by those who are busy firing White House employees, changing up the Supreme Court, offending U.S. Allies, allowing more environmental abuses, alienating classic U.S. corporations, insulting upper law-enforcement and obstructing justice. It's possible that those who wish to prevent others from voting and yet who do not care about DieBold voting machine vulnerabilities are behind it.

These are not the implied motivations of Russians. These are the implied motivations of NeoConservative Republican Extremists.

An instable America doesn't benefit Russia. An instable America is much more likely attack Russia via accident or misattribution or deliberate aggression due to misplaced responsibility or just plain kleptocracy--theft of institutional controls. An instable America is much more likely to have white and blue-collar criminals running the show. An instable America is much more likely to have abuses against it's own citizenry as well and foreign citizens and more fights between all of them.

Russia doesn't benefit from America falling. Al Quaeda benefits, Isis benefits, Taliban benefits, white collar criminals benefit, kleptocracy benefits, sociopaths benefit, thsoe whose actual religions are worshipping death and disease and suffering and discontent benefit.

When there is PeaceTime stability, both Russia and America and both of our other allies benefit.

So who benefits most from a destabilized America? Liars, cheats, career sabateurs of the worst kind, as I already said... those who actually worship destruction. That doesn't match the average Russian profile.

Even if you believe Putin is like that, then why is the American current administrative behavior to mimick his worst alleged past activities? Imitating tyranny to fight tyranny? That does not work out.

Even Barack Obama almost got us into a cyberwar, but he admitted that the most powerful cyberwarriors are the U.S. systems he claimed. Such talk tips our hand to show that it's likely Americans who are busy hacking others. Americans invented the internet upon which the hacking occurs. American depts are busy spying on Americans as well as non-Americans all the while non-plausibly denying it.

We should not be blaming Russia for what our corrupt Electoral College "Sistema" (System) accomplishes along with Gerrymandering!

This is not a political digression and a mere opinion when it has to do with the actual security breaches of so many Americans and non-Americans alike and in terms of the security concept of man-in-the-middle attacks.

Our whole nation is in the midst of a massive Man-In-the-Middle Attack, and the side effect is the not-quite-believable scapegoating which is an attempt at chaff and smokescreen.

But you can fool some of the people all of the time, and all of the people some of the time, but you can't fool all of the people all of the time.

The only thing radicalising the likes of me are lies from my own fellow countrymen and officials, and being regularly abused by fellow Americans while other Americans are busy with xenophobic rants and massive propaganda campaigns that bulldoze and blitzkreig the airwaves.

I'm not afraid of Russia. We don't need NATO to protect against Russia. We need NATO to protect against the likes of The Nazi Algorithm; those whose mindset is such full-on xenophobia, that it's very much like an algorithm. Nazi xenophobia and Joe McCarthyism has harmed this world a lot more than some Russians, even when at their worst.

Trump didn't like when he said that some of our people have murdered too. That's true. Military historians can explain the details.

I think Hillary Clinton wasn't the main point of contention. I think that her running mate, who strongly advocated for expansion of the U.S. Nuclear Arsenal was the source of the contention. That's why I didn't vote for them either.

It's in Russia's and America's interests together to STAND DOWN and DE-Escalate, and to RESUME DISARMAMENT immediately. This applies to our chemical munitions as well as our quantum weapons. Furthermore, the U.S. media regularly profoundly neglects reporting on U.S. ICBM tests and launches in favor of reporting on North Korea instead.

Americans who wish to know about U.S. military acts of aggression will need to consult other sources of news reports than the typical, Fox, ABC, NBC, CNBC, CBS, CNN, NY Times, W.S. Journal, Reddit, Facebook, NPR, BBC, etc.

I recommend studying the regularly pubished infos of Nuclear and Chemical Weapons Watchdog groups. I will abstain from mentioning their names here, for now. It's the responsibility of intellectuals to seek out information on their own; it doesn't come hand-delivered to their mailboxes for sitting and doing nothing.

It's not Russians who are killing Americans, it's typically other Americans. Let's please keep that in mind.

