The calamari squid grabs prey three feet away with its fast tentacles.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
HunkyDory • August 3, 2018 5:31 PM
https://www.healthcareitnews.com/news/when-encryption-not-free-pass-hipaa
In comic strips springing to life, robbers demand password with $5 knife.
Kristen • August 3, 2018 5:45 PM
Also found news story at ktuu.com where this event is cited as being the worst cyber attack in the country
Clive Robinson • August 3, 2018 6:21 PM
@ All,
This might be of interest,
https://theintercept.com/2018/07/31/3m-pfas-minnesota-pfoa-pfos/
For fourty years 3M Corp covered up that PFOA and PFOS accumulate detrimentaly in the blood of mammals and other creatures. Knowing this they carried on alowing the chemicals into the ground water systems thus poisoning much of the environment and people in the area, including of course their own employees…
And people wonder why more and more people distrust major corporates, that in effect want to be in effect their own governments etc…
One thing is certain “democracy” and “for the good of the people” is not in their agenda…
MarkH • August 3, 2018 6:44 PM
For any interested folks who didn’t already see this, Nobel laureate economist Paul Krugman briefly explained why he is skeptical about cryptocurrencies.
To offer a summary of his summary:
Recently on another thread, a commenter said something to the effect that data indicates that most cryptocurrency transactions are for legal purchases.
A few days after I saw that, the question bubbled up for me … yes, but how many of those otherwise legal transactions are in furtherance of tax evasion or money laundering? A simple analysis of what was purchased wouldn’t show that.
The cryptocurrency people seem to have a religious zeal, and to that extent won’t be swayed by any rational argumentation.
My favorite observation from a commenter on Krugman’s piece: if Bitcoin is so superior to fiat currency … and will eventually supplant it … then why are the Bitcoin people so obsessed by how much of the worthless obsolete currency one Bitcoin will purchase?
MarkH • August 3, 2018 7:07 PM
@Clive:
Thanks for posting that story.
Consider this book quote:
“The 20th century has been characterized by three developments of great political importance:
• the growth of democracy,
• the growth of corporate power and
• the growth of corporate propaganda as a means of protecting corporate power against democracy.”
[edited to add bullets]
The American who wrote this, Lou Dobbs, is certainly no radical, is deep in the right wing, and venerates “free markets” as much as any business-oriented conservative.
Even he warned of the dangers of endlessly expanding corporate power!
Though I consider myself a strong proponent of liberty, I grow more and more impatient with the palaver from the pipe-dreamers who call themselves “libertarians” these days.
Their two-part program is founded on hatred of government and worship of property.
They are too ignorant to understand this, but their ideology is a perfect mirror-image of Marxism: it is precisely as materialistic, divorced from the realities of human nature, and morally vacuous as Marxism.
One of the many things they don’t understand, is that in their nearly government-free nirvana, government power (which in countries like yours and mine is ultimately answerable to the great mass of people via elections) would be completely supplanted by corporate power … which after establishment of cartels and monopolies is answerable to a tiny cabal of the ultra-wealthy.
In the Western democracies, the Big Bad Corporations are more dangerous to most folks than the Big Bad Government.
gordo • August 3, 2018 7:27 PM
My excerpt of the day:
But, in the end, the Chinese government merely had to wait its challenger out, and all would be well. Google’s reconsideration reminds us of the final thoughts of Winston, the protagonist of George Orwell’s 1984: “O cruel, needless misunderstanding! O stubborn, self-willed exile from the loving breast! . . . But it was all right, everything was all right, the struggle was finished. He had won the victory over himself. He loved Big Brother.”
https://www.justsecurity.org/59941/googles-dragonfly-bellwether-human-rights-digital-age/
Ismar • August 3, 2018 8:54 PM
@Clive
Thanks for the article
@All
A book Patterning Instincts written by Mr Lent tries (and IMHO succeeds) to explain how we got ourselves into the pickle we are in and tries to offer some solutions for how to get out of the current crisis without making things even worse in the process.
It is rather longs but worth the read
Gunter Königsmann • August 4, 2018 1:06 AM
Crypto currencies and legal transactions; I still remember when silk road was taken down and with silk road a big percentage (was it 50%) of all bitcoins in existence.
Currently I assume many bitcoins are bought and sold for speculation on fluctuations of the worth of one bitcoin which might be legal if eventual taxes on that are paid.
But who on earth wants to spend bitcoin’s transaction fees on a morning coffee or a sandwich?
Or even a car if that isn’t part of converting speculation earnings back to real money/goods?
Wael • August 4, 2018 2:19 AM
@Gunter Königsmann,
But who on earth wants to spend bitcoin’s…
… transaction fees on a morning coffee or a sandwich? Or even a car if that isn’t part of converting speculation earnings back to real money/goods?
Yes! coffee, sandwiches, cars aren’t good. But pizza? That’s legit. Regrettable, but legit.
Currently I assume many bitcoins…
I agree with this assumption. Some do it for speedy transactions and transfers across borderlines.
Ismar • August 4, 2018 3:12 AM
One more from me this week on an example of how short-sited current American Foreign Policy is becoming
herman • August 4, 2018 4:57 AM
@Ismar: Rare earth metals are not really rare. The USA has one large bankrupt rare earth mine at Mountainpass which can be restarted and South Africa has a huge undeveloped deposit at Sandkopsdrift, to name only two – so China cannot really afford to hold anyone ‘hostage’.
Ismar • August 4, 2018 6:03 AM
@Herman
True but
“By holding the largest, cheapest reserves, China could artificially limit supply and move prices as Saudi Arabia and OPEC do with oil, even though the cartel does not produce most of the world’s oil. While no one country or cartel can threaten to cut off the entire world’s oil supply—the 1973 embargo proved just that—OPEC still maintains an outsized influence in the market. At its current pace, Beijing could achieve a similar role in the global clean energy trade.”
Wesley Parish • August 4, 2018 7:58 AM
Likely OT, but potentially On Topic due to “cyberwar” concerns: I’m sure everybody’s had a gutsful of the news being full of how North Korea is not living up to its denuclearization commitments made by Kim Jong Un in the agreement with US President Donald Trump.
I came across this little doozy a few weeks back when trying to make sense out of the deal:
https://www.vox.com/2018/6/21/17488552/trump-north-korea-kim-agreement-lie
And it’s not just some picky semantic distinction here: Kim committing to the complete denuclearization of the Korean Peninsula (which he did) and Kim committing to the complete denuclearization of North Korea (which he didn’t) are two very different things.
[…]
So what North Korea is essentially saying here is, “Sure, we’ll give up our nukes. Just as soon as you (Trump) withdraw all US military support for South Korea.” Pull your troops out of the country; stop promising to protect it.
Since the US has done nothing to disestablish the US military presence in South Korea, the North Koreans are entitled to claim that the US is violating its commitment to :
The United States and the DPRK will join their efforts to build a lasting and stable peace regime on the Korean Peninsula.
http://www.foxnews.com/politics/2018/06/12/statement-from-trump-kim-jong-un-read-text.html
http://time.com/5309425/donald-trump-kim-jong-un-summit-document-full-text/
https://www.vox.com/2018/6/12/17452532/trump-kim-document-agreement-full-text-denuclearization-read
https://www.theguardian.com/us-news/2018/jun/12/full-text-donald-trump-kim-jong-un-statement
(Just so various parties cannot claim I am promoting “fake news“, I corral as many as I care to, including a certain individual’s favourite TV channel, FOXNEWS. They all read the same.)
The North Koreans are entitled to the right to reply, which they seem to be unaware of; they are also entitled to take the US to the International Court of Justice and ask for an opinion from the ICJ about US commitments and the US’s consistent failure to abide by their agreements. Also about the US use of the Security Council to pervert the course of justice – but again, they seem to be lax about the defense of their rights. Likely due to having no independent legal opinions in North Korea over the past six or so decades.
JG4 • August 4, 2018 9:11 AM
@Herman and Ismar – There are very large deposits in Idaho and Japan. In the short term, the Chinese could do serious harm, but only at the expense of their longer term profits. I think that the term of art is dynamic supply curve management.
@Clive – Thanks for the link to the story on perfluorinated chemicals. I might have posted that yesterday, but I’m still pretty busy. I’ve been thinking about how to build economical scientific instruments that would let people measure very subtle chemical signals. It’s not a simple problem, although bacteria, fungi and plants are pretty good at it.
https://www.nakedcapitalism.com/2018/08/links-8-4-18.html
…
Big Brother is Watching You Watch
23andMe’s Pharma Deals Have Been the Plan All Along Wired (Kevin W)
South Korea’s spy cam porn epidemic BBC (Chuck L)
Facebook Dating will be a feature, not an app; here’s a peek Techcrunch (Kevin W)
New tool helps users decide which countries their internet traffic transits TechXplore (Chuck L)
…
PeaceHead • August 4, 2018 10:05 AM
And now our Commander And Thief (and plenty of criminal accessories) is going to enable the incremental destruction of our food supply.
ECOLOGY IS SECURITY SCIENCE, pay attention please:
https://www.bbc.com/news/world-us-canada-45068650
It is not an exaggeration that if the pollinators of the food supply are killed off, so is hugely much of the world’s food supply for both people and livestock.
Yeah, maybe flies could be used to pollinate food, but flies spread some of the worst diseases and plagues.
I wasn’t kidding was I was talking about how we need to SAVE THE BEES, and SAVE THE SQUID.
The lives we save, may (indirectly) be our own.
Politicians and politics itself tends to lack scientific rigor. Militarized politics is also just as ignorant of the facts of life.
People in the industries of killing and destroying and manipulating public perceptions via psychological and information warfare are not qualified to protect and nurture the Earth’s life support systems. Bees and trees and the oceans are part of lifes most essential life support systems.
And in this year of 2018, the current U.S. electoral college appointed president, who lost the U.S. popular vote by several millions of votes, has just participated in Ecological treason, whether accidentally or on purpose. Laws be damned, attacking the world’s food supply whether accidentally or on purpose is unacceptable. Keep that in mind within the full context of this Absurdistly Detrimental Presidential Level Failed Black Op known as the “Trump Administration”.
These posts are only zany and nonsensical if you still lack the background infos to “connect the dots”. We don’t have the time to wait for the ignorant to catch up or for the sociopaths to stall us all until we are DEAD DEAD DOD.
https://www.youtube.com/watch?v=kR-WCDa4NSc
P.S.=what are these?: (do NOT photograph these items, show them in person and remove them if possible)
AOSK
ODK
KRYOS
ENOY
PHIXED
PHIXER
FIXATE
PHIXATE
FIX8
(black) BURST…
…OXNARD, CA
I already have some ideas of exactly what they are, but others need to be pondering this as well as their conspicuous physical GPS locations. I recently noticed more of them on telephone electrical boxes and on more electrical, gas, and water ports. I haven’t yet gone to any airports to look for them.
Stones balanced on top of each other are diplomatic signs:
Think of the innocent babies/infants and remember the federal and non-federal departments who are working towards conflict resolution instead of conflict pyromania.
I will be relocating soon.
Like I said, it would be nice to discuss security items such as:
1) soundalikes
2) lookalikes
3) biometric false positives
4) accidental doppelgangers
5) real-life doppelgangers
Peaceful coexistence doesn’t require permission to implement; it requires only sanity and good faith efforts, and to be willing obstacles against evil’s attempts to implant itself.
echo • August 4, 2018 11:47 AM
I need to collate my security links. They aren’t many just spread over a few days.
I better not say much but in the meantime one thing said by the lawyers I am accusing of being unreasonable and discriminating is “We have a policy. This applies to everyone so we are not discriminating”. I do wonder if some lawyers have actually read the Equality Act. In fact I wonder how some lawyers got to be lawyers…
echo • August 4, 2018 12:51 PM
I’m really not sure about this study.
https://www.sciencealert.com/can-you-tell-what-makes-someone-trustworthy-trust-guilt-prediction
When it comes to predicting who is most likely to act in a trustworthy manner, one of the most important factors is the anticipation of guilt, according to a new study.
[…]
“Our research suggests that if you want your employees to be worthy of trust,” says Levine, “make sure they feel personally responsible for their behavior and that they expect to feel guilty about wrongdoing.”
echo • August 4, 2018 1:21 PM
Following my comments on basic psychology versus surface political party identification by coincidence an article just out dissolves party identification and breaks down views across the entire population. This is really interesting in lots of ways given how binary views or alternating views can be present in large organisations (which makes navigating an organisation chart havoc) but perhaps also the Brexit issue?
https://qz.com/1347030/there-are-fewer-republicans-for-donald-trump-than-you-think/
To understand America, don’t separate Republicans and Democrats statistically
albert • August 4, 2018 2:37 PM
@YabbaDabbaDon’t,
Lee Camp has a good 12 min piece on “Quiet Skies”:
https://www.rt.com/shows/redacted-tonight-summary/435108-air-marshal-travel-danger/
$800 million since 2010? Money well spent, I’d say. Proves that innocent civilians aren’t terrorists.
. .. . .. — ….
bttb • August 4, 2018 3:50 PM
Two from emptywheel:
1) From https://www.emptywheel.net/2018/08/02/how-abc-broke-a-story-about-mueller-limiting-questions-on-obstruction-and-claimed-it-showed-a-focus-on-obstruction/
2) https://www.emptywheel.net/2018/08/03/the-russian-nra-spy-just-remember-that-its-a-grand-illusion/
3) https://www.emptywheel.net/2018/08/04/on-the-apparent-complexities-of-charging-roger-stone/
1) “Robert Mueller is investigating the President of the United States for willfully entering a conspiracy with Russians offering to help him get elected, I believe in exchange for certain policy considerations, including changes to US Syria policy. Yes, Mueller obtained evidence demonstrating that conspiracy in large part because, in an effort to thwart any investigation into how he got elected, Trump fired the last guy who was investigating it (and investigating it less aggressively). Yes, that means obstruction is one of the crimes that Mueller believes Trump may have committed (if you’re going to harp on obstruction, then please focus on Trump’s pre-emptive offers of pardons to Mike Flynn and Paul Manafort, because it’s one of the most grave examples of obstruction and it’s critical to understanding what is going on now in EDVA).
I can’t predict how this will end — whether Mueller will decide he has enough evidence to implicate a sitting president, if so, how Mueller might lay out Trump’s involvement along with that of his family and aides, what Congress will do in response, what the long term impact on the country will be.
But that doesn’t mean the press is doing its readers any favors by playing dumb about what Mueller is really pursuing.”
2) “On top of being the guy who prevented the Republican platform from taking an aggressive stance against Russia, JD Gordon is the Trump associate who spends a lot of time claiming that Jeff Sessions opposed George Papadopoulos’ plans to set up a meeting between Trump and Putin.
Which is why I get such a kick out of the story that Russia’s NRA spy, Mariia Butina, spent September and October cultivating Gordon, and they even went to a Styx concert together.
The two exchanged several emails in September and October 2016, culminating in an invitation from Gordon to attend a concert by the rock band Styx in Washington. Gordon also invited Butina to attend his birthday party in late October of that year.
Which means the Russian NRA spy and the Trump campaign National Security Advisor went to hear a version of the Grand Illusion together.
'“I wonder which prominent Republican political figures she hasn’t come across?” Gordon asked.'"
3) “That’s one reason why the circumstances of Stone’s flip-flop in early August, in which Stone went from admitting that the DNC hack was done by Russia to claiming it was not seemly in one day in which he was in Southern California is so important: because he established a contemporaneous claim he has relied on to excuse any coordination with Guccifer 2.0 and WikiLeaks. Given the import of Stone’s flip-flop, I find it interesting that so much of the funding for his SuperPAC came from Southern California, especially from John Powers Middleton. Did he meet with his donors when he orchestrated the flip-flop that makes it harder to argue his discussions and foreknowledge of Guccifer 2.0 and WikiLeaks events count as entering into a conspiracy to break one or several laws?
Whatever the circumstances of that flip-flop, from that point forward, Stone pushed several lines — notably the Seth Rich conspiracy — that would be key to Russian disinformation. A big chunk of his SuperPAC funds also spent on “Stop the Steal,” which may also tie to Russian disinformation to discredit the election.
One of the complexities Mueller may have spent months digging through may be whether and how to hold Stone accountable for willfully participation in disinformation supporting Russia’s larger efforts to swing the election to Donald Trump.
In March, when this focused pursuit started, Mueller wanted to know what the President knew about communication between Stone, his associates, Julian Assange, and Wikileaks. Since then, it appears the question has gotten more complex.
And along the way, a key Roger Stone aide [Andrew Miller] has managed to stall three months on providing testimony.”
regarding Miller: https://www.washingtontimes.com/news/2018/aug/3/roger-stone-aide-andrew-miller-loses-effort-quash-/
CallMeLateForSupper • August 4, 2018 4:00 PM
@Clive @All
More – lots more – on PFAS at ProPublica. I had read, digested and lost sleep over them for months before Intercept caught the scent.
https://www.propublica.org/article/how-the-epa-and-the-pentagon-downplayed-toxic-pfas-chemicals
There’s also a series of articles on the wonderful (not) partnership between Pentagon and civilian contractors to “address” the stinking, weeping sore that is (non-nuclear) toxic waste generated by … the military.
https://www.propublica.org/series/bombs-in-our-backyard
The following Intercept article is from last February, though the subject has been covered many times and for years:
https://theintercept.com/2018/02/10/firefighting-foam-afff-pfos-pfoa-epa/
“The U.S. military is spending billions to clean up drinking water contaminated with toxic firefighting foam while continuing to use dangerous new formulas.”
Clive Robinson • August 4, 2018 4:17 PM
@ Ismar,
With regards China and “rare earth metals” have a look back on this blog over a number of years and you will find I was wavibg a flag about it.
The consensus back then was either “not interested” or “you are wrong”. Likwise my warnings on what China was doing in the South China Seas, Oh and Africa.
