Schneier on Security

Clive Robinson • July 8, 2018 8:28 AM

@ Bruce,

This “thermal side channel” may be of interest.

https://arxiv.org/pdf/1806.10189.pdf

Titled “Thermanator : Thermal residue-based Post Factum attacks On Keyboard Password Entry”

It makes the point that we humans being mammalian are “hot stuff” thus put out quite a bit of thermal energy[1] which leaves traces on things we touch, like the keys we have pressed on a keypad/board to enter our passwords or pin numbers.

Due to “comfort factor” most keys are made of thermally insulating materials thus the heat from a single fairly quick key press hangs around visibly in thermal imaging equipment for quite a while, 45secs being given by the authors experiments. Though I would expect this to vary depending on the environmental background temprature

There is actually nothing new in this I’ve mentioned the use of thermal imaging equipment to detect energy differences in the environment for years on this blog one way or another, including hand touches and even finding low power bugging equipment.

I use thermal imaging equipment quite frequently for various reasons and you can now get quite moderately priced equipment like the one on my “bench” that will show temprature differences of 0.1C and give input via USB into a PC where various signal processing tricks can be applied to get other information out such as decay rate that can be used to calculate just how long a finger was in contact with a key…

Whilst “old hat” to some of us in the EmSec / security game, this will be new to others, which is maybe why the academic community has taken so long to “catch up”.

For the link to the PDF you can thank @Wesley Parish it’s tucked away in one of the general articles he links to.

[1] The average human adult sitting around doing nothing but existing goes through around 2000KCal +400-200 every day depending on size and fat distribution (which is why women being physically smaller and better insulated on average need less daily energy input than men). This is aproximately the same level of thermal energy output as a one hundred watt light bulb. The heat is generated by various internal organs including the brain and is carried around the body to be disposed of in various ways by the blood stream. So the closer to the surface of the skin and greater the blood flow the greater the thermal ouput capacity any given area of the body has. It just so happens that the fingers put out quite a bit of thermal energy into the environment.

Clive Robinson • July 8, 2018 2:50 PM

@ CallMeLate…,

Um…. 2000KCal == 2Mcal That [is] a prodigious pile of pastries!

Yup it should be “kcal” not “KCal” , “kcal” is the “food calorie” or “large calorie” or “killogram
calorie” whilst “cal” is the “small calorie” or “gram calorie” at 1/1000th of the kcal. Neither is a “fundemental unit”, and food labeling is often incorrect to the point of meaningless for various reasons.

Wikipedia says,

A calorie is a unit of energy. Various definitions exist but fall into two broad categories. The first, the small calorie, or gram calorie (symbol: cal), is defined as the amount of energy needed to raise the temperature of one gram of water by one degree Celsius at a pressure of one atmosphere. The second is the large calorie or kilogram calorie (symbol: Cal), also known as the food calorie and similar names, is defined in terms of the kilogram rather than the gram. It is equal to 1000 small calories or 1 kilocalorie (symbol: kcal).

Giving you three symbols “cal, Cal and kcal” and indicates that Cal = kcal = “large” or “kilogram” calorie”.

My problem is that being an electronic engineer by training the units I use on a daily basis (Volts, Ohms, Amps, farad, coulomb, etc) are MKS in origin not SI. Which means the multiplier prefixes are slightly different that is engineers generaly write “KVolt / KV not kVolt, KOhm or just K not k” for a thousand volts or Ohms and little m or mili for 1/1000th of an Amp or Farad etc. However newer engineers have “SI’fied the MKS units, which means you get to see both K and k used depending on the age of the design docs the engineer or both. Then there are physicists that still use CGS units… thus you go with the flow or go mad… (I find both works best 😉

What annoys me though is the SI multiplier prefixes, back in the 1960’s and 70’s British MKS was taught and life was simpler in that the prefixes were based on multiplying or dividing by 10^3 and large letters were multiplers little letters were dividers. For some reason SI puts the change at 10^6 (M/Mega) and slips in the effectively usless hecto 10^2, deca 10^1, deci 10^-1, and centi 10^-2 all of which confuses[1] and thus slows down learning. I have a basic rule with teaching and it’s “ten to the threes and blaim Kelvin”, because it’s what engineers do 😉

[1] There is atleast a vague excuse for cm^3 due to water mass[2].