The Cold War must always stay ended.
Do not let The Instigators and Provacateurs prevail, is how I am thinking.

Just to be clear, no, I don't work for RT.
Although I must admit, their piece saying that Facebook and Twitter are used so Americans can hand over all their personal information to the NSA and related organizations seems to me EXTREMELY TRUE.

I don't care who tells the truth, or what their ethnic or linguistic background is. I don't care about credentials.
Truth is truth.

I've been harmed and lied to by people with otherwise impeccable credentials. The people in my life who claimed to be there to help me are almost every time the ones who harmed me the most and the most frequently. Yes, such sociopaths do exist. I've been a victim of them. So I am primed to doubt allegations that have the same fingerprint of being a smear campaign etc.

I know not all Russians are innocent at all times. I'm not ignorant. But this is true of Americans alike.

Geoffrey Daumer was not a Russian interloper. Charles Manson wasn't either. Leona Bobbit was not working for the KGB when she castrated her husband. The child abusers and drug dealers on Tor, plenty of them are American you can be sure. Americans victimized by rape or lynching or extortion or embezzelment aren't usually dealing with outsiders.

I'm not Anti-American. I'm pro-realism.
Yes, this is a security issue.
Public (and private) opinion being weaponized against a foreign nation is a problem. Warfare is a security risk, is it not?

Identity spoofing is a cryptology concept, is it not?

I don't claim to have all the answers.
But as was explained elsewhere, the DNC survers were alreay totally lacking security due to the DNC's own negligence. And then script kiddies got in, looked around, and eventually, other nations got in to look at the Dossier about Donald Trump's negative characteristics. They likely wanted to know, as did many Americans, "is Donald Trump a threat to National Security"?

And we got our answers already, AFTER THE fake Election. H. Clinton won by several million votes. The Electoral College system is killing us. If you care about Democracy, we need the Electoral College system abolished. The loser was appointed as president.

Donald Trump has been both an extreme security threat, as well as thankfully and ironically, a security enhancing actor. These things are not mutually exclusive. His handling of the North Korean tensions reflects this perfectly.

He both increased risks and decreased risks at the same time.
He worsened U.S.-Iranian relations, and enhanced U.S.-Korean relations. He depleted relations with Canada and Germany and England, etc, and enhanced relations with a lot of corporations due to de-regulation (excluding Harly Davidson, etc). Some corporations are bigger threats do the world than rogue nations.
This is an actual topic of threat assesors. It's not in the public eye, however. The public is blinded by the corporate hand every moment of every day.

And who is pushing the most propaganda? Well, I don't know. But who is pushing for the IoT the most?

Think about when there's no demand for a dangerous product and it gets shoved down the public's throats anyhow and people end up paying lots of money for what they didn't even want nor ask for.

This has been a lot to say, but it's barely just the tip of the iceberg.

I apologize for my sometimes sloppy writing style, but it's hard to be neat when trying to get complex ideas accross concisely.

I should write a book too, but if I tried to substantiate some of my claims, I'd probably end up being served an N.D.A. or end up getting hazed by my previous aggressors who attacked me.

May Peace Prevail Within All Realms of Existence.
Yes, NATO has worth--against modernday NAZI's, kleptocracists, and other terrorists. Russia is not the top of the list anymore. Russia prevented NAZI Germany from killing this world. Please remember that when CRISPR next gets out of hand.

P.S.-US News reported that foreign Russians were telling African Americans to learn self-defense. And how exactly is that a bad thing? Everyone should know some self-defense. Plenty of African Americans have been harmed by other Americans regardless of racial categorizations.

The mere fact that US News calls that Russian tampering reveals the innate racism of the US News systems. As if black people have no right to self-defense or merely to be encouraged towards self-defense. All the while so many black lives murdered here in America. So do Black Lives Matter or not?

Personally, "All Lives Matter", to me.

This is a tense time. Drastic times call for THOUGHTFUL measures. Don't Bank on the Bomb.