I’m not claiming that I’ve some rare ability to spot such things early, but the evidence of what China were doing with rare earth metals to get foreign IP into China was painfully obvious to anyone that took more than a few moments to look.
Yes there are other rare earth deposits around the world but the mines got closed years ago, the cost of re-opening them will be high… But the real question is how much IP has China stolen in the mean time? Andwhat it’s worth in jobs and competativeness in international markets.
Oh I also warned that both US politicians and US corporate directors were way way to short sighted with regards the way China thinks and behaves…
Any way I’m glad a more mainstream journal/publication is finally making some warnings about it. It may yet not be to late to resolve the issue but I realy don’t think either the US politicos or US corporate directors are upto it in all honesty, heres to hopibg I’m wrong on this point…
65535 • August 4, 2018 4:22 PM
@ albert
“$800 million since 2010? Money well spent… Proves that innocent civilians aren’t terrorists.”
If the US government is spending 800 million USD of the tax payer’s money on Air Marshalls tailing people that program should be high monitored by the Congress. If Congress refuses to monitor the program then Cancel it now. 800 million dollars is just a “full employment” feather bed for the TSA and should be spent else where on more productive things or not spent at all.
PeaceHead • August 4, 2018 5:12 PM
bravo, echo. 🙂 nice data; thanks.
clive and 65 and others: also nice data; thanks.
i will try and keep my future posts alot smaller.
peace is an opportunity for renewed survival.
move the colours.
Ismar • August 4, 2018 5:16 PM
@Clive
It takes a while for the rest of us to catch on 🙂
But I have another question which is more metaphysical in a way and that is
What is the purpose of this Friday blog that mr Schneier so kindly let us use?
Would like to see some variety of opinions on this topic. I think it can tell us more about why we post here as well as about why we are allowed to do so.
justinacolmena • August 4, 2018 5:19 PM
Finally traced down an obscure problem related to the usability of GnuPG // PGP.
A “pinentry-program” must be configured in “~/.gnupg/gpg-agent.conf”.
https://www.reddit.com/r/linux4noobs/comments/522a0o/gpg_is_not_asking_for_my_passphrase_in_x/
GUI email client was trying to run the curses pinentry without a proper terminal, causing a failure to perform cryptographic operations, because curses is not an X client.
The Nazis, Fascists, silverware thieves, and professional tooth-pullers are making this more difficult than it needs to be. You really do need heavy munitions, if not quite nuclear, to blast through all this bullshit.
Taz • August 4, 2018 5:37 PM
New attack on WPA/WPA using PMKID
Play Store Monopoly
“We’re distributing Fortnite to Android users from epicgames.com. You go to our website, click the download button, and go through some prompts to download and install Fortnite. There’s no third-party store involved at all. It’s just like the PC experience, the way that PC and Mac users install Fortnite. That now works on Android, which is possible because Android is an open platform[1].
The second motivation is the economics of the store ecosystem as it exists right now. There’s typically a 30/70 split, and from the 70 percent, the developer pays all the costs of developing the game, operating it, marketing it, acquiring users and everything else. For most developers that eats up the majority of their revenue. We’re trying to make our software available to users in as economically efficient a way as possible. That means distributing the software directly to them, taking payment through Mastercard, Visa, Paypal, and other options, and not having a store take 30 percent [2].
If you look at it, the stores on the smartphone platforms actually do very little. They’ll put ads up in front of your game. When you search for Fortnite on iOS you’ll often get PUBG or Minecraft ads. Whoever bought that ad in front of us is the top result when searching for Fortnite. It’s just a bad experience. Why not just make the game available direct to users, instead of having the store get between us and our customers and inject all kinds of cruft like that? It’s a general criticism I have of the smartphone platforms right now.
I really hope there’s a better trend in the industry toward economic efficiency in distribution. Mastercard or Visa will process payments for 2.5 percent or 3.5 percent per transaction. These Big-data stores taking 30 percent is just out of line. There’s a 4X profit margin or more.”
Little wonder Google wants to move away from the Linux based Android OS[3]
[1] Action for GDPR enforcement: Android owners must select ‘Allow install from unknown sources’ I trust EpicGames far more than a corporation secretly working to censure citizens of China[3].
In essence Google is forcing consumers to only trust them (as they plop advertising in your face) over everyone else. To play fair, there must be a local whitelist where the owner explicitly grants trust. Sites not on the whitelist are blocked.
[2] A lot of the reason that services like Mastercard and Visa charge two or three percent is because they have to provide consumer protections, anti-fraud, customer service, and other systems baked in. That costs real money to operate. That has to be a balancing factor. A store is only really reliable if customers feel they can get good service from it. That’s a key consideration in all of this.
[3] Android devices in China are frequently sold sans Google
Clive Robinson • August 4, 2018 6:42 PM
@ PeaceHead,
I wasn’t kidding was I was talking about how we need to SAVE THE BEES
Last time I looked, over 1/3 of our food supply was critically dependent on bees.
But… When you looked a little deeper it was over 80% of foods that can be considered “pantry staples”. That is food that does not rot when stored at normal room tempreture and humidity.
These are foods that “survivalists” know are ultra important to mankinds survival when out of the equitorial zones. That is where not just winter and summer have real meaning but spring and autumn as well, where seasonal crops such as soft fruits need to be preserved (no jams/jelly without both sugar and pectin both of which are derived from plants that need bees as does the soft fruit). Even alcohol which is also a preservative needs bees…
At one point the EU stood up to US pesticide manufacturers, that were in effect destroying bees nervous systems, however that nolonger appears to be the case.
PeaceHead • August 4, 2018 7:08 PM
@clive: thanks for the decent reply. acknowledged.
I am pondering what the roots of the historical (in the past) Cold War were.
This turned up while browsing some early 2018 links from thoughtful people here:
https://en.wikipedia.org/wiki/DeNAZIfication
Yes, that’s a real word. Those older than me won’t be surprised. Those younger than me need to aggressively try to learn about this type of stuff because the ones who lived through those times in the past are not going to live forever, and neither will people like me. Eventually, neither will they, and this needs to be taught to the kids, the neices and nephews, the cousins, the grandkids, and the great grandkids.
I believe that the Cold War was a DIRECT RESULT of NAZI infiltration of and reassembly within the U.S.A. It neatly explains so much of the otherwise mindless hostilities coming directly out of America against it’s own people as well as against immigrants and other nations, especially Russia, which was amongst the Allies who fought against the NAZI’s.
Operation Paperclip and the preceding programs and the programs which followed, were essentially an accidental(?) trojan horse infection of the U.S.’s military industrial complex amongst other parts of domestic American life.
This has got to be actively remembered. Please try to comprehend this to it’s fullest before seeking doubt or rebuttal. I’m open to clarification of details, but that war did NOT end. Therefore, I am NOT in mental surrender mode.
I too, stand to defend America from all threats foreign and domestic.
You don’t have to formally be a soldier nor general to have a clue about this stuff.
And once that “clue” takes hold, for those who care, it’s the seed of seeds of future liberations against the persistence of insane fascism and biological extinction of everyone and everything.
NAZI fallout and backwash is not a healthy component of modern North American culture and language, but it’s a reality. The sooner we come to grips with this, the sooner we can move past it and into healthier, sustainable, realistic survivalism.
NAZI’s aren’t to fault for their idealism. But their algorithmic self-perpetuating viruslike death-spiral of everyone and everything in service of heirarchy and slavery and monetisation of everything. It was pretty much so experimental that it contradicted everything about what it is to be a normal sentient being.
But we aren’t off the hook just because time has passed. Transhumanism (transbeingism) is currently colliding with genetic engineering and the datamining era and everything else critical to this age.
Now is an ideal time for vigilance. We can call these phenomenon by other names, yet form follows function.
What is security?
Security from what?
What security threats have not yet been “solved” after all these years?
Yeah, I’m a peacenick, almost a beatnick, yet when it comes down to it; I am not about to surrender to the insidious residue of what is arguably the biggest existential risk to the planet: Behavioral NAZI’s in control of the arsenals, industries, governments, ecosystems, medias, and communications systems. They may not call themselves NAZI’s, but consider their wake of destruction and how much they keep returning to the same criminal activities decade after decade with the same and similar results, only worse.
In terms of relevance to this site, please take into consideration what cryptology is…
What is cryptology?
What is a secret?
What is deception?
What is illusion?
What is camouflage?
What is serreptitious?
What is stealth?
What is subrosa?
These are rhetorical questions and each answer is unique.
Nothing I have ever posted here on this site has been a non-sequitor.
Peace be with us.
EventuALLY stuff happens.
Sincerely, PeaceHead.
P.S.-I swear to all 7+ Billion human lives on this planet: THE COLD WAR IS OVER AND MUST ALWAYS STAY ENDED. I will do my part.
65535 • August 4, 2018 9:06 PM
@ Ismar
“What is the purpose of this Friday blog that mr Schneier so kindly let us use?”
Nobody answered. I’ll take try.
It is a wide-open thread or much wider than normal thead. It allows some political discussion and so on.
I find the thread if good for odd items that have not come to light in previous threads. These threads can grow very long.
That’s all. If any expert has a better answer please speak up.
@ peacehead
“echo… nice data; thanks. clive and 65 and others: also nice data; thanks.”
Good.
I find this site to be very educational.
Ismar • August 4, 2018 10:59 PM
@65535
Thanks for voicing your opinion. Can I ask then why most of the people that post here do so without providing their real names , although Bruce gives the space under his web site and under his real name ?
BTW – I always use my real name as a sign of trust and respect to the host
Alyer Babtu • August 4, 2018 11:01 PM
@Peacehead
Re Nazis
A good – perhaps the best – study of this is Aurel Kolnai’s “War Against the West”. Actually, anything by Kolnai is worth reading, especially as a diagnosis of modern political and moral errors and ills.
Clive Robinson • August 5, 2018 4:48 AM
@ Ismar,
What is the purpose of this Friday blog that mr Schneier so kindly let us use?
That question has been asked off and on for many years.
@Bruce has an intrest in squid for some reason. As they are fascinating creatures in their own right, it’s hardly supprising that a curious mind would find them not just curious but engagingly so.
Back when the blog was young, the majority of posting was done from peoples work desks (smartphones were not an item to hand back then). The blog was also way more technical then as computer security was a very much smaller field of endevor and altgough starting to be taken seriously was not out of the grass as far as general users and managment were concerned. Oh and Intel was only advertising in “serious” electronics journals and “China rip-off” ment Taiwan not as it currently does the Communist Chinese Mainland. So things do change with time.
People tended to use anonymous handles for a number of reasons partly because it was part of the original “Hacker Ethic”[1], partly because it “leveled the field”[2] and yes alowed women to participate without having to admit being women or being singled out as has happened in other places.
When @Bruce started the Friday Squid page it was a very low bandwidth page and as it came out at the end of the working week, I put the occasional “something for the weekend” joke or link to something wierd but ammusing on it just to get a smile or three from people. @Nick P and myself used to discuss wierd items vaguely related to technology, esspecially when it felt like there was more to the story than you were reading. This developed into linking to other Technology Items that would be of interest to people, some of which @Bruce would later use for a blog page.
It was around this time that “the usuall suspects” had very long discussions on research items, these we tended to do on blog pages that had gone quiet as most people had said what they wanted to on the subject of the page. I even got nominated a couple of times for the longest posts.
However then as now people would drop new links on the latest blog page often in the first few comments which was disruptive because you would have two or more active conversations on the same page. Thus I would point out I usually put such things up on the Friday Squid page and others quickly did likewise.
@Bruce kindly let us get away with it, and as you can see it’s now one of the more popular pages even though it can be quite chaotic at times. But for reasons nobody realy knows it appears to work surprisingly well most of the time.
One rule @Bruce had was “no politics” back in the early days this was easy, there was lots of suitable technology being developed and by and large politicians were keeping their noses very much out of technology.
Things have changed due to the likes of the various IC and LEO entities politicians have had their noses dragged to a new feeding trough. Where they have discovered a trove of money and influance that feathers nests and gives certain of the less desirable of their ilk power they neither deserve or should be alowed.
Thus politics in the non party form was becoming difficult to avoid. Many had hoped that Crypto Wars One had seen the back of the IC and LEO influance. Unfortunatly that was not the case they crept back little by little with a poisoned earth policy coupled with a “Think of the Children” FUD campaign that when coupled with certain terrorist actions had a new rod to beat politicos with. This was the “blaim game” put simply every time something happened out of fear politicians handed over more resources without asking questions through fear they would be blaimed. It got so bad you could think up something totally impractical spin a “but how do we stop the terrorist using it” type tale and get a few millions in tax payer dollars for “research” then make a few promising noises a little later and sell your company for many more millions and become not just rich but an “Industry Name” a few “rinse, wash, repeate” cycles and you could be earning intetest from the likes of Forbes… Which in part is why @Bruce coined the term “Security Theatre”.
It was a turning point where human behaviour and politics could nolonger be ignored they were now too tightly coupled to technology.
Then unfortunatly things got worse a lot lot worse. Criminals had seen that most physical world crimes had an equivalent information world equivalent. For various mainly political reasons Intetnet Crime was quite deliberately ignored by LEO’s in part because solving it had no political benifit for them, it was not on the politicians list of campaign promises or policies. Being “Hard on Crime” was a physical world problem, with new private prisons needing to be filled so that campaign kickbacks would happen Crime Fighting concentrated on those at the bottom of the socioeconomic pyramid, where they had no opportunity to defend themselves, especially when coupled with inherent racism, plee deals and those private prison kick backs, that even judges were putting their hand in the cookie jar for one way or another.
Thus those criminals with above average intelligence started moving to the more or less safe haven of the Internet to commit their various crimes. The only important thing was to keep the individual crimes below the various investigatory bars, thus not get investigated in any given small geographic area. The big advantage for the criminal was that they did not have to be physically present, thus they could run hundreds, thousands or even hundreds of thousands of crimes simultaniously with about the same effort a single physical world crime required. This “army of one” approach actually paid bigger dividends and for less risk…
Thus our politicians were actively encoraging cyber-crime by looking the other way as there were no eye-catching kick-backs to turn their heads to see it.
The Obama Administration was a marked change in previous political behaviour. Basically Barack was a “Cyber nut” thus it got Whitehouse interest. DA’s were actively encoraged to pursue “show trials” against cyber-crime. What happened mostly did not involve real criminals but protesters and cyber crime kept climbing. This was because the LEO’s had taken no interest in solving Cyber-crime thus had no feet on the ground.
Like it or not the Obama Administration pushed politics into the heart of technology, they were now joined in a way they could not be seperated again. Which gave rise to a dark side in politics, where crime and voter encoragment could use the exact same methods.
Since then politics especially party politics has gone down hill and people being people will either ignore it or be vocal about it, but thankfully rarely take physical action. The Internet had become a place where those who were vocal had a new place to shout their views where ever they could.
This was unfortunate, @Bruce has always tried to run this blog as though it was a social event you might hold in your home. That is guests were welcome but there were behaviour conventions you would expect at any civilised social gathering.
Unfortunatly as we know, a good many people think incorrectly that they can be anonymous on the Internet, thus they do not limit their behaviour to social expectations. Others very much at the top of the US technology pyramid who had been present at one or several Obama “fire side chats” realised that there was a great deal of money to be made from fostering anti-social behaviour on the Internet. One such set of people are slowly being uncovered by the investigation into Cambridge Analytica and it’s relations to election rigging. Whilst being somewhat discrete CA has advertised it’s services around the world picking up a large number of clients that most would wish they had not.
Who was the first to use the Internet as a political tool is up for debate, but one thing is certain that CA pushing their services would have started “me to” activities in many places such is the nature of what is seen as “Easy Gain” or “Money for old rope”. There are several names of various US funders that are considered “too right wing even for the GOP” that keep cropping up and even “Mr Facebook” in his sociopathic way realises there is a major storm coming as a result of these online activities he amongst many otherse were turning a blind eye to as long as it brought in hard currancy.
The problem is that such behavious whilst being “one man’s meat” are very much “another man’s poison”. Those exhibiting the behaviours will of course also use places on the Internet where they don’t have to pay, as long as they are putting their message out, they will just as Spamers used to do take any liberty to make a profit no matter how small.
Thus back a few years ago, political comment of a more party or personal orientation, barely at best related to technology or security started to appear. Our host @Bruce could see it was detrimental in many ways both near term and longer term, thus sort as best as possible to limit those behaviours, whilst trying to maintain the blogs basic ethos.
To say it was a struggle is perhaps an understatment of some weight, 2016 for many reasons became a compleate nightmare for many many people, not least because it showed up the many many failings of the representational democracy model and it’s various implementations. Some of these such as electronic voting systems are both technical and security related, likewise the crass mishandeling of voter data by those responsible for maintaining it. As these are just the very top of the tips of ice burgs that occasionally get seen through the fog banks, it’s clear there is a lot more much of it social and party political mixed in as well.
It is increasingly difficult to maintain a divide between technology / security and politics of all forms and I don’t envy anyone that task.
Anyway I hope that has answered you and others questions a bit on the history side of things.
[1] This was when a Hacker ment somebody who was skilled in practical problem solving ways, and like NASA’s “Steely eyed Missile Man” was a badge of honour and respect. It had no connection to criminal activity back then as the computer crime that we see today had not yet happened, what there was back then was “white collar fraud” in financial institutions, which was condemed by just about everybody alike. Much as in early CB culture a person would “pick a handle” to be known by, often it might be a variation on a nick name, mine certainly was, but it was usually unique and memorable oh and often less than eight charecters long. Also back then your skill set almost always included high proficiency with wire wrap tools, side cutters and soldering irons as well as shoulders like an American football player due to the use of KSR and ASR TTY devices, there was certainly no “keyboard on your lap” operating unless you wanted to go to hospital for reconstructive surgery. Oh the reason for the short handles, RAM and EPROM back then was still up in the significant fractions of 1USD/KByte even on 8bit machines so there were real storage costs, and 10MByte hard drives, well lets just say people earned less in a year than they cost, even floppy drives that were then 8″ cost more than a months take home pay.