[2] On a historical note the old “cooking measures” from which all other measures descend are based on the weight and volume of a hens egg, as every kitchen had one and a set of balance scales. Thus when you see recipies saying 4 ounce or 100gm of flour, sugar or fat you know it realy should be the weight of two eggs, as this works with any size of egg[3]. So if your Victoria Sponge is not like grandma’s weigh the eggs you are going to use and adjust the rest of the ingredient weights accordingly, it will probably come out a lot better.

[3] The chicken or hens egg is a lot smaller these days than it used to be. What we now call “large” ~56g/2ounce used to be the average size. You can blaim “factory farming” and selective cross breeding which gives the smaller brown egg usually with a much thinner shell. As a rough rule the younger the hen generally the larger the egg, with “double yolkers” being from immature hens. As a further rough rule, a hen once it starts laying will give you 300 eggs in the first year, and 180 in the second year. After that although they will still lay the industry considers them “pot birds” or “broilers” which are the skinny emaciated birds you see hanging up in some asian shops. They are not “meat birds” so actually tend to have more flavour due to being considerably older when used to make chicken stock. If you want to use the skin and carcus of a meat bird to make stock break up the bones and fry them with the skin untill the skin has gone a little darker than golden in the bottom of the stock pot, then chuck in the veg and herbs to fry for a little while befor adding the required amount of boiling water or previous drained stock, make sure to leave in all the cartilage as this gives gelatin into the stock which is essential for “mouthiness”[4]. To clarify the stock the old way is with with an acid vegtable such as tomatoes and whipped egg whites (see consomme making for the basic idea, some old books talk of using crushed egg shells but Don’t do this).

[4] You can add gelatin from a packet, or you can make your own. As pig and cows feet are not that available these days you can use “pork rind” which also gives you a nice quantity of lard as well. Simply remove the skin and fat from a joint of pork and simmer it for an hour or so in water untill it is soft enough to put through a hand mincer. Then chuck the minced skin and fat back into the stock pot and simmer for a few hours, you may want to mince the skin one or two more times. When cooled sufficiently you should have clear white lard on top of a jelly stock and some jelly like protein bits at the bottom. Remove the lard for further purification and then slowley simmer the jelly stock down. To store it the old way boil glazed storage pots and whilst still boiling hot strain in the hot jelly stock and then float some of the melted lard across the top. Then when sufficiently cool, carefully add more melted lard across the top to ensure an airtight seal. A more modern way is with kilner jars, just prep the jars as in jam making pour in the jelly stock then simmer in a banmarie in the oven and close the lids in the correct way before it starts to cool. Or to be realy modern let it cool to hand hot pour in freezer bags and freeze it. The pork jelly stock actually has little flavour of it’s own thus you can mix in melted drained jam pour in a jelly mold and when set eat as a desert dish. Likewise the lard has little flavour and can be used in “lardy cake” and all suite puddings and pastries. As for the bottom bits from draining the jelly stock these used to get mixed with rusk or dried bread crumbs and some of the stock to add to minced meat and belly fat for sasuage making as it makes a good binder and adds a certain “mouthiness” to the sausage. Hence the old comment about the only part of the pig you don’t use is the squeal… As for pigs feet if you can get them, lightly brine and then apple wood smoke them, then cook realy slowly over night with stock sauteed onions and carrots, the resulting dish when it’s had boild potatoes and cabbage added is a realy realy good winter warmer.

Clive Robinson • July 8, 2018 5:10 PM

@ Bruce,

But, as an EFF board member, I suppose that just proves I’m in on the conspiracy.

Of course it does 😉

After all like beauty, conspiracy is in the eye of the beholder.

More seriously the EFF like all organisations has an agenda, if for no other reason a prioritization of scarce resources to get best effect.