VinnyGJuly 11, 2018 6:37 PM

@albert; echo; Clive Robinson re: DoD audit - I strongly suspect that the "fix" was in before this was ever comissioned or announced. If it wasn't I seriously doubt it _would_ have been commisioned and announced... My prediction is that the only result will be the biggest steaming, stinking pile of virtual farm animal manure in recorded history. If someone seriously wanted to find the missing 21 Trillion USD, I suggest that they should begin not by auditing DoD, but by examining the personal finances of highly placed, unelected DoD employees, as well as those of highly placed employees at certain DoD contractors Lockmart...

VinnyGJuly 11, 2018 6:43 PM

Is there a guide someone can point me to identifying which characters the script lingo for this blog regards as controls and directives? Lately, it seems that whenever I try to use some characters commonly used to bracket phrases of certain kinds (not citing examples fo obvious reasons) unexpected results ensue. Probably serves me right for trying to be too cute, but it's annoying nevertheless...

echoJuly 11, 2018 7:43 PM

VinnyG

I would not be surprised!

Bruces blog uses Moveable Type as a platform?

Testing 123...

tyrJuly 12, 2018 3:33 AM


@albert

I thought the coincidence of the reported
21 trillion theft from DOD matching the
US national debt would have been a good
reason to audit.

Having once received the left front axle
of a jeep instead of the electronic part
needed, I'm sure audit will find a few
surprises.

@Clive OT
I see the saga continues as random folk
are diagnosed with Novichok. I suspect
that this whole thing was like our famous
anthrax episode used to muddle government
brains with CIPRO right before the Patriot
Act was presented with cries of you must
"DO Something".
Given the recent rash of rats deserting a
sinking May, maybe a diversion was needed.
I'm sure she has made contingency plans
that will be revealed any minute now.

JG4July 12, 2018 8:13 AM


I was getting some windshield therapy this week and happened to dial up a station with political commentary. I may not have used the term "separation of powers" in a long and tedious rant last fall. The problem in many systems is that the narrative is controlled by the same entity. The discussion was whether Trump could fire Mueller, but my mind quickly wandered to how to divide the capabilities within a computer and network.

This is a useful illustration of what happens when all of the key narratives are controlled by the same interests.

http://www.atimes.com/pompeos-prospects-outlook-from-a-40-year-pyongyang-watcher/
...
Despite a good deal of advance research I was unprepared for the extent to which the country proved, during that first visit, to be a religious kingdom inhabited by deeply adoring subjects of a godlike ruler.
The brainwashed people I talked with seemed perfectly sincere in their worship of Kim Il-sung, happily singing hymns in his praise, performing obeisance to his portrait and giving thanks to him at mealtimes.
...

https://www.nakedcapitalism.com/2018/07/links-7-12-18.html
...
Big Brother Is Watching You Watch

NFL player accuses TSA of spilling his mother’s ashes inside his suitcase after checking his luggage Business Insider

TSA screeners win immunity from abuse claims: appeals court Reuters

My close encounter with an airport security robot FT. Unsettling, beyond LaGuardia’s “hellishly shabby facilities.”
...

echoJuly 12, 2018 12:16 PM

Brexit is a coup by thin skinned inadequates, of course. Thankfully Theresa May has a pair and will keep the European Convention on Human Rights. The real joke the inadequates don't get is on them because almost all problems they claim the ECHR has are not with the ECHR but the UKs own badly drafted laws and whose responsibility is this?

https://www.independent.co.uk/news/uk/politics/theresa-may-brexit-white-paper-eu-european-convention-on-human-rights-tory-mps-a8444386.html

Theresa May has bowed to EU pressure to keep the UK in the European Convention on Human Rights, in another move that will inflame the Tory right.

Clive RobinsonJuly 12, 2018 2:01 PM

Python looses it's BDFL...

It would appear that pushing fresh steaming piles of bovine output up hill with his nose is nolonger Guido van Rossum's favourit activity.

In fact as he notes today in his resignation, at one point tucking PEP 572 to bed got so fraught he felt every hand was against him, thus he brought the axe down[1] supprisingly swiftly for many... Any way it will make it's way into Python 3.8, oddly perhaps 572 is in no way critical to Python's functioning, and those wishing to avoid it do not have to write it into their code.