[2] This was at a time when the cartoon picture of a black labrador with a paw on a mouse had the caption “On the Internet nobody knows you’re a dog” was still fresh.
Simone • August 5, 2018 5:47 AM
EUD Security Guidance: Ubuntu 18.04 LTS
Created: 24 Jul 2018
URL: https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1804-lts
Archived: https://archive.fo/bWDP5
National Cyber Security Centre ‘a part of GCHQ’
This guidance was developed following testing on devices running Ubuntu 18.04 LTS.
It’s important to remember that this guidance has been conceived as a way to satisfy the 12 End User Device Security Principles[1]. As such, it consists of recommendations and should not be seen as a set of mandatory instructions requiring no further thought.
Risk owners and administrators should agree a configuration which balances business requirements, usability and security.
[1] End User Devices: Security Principles
https://www.ncsc.gov.uk/guidance/end-user-devices-security-principles
Wesley Parish • August 5, 2018 5:50 AM
@usual suspects
Two Intercept articles on the World Of Mickey Mouse aka the NSA, the GCHQ and the like:
How procedure resembling Laurel and Hardy at their very best, or Abbott and Costello, gave China and insight into insights they likely already had achieved.
https://theintercept.com/2014/02/24/jtrig-manipulation/
How Covert Agents Infiltrate the Internet to Manipulate, Deceive, and Destroy Reputations
I wonder if they’ll discover that time I had a job as a petrol pump for the government, undercover, or the time I was a three foot high market analyst in Atlantis. I mean, they can of course ask my sister in law who was an oak tree, or do I mean a manhole cover?
If they are feeling spectacularly lucky, they are welcome to interview the loan sharks who I trashed as a three foot high market analyst in Atlantis – most of them have been reincarnated as mako, or great whites, though some seem to have taken the hammerhead approach – while others preferred the saltie approach – reincarnation as saltwater crocodiles. I have no objection to various agents of the UK and US dirt-grubbing agencies aka “Intelligence” agencies – interviewing sharks and crocs for dirt on me; I would recommend they roll themselves in burley first, as that guarantees interest …
Clive Robinson • August 5, 2018 6:31 AM
@ Alyer Babtu, Peacehead,
Re Nazis
The big problem with “National Socialism” as called in Germany, actually had quite a grip on much of Middle and North Western industrialised Europe in the 1930s. Put simply it was extreamly popular even in the US and many other WASP nations.
It’s something that does not get as much consideration as it should when we now look back at what National Socialism became.
The simple fact was at times of extream privation after the First World War and World Economic Collapse of the late 1920s through 30s it was extreamly seductive.
By the use of “bread, circuses and jobs” tied in with what sounded like reasonable measures it captured the minds of many many millions of people.
Remember because of this millions voted to give up the right to vote and in effect sealed there own fate.
You thus need to ask what seduced people to do that and more importantly how.
Because unless we know not only how but understand the why at deeper levels, we will not be able to prevent the same but slightly different happening again.
Importantly it is not something that should be known only to accademics, because in that way it will in effect become a state secret and used against many civilian populations. It is a lesson that should be taught to all from an early age.
From the First World War we have the simple statment,
To this should be added,
But nor should we be frightened or preasured by others to not notice similarities in behaviour as we see them, otherwise Edmund Burke’s truism of,
echo • August 5, 2018 7:43 AM
@Clive
I was just thinking last night that politicians are grandstanding so much and the media is full of so many opinion columns instead of inestigative journalism that real discussion topics like policy and data and measurable imapcts about anything which matters is squeezed out.
I wonder how much techology which is supposed to be “disruptive” or “agile” and overblown frameworks nobody quality assures are grabbed because our middle brains have been programmed to this narrative.
CallMeLateForSupper • August 5, 2018 7:48 AM
@Clive
“[…] nor should we be frightened or [pressured] by others to not notice similarities in behaviour as we see them […]”
This.
Ruben • August 5, 2018 8:06 AM
This is the best hosts lists I’ve found to date. While it may not add blocks for W10 problems, (they can easily be added by the user) it is massive and it works well:
https://github.com/StevenBlack/hosts
“This repository consolidates several reputable hosts files, and merges them into a unified hosts file with duplicates removed.” In addition, “A variety of tailored hosts files are provided.”
If you want the default one (latest release):
https://github.com/StevenBlack/hosts/releases
Users of *nix will probably want to change all ‘0.0.0.0’ entries to ‘127.0.0.1’. (and maybe some Windows users, too, IDK)
Clive Robinson • August 5, 2018 8:10 AM
@ Wesley Parish,
Two Intercept articles on the World Of Mickey Mouse aka the NSA, the GCHQ and the like
I could say,
Like many in the UK who have had business dealings abroad I’ve been promoted to the rank of “person who may be of interest” to the Inteligence services at some point in the future.
It might sound paranoid, but back in the 1980’s there was the Matrix Churchill case, where those with legal busines dealings with Iraq were pursuaded by the UK IC to become not just spys but criminals. Because the then Customs and Excise Dept was a law unto it’s self and the UK IC trusted them not, a criminal case was brought by C&E against the directors of Matrix Churchill. The defence brought up the fact that MC had only done what they had done because the UK IC as MI6 had put preasure on them to do so.
The then UK Government ministers under Margaret Thatcher then tried to cover it up by hidding the information. It was only because on Michael Hesaltine refused to sign the paperwork and made it effectively public that the C&E case colapsed with much internal animosity[1].
What came out of it eventualy is GCHQ at the time was recording all non domestic calls and differentiated them into catagories based on call type etc. This information was made available to the UK IC supposadly for “background checking” and similar. This was in effect repeated not so long ago when UK MPs found to their shock and horror that the “Wilson Doctrine” had no legal basis as far as GCHQ were concerned and was thus totaly ignored (the result the press missed reporting the other statments made).
Back around the time MC directors were being “recruited” I had the misfortune to be contacted by some one associated with the UK IC that I had provided surveillance equipment to prior to that. Who asked me to design a jamming device for “VIP Protection” protection purposes. As it was something I had done before for the UK Defence Industry I made a phone call or two and was horrified by what I learned. Apparently my name had come up on a list originating from the US IC. It took a while to sort things out, and for me it was the last nail[2] in the coffin for me having any association with the UK IC.
So I’ve gone from someone actively connected via work to the UK IC designing equipment for them and demonstrating weaknesses in various other systems they used, to being a person who actively avoids contact with them and advises others to do likewise. Oh and instead now has a habit of making my security related research findings public…
Oh and every one remember, illegal activities are still illegal even if you’ve been given a nod by an IC entity. Unless you take care to get your own “Keep out of jail” authorisation documentation signed by the appropriate Minister of State, then it will hang over your head for the rest of your life. And it will quite likely be used by anyone privy to it to make you get in deeper and deeper, to become just another “tool” to be blunted and discarded.
[1] Some little while later C&E tried to play clever and develop their own “undercover” methods and sources. When it went to court and got revealed the judge concerned was absolutly appaled by what had been going on. It was kind of the last nail in the coffin for C&E shortly there after they lost their prosecutorial powers and were subsumed into their bitter rivals of the Inland Revenue. Which in turn has gone bad as anyone investigating “Corparate Tax Avoidence” will chearfully tell you.
[2] As I’ve mentioned before on another occasion some idiot connected to the IC decided to send a couple of “pursuaders” to my then home, which backfired on them.
CallMeLateForSupper • August 5, 2018 8:27 AM
@Ismar
“Can I ask then why most of the people that post here do so without providing their real names […]”
Answering for myself: Because data and metadata gathering as a business is ubiquitous, lucrative and silly, and I believe very strongly in starving that machine to the degree possible. (It serves no function whatsoever to society at large; it is dissipation roughly equivalent to wanking or conspiracy theory propagation.)
An extremely common given name used here by, say, three posters, would confuse. (It actually occurred on this blog, more than once.) Multiply that mess by Tom, Dick and George (also common) … Oh dearie me! Gridlock.
Therefore, on this blog I am CallMeLateForSupper, and have been so for some years without conflict.
(I’m kinda sorta hoping an Ismar (other than you) answers your query. 🙂 )
Ergo Sum • August 5, 2018 9:12 AM
@CallMeLateForSupper…
Answering for myself: Because data and metadata gathering as a business is ubiquitous, lucrative and silly, and I believe very strongly in starving that machine to the degree possible.
Admirable, but forgot to mention that the “machines” share metadata gathering and one point or another, your Internet IP is tied to your handle and quite possibly to your real name. If from nowhere else, your ISP may just share/sell that “metadata”.
Not to mention your frequent email home, about being late for supper… 🙂
Disclaimer: I do try to “starve the machine” as much as possible, but it is getting increasingly harder and harder…
Ergo Sum • August 5, 2018 9:24 AM
@PeaceHead…
I wasn’t kidding was I was talking about how we need to SAVE THE BEES
Yes, we do need to save the bees. After seeing what the Gotham City beekeepers do on top of the skyscrapers in Manhattan, NY:
Let’s just say that I have a sudden urge to become a beekeeper in my suburban neighborhood. Doing so might be a must anyway, since I grow my own vegetables anyway…
Clive Robinson • August 5, 2018 10:12 AM
@ echo,
I wonder how much techology which is supposed to be “disruptive” or “agile” and overblown frameworks nobody quality assures are grabbed because our middle brains have been programmed to this narrative.
Whilst there may well be an element of it the “latest thing” urge is strong with some types in the “code cutting industry”.
Most of the things you hear about in the industry, that claim some thing will be XXX times better, are like medieval love potions…
That is if you are realy lucky they don’t poison you, but coincidence and a little self confidence will always give unexpected results, which can then be turned into “war stories” about how XXX is the next wonder of the world.
I know, it sounds like I’m saying that those in the code cutting industry are either gullible or are polishing their C.V.’s at their current employers expense… But engineering techniques are seldom if ever seen in such systems. As for actuall qualative analysis, we realy don’t have usefull measurands so there realy is nothing that is going to give to give repeatable results…
Can I interest you in my new method, all you need to do is put a few drops from my bucket of snake oil on the back of your programers necks and their staminer will improve 0:)
Winter • August 5, 2018 10:21 AM
@Ismar
“Can I ask then why most of the people that post here do so without providing their real names […]”
Several times I have seen the sage advice to separate your personal opinions from your professional life. More specific, the advice was to use a pseudonym for expressing your personal opinions and reserve your real name for things that you do not mind ending up in an appendix of your resume.
PeaceHead • August 5, 2018 11:59 AM
@pretty much everybody:
I am impressed by and thankful for what’s being discussed.
I apologize for my sometimes long-winded and slightly overblown posts.
Keeping that down is something I will try to do.
Also, I need to apologize for and avoid using the inflammatory “T” words.
That was a mistake of mine.
Thanks Clive, and others for teaching of how it was in the past.
That helps me to calm down and think and act more rationally.
Thanks much for the supporting details too.
I will try to do more substantiating of my own claims as well in the future when possible, as long as and if and only if sharing details won’t put people at risk.
In terms of my briefly continued unsolicited analysis of the modern security/political cacophony, I believe that…
1) We are currently victimised by the quasi-successful implementation of a DADAIST HEIRARCHY. I am refering to the Dadaism philosphy and stunts and insult comics of the performance art world and history. They finally got into politics to do damage to dogma regardless of the countless lives, properties, conventions, treaties, ecologies, and industries put at risk.
2) Some of their deliberate tools are the installments of people who are guaranteed to be unqualified for their roles as heads of departments. This is quite in keeping with their goals to be ridiculous and to cause theatre of the absurd.
3) They don’t mind making money off of their inane world-stage stunts.
4) They really don’t have much of an “end game” plan. Most of what they probably wanted to accomplish has already happened. Unless they are a suicidal doomsday cult, they got pretty much everything they ever wanted. And there is no plan coming from them of how to “pick up the pieces”; it was never in their interests to accomplish anything constructive whatsoever.
Their dedicated behavior is to disturb, destroy, dismantle, and spread disinformation. They like messes and to incite massive blame festivals. I am not talking about Russians, I’m talking about those pushing the most disruptive changes domestically in the USA, some of which plays out via White House proxies. Probably a lot of them aren’t even technically “Shadow Government” types. They are just people who, like hackers, are opportunists using specific techniques to get results that match their whim and folly. Nevermind the labels, look at the behaviors.
5) It may sound silly, but these types are like “The Joker” and “The Riddler” within the “Batman” comic literature and cinemas. They really seem to thrive on attention and mischief. It was only a matter of time before it eventually played out at the White House and in the middle and upper levels of government and military and intelligence. And in some ways those levels were always an illusion.
The insanity got promoted into place by the loophole insanity of the Electoral College system. It’s kind of like the loophole insanity of the longstanding tradition of tax breaks to the ultra wealthy.
Anyhow, these jokers can’t solve any of the problems they caused. They are not willing and they are not able. They are willing to make matters worse and they are able to make matters worse and they are not reliable for rational logical conversation or interview fodder.
If indeed The Trump Administration is a Black Operation, as I believe it is, it’s time for that “product” to be recalled and sent back to the manufacturers. Yank the plug on that. Pull the plug on that. Pull the plug on the Trump Administration Black Op. Yank the plug on the Trump Administration Black Op. Yes, it’s a National Security flaw now in several compound ways that are above and beyond what were probably a few anticipated risks and damages. It was NOT worth it.
For an insult comic’s stunt, yeah it was worth it for them for their first 100 days of drama. For the rest of the world, it’s worse than some forms of terrorism because our future and safety and survival is not merely disposable joke material.
Another last bit of consideration:
There are some people who are literally addicted to warfare and the related thrillseeking behaviors. There are also those who are addicted to evasiveness and trickery and what in other realms would be aesthetically-pleasing acts of illusionism. There are those who are addicted to seeing how bad bad can get. There are those who are addicted to seducing others into their own demise. These behaviors can’t be healed by psychiatry. Psychiatry was long ago co-opted by the biological weapons industry and chemical manufacturing industry and the parasites sucking the life out of both the insurance industries and multitudes of veterans and backdoor draft veterans and cancer patients, etc. It’s a cesspool of exploitation. It can’t be fixed from the inside.
On the positive side, the fact that we can share this type of info with each other and others implies that the info could eventually make it’s way into the hands of those with the fulcrums to do a heck of a lot more to drop some idiots and re-set the table for civilised peacetime sustainable existence again, hopefully with more freedom from insanity and danger than before.
As for vigilante-ism, I am still in favor of engineering vigilante-style dataworms, drones, bots, robots, and semi-autonomous operating systems designed to fix and heal security flaws and proliferate in controlled/limited/prudent protocols. The sooner the better. There is already a digital battle for technological innovation.
But if the entire battlefield were transformed into a healing competition, then the money might shift to fund the repairs of civilised modernity instead of funding the total cascade failure of way too many societies dependent upon technology and even pre-industrial societies trashed by the pollution.
Good deeds can still be done. Hope is still alive.
Thanks for reading this. I hope this helps to stimulate thought for the technical specifics of the classifications and venn diagrams of future security efforts to finally conclude this era of mindless competition in service of suicidal and genocidal ideation.
Peaceful coexistence is compatible with scientific innovation when ethics and safety are not left out of the research and works.
12:00 pm CST -6 GMT
Clive Robinson • August 5, 2018 12:04 PM
@Bruce and Those living in the UK.
As you may or may not know a number of banks are starting to send out forms asking where people want their PPI refunds payed to, and it can be in the thousands of pounds.
Well atleast one major UK banking group uses the return address of “PO Box 140 Normanton WF6 1YA”.
A little bird told me that scammers are trying to get at the “where to send the payment forms”.
I was told the scamers pretend to be a Debt Councilling advice service and use scarry language to frighten people into not opening the envelope. They do however have links to a fake Debt Managment Company, who will make all your problems go away…
Well I was a little sceptical so I thought I’d give it a try. So I put the return address into Google and low and behold this is the top link given,
http://dontpaywonga.co.uk/p-o-box-140-normanton-dont-pay-them-back-read-this/
It is as described to me by my little bird. However I have not followed the links on the page to the Debt Managment company as they look very suspicious as they are. Oh and the company “Wonga” is as far as I am aware nothing to do with the return address[1]
So if you do get a letter that you don’t recognise and you do decide to check the return address (generally wise advice) check not just the first few that come up but a few further down as well.
And if in the UK and you are being harrased by debt collectors, keep a diary of the harassment and visit your local Citizens Advice Bureau or your local councilor / MPs open sesions, they will atleat point you in the direction of legitimate advice and help. It often turns out people do not owe any money (people who left EE Mobile Phones, health clubs and many online services for instance) or the debt collection service are behaving illegaly.
Oh and the usuall advice “Never give Personal Information to those who do not have an absolute legal requirment to have it, then think twice”, after all “Genie’s are easier to keep in a bottle than it is to put them back, once they have got out”.
[1] Wonga are however one of the 1000%+ pay day loan companies that have a reputation for dodgy behaviour and appear that they are close to bankruptcy,
Major • August 5, 2018 12:42 PM
@MarkH
“The cryptocurrency people seem to have a religious zeal, and to that extent won’t be swayed by any rational argumentation.”
I love these arguments where people accuse others of what they themselves are demonstrating at that moment.
Why do people need a rational argument for what they do? How rational do you think we are anyhow?
What is your argument for wearing that shirt? Watching a movie? Choosing one action out of millions and expecting people to justify it to your satisfaction?
Anybody who is paying attention and has a modicum of brains should have picked up by now that we don’t choose things for rational reasons. The rationalizations come afterwards.