Anyone who disagrees with the agenda sufficiently or for personal political or financial gain can easily ascribe sinister meaning to the agenda, whilst also being selective to make it appear damming and further applying “20/20 hindsight” to make what was an ambiguous situation at the time appear crystal clear today.

People who claim a conspiracy may or may not be right, the real tell is both the balance and credibility of “all” the evidence. Unfortunatly as the CIA realised the problem with evidence is it can be subjective, interpreted or fabricated, thus can leave a large middle ground “Where the devil may play” both sides off against each other…

Once someone plays the “Conspiracy theory” card, you’ve moved into the “propaganda zone” where reason and logic fails to win arguments. There is then little you can do other than ignore them or make personal attacks on them in some way that diminishes them, thus their argument in the eyes of others.

Some argue that as they played the conspiracy card, they deserve all they get, so you should go directly to the personal attacks deep, mean and hard to uterly destroy them. Whilst it might kill the conspiracy theory in the short term, people will have long memories which means future trouble is almost certain. It’s why certain political types who only see dimly into the future tend to go down that distastful route.

My advice to people for years has been as with most “emotion battles” is smile politely but whimsically and use gentle humour to get your points across. It takes longer but you will not be storing up trouble for yourself long term. The other thing is to realise that conspiracy theory or not, your attacker may have some valid points that do need clarification for others. Acknowledging those that are valid with good grace can go a long way in defusing a situation before it gets out of hand.

However some usually for personal gain will keep up their attacks as long as others give them the oxygen to breath and a platform to stand on. This calls for a different form of tactic which means persuading those who give the support directly or indirectly to cease their support.

If you take the view as the US does of “any person legal or natural” these ad homoni attacks are crossing over from the tangible physical world to the intangibal information world. This is to be expected and is in part a sign that the information world is begining to mature, and in part it represents a “new world” or “pastures new” where the lean times of the physical world are replaced by the glut of the information world.

For some reason I can not understand most people have been repeatedly caught out by projecting ideology into the information world rather than realising that the reality of the physical world exists for a reason that is to do with basic human behaviours.

But worse perhaps was not the ideology but the assumptions that were treated as axioms. The one I point out as being a real wake up call that people should listen to is the “Distance cost” assumption that underpins much in the way of economics. The argument is the further a customer is from a producer the more a good should cost in various ways. Thus local production would be cheaper and this alows a market to form and competition to arise. Whilst marginaly true for the physical world with the information world the current cost of a byte of data is the same to a customer irrespective of where it’s producer is geographicaly, they are in effect not just local but part of your doorstep. This very much favours the “First to Market” provided they maintain their impetus they will get most customers and that in of it’s self makes them mote attractive than later competitors. Thus a big chunk about “markets” and the way they work in the physical world does not carry over into the information world.

My own personal view is that the EFF and many similar organisations are going to fail. It’s not a question of “if” but “when” because of the actual fabric of the Internet. That is as it is curently set up surveilance is in effect “built in” you can see this from the way traffic analysis works.

But secondly there is a more subtle failing that we are not addressing which is the “discovery problem” which has to be solved if we want to stop or even limit surveillance by third party entities be the governmental or corporate. In essence we need a way for a user to become part of the network anonymously “at all levels” but still be able to find second party nodes anonymously to all third party nodes. There are quite a few pieces to this puzzle and whilst we know how to solve some that we know about there are others we don’t yet know how to solve and almost certainly some we are not yet even aware of.

Two areas people might want to think about are truely anonymous “directory services” and truely anonymous “store and forward services” for the likes of email etc. The actual anonymous transmission of information with certain assumptions can be done using a mixture of mix nets and broadcast models I’ve described in the past. However as both the first and second party nodes need to be fully part of the mix net having fixed rate connections to multiple nodes, full mobile usage becomes problematical, but I think solvable.

Clive Robinson • July 8, 2018 5:45 PM

@ echo, Taz,

Hasn’t anyone heard of SIP?

The problem may be with the journalist (it’s the Barkly brothers rag after all) or it might be with the “Sargent at Arms”.