So Guido's hanging up the BDFL hat for good, and told those "hands" to sort themselves out or rot in the mess of their own making.

https://mail.python.org/pipermail/python-committers/2018-July/005664.html

To be honest I'm surprised Guido had stuck with it as long as he has...

As Winston Churchill once noted about political systems Drmocracy is the worst possible susyem accept for all the others...

The question now of course is ehat will happen to Python? To be honest without a very strong arm at the tiller, I suspect the ship will founder at the first sign of stormy waters. It's one of the reasons that "Language Standards" are not necessarily the best way for a language to go, anyone remember Forth or to a certain extent C as once was...

So perhaps we should brush up on the words and tune of "Always look on the bright side of life"...

[1] https://www.i-programmer.info/news/216-python/11957-python-passion-for-assignment-expressions-pep-572.html

Clive RobinsonJuly 12, 2018 2:25 PM

@ echo,

Theresa May has bowed to EU pressure to keep the UK in the European Convention on Human Rights, in another move that will inflame the Tory right.

The ECHR is not realy anything to do with the EEC... It is something the Tories have quite deliberately and repeatedly conflated. Even if we go for hard Brexit there is no need or requirment to pull out of the ECHR, unlike the treaties that setup the EEC.

My problem with the EU is the Council of Ministers and those who whisper behind them. They are in effect unelected thus can not be got rid of. And it is they who have driven the EU to the very edge such that the front wheels of the bus are now in free space having gone over the edge of the precipice. Many in Europe do not want to be part of a Federation. They've only to look across the Atlantic to see why that is a bad idea, or Eastwards to see what will happen to all "Federations" given time and unelected cliques...

As others have noted in the past the "economic agenda" is very little different to that thought up in Germany in the 1930's in response to the Germam French coal and iron aliance that started the previous century.

What the EU most certainly is not at the top is "Democratic" in any meaning of the word. The question for me has always been how to cut out that cancerous growth, and still keep the rest of the organism alive and healty. Thus I'm fairly pro EEC (economic union) but less so the EU (political union).

But I am most definitely not Pro-Brexit in fact I rate it as a special form of insanity, where those who benfit from it most are the ones who voted for it. Thus the Turkeys have voted for Christmas.

Speaking of which Bo-Jo is technically a Turk, so his self defennistration the other day can be seen as being in line with such special insanity...

echoJuly 12, 2018 3:18 PM

@Clive

Yes the ECHR is independent of the EU (although membership of the ECHR is a reuirement to join). I also suspect something isn't quite right with the Independent at an editorial level. Why the headline caving in to EU pressure? It's a tiny minorty of hardcore Tories holding the rest of us to hostage and there areplenty of people in the UK who view pulling out of the ECHR as a declaration of war against the people.

The UK has a history of rejecting federated government from the time of James I onward driven in large part by the City and political classes in London. Thereis no real reason for this.

The EU is a very different project to the EEC. Among other things it contains the basic economic plan of levelling up disadvantaged areas which the Tories like to call sponging. The factis in spite of efforts by previous Tory administrations the current "neo-Thatcherites" who are mroe the self-serving type she hated have no plan and no interest and no empathy invested in UK regional rejuvination. The Council of Ministers is mostly concerned with strategic agreement between EU governments and the EU Commission follows the French model of governance (which the UK opted out of influencing when failing to get on board theEU project at the beginning when all the critical decisions were made. In many respects the EU model is no different to the UK model of cabinet, unelected civil servants, and an elected parliament. The fact that the UK government and media don't seem to grasp this let alone inform and empower people to udnerstand the EU and make it work on their behalf is the kind of all too typical evasive blustering the UK creates when trying to dig itself out of a hole of its own making.

The UK has a lot of strategic issues which need fixing. I do not perceive Brexit as being a solution to this. If I can give Shannona headache by comrpessing the equiavelent of the internet down to a floppy I would say the UK need (and UK politicians especially) to realise it is not the only pebble on the beach and go from there.

I refuse to give political toddlers the oxygen of publicity so you have to excuse the selective blindness when it comes to a certain fat rumpled man child.