I like cryptocurrencies. They make me feel a little bit more free. Do they have problems? Sure. Would I put money I needed in them? No. Do cryptocurrencies, the blockchain and smart contracts have potential? Clearly. Are people working on solutions to the problems? Why yes they are.
Should we never have pursued cars or airplanes because they initially had issues? Cryptocurrency technology is rapidly changing. The proof of work approach is recognized as problematic and other approaches are being explored. It is ridiculous to judge a technology solely on its current incarnation.
My impression is that the rabid anti-crypto folks are simply jealous of the returns other people are achieving and all the supposed “rationality” is simply window dressing over this disappointed greed. Otherwise, who cares? You don’t have to use them. If they end up actually (rather than potentially) threatening human civilization there is no doubt they will be shut down. So aficionados have every reason to work towards this not happening. And they are.
wumpus • August 5, 2018 1:08 PM
@Gunter Königsmann: But who on earth wants to spend bitcoin’s transaction fees on a morning coffee or a sandwich?
You’d be surprised how many people use credit cards in the USA for morning coffee or a sandwich. And in the USA the retailer is charged ~3% on those transactions (higher and upto 5% if using AmEx).
I really doubt any but the true believers assume that bitcoins will replace something like US dollars, but it presumably was assumed to have advantages over international transactions (especially into different currencies). If it can’t do this (and it doesn’t look like it can), that doesn’t bode well for bitcoin. Don’t be too surprised if currencies designed to avoid the pitfalls of bitcoin can avoid this.
And I’m fairly sure nobody wants to hold a blockchain with every morning coffee and sandwich transaction clogging up the list.
(required) • August 5, 2018 1:27 PM
https://betanews.com/2018/08/01/do-not-install-the-latest-version-of-ccleaner/
Looks like Alejandro was right! The new version has been deprecated.
justinacolmena • August 5, 2018 2:07 PM
I believe that the Cold War was a DIRECT RESULT of NAZI infiltration of and reassembly within the U.S.A. … Operation Paperclip
Very much so. But the NAZIs also did the exact same thing behind the Iron Curtain where they cloaked their exact same totalitarian ideology in the Marxist language of a dictatorship of the proletariat.
But you have to rise above the “proles” in order to defeat that low-brow mentality of proletarianism.
Pvt. -> BASIC TRAINING -> Pfc.
That’s not good enough. Put in for a promotion and get some more rank. Up or out. That’s the “system,” at least in the Army, and in a certain sense, that’s the way it has to be. But they said, “I’ve got mine!” and they screwed it up so horribly for everybody else, that now they are paying for it with their fortunes and their lives. This stuff is not a joke, and it is not “fun” for the people who were at first thoughtlessly and then maliciously left out of the “system,” of which they must pay full fare but are denied the benefits of lawful aid and protection.
justinacolmena • August 5, 2018 2:18 PM
@wumpus
credit cards in the USA for morning coffee
It’s a service industry, Ma’am. Many towns are full of Starbucks and little “independent” drive-up coffee stands where you are hard pressed to drive off without being pulled over for Driving Under the Influence, because that local girl is dealing crystal meth and alcoholic syrups in the coffee, and there is a local cop on the take hiding around the corner.
Those credit card records sometimes come in handy in court in your defense.
PeaceHead • August 5, 2018 2:32 PM
@justinacolmena: Thanks for the reply. I noticed some info with a similar bit of revelation, and it makes sense. The NAZI’s hated both Russia and the other Allies, so they went after both sides of the Atlantic ocean. It makes sense that pushing both Allies into a Cold War against themselves what the NAZI’s wanted. It’s a “divide and conquer” technique.
They dumped fuel on the extremisms present in both cultures to exaccerbate the rupture and then kept on going while extracting the financial and technological results in terms of rocket and ICBM developments as well as continued research into torture and brainwashing and the limits of human metabolisms.
And the historical context fits perfectly because of how the Civil Rights movement was happening as a result of the ingested xenophobia and inherent racism of it.
Also, the rupture of the US Hippy Movement with the insinuation of cognitive-disruptive drugs also derailed the Anti-War Movement significantly (yet not entirely).
If you think about what an “Incapacitating Agent” is, that’s exactly what the NAZI’s did to much of our nation while our backs were turned.
But to be fair, I believe that behind the scenes there was significant resistance to the infiltrations, yet it has been partially censored for both good and bad reasons.
Imagine all the NAZI criminals allowed to freely destroy whomever and whatever they wanted while reaping huge financial benefits and awards and protection and how much they were probably laughing their asses off at the INSTIGATED WARFARE BETWEEN USA & RUSSIA, ETC.
I think possibly Japan got sucked into the brainwashing too. A good kindhearted and intellectual friend of mine from Japan told me that the Kamikazes were actually victims of scientific experimentation and forced to take methamphetamines to make them not afraid to commit suicide. It has only recently been published in the open that the NAZI’s were pushing methamphetamines back then. So possibly the Japanese culture was hijacked by mind-altering NAZI techniques also. Thank goodness it didn’t succeed entirely.
On a different note:
CAPTCHAs…
Why the hell are we using captchas to teach machines pattern recognition?
It’s a pretty insidious rick-roll to hold us hostage for a few moments while our systems get browsed in the background and we are stuck twiddling our thumbs to teach algorithms what cars, signs, and storefronts look like.
This is NOT security… it’s a traversal to install something we don’t need into our civilsation.
Look at the Scientific American articles about Self-Driving Vehicles: they are NOT safe in a myriad of different ways.
Have a good serious week.
Peace be with ya’all.
MarkH • August 5, 2018 2:47 PM
@Major:
I agree with you, that tastes and preferences are outside rational analysis.
Dr Krugman didn’t earn a Nobel because he’s too stupid to understand this concept. Neither he nor I give a rat’s a$$ whether anybody LIKES Bitcoin.
It’s common to make factual claims about cryptocurrencies. Those claims are not matters of preference, and are indeed subject to rational analysis.
The first (implicit) claim is that they are (actually or potentially) currency! I have explained the extremely grave problems with this claim on a recent thread.
You offer the interesting hypothesis, “the rabid anti-crypto folks are simply jealous of the returns other people are achieving.”
Rabid? Did you read Dr Krugman’s article? He asks a few simple questions, for which he has yet to see persuasive answers. That’s what academics do, duh.
But this hypothesis contains within it, one of cryptocurrencies’ fatal flaws: people have made spectacular returns, because these “currencies” are wildly unstable commodities.
People love to gamble: roulette, blackjack, Tulip bulbs, acres of useless desert. If it makes them happy, I say to them: knock yourselves out! It’s a form of recreation.
Currency? Not so much.
echo • August 5, 2018 3:19 PM
@Clive
I dislike the term “code cutter” and being compared to certified engineers. I am college educated as a software developer so have half a clue. I liked my code to be as simple as possible and readable and well commented and when exposed to the idea of industrial quality practices this gave me ambitions. Alas, my brain packed in and life got in the way. That said here is an article which highlights shared concerns about software development.
https://developers.slashdot.org/story/18/08/04/0258218/do-businesses-really-need-to-hire-cs-majors
https://www.cio.com/article/3293010/hiring-and-staffing/10-reasons-to-ignore-computer-science-degrees.html
PeaceHead • August 5, 2018 4:04 PM
Yeah, I realise I tend to correlate to some heavyduty stuff.
Here’s some security-related stuff that really ought to be 7+ Billion people’s business.
And it already is.
https://www.wagingpeace.org/sunflower-newsletter-august-2018/ (excellence)
https://www.thenation.com/article/prohibiting-nuclear-weapons-changed-world/ (hope)
https://www.publicintegrity.org/2018/07/16/21834/plutonium-missing-government-says-nothing (the silence is deafening)
http://www.icanw.org/campaign-news/yougov-poll-europeans-reject-us-nuclear-weapons-support-tpnw-nuclearba/ (we coulda told ya that)
https://actionnetwork.org/letters/war-should-be-an-impeachable-offense?source=direct_link& (actions speak louder than words)
https://www.noozhawk.com/article/minuteman_iii_missile_test_launch_from_vandenberg_afb_ends_in_failure (wow)
https://www.darpa.mil/program/restoring-active-memory (BRAIN IMPLANT NO THANKS; STEM NERVECELL REGENERATION INSTEAD)
My eyes are still on the horizon.
We have plenty to be concerned about.
Conciseness is difficult with so much on the brain.
I’ll try to go on extended vacation from this site beginning tomorrow.
There Will Be No Armageddon.
Ismar • August 5, 2018 5:36 PM
Thanks all for commenting on my question.
I still think that we need some sort of limit on the number and length of the posts.
Not picking on anybody but posting 10 times with half a book worth of text does little more than obfuscate an important nugget of knowledge elsewhere on the blog.
I would recommend that for longer entries consider writing your own blog (and providing a link to it here) .
justinacolmena • August 5, 2018 6:37 PM
@Peacehead
Psychiatry … can’t be fixed from the inside.
Very true. It is something forced upon a person from the outside. Just like an unwanted haircut or hair dye or tattoo or gauged-out body piercing or whatever.
Be warned. Psychiatrists are professionals. Pointing out anything negative about psychiatry will not help your employment prospects, credit score, school grades, professional exam results or continuing education in whatever line of work, police record, court cases, or college admissions prospects.
They are professionals, that’s the head, and they are the boss. Psychiatry is capo di tutti capi in the United States.
Oh and every one remember, illegal activities are still illegal even if you’ve been given a nod by an IC entity.
That’s where NSA inter alia split their legs. The left sort of goes toward FBI, ATF, DEA, etc. under the dead letter of the law of the statute, sort of smug about it, leaving “Constitutional law” up to the “higher” courts. The right goes a little more toward CIA, USMC, etc., with a little bit more “common sense” if you will, and a willingness to serve and apply the Constitution per se under “lawful orders” but somewhat losing that peacetime civilian jurisdiction, and shifting more over to a jurisdiction “in the Militia or in the land or naval forces, when in actual service in time of war or public danger.”
Land forces include the Army and the Air Force, whose aircraft mostly take off from land bases.
Naval forces include the Navy, Coast Guard, and Marine Corps. Waterborne aircraft carriers serve as mobile bases for aircraft.
The “Militia” is not nearly as easy to tie down as the courts would like it to be, and a direct military chain of command is not always “available.” The courts have tried to exclude women by defining the militia as men only, but women have fought as far back as the Revolutionary and Civil Wars despite the refusal of the courts to recognize their part in the Militia. The male-only Selective Service System is really a fraud and a cheap take-off from the entire concept of “the Militia.” It’s a government bureaucrats’ computer database, and not particularly secure against foreign and domestic enemy attack and misuse at that.
PeaceHead • August 5, 2018 6:39 PM
@all: This is still a very excellent read related to both security and the BIGGER CONTEXT phenomenologicALLY of what it is to struggle against anything whatsoever.
https://intelligence.org/2017/11/25/security-mindset-ordinary-paranoia/
@Ismar,
Sorry for being a classic example of your legitimate concern.
I will self-limit within this post.
Nevertheless, a search function and/or filter system might be more practical.
Some ideas are just more prone to length than others. And not everyonen is in a position in terms of security and/or resources to have their own blog. But your point is still valid in terms of the need to be able to find data.
But that’s what search functions are good at. That’s what a card catalog is for; the dewey decimal system is also for that. Practical solutions already exist. If there were a client-side filtration system, people could filter out all posts by Name or URL etc. But rather than implementing censorship, it would be a display filter. That way, people who do want such and such contents wouldn’t lose access to that content due to someone else’s legitimate preferences and vica versa.
Last but not least, in terms of literal realtime online and offline secure communication techniques, some communicators depend upon the material of others to provide shelter/habitat and/or “chaff” for their adjacent or linked conversations. Like everything else on the internet, it’s a data ecosystem.
One person’s flood is another person’s oasis in a vast desert.
But yeah, I agree with the shared concern even as a classic example. Therefore this is my last post for a long period of time.
And the measurement of dataflow is a complex calculus topic more easily perceived in terms of waveforms. My sum (or root-mean-sum) average output of posts in terms of characters per minute or hour or day or week or month or year will go down as I take a long break. I may say a lot this week, but for a cluster of weeks or months I might not say much at all, or I might quit permanenty.
I don’t want to create a “denial of service” phenomenon for this site. So we are mostly in agreement. Also, I understand that too much activity on this site might attract the wrong people at times. So by guaranteeing my own exit, those wishing to interact with my data will be guaranteed an interruption.
Nevertheless, more activity for this site might bring some extremely good results in some ways also. And last but not least, millions of people if not more could be reading this site on a regular basis. There’s not much difference between that and posting on this site. Millions of people could be posting and the sum results of several posters would have the same effect as a few long posts, only worse. So there’s a little bit of a logical fallacy implied there. As long as this site doesn’t require registration and/or some type of gateway access, it’s public domain as far as I can tell.
Good luck and don’t be afraid to read comments and articles from previous days and weeks and months and years.
Most browsers have a keyword text search function independent of file server queries.
And yet civility ought to prevail. And thus I concede, politely yet not while surrendering logic and reasoning.
https://intelligence.org/2017/11/25/security-mindset-ordinary-paranoia/
Take care.
I hereby put myself on leave of this site for a month.
PEACEFUL COEXISTENCE IS WELCOME AT ALL TIMES.
JG4 • August 5, 2018 8:09 PM
Thanks again for the discussion of polyfluorinated toxins. That article confirmed one of my suspicions about polychlorinated biphenyls, which probably are nearly as widespread. A couple more bumper crops of unintended consequences on the old blue marble of entropy maximization. Their entropy maximization is not your entropy maximization.
Polytetrafluorethylene (PTFE, the first Teflon) played a key role in the gas diffusion program, as it is one of the few materials that tolerates metal hexafluorides. I may have stopped short of calling the atomic weapons program a deal with the devil, but it is going to take many more decades to clean up. I think that this is the only time that I’ve mentioned perflorinated chemicals here:
https://www.schneier.com/blog/archives/2018/05/friday_squid_bl_623.html#c6775096
a few more links that I have handy
Chemical Linked to Thyroid Disease
http://www.laboratoryequipment.com/News-chemical-linked-to-thyroid-disease-012210.aspx?xmlmenuid=51
January 22, 2010
A study published 21 January 2010 ahead of print in the peer-reviewed journal Environmental Health Perspectives (EHP) for the first time links thyroid disease with human exposure to perfluorooctanoic acid (PFOA), a persistent organic chemical used in industrial and consumer goods, including nonstick cookware and stain- and water-resistant coatings for carpets and fabrics.
…
Study: Probable Link Between Teflon Chemical And Cancer
http://www.manufacturing.net/news/2012/04/study-probable-link-between-teflon-chemical-and-cancer
Mon, 04/16/2012 – 1:13pm John Raby, Associated Press
CHARLESTON, W.Va. (AP) — Mid-Ohio Valley residents who settled a lawsuit will be eligible for medical monitoring programs after a science panel concluded a probable link exists between exposure to a chemical used by a DuPont plant in West Virginia and testicular and kidney cancers, attorneys for the residents said Monday.
…
Nine toxic chemicals join banned ‘dirty dozen’: UN agency
http://www.google.com/hostednews/afp/article/ALeqM5gpklpS1FaKZ8aJ35l2qYV5carI_g
(AFP) – Aug 26, 2010
…
A chemical incorporated in some plastics, perfluorooctane sulfonic
acid, was also restricted, with exemptions in making flat screens,
computer semiconductors and for some types of ant and termite control.
…
Plenty of interesting news in the daily compendium.
https://www.nakedcapitalism.com/2018/08/links-8-5-18.html
…
Special report: America’s greatest threat is a hurricane-force cyberattack Axios
Big Brother Is Watching You
Inside The Spinner: a real-life inception project FT. Holy moly!
Have you gained or lost weight? Congrats, TSA is now tracking you for suspicious activity. USA Today
The Women of WikiLeaks: Speaking Truth to Power Fair Observer (CL).
…
Herman • August 5, 2018 11:08 PM
Goodness me, with all the nazi-conspiracy-junk posts, this blog starts to resemble an invasion of mind snatchers. I know that you are not paranoid, if they really are after you, but please don’t stop taking your meds guys.
Tyrone • August 6, 2018 2:38 AM
@Herman: “an invasion of mind snatchers”. Indeed, it does. The issue already was highlighted in several comments in the “Commenting Policy for This Blog”. As it seems, it all is being tolerated / encouraged by the mods and by the man himself.
I remember a time (about 10 / 15 yrs ago) when “Schneier on Security” was great fun and highly relevant. Now, all I can say is “Relevance Lost”.
As long as those “mind snatchers” – as you call them – do not “infiltrate” “Krebs on Security” (which partially already is happening) or “Wilders Security Forum”, it is o.k. for me, though.
Yet, still a bit sad. But that’s the way of the world (le Zeitgeist). We still got the tech section of the NYT left… (Have they got one? I just read the WSJ.)
Please read the Fortnite CEOs MONUMENTAL decision to bypass the Google Play Store.
https://www.schneier.com/blog/archives/2018/08/friday_squid_bl_636.html#c6779470
The key finding (and easy solution) would fundamentally change in the smart phone market:
Action for GDPR enforcement: Android owners must select ‘Allow install from unknown sources’ I trust EpicGames far more than a corporation secretly working to censure citizens of China.
In essence Google is forcing consumers to only trust them (as they plop advertising in your face) over everyone else. To play fair, there must be a local whitelist where the owner explicitly grants trust. Sites not on the whitelist are blocked.
This one GDPR enforceable change would null and void Google’s forced binary data mining blobs in maps, browser, mail, services and Play Store.
Note: its up to the phones owner to decide which software gets installed [1]. Its also invalidates secret locked-in contracts with carriers and Android phone manufactures.
Android would then become FAIR and TRANSPARENT to consumers, carriers and corporations alike.
This GDPR type reasoning/finding/case for enforcement is probably the most important post I’ve ever written. The logic is airtight [2] with a common whitelist solution.