For some reason which could be described as a “failure to listen and think” the UK Parliment previously opted to go with Microsoft 365 with it’s servers in another country… It’s been said that GCHQ approved the deal but they might have had ulterior motives (look up the shenanagins not long ago when the GCHQ head told a commons select committee that the “Wilson Doctrine” had no legal standing).

Microsoft “own” Skype which they have integrated in various ways[1]. And ever since there has been rumblings that they have weakened it’s security. Even if they have not, as a “mid point”[2] rather than “point to point” service[3] I would in no way trust it by default.

[1] https://docs.microsoft.com/en-us/skypeforbusiness/plan-your-deployment/clients-and-devices/compatibility-with-office

[2] All “mid point” services make meta-data analysis surveillance the default operation. But worse the likes of traffic analysis becomes much much easier even if the content is sent “point to point”.

[3] The big problem with a “point to point” service is it requires each end to be aware a priori of where the other end is. Which does not realy work for mobile users without atleast on fixed “discovery” point, which in effect turns it back into a “mid point” service currently[4].

[4] The question arises is can a discovery service be made partially or fully anonymous with respect to it’s users. I believe that with certain assumptions it could be. However one such assumption that is in effect an axiom is that of some kind of “one time covert side channel” by which a “secret” is transfered between the two parties.

Clive Robinson • July 9, 2018 2:11 AM

@ echo,

I also read in an unrelated article that Francis Muade had gone walkies…

Ahh the dear Francis, “fill your jerrycan” Baron Maude of Horsham”[1] what can one say… The very least would be “his reputation preceds him in a low down way” having spent thirty years networking in government. A fairly insipid and uninspiring politician and as for Brexit he obviously thinks it’s “a good thing”… However he thinks nothing of being a Brutus as his “Friends Romans Countrymen”
Article shows[2].

What can be said is that he at least recognised it was time to “jump ship” from elected to unelected politics, then into the more lucrative private legal consultancy LLP scam[3] hence to a well feathered nest. Thus a rat with well tuned self interest whiskers, that had amongst other questionable activities significant interest in the low costume budget adult entertainment industry (look up his name and that of “Jill Kelly” oh and Playboy)…

Sadly modern UK politics lacks the “cut and thrust” of the Bard’s imagining.

[1] Horsham is a parochial little market hamlet in South East England at the end of a railway line. To far to be commuter belt not far enough to be second home / executive belt. Some try to talk it up by saying it’s on the fringe of the Weald in West Sussex. However it kind of hangs off of Crawley next door Which kind of says it all…

[2] https://www.conservativehome.com/platform/2017/06/francis-maude-to-succeed-our-party-must-embrace-enterprise-launch-austerity-2-0-modernise-further-and-secure-an-eea-brexit.html

[3] https://www.theguardian.com/politics/2016/oct/11/ex-minister-francis-maude-takes-brexit-advisory-job-at-law-firm

Clive Robinson • July 12, 2018 2:01 PM

Python looses it’s BDFL…

It would appear that pushing fresh steaming piles of bovine output up hill with his nose is nolonger Guido van Rossum’s favourit activity.

In fact as he notes today in his resignation, at one point tucking PEP 572 to bed got so fraught he felt every hand was against him, thus he brought the axe down[1] supprisingly swiftly for many… Any way it will make it’s way into Python 3.8, oddly perhaps 572 is in no way critical to Python’s functioning, and those wishing to avoid it do not have to write it into their code.

So Guido’s hanging up the BDFL hat for good, and told those “hands” to sort themselves out or rot in the mess of their own making.

https://mail.python.org/pipermail/python-committers/2018-July/005664.html

To be honest I’m surprised Guido had stuck with it as long as he has…

As Winston Churchill once noted about political systems Drmocracy is the worst possible susyem accept for all the others…

The question now of course is ehat will happen to Python? To be honest without a very strong arm at the tiller, I suspect the ship will founder at the first sign of stormy waters. It’s one of the reasons that “Language Standards” are not necessarily the best way for a language to go, anyone remember Forth or to a certain extent C as once was…

So perhaps we should brush up on the words and tune of “Always look on the bright side of life”…

[1] https://www.i-programmer.info/news/216-python/11957-python-passion-for-assignment-expressions-pep-572.html

Clive Robinson • July 13, 2018 9:55 AM

@ JG4,

The green calculator displays probably are fluorescent tubes, rather than gas discharge.