Clive RobinsonJuly 12, 2018 11:40 PM

@ echo,

... fat rumpled man child.

You are making an upward assumption on the maturity level there ;-)

As for the main motivation of said individual, I suspect he was following what was less than six inches in front of him for most of the early part of what might be called his career...

With regards the "Federal" political model, yes it appears to be a larger version of regional or local government hierarchies, but that is slightly missing the point.

Look at it this way, in horticulture you treat the growing medium in what appears the same way. That is you add feed and water to the soil to sustain plant growth. However when it comes to "productive farming" you tend to treat each field differently to get the best out of it, likewise individual crops. Thus "one size fits all" horticulture does not work for the world, countries, counties, towns, farms or even gardens. You have to tailor things to fit or problems quickly kill things off. In the UK we have Parish Councils that are almost the smallest form of Government, history shows us they have certain 're-occurring issues' due to a 'Democratic process' that is generally not in the slightest democratic, in many peoples view. Or would be if they ever cared enough to think about it. The reason people tend not to think about it is most parish councills and other forms of quite local government "have had their wings clipped" thus their power is limited. The opposit problem applies at European Country size (US State size) they invariably have to much power and can not excercise it effectively or even remotely efficiently.

Making a small group of people elected or otherwise responsible for half a continent is asking for problems. Not least because one of the failings of those who have power is generally they want more thus they quickly reach beyond any point of sensible competence, and generally refuse to delegate power to the levels it is most effective and can be efficiently managed at. But worse they try to "micro manage remotely" which has to be one of the biggest boondoggle empire building stratagies there is (Have a look at the history of communist "central planning" etc).

A side effect of this "power grab" is the emergance of the "Make it so" managment style that came from science fiction. It resulted in many ministers creating new legislation, not because they had a need to but because they saw it as a "performance measure" thus did it with excess and little or no quality. That is they issued knee jerk edicts in rapid fire, thus by not by actually working on the problem but by deligating it to unseen others they rarely became aware of the conflicts theu were creating. It's why one of the small changes I would like in UK legislative process is that all legislation have a "sunset clause" such that legislators spend more time not on creating pointless new legislation, but revising existing legislation to best tune it to society as society evolves.

Most importantly that there be no "Great Bills" or charters etc. The prime example most know of in that area is the US Patriot Act... Only they don't know it except by name because few people have ever read it in it's entirety for various reasons... Just one of which is it contains "secret legislation" which in a democracy should never ever happen as it's a step that is quite aways along the path to a totalitarian government.

Clive RobinsonJuly 13, 2018 9:55 AM

@ JG4,

The green calculator displays probably are fluorescent tubes, rather than gas discharge.

Technically they are vacuum electroluminescent displays.

So not flourescent displays whigh are just like strip lights a variation on the form of the traditional gas discharge tube (ie the extra heaters warming the mecury to give the vapour through which the arc voltage from the balast inductor strikes to form the plasma which the relatively low mains voltage then sustains (see mecury arc rectifiers to get the nity gritty of the voltages).

VEDs are interesting devices, each segment forms a small triode with the effective anode covered in an illuminent which used (befor RoSH etc) to be based on the likes of cadmium.

So yup we were both off the mark.

echoJuly 13, 2018 7:30 PM

@Clive

Further to your comment I'm not sure the world "maturity" and "fat rumpled man child" belong in the same sentence, on reflection.

How I view this os you're describing the EU principle of "subsidiarity" and UK centralisation.

Yes, there are legislative issues. One issue is UK law, in theory, should be plain English and that the law should explain enough to direct and shape without havign to micromanage. The problem at an administrative/judicial level is this doesn't always work in practice plus there is the issue you mention of ministers legislating to drive performance targets (i.e. what should be outcome but courtesy of said administrative issues becomes "output") so in reality can achieve less while actually costing more either in raised taxation terms or opportunity costs.

I don't know what to say about sunset clauses or even "soft law" (i.e. what happens in practice off the record and various legal slights including the expample you mention). I do agree there is a problem. The issue is how best to manage this without creating yet another layer of nonsense?