[1] Software cannot be installed which creates obstacles for the competition unless the owner explicitly understands and approves
[2] Because of fair play GDPR, I predict Google bolting from Android to a new generation (closed) OS. China already removed Google data-mining, now its the EU. American FTC last?
Note: A frequent tactic on forums is to spew out crap to obscure or dilute an important post or topic. These spammers don’t want you to read the jewel hidden within their muck. I for one relish discovering these hidden ulterior motives.
Clive Robinson • August 6, 2018 8:53 AM
@ Tyrone,
I remember a time (about 10 / 15 yrs ago) when “Schneier on Security” was great fun and highly relevant. Now, all I can say is “Relevance Lost”.
Much has changed in that time, for instance the types of academic papers especially the CS ones realy are not that interesting. As for the industry it’s self, people are trying to spin things up to sell to those who apparently understand less.
For instance AI and Blockchains together, neither are of any real interest, and neither has much relevance to the other.
Thus I guess either trying to make another money bubble or trying to make one or both seem relevant these days. No doubt they will make money for a while as long as “buzzword investors” think they will get a return.
My advice, don’t invest in what you don’t understand, and as with all gambling never invest more than you can aford to throw away.
After all history has a habit of being able to predict the future, because of the basic nature of certain humans. As long as that behaviour does not change, and it realy does not show signs of change any time soon then if you have learned the lessons history gives then you can hopefully avoid the worst of it.
After all this saying has been around for some time and shows no signs of being obsolete,
Doctor Fraudenstein • August 6, 2018 11:24 AM
For the “Skeptics” :
It’s even directly admitted to now, not that such will be enough to convince the “true believers”
bttb • August 6, 2018 11:26 AM
@Ismar, 65535, Clive Robinson, CallMeLateforSupper, Peacehead
Amongst the reasons I post here:
1) I lean toward ‘trusting’ the host of this website
2) For a lightly moderated website, the usual suspects, and others, seem to do a pretty good job of keeping ‘bull sh?t’ and factual inaccuracies in check.
Ismar asked:
“But I have another question which is more metaphysical in a way and that is
What is the purpose of this Friday blog that mr Schneier so kindly let us use?”
and elsewhere Ismar a asked
“Can I ask then why most of the people that post here do so without providing their real names , although Bruce gives the space under his web site and under his real name ?”
Why do you ask those questions?
Later Ismar stated:
“Thanks all for commenting on my question.
I still think that we need some sort of limit on the number and length of the posts.
Not picking on anybody but posting 10 times with half a book worth of text does little more than obfuscate an important nugget of knowledge elsewhere on the blog.
I would recommend that for longer entries consider writing your own blog (and providing a link to it here) [emptywheel.net sometimes blocks long posts (it) telling posters to post a link to it elsewhere or post it on their own website.]”
Perhaps it is true that more speech, in general, is good relative to less speech. Of course, it may always be in the interest of some to ‘chill speech’.
Major • August 6, 2018 11:47 AM
@MarkH
I hadn’t read the Krugman earlier. I just skimmed it now. He really doesn’t seem to know much about cryptocurrency or he is unwilling to even examine the possible utility of things like the blockchain and smart contracts.
Winning a Nobel prize does not make one infallible. See Linus Pauling. See Obama and his peace prize etc.
The problem is that people who don’t like something have little reason to learn a lot about it. Krugman seems unaware of work in progress like Proof of Stake instead of Proof of Work.
When he gets to cash, which he likes as little as bitcoin, I think he tips his hand. He can’t imagine why anyone would use it except for illegal purposes. Once again he seems to have little curiosity whether he is jumping to conclusions here. What about people who just want to maintain personal privacy so their whole lifestyle does not end up on a credit report? Wanting privacy does not mean one is a criminal. Employers and landlords, for example, are free to discriminate against one for a whole raft of arbitrary things. Why help them? Besides that, my life is my own. I simply prefer to keep mine private. For example, this blog is the sum total of my social media presence and it is pseudonymous behind a VPN. Am I posting anything illegal? No. I simply don’t respect people who hang their dirty laundry in public, nor do I pursue others’ dirty laundry. I keep my privacy out of self respect.
So Herr Dr. Krugman does give me the willies. Perhaps it is my imagination, but he seems to be one of those bureaucrats that wish to run my life and won’t let anything interfere with that. HE is exactly one of the reasons I LIKE bitcoin and crypto.
Krugman makes me think of the mad CEO in The Circle by Eggers. The book. I doubt if the movie is as good. The book is becoming more and more true every day. “How dare somebody refuse to share the details of their life with the world? They must be a witch!! Oops, I mean a criminal.” Indeed. Quoth Giles Corey: “More Weight!!”
He says he is a crypto skeptic. Well so am I. There is a significant chance that cryptocurrencies will suddenly collapse or be regulated out of existence. If they cannot be adjusted so as to not require an untenable amount of energy they will rightfully disappear. As I say every time: I do not recommend putting any money you really need into cryptocurrency. I’d say there is at least a 5% chance annually of having it stolen or massively degraded in value.
But to me, this is like saying one should have been careful in the 1800s buying steam driven motor cars. I expect the technology will be improved and elaborated over time. But maybe it won’t.
I am totally uninterested in arguments whether I should like something based on whether a certain word applies to it or not. I don’t care whether crypto meets a certain definition of currency or not. It is what it is.
But I do appreciate your very civil and to the point response to my somewhat snarky post. Reasonable minds can disagree.
bttb • August 6, 2018 11:55 AM
ps. I could have included Herman, Tyrone, and others above.
On ‘FrontLine’ https://en.wikipedia.org/wiki/Frontline_(U.S._TV_series), public television, tomorrow, https://www.pbs.org/wgbh/frontline/film/documenting-hate-charlottesville (trailer included) :
“Documenting Hate: Charlottesville
August 7, 2018
FRONTLINE and ProPublica investigate the white supremacists and neo-Nazis involved in the 2017 Charlottesville rally.”
and
“In Documenting Hate: Charlottesville, FRONTLINE and ProPublica investigate the white supremacists and neo-Nazis involved in the 2017 Charlottesville Unite the Right rally. Our joint reporting has already shed new and troubling light on the events of August 11 and 12, 2017 — revealing that one participant in the violence, Vasillios Pistolis, was an active-duty Marine, and that another, Michael Miselis, worked for a major defense contractor and held a U.S. government security clearance. Now, correspondent A.C. Thompson goes even deeper, showing how some of those behind the racist violence nearly one year ago went unpunished and continued to operate around the country. This is the first in a series of two Documenting Hate films from FRONTLINE and ProPublica, with the second coming later this fall.”
also, regarding the same, https://www.npr.org/2018/08/02/634890750/in-the-wake-of-charlottesville-journalist-begins-documenting-hate-in-america :
“Race
In The Wake Of Charlottesville, Journalist Begins ‘Documenting Hate’ In America
Listen · 38:04
38:04
Download
Transcript
August 2, 20183:06 PM ET
Heard on Fresh Air
Dave Davies
Fresh Air
A.C. Thompson warns that white power groups in the U.S. increasingly view themselves as paramilitary organizations. His reporting is featured in a new FRONTLINE and ProPublica investigation.”
Major • August 6, 2018 12:17 PM
@Ismar
“Can I ask then why most of the people that post here do so without providing their real names […]”
If you have to ask this question I don’t see how you could possibly be READING the content of this blog.
You concern me. You seem to be trying to ruin one of the few remaining decent spaces on the web.
Since you want other people to explain themselves, I say: You first. Why are you here? Why do you want people to give their real names?
bttb • August 6, 2018 12:18 PM
@Doctor Fraudenstein
1) https://www.emptywheel.net/2018/08/05/trump-tweets-a-confession-then-sekulow-admits-his-client-has-been-lying-about-his-involvement/
2) https://www.emptywheel.net/2018/08/05/august-2016-when-paulies-panic-set-in/ ; Manafort’s panic
3) https://theintercept.com/2018/08/05/brazils-disastrous-2018-presidential-race-teaches-key-lesson-for-all-demagogues-thrive-only-when-establishments-fail/
Major • August 6, 2018 1:49 PM
@echo
“Our research suggests that if you want your employees to be worthy of trust,” says Levine, “make sure they feel personally responsible for their behavior and that they expect to feel guilty about wrongdoing.”
Or, transformed to another basis:
bttb • August 6, 2018 2:59 PM
@RG
You wrote: https://www.schneier.com/blog/archives/2018/07/friday_squid_bl_635.html#c6779347 :
“Author emptywheel’s article history has nothing nice to say about any Republican.”
I think, probably, that she is more nuanced than that. You might ask her who she might talk nice about or respect.
“The Lawfare site omits that her degree is in comparative literature.”
From https://twitter.com/emptywheel :
“Abundant tweets about civil liberties & national security. “Has a longer memory than an elephant & keeps more records than Jim Comey.” Legendary potty mouth [using bl?w job on MSM, afaik, a few years ago].”
[…]
You may also like · Refresh

Pwn All The Things
@pwnallthethings

Matthew Miller
Verified account
@matthewamiller

southpaw
@nycsouthpaw

jeremy scahill
Verified account
@jeremyscahill

Susan Hennessey
Verified account
@Susan_Hennessey”
Are there any Conservative or Republican leaning media sources, or articles, that you want to recommend?
65535 • August 6, 2018 3:11 PM
@ (required)
+1
“Looks like Alejandro was right! The new version has been deprecated.”-required
Yes, it does.
“Warning: DO NOT install the latest version of CCleaner [Updated] Published 5 days ago
‘In Avast’s short tenure, we’ve already seen CCleaner suffer from malware, bundled software, and pop-up ads. In my article headline I asked “what’s next?” Well, with a new version of CCleaner available to download, we now have the answer. Inevitably, it’s not good.”-betanews
https://betanews.com/2018/08/01/do-not-install-the-latest-version-of-ccleaner/
and
“…the latest version of the software, CCleaner 5.44, there’s an annoying popup Summer Sale message. It’s a one-time ad, although as Techdows points out, if you remove cookies set by CCleaner, you will see the messages again.”-betanews
https://betanews.com/2018/06/28/avast-ruining-ccleaner/
next
“Whenever you see an ad or popup like above, a cookie will be dropped on your computer and it will be whitelisted. This is the cookie we’re talking about: ipm-provider.ff.avast.com… Warning: The CCleaner promotional messages or ads can get worse if you remove the above the cookie or cookies set by CCleaner on your computer, you can notice these cookies under ‘Cookies to Keep’ section in Options > Cookies. If you’ve freshly installed a CCleaner, ensure you find this cookie below in cookies on Computer and select Keep…“Just be aware that if you clean these cookies you will see certain messages with much greater frequency than if the cookie was there. For this reason these cookies have been whitelisted by default.”-techdows
https://techdows.com/2018/06/ccleaner-popup-ads.html
I have no affiliation with the two products below. But, I cannot recommend these avast-pirifom ccleaner versions. I would use and older version of CClener or switch to Bleachbit [although Bleachbit is not a meticulous as the old CCleaner].
Dave Moore • August 6, 2018 3:12 PM
There is an area of corporate responsibility that is largely neglected, but represents one of the most pressing issues in the world today: the need to teach the underserved public-at-large how to be safe on the Internet.
We have $600 billion in cybercrime because effective education of the general public in Internet safety is virtually nonexistent. Society has not been taught how to avoid online scams. Internet criminals victimize millions of people every day, knowing they do not know how to defend themselves. To quote H.G. Wells, “Civilization is in a race between education and catastrophe.”
The Internet Safety Group is doing something about it TODAY. Nobody else is doing what we are doing: providing understandable, actionable, motivational LIVE Internet safety community training for everyone.
Please visit the Kickstarter page
Internet Safety Group Fight The Internet Bad Guys & Win!
And look. Consider. Contribute. Get involved. Share the word.
Thank you!
Dave Moore
vas pup • August 6, 2018 3:23 PM
What can defend against off-the-shelf drone weapons?
https://www.dw.com/en/what-can-defend-against-off-the-shelf-drone-weapons/a-44970742
Specialized companies such as the Kassel-based start-up company Dedrone , which cooperates with Deutsche Telekom, rely on electronic drone defense.
This first of all includes a sensor system that receives electronic radio data and monitors the airspace with video cameras. The system can detect drones entering a pre-defined airspace.
It identifies the flying objects via typical control commands that are transmitted to the drones by radio communication or mobile phone. It also immediately registers the drone type and construction. For example, the system can distinguish them from birds, flying kites or helicopters. The software automatically tracks the drone on a video image.
But the danger is not over as long as the drone is airborne. As a second step, authorities, such as police or judicial officers, can use a jamming transmitter with the aim of disabling the drone and forcing it to land. The German company H.P. Marketing und Consulting Wüst GmbH builds such systems.
Wüst specializes in mobile-phone suppression systems that can prevent prisoners from using smuggled mobile phones within prison walls. Following the same principle, the system can also prevent drones near the prison walls from being controlled by a smartphone and delivering packages to prisoners, for example.
The system is designed in such a way that only selected individual mobile-phone activities can be disrupted, meaning that activation does not paralyze all communication.
While the drone-detection technology is permanently installed in prisons, mobile systems are needed for major events such as football matches or public appearances by politicians at risk.
One such mobile antenna and camera system has been developed by Deutsche Telekom’s Magenta Security division. This also includes a portable jamming transmitter from Wüst. At a Deutsche Telekom workshop in 2017, a drone was put out of action to such an extent that it had to perform an emergency landing.
Another form of drone defense is offered by Skywall. One form of it is a shoulder-held shooting device that catapults a net toward the aircraft. Once the net is wrapped around the drone, it sails to the ground on a parachute.
For particularly endangered institutions, there is even a permanently installed rotating gun turret that can be mounted on the roof of a building. It can then target automatically detected enemy drones and capture them with the flying net.
And last but not least, various armies around the world rely on birds of prey to defend themselves against drones. The French air force, for example, is training eagles to fetch and retrieve drones in flight.
In the private sector, the Dutch company Guard from Above has developed animal-based drone control into a comprehensive business. The company is targeting military and police authorities around the world and works not only with eagles but with other birds of prey as well.”
Major • August 6, 2018 3:25 PM
@Dave Moore
I don’t know you but your post seems a bit like a scam to me. At best an ad. I don’t think it’s cool.
Many orgs and websites teach internet security. For free. Just like the War on Drugs, personal internet insecurity is a demand problem, not a problem of supply.
k15 • August 6, 2018 3:27 PM
Just venting here.
I continue to wonder why it is that I can think of simple measures that would enhance security of institutions but they can’t bother themselves to take such measures and be more secure.
bttb • August 6, 2018 3:32 PM
From@katecrawford: “Stunning: new rigorous evidence shows that wellness programs have NO significant impact. Apart from this: they massively increase the surveillance of workers, which we show here. @iajunwa @Lawgeek https://www.nytimes.com/2018/08/06/upshot/employer-wellness-programs-randomized-trials.html …” regarding a study from Illinois.
65535 • August 6, 2018 3:56 PM
The EFF has made a small but meaningful win.
It appears tha the US Patent Office has been sealing documents and even the docket entries of filed documents to obscure from the public almost all aspects of a patent or Secret Patent so to speek. This may extent to certain civil and criminal cases. But, the EFF has won a policy change forcing most of those Secret Patents from being hidden.
[EFF]
“Recently, we filed an amicus brief at the PTAB in a case considering whether a patent owner can avoid review by claiming sovereign immunity. As part of our work in that case, we discovered that when documents are filed under seal at the PTAB there is no public docket entry. So, not only does the public not get to see the sealed document, it doesn’t even know that one has been filed.”-EFF
https://www.eff.org/deeplinks/2018/06/eff-still-fighting-public-access-patent-disputes
and
https://www.eff.org/files/2018/06/04/6-4-18_-_eff_letter_to_ptab_re_secret_docket_entries.pdf
[Techdirt]
“This fix [Change in policy-ed] follows on the heels of the other fixes by the Federal Circuit which force litigants to respect the presumption of openness. The Federal Circuit’s bar for sealing documents is likely the strictest in the federal court system: litigants have to file a separate motion if they want to seal more than 15 words in any filing, much less the filing itself. Hopefully, other federal courts will follow this lead and force litigants to show their work if they’re seeking to render a presumptively transparent process opaque.”-techdirt
This is clearly a step forward for the EFF.
Alyer Babtu • August 6, 2018 4:04 PM
Make war on commercial staples and hamstring/death of a thousand cuts your nation adversaries ?
bttb • August 6, 2018 4:06 PM
Regarding: the Trump administration’s decision to weaken automobile fuel efficiency requirements.
I hope that the majority of Generation X, Millenials, and Generation Z (and older people, too) might care enough to vote and to vote with Global Warming or their personal finances/security in mind.
1) https://www.wsj.com/articles/trump-administration-moves-to-ease-fuel-efficiency-rules-1533211200
2) https://www.npr.org/2018/08/03/635210936/administration-proposes-rolling-back-fuel-economy-standards
3) https://www.kpbs.org/news/2018/aug/02/white-house-proposal-rolls-back-fuel-economy/
4) https://money.cnn.com/2018/08/02/news/companies/fuel-economy-auto-industry-uncertainty/index.html
Alyer Babtu • August 6, 2018 4:10 PM
Don’t care what they say, I’m rolling my own security, with these as starting points:
https://mitpress.mit.edu/books/elements-computing-systems
https://spectrum.ieee.org/geek-life/hands-on/explore-the-guts-of-computing-with-arithmatics-s1au-kit
Unclear • August 6, 2018 4:14 PM
@Winter – Your quote : “Several times I have seen the sage advice to separate your personal opinions from your professional life. More specific, the advice was to use a pseudonym for expressing your personal opinions and reserve your real name for things that you do not mind ending up in an appendix of your resume.”