Technically they are vacuum electroluminescent displays.

So not flourescent displays whigh are just like strip lights a variation on the form of the traditional gas discharge tube (ie the extra heaters warming the mecury to give the vapour through which the arc voltage from the balast inductor strikes to form the plasma which the relatively low mains voltage then sustains (see mecury arc rectifiers to get the nity gritty of the voltages).

VEDs are interesting devices, each segment forms a small triode with the effective anode covered in an illuminent which used (befor RoSH etc) to be based on the likes of cadmium.

So yup we were both off the mark.

Clive Robinson • July 14, 2018 4:18 AM

@ echo,

The “official” point of “sunset clauses” and statutory review points is to clear out old / out grown / bad legislation.

You will find them in EU directives and US law. They exist for a good reason, English law –that US law is based upon– has three legislative parts you could broadly call tax, criminal and civil. It is fairly well recognised that no one individual could read all the legislation in each part let alone comprehend them in a usefull way.

Thus “clearing the books” is usefull as a primary function. But there is a secondary advantage, in that it gives legislators a big chunk of work to do other than creating more mainly usless legislation thus slowing the growth of the books…

Clive Robinson • July 15, 2018 2:15 AM

@ echo,

I think we may be seeing things from different angles.

Sort of, we both agree,

1, Things are broken.
3, Things need to be fixed.

Where we differ is on selecting what to fix first and the best way to go about fixing it.

I’ve had the misfortune to work within both local and central government systems and have had dealings with international standards bodies. Let’s just say I’m jaded and not at all impressed with what I’ve seen.

Mostly the UK systems became refined over a millennium or so. Although not much talked about in schools there were working legal systems long before 1066. The big problem has always been coruption in all it’s various forms. From just a simple “doing a favour” through to mad monarch / tyrant issues. The trick in the past has not been to stop corruption but to minimise it’s impact.

Unfortunately the system got broken in a new way in recent times, that is the performance and bonus systems championed by PM Anthony Blair is a new form of insidious corruption. His whole managment style also involved a newer form of nepotism and he baddly damaged not just the education system but the legal system as well. If you look at the new gateway protocols you will see that English justice now has a “Kangaroo Court within a Court” built in along with much stronger “rights stripping” and the added incentives via “keep a percentage” bonus systems to persue such actions way way beyond any sense of justice. With of course such legislation used more against the innocent than those Parliment were told it was for “serious organised crime”.

In other words the likes of the “make it so” managment culture has given rise to a tyrany of mainly usless paperwork, which is used to beat people with in the work place. Those that cheat such systems are the ones getting the bonuses and the like. The resulting system has in effect become a “Criminal Enterprise” in it’s own right.

Unfortunately the system of government is not like the Augean Stables of immortal cattle although both produce prodigious quantuties of bovine excreater. Likrwise we don’t have an immortal Hercules to divert the rivers Alpheus and Peneus to wash the coruption out.

The UK government system has not just become corrupt, but those at senior levels have also to some extent become corrupted. Thus the system has become one of self protective patronage not just with the politicians but with the supporting civil service where the “nest feathering” is now so blatant that even young children in junior school can see and understand it for what it is.

Becsuse of the patronage protection system I don’t think it’s possible to just install the required changes. Instead I think they will have to be instilled in a way that limits the harm producing processes work then unroll the patronage system.

However I’m aware that not just “revolution fails” but “honest systems can be co-opted or corupted”. Thus any system built to route out corruption can easily become used for corrupt purposes. Hence my desire for small strategic changes with minimal but spreading impact. With the changes designed to limit harms of both the corruption that exists, and the harms of turning preventative processes corrupt.