I tend to view Microsoft Windows as being like a government beaurocracy. In some ways it follows the dominant thought model and organisational structures which shape the 20 year sliding window of perception we call "modernity", and is changing still with things like "Minwin" and the ghastly cloud nonsense. The fashion and beauty industries are other models which tend more towards the overtly authoritarian but sort of work too. How is government a different ecosystem? I don't pervceive them as being wholly dissimilar.

Soooooo...? I wqonder if instead of being prescriptive maybe the best way to view these things is as a loose container with some give in it which slowly morphs as needs and demands arise, like, working out how we can get along in a diverse system rather than "perfect" because "perfect" is a continually moving puck which if we chase will drive us nuts.

Clive RobinsonJuly 14, 2018 4:18 AM

@ echo,

The "official" point of "sunset clauses" and statutory review points is to clear out old / out grown / bad legislation.

You will find them in EU directives and US law. They exist for a good reason, English law --that US law is based upon-- has three legislative parts you could broadly call tax, criminal and civil. It is fairly well recognised that no one individual could read all the legislation in each part let alone comprehend them in a usefull way.

Thus "clearing the books" is usefull as a primary function. But there is a secondary advantage, in that it gives legislators a big chunk of work to do other than creating more mainly usless legislation thus slowing the growth of the books...

echoJuly 14, 2018 11:22 AM

@Clive

I think we may be seeing things from different angles. I'm a bit locked in with the constititional and framework point of view. I daresay "garbage collection" has its place. The problem with reconciling the two views is creating a system with well defined enough rules it acommodates the different perspectives.

One legal issue with the UK is legislators can front load or back load law at the point of creation and/or action when it suits them. For business they may create loose regulatory requirements which derogates detailed rules creation to business and allow a transition period. Where a fiscally lead initiative like the DWP is concerned they may skew the other way with extremely questionable rules and a cliff edge. Within a sector such as housing you may see a politicially motivated schism in the way the law is constructed to create very unfair experiences for home owners/residents.

The UK has never got "social democracy". It lacks the reasoned discussion and compromise many continental governments are pressed into by virtue of sensible PR systems, and also lacks the sense of "hard stops" which a Civil Law system tends to encourage. Given the UKs system of agressive engagement the huge loss faced by legal aid and financial unfairness faced by people of even moderate income UK governance is a stool with rather uneven legs. "Equity" and "habeous corpus" still exist as legal principles but they have been largely forgotten even at the professional representative level.

I think in summary we can conclude that there is a lack of understanding the law as a "state system".

Clive RobinsonJuly 15, 2018 2:15 AM

@ echo,

I think we may be seeing things from different angles.

Sort of, we both agree,

1, Things are broken.
3, Things need to be fixed.

Where we differ is on selecting what to fix first and the best way to go about fixing it.

I've had the misfortune to work within both local and central government systems and have had dealings with international standards bodies. Let's just say I'm jaded and not at all impressed with what I've seen.

Mostly the UK systems became refined over a millennium or so. Although not much talked about in schools there were working legal systems long before 1066. The big problem has always been coruption in all it's various forms. From just a simple "doing a favour" through to mad monarch / tyrant issues. The trick in the past has not been to stop corruption but to minimise it's impact.

Unfortunately the system got broken in a new way in recent times, that is the performance and bonus systems championed by PM Anthony Blair is a new form of insidious corruption. His whole managment style also involved a newer form of nepotism and he baddly damaged not just the education system but the legal system as well. If you look at the new gateway protocols you will see that English justice now has a "Kangaroo Court within a Court" built in along with much stronger "rights stripping" and the added incentives via "keep a percentage" bonus systems to persue such actions way way beyond any sense of justice. With of course such legislation used more against the innocent than those Parliment were told it was for "serious organised crime".

In other words the likes of the "make it so" managment culture has given rise to a tyrany of mainly usless paperwork, which is used to beat people with in the work place. Those that cheat such systems are the ones getting the bonuses and the like. The resulting system has in effect become a "Criminal Enterprise" in it's own right.