Agree, but I think people take this philosophy overboard, and automatically use a pseudonym in place of a name, or many pseudonyms in place of a name. On developer’s forums and code repos, this leads to fragmentation, where it can be unclear who is responsible for what. I’ve seen many instances of pseudonyms in source code copyright notices. I wonder if they really ever expect to get credit for their work? Also, I’m a little hesitant to trust the copyright in such cases.
I think it’s driven by fear (of exploit thieves, etc). When it get’s into ones soul so deep, maybe ones soul becomes anonymous.
Sed Contra • August 6, 2018 4:19 PM
@bttb et al re cars
Have there been any studies/attempts to estimate the effects of all the extra EM pollution that could result from a mass switch to electric vehicles ? What susceptibilities are out there ? I know I wouldn’t live under a power line, and I don’t think I’d drive an electric car without some understanding of it’s toxicity.
Martin • August 6, 2018 5:34 PM
CCleaner follow-up:
Here’s a couple of good articles outlining as to why to steer clear of CCleaner. Avast seems to have really screwed-up an otherwise credible utility that some folks found useful.
https://www.ghacks.net/2018/08/01/ccleaner-5-45-dont-install/
https://www.howtogeek.com/fyi/ccleaner-rolls-back-sketchy-update-promises-not-to-undo-user-preferences-in-future-version/
(required) • August 6, 2018 7:31 PM
@Martin
They’ve already gotten rid of 5.45, deprecated to .44 – I don’t know if that’s “early enough” –
But I’ve got old installers lying around from .35 and before that even. No issues.
Certainly none of this “can’t turn off update or monitoring” secret AVAST-crap in .45
Avast really needs to be shamed on that even after the fact. Completely ridiculous.
You don’t just buy up freeware utils and load them up with spyware, that’s… not done! (is it?)
MarkH • August 6, 2018 7:32 PM
@Major:
I appreciate your acknowledgement. I try, hopefully with some degree of success, to focus on verifiable fact and reasoning based on sound logic.
For me, opinions as such, and personal preferences (whether mine or others’) are generally irrelevant to this security blog.
As to the “Pauling Effect” … I have written in comments before, about the impressive phenomenon of how obviously smart people come to pants-cr@ppingly wrong conclusions, and then aerate them to the world as though they are Bestowing Great Wisdom.
As I was thinking about this depressing phenomenon, Linus Pauling was only one of numerous Very Famous Intellectuals who came to mind, as having smeared dirt over once-great reputations. A particularly painful example of a Nobel laureate who did so, was William Shockley [people who knew him at Bell Labs said “Bill lost his mind after his wife left him.”]
Though I have no general theory of how such geniuses turn themselves into morons, my unscientific observation is that usually, their departure from reality occurs:
a. when they are elderly;
b. when they pontificate on a subject far removed from their expertise; or often
c. both of the above
For the record, Krugman is in his early 60s, is still as sharp as a tack, and yes he has substantial professional expertise relating to currency.
He has gotten it painfully wrong when writing about politics, but that’s not his field. When it comes to economics, his assessments and predictions are mostly correct, and when he gets it wrong he freely admits his error.
He doesn’t claim to have deeply studied cryptocurrencies, and I certainly haven’t. He hasn’t announced the conclusion “they’re no damned good.” Instead, he poses the question, “what practical problem do they solve?”
The obvious answer, is facilitation of crime. Surely there are non-criminal reasons for needing privacy, and to the extent that “cryptocurrencies” are able to satisfy those needs, I expect them to continue … as a tiny fringe commodity, like in-game “money” for MMORPGs, which shows no signs of disappearing.
Actually, plenty of crypto-money enthusiasts have claimed that their novel stuff should and/or can supplant state-issued currencies. It’s an infantile pipe dream, and Krugman’s questioning is a response to it.
I’m indebted to you for introducing me to the concept of “proof of stake.” It looks to me, as though its practical effectiveness is not yet as settled question.
By the time it becomes the basis of a commodity as popular as Bitcoin, Dr Krugman will probably have revised his analysis of cryptocurrencies accordingly.
(required) • August 6, 2018 7:38 PM
Verizon is rolling out a new Virtual Private Network service called Safe Wi-Fi it developed in conjunction with McAfee. According to Verizon, the $4 per month service “protects your privacy and blocks ad tracking, creating a secure Wi-Fi connection anywhere in the world.”
But the company didn’t even write a privacy policy for the product: Verizon’s terms of service directs all of its VPN users to the general McAfee privacy policy governing all of its products. That policy, in turn, states that McAfee and Verizon have the right to collect an ocean of data on the end user, including carrier data, Bluetooth device IDs, mobile device ID, mobile advertising identifiers, MAC address, IMEI data, and more. The policy explicitly says that browsing history can be used to help target ads at you.
#Torches #Pitchforks
(required) • August 6, 2018 7:47 PM
@MarkH
Sure you’re talking about Krugman and not someone closer to home? (cough)
Also, economics in particular is more of an artful science than “hard logic” idealism.
There’s a lot of room to interpret based on externalized logic that is selectively baked-in.
An economy is a confluence of unrelated things bound together by arbitrary measurements of value.
Any economist who says his predictions are always borne out is selling seminars or something.
I don’t think you need to make it about his age though. Truculence comes in all age ranges.
justinacolmena • August 6, 2018 7:53 PM
@Ergo Sum, PeaceHead
SAVE THE BEES
No joke. I posted some pics of an actual beehive (= “colmena” in Spanish) right near the airport in Fairbanks, Alaska.
Thumbnails:
Full images:
The blue streaks on the hives are from de-icing chemicals and other runoff from the runways. These bees (or rather wasps?) themselves are black and white, rather than black and yellow. Some type of arctic wasp, perhaps: it gets terribly cold in the winter in Fairbanks, and many species of bees and wasps don’t survive.
I do see a few common honeybees in Fairbanks in the wild, but they always appear rather sickly, as if to have survived a massive winter die-off. There is also a large species of bumblebee, which seems to do a little better in such an environment.
I invite you to go politicking in Fairbanks city hall if you wish to save the bees, but I warn you, the State Troopers busted city hall in Nenana, the next town over to the west, and the usual city hall Mafia is in high political dudgeon and being hauled into Fairbanks North Star Borough Court, U.S. District Court, and even court martial on nearby military bases Ft. Wainwright and Eielson AFB. Guns are banned, and some of the Italian coal miners from Healy along with certain Russians who make a lot of money doing absolutely nothing in Delta Junction, are piling into the political/criminal fistfight, along with a pernicious child molestation ring in the North Pole area, where minor children under the age of 18 write letters to Santa Claus from all over the U.S. Go right ahead. Oh yeah. There’s a university in town, too. Go ahead. Save the bees.
bttb • August 6, 2018 7:53 PM
“Goldstone is right. He did what Aras Agalarov’s son told him to do, he set up a meeting by promising, “attorney, damaging information, Democrats, Hillary Clinton, useful to the Trumps.” That he did so via email is gravy. Because (as NYCSouthpaw noted), he clearly presented the offer to Don Jr in such a way that it would fulfill all the terms of the election law statute [1] prohibiting accepting something of value from a foreigner.
And Don Jr responded, joining a Conspiracy to Defraud the United States of its ability to enforce that election law.”
[1] w/o indentation (like (a)(1)(C) or (b)(2))
52 U.S. Code § 30121 – Contributions and donations by foreign nationals
(a) Prohibition It shall be unlawful for—
(1) a foreign national, directly or indirectly, to make—
(A) a contribution or donation of money or other thing of value, or to make an express or implied promise to make a contribution or donation, in connection with a Federal, State, or local election;
(B) a contribution or donation to a committee of a political party; or
(C) an expenditure, independent expenditure, or disbursement for an electioneering communication (within the meaning of section 30104(f)(3) of this title); or
(2) a person to solicit, accept, or receive a contribution or donation described in subparagraph (A) or (B) of paragraph (1) from a foreign national.
(b) “Foreign national” definedAs used in this section, the term “foreign national” means—
(1) a foreign principal, as such term is defined by section 611(b) of title 22, except that the term “foreign national” shall not include any individual who is a citizen of the United States; or
(2) an individual who is not a citizen of the United States or a national of the United States (as defined in section 1101(a)(22) of title 8) and who is not lawfully admitted for permanent residence, as defined by section 1101(a)(20) of title 8.
(Pub. L. 92–225, title III, § 319, formerly § 324, as added Pub. L. 94–283, title I, § 112(2), May 11, 1976, 90 Stat. 493; renumbered § 319, Pub. L. 96–187, title I, § 105(5), Jan. 8, 1980, 93 Stat. 1354; amended Pub. L. 107–155, title III, §§ 303, 317, Mar. 27, 2002, 116 Stat. 96, 109.)
LII has no control over and does not endorse any external Internet site that contains links to or references LII.”
justinacolmena • August 6, 2018 8:01 PM
@Simone
EUD Security Guidance: Ubuntu 18.04 LTS
Odd. Ubuntu doesn’t even enable SElinux.
Only avaiable on Fedora, AFAIK.
(required) • August 6, 2018 8:04 PM
“Actually, plenty of crypto-money enthusiasts have claimed that their novel stuff should and/or can supplant state-issued currencies. It’s an infantile pipe dream.”
You left that assertion undeveloped. Why would it be “infantile” to upgrade our notions of currency?
There are things about it that are boons/pitfalls comparatively but to say it has no upsides or potentially useful scenarios is more of a lack of imagination than a profundity of itself.
(required) • August 6, 2018 8:06 PM
@bttb
“That he did so via email is gravy.”
Delicious gravy. Not the kind you get in Federal prison.
bttb • August 6, 2018 8:22 PM
From ‘ANZAC Friend’: https://www.emptywheel.net/2018/08/06/goldstones-bare-facts-attorney-damaging-information-democrats-hillary-clinton-useful-to-the-trumps/#comment-745415 :
“OT: Not sure how credible The Hill is as I’m a little innocent but it has just published “Anonymous vows to take down, expose QAnon at
http://thehill.com/policy/technology/400526-anonymous-vows-to-take-down-expose-qanon
Seems social media/Apple etc are belatedly trying to do some damage control e.g Alex Jones…”
bttb • August 6, 2018 8:46 PM
From https://www.consumerreports.org/digital-payments/mobile-p2p-payment-services-review/ :
“Why Apple Pay Is the Highest-Rated Mobile P2P Payment Service
CR’s test-based ratings focus on data privacy and security, and tell you how well the services work…”
Peter and Sarah Zatko might have something to do with this, or other Consumer Reports’ related stuff ( https://cyber-itl.org )
65535 • August 6, 2018 10:51 PM
@ vas pup
“What can defend against off-the-shelf drone weapons?”
As you link there are electronic defenses and probably gun defenses. The other links in your linked story indicate that Venezuela President Maduro escaped a drone-bomb assassination attempt. I am not sure about the story so take it with a grain of salt so to speak.
Here is youtube video via telemundo of what looks like a DJI M600 drone supposedly carring a payload of C4 in the area of President Maduro but crashes before exploding.
https://www.youtube.com/embed/yMp6mS4nDlM
[see about 31 seconds into video]
The drone appears to be the DJI Matrice 600 hexicopter with no camera attached. The press said 2 or 3 DJI M600 drones carried about a kilo of c4 explosive each and 1 to 2 drones exploded and possibly the third was “shot down” crashing into an apartment building causing a fire and injuries to a child [some reports indicate fire fighters said a gas container actually exploded in an apartment unit – who knows]
Wired describes the drone and professional or enterprise level and having a cost of 4600+ USD.
“…only a professional needs a beast capable of carrying a 13-pound payload. The Matrice 600 features DJI’s new A3 flight controller, which can adjust its flight systems based on what it’s carrying. You can upgrade it with three GNSS GPS units for extra precision, or at least a little reassurance that it’s where it’s supposed to be.”
https://www.wired.com/2016/04/dji-m600-drone/
Here is an old Wikipedia entry on DJI drones [I think one may have crashed around the White House years ago].
https://en.wikipedia.org/wiki/DJI_(company)#Products
[new Wikipedia entry]
“2018 Caracas bombing
“On August 4, 2018, at least two drones detonated explosives near Avenida Bolívar in Caracas, where Nicolás Maduro, the President of Venezuela, was addressing the Bolivarian National Guard.] Maduro claimed he was targeted in an assassination attempt, though the cause and intention of the explosions is unknown…”-wikipedia
https://en.wikipedia.org/wiki/2018_Caracas_bombing
[picture of M600 drone in wikipedia]
https://en.wikipedia.org/wiki/File:2018_Caracas_drone_incidents_-_Nestor_Reverol.png
DJI Matrix pro 600
https://www.dji.com/matrice600-pro?site=brandsite&from=nav
DJI Matrix Enterprise 600 flying around power lines and supposedly inspecting said power lines.
Cost is about 4999 USD depending on accessories.
https://enterprise.dji.com/news/detail/eliminate-grid-downtime-with-drone-inspection
If there is any truth to the M600 drone attack on a head of state it is the first one of small off the shelf drone with a payload of C4 exploding and injuring people. I guess it had to happen sometime. Those electronic counter measures for drones could be very helpful.
Wesley Parish • August 7, 2018 2:04 AM
An interesting selection of goodies from Slashdot
Some reaction to the Strava revelations:
Defense personnel who aren’t in sensitive areas will be able to use the GPS applications if the commanders conclude they don’t present a risk. For example, troops exercising at major military bases around the country, such at Fort Hood in Texas or Norfolk Naval Station in Virginia, would likely be able to use the location software on their phones or fitness devices. Troops on missions in more sensitive locations, such as Syria, Iraq, Afghanistan or parts of Africa, meanwhile, would be restricted from using the devices or be required to turn off any location function.
This is actually a variant on disinformation tactics:
https://motherboard.vice.com/en_us/article/43p7dm/software-chaff-bugs-could-make-it-more-secure
“I also have a lot of friends who write exploits for a living, so I know how much work there is in between finding a bug and coming up with a reliable exploit – and it occurred to me that this was something we might be able to take advantage of,” he said. “People who can write exploits are rare, and their time is expensive, so if you can figure out how to waste it you can potentially have a great deterrent effect.”
Thanks to barely meaningful U.S. privacy rules, your ISP already has an absolute ocean of data on you, much of it collected whether you utilize a VPN or not. And thanks to cash-compromised lawmakers and terrible tech policy (from neutering said privacy rules to killing net neutrality), companies like Verizon are helping to effectively break the internet, placing the onus on consumers to somehow navigate a minefield of apathy and rampant data collection.
A bit of official conspiracy theory to help those whose own conspiracy theories never quite seem real, or “How My Political Leanings Ensured My Gullibility and Those of My Underlings”
https://techcrunch.com/2018/08/06/fcc-admits-it-was-never-actually-hacked/
The FCC has come clean on the fact that a purported hack of its comment system last year never actually took place, after a report from its inspector general found a lack of evidence supporting the idea. Chairman Ajit Pai blamed the former chief information officer and the Obama administration for providing “inaccurate information about this incident to me, my office, Congress, and the American people.”
Attribution, then data, folks. text without context is a pretext.
@Usual Suspects, Unusual Suspects
re: some of my previous statements
If you can’t take a joke, you shouldn’t have joined. Alexei Sayle’s song refers to a petrol pump, not a petrol pump attendant, so I figured out that people would be able to see the joke in it.
Which being interpreted means that spooks who elect to play silly-buggers with non-violent dissidents don’t know what they are letting themselves in for.
Wesley Parish • August 7, 2018 2:52 AM
ElReg as usual, has some doozies:
Security world to hit Las Vegas for a week of hacking, cracking, fun
https://www.theregister.co.uk/2018/08/04/black_hat_def_con_bsides_intro/
IBM, ATMs – WTF? Big Blue to probe cash machines, IoT, vehicles, etc in new security labs
https://www.theregister.co.uk/2018/08/06/ibm_atm_security_research/
(Finally, someone with big enough scope is getting into testing IoT and ATMs)
Battle lines drawn over US mass surveillance as senators probe NSA’s bonfire of phone records
https://www.theregister.co.uk/2018/08/06/us_spying_programs/
For example, they ask how the NSA can square a statement that its spying is “accurate, relevant, timely and complete” with its subsequent statement that it was “infeasible to identify and isolate properly produced data.” Either the system allows the NSA to identify data or it doesn’t, in which case, which is it?
From which we conclude that the NSA are suckers for the taste of their own toes. Dobro chut! Bon appetite!
Cracking the passwords of some WPA2 Wi-Fi networks just got easier
https://www.theregister.co.uk/2018/08/06/wpa2_wifi_pmkid_hashcat/
Jens Steube, creator of the open-source software, said the new technique, discovered by accident, would potentially allow someone to get all the information they need to brute force decrypt a Wi-Fi password, by snooping on a single data packet going over the air.
Hmm • August 7, 2018 3:10 AM
“Either the system allows the NSA to identify data or it doesn’t, in which case, which is it?”
Herman • August 7, 2018 3:30 AM
@ 65535 – A shotgun with bird shot would be pretty good defence against any kind of commercial toy drone.
Luzugas Fenyev-Baixar • August 7, 2018 5:00 AM
@65535
“…only a professional needs a beast”
There is absolutely no truth whatsoever to the rumor that the DJI Matrix 600 Drone was used to drop a FB-600 Dot Matrix Printer, even though this printer has been dropped from some inventories.
Clive Robinson • August 7, 2018 6:12 AM
@ Major,
The problem is that people who don’t like something have little reason to learn a lot about it.
It’s a little bit more complex than that.
The blockchain is a simple datastructure with an added data structure that adds a further property of immutability.
You could add a couple more sentances describing the simple data structure but most CS / ICTSec people should know those from their first higher academic education year.
Where things get interesting is the idea of “proof of work” being the integral process providing the property of immutability. Or one of a number of other algorithmic proofs with a one way or similar property. These are “application” related and whilst in a finite universe not infinate in variety certainly beyond the cognizance of most mortals.
Whilst I can say my view on economics differs quite widely from many peoples, I would by no means claim to be a “domain expert”. But does that or should that stop me or others more skilled in other domains, making comment on economics?
Personally I think it should not, otherwise we would drop into an Orwellian society, which history has shown is likely to be detrimental to the majority of citizens in that society, and the society it’s self, as at the very least it would stagnate.
But in the intrests of openness I personally find that the majority of current digital currancies are impractical in part because they conflate various seperate parts of what an economic value exchange token is all about.
The worst aspects of which are the length of time and the inefficiencies of actually making a normal world transaction, when compared to other things such as “pocket change”, debit and credit cards.
bttb • August 7, 2018 6:50 AM
USG Manafort exhibits in the ongoing Eastern District of Virginia (Federal) trial:
https://cryptome.org/2018/07/manafort-189.pdf (pdf; 23 pages- single spaced line items)
MarkH • August 7, 2018 7:11 AM
@(required):
Some misunderstanding, it would seem.
“Any economist who says his predictions are always borne out is selling seminars or something.”
Perhaps, but irrelevant to Krugman, who (a) doesn’t say any such thing, and (b) points out what he has gotten wrong.
“I don’t think you need to make it about his age though.”
I mentioned his age only to indicate that he isn’t elderly, like many of the distinguished academics who have discredited themselves by insisting on preposterous notions.
“economics in particular is more of an artful science than ‘hard logic’ idealism.”
I don’t pretend to know economics, but some economists (like Krugman) have made numbers of public predictions based on their models which were borne out in fact, and consider the success of those predictions as confirmation of the models.
To my mind, that’s a good scientific process.
As a “boy scientist,” I reject argument from authority. I don’t say, “this is right because this famous smart guy said so.”
I pointed out that the man is a serious domain expert, and there’s no sign that his reasoning is tainted by senility.
I wrote “infantile pipe dream” about “cryptocurrencies” (which are neither cryptography nor currency) replacing fiat currency, because it’s a project headed nowhere.
I suppose that Bitcoin and its cognates have some future. But as state currencies? Maybe in some small or poverty-stricken land; but for states with strong economies, probably never.
I understand that some folks want the privacy. But they are some fraction the user community. Do states themselves have an interest in such privacy? I would suggest, that their interest is rather the opposite.
If you can force a state to give up its currency in favor of some naive libertarian project, well congratulations.
If you can’t force such an adoption, then the case would have to be made that Bitcoin (or whatever) is better than what they already have … which gets back to the questions Dr Krugman is asking.
By the way, Krugman wrote his piece because he was on his way to some conference about cryptocurrencies, where he probably posed those same questions, and engaged in serious discussion with the proponents.
Maybe he heard some persuasive answers. If so, I expect he’ll be writing about it.
JG4 • August 7, 2018 8:02 AM
Thanks for the generally good discussion.
@Clive – I’d like to see some comments on Leemon Baird’s hashgraph alternative to blockchain. The usual concurrency, integrity, availability tradespace has to apply to any distributed system. That’s really the service that banks (debit cards, ATMs, credit cards, checks, etc.) provide, and cash and other payment systems are just alternative tradespaces.
Facebook are working on being able to manipulate images of your grandparents in your dreams to get you to buy stuff and spend more time on Facebook. My quip below about the war on peasants reminded me of the war for the hearts and minds of the people being fought by the Five Horsemen of the Tech Apocalypse. You see the hapless victims stumbling down the street with their eyes fixed on tiny screens, worse when they are driving.
The daily compendium rarely disappoints.
https://www.nakedcapitalism.com/2018/08/links-8-7-18.html
…
Imperial Collapse Watch
The American Sea of Deception Truthdig (RR)
Codename Acor Sycamore – The Saudi-U.S.-Al-Qaeda Operation To Reconquer Canada Moon of Alabama (Kevin W)
Big Brother Is Watching You Watch
Facebook wants your banking information, too Quartz (Kevin W). Original story: Facebook to Banks: Give Us Your Data, We’ll Give You Our Users Wall Street Journal. Readers incensed, many threatened to dump their bank if it shared data.
…[the war on peasants ends with your thoughts being front-run by a superintelligence]
Heat and Humidity Slow Down High-Frequency Trading Due To Microwave Links Slashdot
…
bob • August 7, 2018 9:12 AM
@Herman
Shotgun? Great way to turn a toy drone into incendiary device. A few pellets through the lithium batteries and who knows where it’ll land or when it’ll burn.
echo • August 7, 2018 9:25 AM
Another security product arrived in the post today. I bought a keyring clip to carry a set of keys ebcause womne’s clothes don’t always have pockets and I don’t always want to carry my keys in my handbag. This is a keyring clip built for guys! The spring is stupidly stiff and I’m going to wreck my nails on this thing. Not only that but women’s fabrics are often a lot lighter and I don’t want this clip to tear a favourite skirt to shreds.
justinacolmena • August 7, 2018 10:04 AM
@@ MarkH, (required)
John Maynard Keynes, Paul Krugman, and company are political pundits, they get a lot of things wrong in basic economics, and they push an extreme left-wing communist political ideology which prevails to this day in the Federal Reserve, Social Security Administation, Department of Labor, etc.
Those of such ideologies who work in the government will stop at nothing to force their vicious policies over the American people, they do not hesitate to murder their opponents, and they have the money for murder-for-hire.
I myself have survived such lies, conspiracies, and attempts on my life that they have perpetrated, many times.
Anura • August 7, 2018 10:32 AM
@justinacolmena
John Maynard Keynes, Paul Krugman, and company are political pundits, they get a lot of things wrong in basic economics, and they push an extreme left-wing communist political ideology which prevails to this day in the Federal Reserve, Social Security Administation, Department of Labor, etc.
LMAO. Krugman supports the federal reserve, and a stateless, moneyless society!
Seriously, if you don’t care to understand what words mean, you should probably not use them.
echo • August 7, 2018 10:40 AM
@justinacolmena
Money is just a means of directing. If all the money in the world disappeared nothing would change. The sky would still be blue and the grass still be green and every atom in the universe would still be in the same place.
Society by definition is a collective effort. All Keynes said really is that as society succeeded promises would accumulate so that when the days of plenty were over that effort would be directed towards rebuilding instead of cutting our way out of a hole.
I personally object to the veneer of civility and reason concealing bureaucratic means of execution by stealth.
bttb • August 7, 2018 10:47 AM
I found this, among several other recent tweets, at https://twitter.com/snowden : https://www.icij.org/blog/2018/07/im-worried-that-we-will-run-out-of-sources-when-we-need-them-the-most/ :
“‘I’m worried that we will run out of sources when we need them the most’
Five years ago Edward Snowden landed in Russia after leaking classified U.S. documents that disclosed worldwide surveillance programs run by the National Security Agency. Süddeutsche Zeitung reporters and ICIJ [International Consortium of Investigative Journalists] members, Georg Mascolo, Frederik Obermaier and Bastian Obermayer sat down with him recently in Moscow for a rare and open conversation.
Süddeutsche Zeitung was the recipient of two massive leaks of documents that showed how the rich and powerful stash money out of the reach of tax collectors, as detailed in the International Consortium of Investigative Journalists’ Panama Papers and Paradise Papers investigations. Obermaier and Obermayer are at work on a book on the rise and fall of whistleblowers.
Mr. Snowden, many people want to know: Can you move freely? Can you use public transport, for example?
Yes, I can. I ride the metro….”
bttb • August 7, 2018 10:53 AM
“World
In Paul Manafort’s Trial, a Cyprus Bank Is a Cooperating Witness
A haven for secrecy becomes the key source of evidence on the ex-Trump campaign chairman […]
NICOSIA, Cyprus—The biggest bank on this island was at the tail end of a purge of its riskiest customers—from arms traders to online casinos—when its computers started combing the books to check on an American who was attracting more public attention: Paul Manafort.
It was 2015, and the future chairman of the Donald Trump presidential campaign was still a low-profile, high-earning adviser to heads of state from Eastern Europe to Central Africa. For eight years, he had banked at this small island nation, which had a big reputation…”
Major • August 7, 2018 11:31 AM
@Clive @MarkH
“The blockchain is a simple datastructure with an added data structure that adds a further property of immutability.”
The blockchain has other important attributes besides being a data structure and its immutability. Most importantly, it is decentralized, owned and stored by all significant users (Some users can interface through another user who has the blockchain.) It is thereby resistant to interference.
The public nature of the blockchain offers a transparency that we see less and less of in governments and corporations.
There are limited (non-Turing complete) languages designed for event driven operation on blockchains, providing relatively secure implementation of things like smart contracts.
Proof of Stake approaches have great potential in general, the idea being that it is more rational to trust people who have a stake in a collaboration, who have something to lose. I can imagine this approach being applied to offset many “tragedy of the commons” type situations throughout our societies. It also answers the question of what supports cryptocurrencies: People who have a stake in them will act to preserve their value. I don’t see the difference from fiat currency. They are not risk free either: This last year we have seen fiat currency instruments made valueless by government fiat or reduced in value by orders of magnitude. The dollar is valuable simply because a lot of people have invested in it and have a stake in preserving its value. If foreign countries refused dollars (insisted in payment in euros or yuan), the value of the dollar would rapidly decline. The fact that many countries hold US treasuries is the linchpin of the dollar’s value.
I don’t know that we that disagree on the particulars. To me crypto is an interesting idea in its early development, one that facilitates other interesting ideas, like Decentralized Autonomous Corporations, which would allow AI agents to effectively operate as individuals in the world. I have done AI research most of my life, (my genetic programming system is running on a supercomputer next door), and these possibilities intrigue me (and concern me).
It is a new and developing technology. It is premature to discard it. And really unnecessary. If you don’t like cryptocurrencies you are free to not use them. However, everybody has opinions, and certainly is free to share them, even if I think them premature.
Private currency has been in use throughout human history, usually when there is a lack of public currency or the public currency has been debased or is in danger of debasement. It is simply an option.
I like options and I distrust people who want to reduce my options. I think the fear mongering about criminals is absurd when many countries are run by apparent criminals, and corruption is rampant and has basically been legalized in the US political system. The big criminals are always wary of any activity from which they cannot demand a cut.
Anura • August 7, 2018 12:10 PM
@Major
My problem with cryptocurrencies is that instead of understanding the problems of Fiat currency in our economy today, most cryptocurrency enthusiasts simply declare inflation in and of itself to be the problem. Bitcoin is then built around the idea that if inflation is bad that deflation must be good (which only makes sense if you think about economics from the perspective of the person who has enough money to keep it in the bank).
What they fail to do is ask things like “Why should I be able to get richer by simply holding onto coins and not spending or investing?” and “How does the ability to increase wealth without engaging in any productive activity affect the economy?” and “What are the advantages of inflation?” or “What are the disadvantages of deflation?” or “What externalities are involved?”
You mention transparency, and that’s great, but the vast majority of people are not going to be using bitcoin “correctly” to stay anonymous, so a blockchain-based currency on a large scale will be a nightmare. Are there not better ways to engage in transparency? Why not just have institutional transparency, and require banks to disclose their cash assets and interbank transfers?
Because there is a failure to actually do the work necessary to figure out what is best for the economy, we are ending up with a mess of highly inefficient currencies, which have the same problem as Fiat currencies: we are democratically deciding how much inflation/deflation there should be, instead of asking whether there is a self-regulating way to implement currency without a federal reserve.
We’re diving into this whole thing head-first, and what we end up with is a massive energy bill for managing a currency that is primarily used for speculation. This is not productive activity, and it’s actually harmful to many people.
Charles Penn • August 7, 2018 12:41 PM
I got a question: Something is nagging me; I forgot the name of a specific effect. Perhaps somebody does know the name of that effect.
The situation happens when police or authorities delay the release of information about the identity of a person who committed a crime. In such a situation, the public might start second-guessing the identity of the perpetrator.
There is a specific name for the above situation. It is called the … effect. Unfortunately, I forgot the exact name. (It is not the Streisand effect, btw.)
Thank you for your help.
vas pup • August 7, 2018 12:43 PM
@65535 • August 6, 2018 10:51 PM
Thank you for your input and links.
I just hope that event with Maduro could trigger system (!) of measures to prevent same in a future.
Major • August 7, 2018 1:01 PM
@Anura
Cryptocurrency gets all the attention when these questions could be asked of all sorts of non mandatory energy expenditures. Nobody has actual figures on real energy usage anyhow. The numbers are simply assumed by people who have already decided on their position.
Crypto folk are aware of the energy problem and developing solutions simply because it is in their interest to do so. Junior authoritarians are not required.
Why do people assume that they can fix economic issues that have persisted throughout history if only they were given authoritarian powers? It has never worked. Maybe the solution isn’t the point. The power is.
Can you answer the questions you posed? If not, when will the answers be ready? Oh, somebody else should do it, simply under your direction? What a surprise.
CallMeLateForSupper • August 7, 2018 1:06 PM
“A Horrifically Bad Idea”: Smartphone Voting Is Coming, Just in Time for the Midterms”
A Boston-based start-up promises to let West Virginians vote via app. Critics call it “the Theranos of voting.”
https://www.vanityfair.com/news/2018/08/smartphone-voting-is-coming-just-in-time-for-midterms-voatz
The only sorta-bright spot I see here is that the only participants will be WV military folk stationed without CONUS. Which is to say, only a fraction of “Trump country” folk.
We have not figured out how to secure much of anything electronic, yet an upstart start-up plans to just “roll out” a voting app (apps are 100% secure by their nature, of course) and rake in the moo-la. Having the app independently scrutinized and tested ahead of time is unnecessary, a waste of time. Just go for it! Inject it into a national election. What could go wrong?
We keep making the same mistakes.
echo • August 7, 2018 1:18 PM
This kind of article is an equivalent of why I am digging my heels in over a trivial one page document I needed a lawyer to countersign. While not as graphicly unreasonable and discriminating, policies and behaviour and interpretations can have a large ripple effect. I may not personally be at a realistic degree of risk but it is the principle of the thing. Unless a lawyer (or the legal industry) is challenged on a small thing, ditto retailers and other venues, the protections may not be there when they are really needed.
I have raised the issue of mistreatment of the homeless with my own clients as a conevrsation topic. While they may have been humouring me not one single client blamed the homeless.
Homelessness is rising in austerity Britain: it has increased by 169% since 2010. Homeless people are significantly more likely to suffer from mental distress, and up to a quarter of the young homeless population are LGBTQ, many rejected by their family. The experience of rough sleepers can be unspeakably grim. More than a third have had objects thrown at them; nearly one in 10 have been urinated on; nearly half have been intimidated or threatened with violence.
[…]
The Wetherspoons incident shows us what neoliberalism does: it makes us believe that social problems are not the inevitable defects of an unjust society, but the results of moral and personal failings, of the individual’s bad decisions. And that is why it is those who suffer the most brutal consequences of a rotten social order who are the most victimised. They are not even permitted to have a sit-down breakfast.
Anura • August 7, 2018 1:29 PM
@Major
I’m a market socialist and an anarchist; I’m not proposing any authoritarian solutions, just that we understand the problems we are trying to solve before we start implementing solutions.
Cryptocurrency gets all the attention when these questions could be asked of all sorts of non mandatory energy expenditures. Nobody has actual figures on real energy usage anyhow. The numbers are simply assumed by people who have already decided on their position.
Doesn’t matter if you have the raw numbers; proof of work is a necessarily expensive process, and that overhead hits every single economic transaction, and has externalities that result in even more problems. You can’t just dismiss problems like economic cost when the security of the currency is based on overhead cost itself.
Crypto folk are aware of the energy problem and developing solutions simply because it is in their interest to do so. Junior authoritarians are not required.
When your economy becomes dependent on a currency, people can’t choose not to use it. You are advocating for replacing a democratic system with a plutocratic system, and declaring the plutocratic system to be non-authroitarian and the democratic system to be authoritarian. This is just a lazy argument.
Can you answer the questions you posed? If not, when will the answers be ready? Oh, somebody else should do it, simply under your direction? What a surprise.
If you are going to advocate for deflation, then those are the most basic questions that you need to be capable of answering; I’m not arguing in favor of either. The point is that the people who are actually creating these coins and advocating for these coins are not actually doing economic analysis necessary.
echo • August 7, 2018 3:30 PM
This article on the mining of quartz for use in chip manufacture contains a few comments on site secutiry scattered throughout the article plus heavy handed big corporate legal threats and the consequences.
https://www.wired.com/story/book-excerpt-science-of-ultra-pure-silicon/
Major • August 7, 2018 3:34 PM
@Anura
I’m concerned with the real world. Some people might be advocating for crypto to replace national currencies, but I don’t expect that, barring improvements in crypto that make national currencies so much less useful than crypto that they die off themselves. It seems unlikely.
Proof of work self limits the usage of crypto. The model will change or crypto will simply die off. I wrote more on this above.
The world is full of inequity. But overall quality of life is improving. I think this is worth protecting. It could be worse. A lot worse. I used to be pro Sandinista. Look at Ortega today. Or Venezuela.
I’ve worked in NGOs. I had almost diplomatic level power that I in no way earned. And I never saw a charity that was not rife with self dealing. The privileged dogooders invariably decide that they deserve a salary and lifestyle orders of magnitude beyond what locals are paid and provided.
Markets are unfair, just less unfair than the alternatives.
Pro note: If you want to help with money, give the money directly to the recipients or their cut will be five percent. The stats given by charities for percentage spent on program vs overhead don’t mean anything.
Anura • August 7, 2018 4:23 PM
@Major
The only real-world problem that cryptocurrencies solve is the ability for a seller to accept money without the need to trust the buyer, but it doesn’t allow the buyer to trust the seller.