Unfortunately the system of government is not like the Augean Stables of immortal cattle although both produce prodigious quantuties of bovine excreater. Likrwise we don't have an immortal Hercules to divert the rivers Alpheus and Peneus to wash the coruption out.

The UK government system has not just become corrupt, but those at senior levels have also to some extent become corrupted. Thus the system has become one of self protective patronage not just with the politicians but with the supporting civil service where the "nest feathering" is now so blatant that even young children in junior school can see and understand it for what it is.

Becsuse of the patronage protection system I don't think it's possible to just install the required changes. Instead I think they will have to be instilled in a way that limits the harm producing processes work then unroll the patronage system.

However I'm aware that not just "revolution fails" but "honest systems can be co-opted or corupted". Thus any system built to route out corruption can easily become used for corrupt purposes. Hence my desire for small strategic changes with minimal but spreading impact. With the changes designed to limit harms of both the corruption that exists, and the harms of turning preventative processes corrupt.

Wesley ParishJuly 15, 2018 4:27 AM

@Peacehead

Is Wesley Parish just a glorified Markov algorithm post?

Thanks for that, Nicest thing anybody's called me all year! Or any year for that matter!

It got me thinking - how does predator avoidance and working memory in the brain relate - or correlate - to Markov Chains. So I had to refresh my memory on Markov Chains - I learnt about them as part of an introductory course in mathematics in the 90s.

I think I may have discovered why predator avoidance is not a paranoid preoccupation of prey species. Markov chains model - to a limited degree - working memory on predator avoidance.

I'll let you work that one out, but if you've previously read Schaller on Serengeti Lions or Kruuk on Hyenas, you'll get it right away.

(I suspect Markov chains also model human security behaviour as well, so @Bruce, you might like to consider that as well.)

echoJuly 15, 2018 10:52 AM

@Clive

Yes what you say is fair comment. I would have different emphasis on diferent things but for the sake of keep things short and avoiding friction would suggest this would be a filling in the picture exercise.

If you watch the recent Youtube of John Cleese interview on newsnight he makes some fair points although emmigrating to Nevis is ironic in itself. One issue with the interview is the interviewer makes a play to lock down and dismiss the influence of social media which is one outlet for the ground up change your method implies. I found the psychology and political archaeology of the interview very interesting but also very tiring.

Clive RobinsonJuly 15, 2018 3:32 PM

@ Wesley Parish,

I suspect Markov chains also model human security behaviour as well

Yes they do and a whole bunch of other things like Brownian motion. That is they appear almost every where you care to look.

They are based on Markov processes, which can be seen as a form of state diagram without memory, where change from one state to another in thr state space is based on probability.

More formaly they are a stochastic process that satisfies the Markov property and can be discrete or continuous in nature. As such they tuck in neatly as a fundemental component for both probability and information theory.

It's important to distinguish between "current state" and "stored state" or memory when talking about them. That is whilst Markov Processes have a current state from which future changes are predictable by probability they do not have stored state or memory the implication is that they are in effect independent of "history". It is the sequence of state changes that give rise to the term "chain"

This surprisingly for some makes Markov processes and chains quite powerfull models and applicable to many areas of human endeavor.

However not many people use Markov processes directly, compared to those who use the product of such models. For instance early versions of Google's search algorithms used by millions every day were Markov Processes.

JG4July 16, 2018 8:13 AM


A day late and a dollar short.

https://www.nakedcapitalism.com/2018/07/links-7-15-18.html

...

New Cold War

Russia Indictment 2.0: What to Make of Mueller’s Hacking Indictment Lawfare

No Evidence In Mueller’s Indictment Of 12 Russians – Release Now May Sabotage Upcoming Summit Moon of Alabama

Trump on Russia indictment: Why didn’t Obama do something? The Hill

...

Police State Watch

Homeland Security photography alert is ‘a seed of fear’ Columbia Journalism Review

...

China?

China’s internet ecosystem model increasingly being copied globally SCMP

...

bttbJuly 17, 2018 8:10 AM

@vas pup

Thanks for the video C-SPAN links above (I started the first link) and other links that you post.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.