The thing is, this isn’t a problem we really need to solve – we already have payment providers that sellers trust without the need for a public ledger, and we could design protocols that allow people to make purchases through trusted organizations without a central authority, and without the need for you to even disclose shipping information to sellers themselves. It can even be far more decentralized than cryptocurrencies (which is really a centralized system with decentralized storage), and provide much more practical anonymity to most users.
65535 • August 7, 2018 5:00 PM
@ vas pup
“Thank you for your input and links. I just hope that event with Maduro could trigger system (!) of measures to prevent same in a future.”
Thanks, but you were the one who presented the links about the drone-bomb attack on President Maduro. If the story is true it increasing the number of attack vectors on top politicians and others.
@ Herman and bob
“A shotgun with bird shot would be pretty good defence against any kind of commercial toy drone.”-Herman
That is an idea.
“Shotgun? Great way to turn a toy drone into incendiary device. A few pellets through the lithium batteries”-bob
I never thought of that. But, if the C4 explodes would not that also ignite the lithium batteries? Now, you will have a high explosive incendiary device or some explosion and fire. I am not sure. That is not my area.
Next to cryptocurrencies-
@ Clive Robinson, Major, MarkH, and others
“The blockchain is a simple datastructure with an added data structure that adds a further property of immutability.”-Clive R
I can agree with that.
“The blockchain has other important attributes besides being a data structure and its immutability. Most importantly, it is decentralized, owned and stored by all significant users (Some users can interface through another user who has the blockchain.) It is thereby resistant to interference. The public nature of the blockchain offers a transparency that we see less and less of in governments and corporations.”-Major
That is probably the also true to some extent.
I don’t see a lot of problems with blockchain style of currencies and the mathematics behind them. I see a lot of quasi side-channel attacks. People are trusting “smartphones” to make Bitcoin transaction and the smartphone is getting scammed.
See Krebs on Security:
“Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims… vestigators allege Handschumacher was part of a group of at least nine individuals scattered across multiple states who for the past two years have drained bank accounts via an increasingly common scheme involving mobile phone “SIM swaps.”… other instances, mobile store employees work directly with cyber criminals to help conduct unauthorized SIM swaps… Sherrif’s office says their surveillance of the Discord server revealed that the group routinely paid employees at cellular phone companies to assist in their attacks, and that they even discussed a plan to hack accounts belonging to the CEO of cryptocurrency exchange Gemini Trust Company. The complaint doesn’t mention the CEO by name, but the current CEO is bitcoin billionaire Tyler Winklevoss, who co-founded the exchange… Court documents state that the group used Coinbase.com and multiple other cryptocurrency exchanges to launder the proceeds of their thefts in a bid to obfuscate the source of the stolen funds. Subpoenas to Coinbase revealed Handschumacher had a total of 82 bitcoins sold from or sent to his account, and that virtually all of the funds were received via outside sources [6800 USD X 82 = 557,000 USD].
https://krebsonsecurity.com/2018/08/florida-man-arrested-in-sim-swap-conspiracy/
I note that an inside guy at the T-mobile was a key player in the sim swap scame. I have suspected insiders in several other scams.
Yet, I am not surprised to see a number of wealthly people in the Bitcoin game such as Tyler Winklevoss who sued Facebook for supposedly stealing his source code. These billionaires tend to increase the value of the finite set of Bitcoins in circulation.
“Tyler Howard Winklevoss (born August 21, 1981) is an American rower, entrepreneur, and founder of Winklevoss Capital Management… In 2004, the Winklevoss brothers sued Mark Zuckerberg for $65 million, claiming he stole their ConnectU idea to create the much more popular social networking service site Facebook…”- Wikipedia
https://en.wikipedia.org/wiki/Tyler_Winklevoss
“Gemini Trust Company, LLC (Gemini) is a digital currency exchange and custodian that allows customers to buy, sell, and store digital assets. Gemini is a New York trust company that is regulated by the New York State Department of Financial Services. Gemini was founded in 2014, by Cameron and Tyler Winklevoss… Gemini became the world’s first licensed ether exchange. In May 2018, it was announced that Gemini had become the world’s first Zcash exchange. Currently, it operates in the United States, Canada, the United Kingdom, South Korea, Hong Kong, and Singapore.[6] In May 2018, it was announced that Gemini had become the world’s first licensed Zcash exchange… Primary competitors include Coinbase, Binance, Bitstamp, and Kraken. All users are able to trade cryptocurrency and fiat currency on an open market…”-wikipedia
https://en.wikipedia.org/wiki/Gemini_(digital_currency_exchange)
I would guess that blockchain in and of itself, is not the weak point but, endpoint phones, Bitcoin excahages, and computers. Will cryptocurrencies work in the long run? I don’t know.
I see a lot of rich people investing in Bitcoin and a lot of scammers skimming Bitcoins is multiple ways. That always happens in a financial bubble. We shall see what happens with bitcoin.
Major • August 7, 2018 5:28 PM
@Anura
I’m not against alternatives to cryptocurrency. Have at it. Let us know when it is ready!! There seem to be plenty of anti-crypto folks who might be willing to lend a hand.
The only real-world problem that cryptocurrencies solve is the ability for a seller to accept money without the need to trust the buyer, but it doesn’t allow the buyer to trust the seller.
But before you start work on the alternative, make sure you understand what you are replacing. Smart contracts on the blockchain exactly address the trust problem. They provide a simplified escrow, and more. The limit is our imagination.
justinacolmena • August 7, 2018 5:52 PM
@@ Major, Anura
The only real-world problem that cryptocurrencies solve is the ability for a seller to accept money without the need to trust the buyer, but it doesn’t allow the buyer to trust the seller.
What’s going on? Trying to put in for Lieutenant Frog or Colonel Toad? We’re starting to get too much rank here.
What service or good is the customer buying, and who is to decide if it is provided satisfactorily? The automated railroad court-martial minus the attorneys is not the solution to this problem.
Anura • August 7, 2018 5:56 PM
@Major
But before you start work on the alternative, make sure you understand what you are replacing. Smart contracts on the blockchain exactly address the trust problem. They provide a simplified escrow, and more. The limit is our imagination.
Smart contracts are just code, and can’t verify receipt of physical goods. The escrow system just swaps the trust problem around, but doesn’t establish real trust between the two parties.
Unless everything is done digitally in a way that can be verified by the code, someone needs to trust someone. There are all sorts of other issues with smart contracts, ranging from the practical to the legal. The biggest problem in law is that the letter of the law does not match the intent; this is an impossible problem to solve, as language is just too unwieldy a tool. Law is really really complicated, and not something to be done by amateurs – not all contract terms are even legally enforceable, and this is going to be a problem.
I’m not against alternatives to cryptocurrency. Have at it. Let us know when it is ready!! There seem to be plenty of anti-crypto folks who might be willing to lend a hand.
I’ll take this to mean that you aren’t actually interested in understanding the issues, and are really just posting because you don’t like people criticizing cryptocurrency.
Anura • August 7, 2018 7:13 PM
@Anura
I’ll take this to mean that you aren’t actually interested in understanding the issues, and are really just posting because you don’t like people criticizing cryptocurrency.
What I really mean is: Put your money where your mouth is.
It is easy to criticize works in progress, which cryptocurrencies are. You are not making any unique observations. If you really care about the issue, make a contribution to its solution, or at least contribute a tractable question, not a demand for solutions to insoluble problems like absolute trust, or economic issues about weighing inflation vs deflation that probably are not answerable in an absolute sense.
It is not a crime to not know a lot about things that don’t interest you much. Some people, like @MarkH for example, can disagree constructively and recognize new information when they see it. Writing to you is in effect writing to them, people that actually can benefit from new information. Are you one of them? The jury is out so far.
What I wanted to communicate mostly is:
1) Cryptocurrencies are a work in progress and should be judged as a novel technology that is in the debugging stage. The movers and shakers are aware of the issues and are motivated to work on solutions. Don’t judge the actual progress of cryptocurrency by what some yahoos are saying on reddit or the spin of companies that want to preserve their transaction processing monopolies or spooks who want to track everything we do.
2) Proof of Stake is a powerful approach that mirrors how we trust non-digital currencies. People that have a stake in a currency are motivated to be good stewards and to not cause it to crash. If the majority of currency holders say a transaction is good that has a similar or possibly better reliability than letting those with the most on-network computing power make the decision, which is the end effect of Proof of Work.
Currency holders already have a private key that verifies their ownership. This can be used to support a stake based voting system. Proof of work is not a necessary component, and reasonable crypto folk do know that they cannot consume unlimited energy, and will apply solutions like this.
There are political considerations. Owners of massive mining equipment currently have the power and resist change. They may not come on board until a break-even point is reached. Perhaps a new rival coin has to give them a push. But just using more energy indefinitely will certainly destroy their investment, so change will come if crypto remains something people are invested in.
65535 • August 7, 2018 8:10 PM
@ Wesley Parish
I was reading your third link down about the NSA abusing its powers. Senators Ron Wyden (D-OR) and Rand Paul (R-KY) make a good argument. It is red-ling the dishonesty meter when the FISA court allows the NSA to target 40 people and pulls in 534,396,285 Call Data Records.
That is a half a billion records for just 40 targets or [534 million divided by 40 = 13,350.000] thirteen million Call Data Records per target. That is quite high.
Then, the NSA suddenly deletes said records with no explaination. I hope Wyden and Paul get the NSA under control. The NSA is not really under any control at this point.
https://www.theregister.co.uk/2018/08/06/us_spying_programs/
PDF of letter to NSA
https://regmedia.co.uk/2018/08/06/nsa-wyden-paul-section215.pdf
Nick P • August 7, 2018 8:13 PM
@ Clive Robinson
Hope you’ve been doing well. Missed you! Your summary of the blog changes are mostly accurate. I’ll add we had more experienced engineers and skilled amateurs here in the past swapping ideas in a relatively-low-noise environment. Many of them drifted off. The noise went through the roof. Lobste.rs is similar to the old environment. Although occasionally aggravating, there are good things coming out of there.
Leads me to counter the CompSci claim: there’s all kinds of really, neat stuff being done in CompSci, esp security. I submit piles of them to various sites, esp here. Especially on verification and security intersection. One development that’s especially interesting is a pile of work on automated verification of floating point code. One team is setting up their manual work to mostly simplify stuff for yet another automated pass rather than be fully manual. Another team was pulling stuff out of symbolic analyzers to feed with code into automated provers. And some others have wisely split verification of bit-twiddling code between (a) verifying straightforward version to assembly and (b) verifying bit equivalence. On hardware side, the Intel attacks brought forth many designs for mitigating timing channels. Fun times.
On cryptocurrency, David Gerard is probably slamming them in the most entertaining way as seen here. The proponents counters are weak. In this example, I point out they keep talking about financial system or Bitcoin in energy usage when it should be an and given cryptocurrencies parasite off current, financial system. I’m still pushing like in the thread with Chadski for centralized tech with decentralized checking of just what’s necessary to check. Better for efficiency, availability, security… everything. On financial side, I keep pushing your idea with credit to you about tying a financial instrument to multiple currencies and/or commodities to preserve stability of value for use as alt-currency. Either you or I posted a Bitcoin alternative here that actually did that (included carbon credits) but I can’t remember its darned name.
Anyway, after being quite annoyed by cryptocurrency craze, I switched gears to strongly advocate young, security engineers get into that stuff just to get money for formal verification and/or secure hardware. I know quite a few using startup money to build such tech that might be useful for their startup… or anyone else if it goes bankrupt. What’s unsurprising as ever is how these people wanting easily-verified contracts and stuff ignore proven tech like SPARK Ada for achieving their goal. Instead, they keep making stuff that’s even more dangerous or less capable. There’s definitely been interesting work but not really leveraging all we have. The company doing the KCC compiler and no-false-positives analyzer for C already did a semantics for crypto contracts, too. Definitely a gold rush if anyone wants to start running in the same direction as the shouting masses with their shovels. 😉
MarkH • August 7, 2018 8:37 PM
@Major:
Did you accidentally reply to Anura using the name Anura?
Or was it an anonymized transaction?
🙂
Major • August 7, 2018 8:42 PM
@NickP
You guys were having some crazy discussions. I am no idiot and I have a good deal of experience and cool tech that I created, but I couldn’t really benefit from a lot of the discussion. You don’t seem like academics, but the depth of your knowledge in certain areas makes me assume you are academics or deep researchers.
I absorbed some, certainly. I do find that mere exposure seems to create knowledge in the background. I was a math major but I remember my friends talking about their compiler project and when I needed to write a compiler 25 years later, I knew how!
Let a hundred flowers bloom!! What’s up with the TPM? Last I remember it was impossible to penetrate, but know I’m getting hints of some sort of interface. That topic seems to touch on the old days.
Major • August 7, 2018 8:45 PM
@MarkH @Anura
Crap. My bad. Anura and Major are both me. I am just incredibly conflicted.
Just kidding!! Probably…
Thanks for the heads up Mark! Sorry Anura.
Alyer Babtu • August 7, 2018 10:18 PM
Apocalypse soon
https://www.theregister.co.uk/2018/08/07/facebook_banking_data/
GregW • August 7, 2018 10:33 PM
An interesting article on USG/DARPA using an old silicon foundry in the US for new technologies.
Besides what the article discusses, I wonder if 90nm makes for more inspectable silicon.
jdgalt • August 7, 2018 11:40 PM
On the heels of InfoWars being purged from Facebook, Youtube, Twitter, and Pinterest today, Facebook-owned WhatsApp has released a new version that limits the number of addresses you can send a message to. According to the announcement this is “to stop the spread of fake news”, though as we all know, InfoWars carries much more genuine news than the senders Facebook still allows.
So if you have WhatsApp installed and it wants to update itself, don’t let it.
I predict he is only the first of a huge raft of conservatives who will be purged if the law allows this outrage to stand unpunished. It will effectively be the end of the US as a free country.
I would like to join a petition to bring an antitrust case against these Internet giants for anticompetitive behavior. It may be the only way to stop this practice (as opposed to FCC regulation which the giants themselves will capture, as they always have).
Anura • August 8, 2018 12:26 AM
Alex Jones is a lying, violence inciting piece of shit; the idea that the government should force companies to carry right-wing propaganda is insane.
(required) • August 8, 2018 3:22 AM
@Mark
https://www.thenation.com/article/why-was-paul-krugman-so-wrong/
Note the date, this isn’t his first rough rodeo.
Let’s not pretend any economist has a perfect record nomatter how prolific.
echo • August 8, 2018 5:31 AM
@NickP
Be careful of elitism. You may be an expert in your fields. I am an expert in mine some of which are extremely difficult to articulate to a none specialist audience. Also don’t confuse a speciality with being the general rule. Security is a bigger topic than a piece of hardware or software.
@Anura
While Alex Jones primary market seems to be the US I’m fairly sure he has at least one eye on providing a platform and encouragement for EU based hard right agitators including the UK. There is legal precedent that makes him liable to UK courts. In the UK and mainland Europe “free speech” is a qualified right. I am more than happy to entertain ideas about how he can be extradited to the UK/EU and be held to account in a public court of law.
With regard to United Nations treaties I will join with EU policy makers (who are currently making a stand to uphold the Iranian nucleartreaty) and expect the US to be held to account for the export of hate speech.
Clive Robinson • August 8, 2018 5:31 AM
@ Major,
You don’t seem like academics, but the depth of your knowledge in certain areas makes me assume you are academics or deep researchers.
Some of us worked in academia at more than one point in our careers, some were quite senior in certain areas of industry, others were just starting out on engineering careers or their own businesses.
The point in common was “curiosityand the will to find answers”.
The thing is those who have done PhD level and above research can learn a lot from youngsters and their less age entrenched view points, also they ask questions others may have given up asking.
As I occasionalt point out when a young child asks a parent why the sky is blue and the clouds white, they potentially have a life time of working towards the answer and find much that is new along the way. Some will accept a simple answer, it’s the ones who don’t you want to foster their interest and nurture their curiosity, for it is thay that move society onwards, not the squabblers in their offices of government or corporate board room.
As I look back one of my few regrets is that I did not ask abd answer more questions.
@ Nick P,
I’m muddling along and have been putting my head back inside the lab again. My son is of an age where he can earn holiday money in a way where he can also learn about the design and manufacturing side of leading edge products for communications. Which hopefully will keep him interested through the less interesting but necessary foundations of engineering. Which I know will seem dull as he likes maths and is a bit further ahead than the rest of his cohort.
But the rest of the world is begining to catch up with what we have discussed over the years, thankfully now from the bottom as well as the top. So it’s time to go push a barrier or two,to break another path of interest for people to widen into something usefull in that near abyss between them that is the “here be dragons” middle ground, that we all know is the biggest of pachyderm’s in the room. Bigger than even the mastodon, but far from extinct, and begining to wake and rear it’s head in ways people did not want to talk about.
Oh a noticed a wry blog post the other day about why the computer languages of academia cause real problems in industry. But the author and I disagree on the value of “foundations” like abstract data structures and the like. He has great faith in commercial libraries and programers just needing “glue code” to bind them together. Experience has taught me that libraries especially closed commercial ones carry horrors of quite unimaginable proportions that produce as a minimum the “WTF were they thinking” response in those that all to frequently trip over them. Thus such horrors carry inordinantly large technical debt that grows to a positive power law with code reuse…
Even major use Open Source libraries have horrors that should never have been alowed. I can think immediatly of one crypto library that had side channels aplenty thanks to the NSA guidance of NIST. Which although remedied old versions of the library are still in many peoples build chains…
Similar issues arise with maths libraries and they are long over due having fixes. If you want to scare people tell them you think “dithering is a usefull feature” in a maths library”. Those that actually know the subject in depth will not be shocked, which leaves you with the finer points of an interesting conversation.
Mind you I still have trouble getting it over to some “new” programmers that it’s only positive unsigned integer mathmatics computers do naturally, thus they need to be aware of the consequences.
I’m hoping most of this will change now that FPGAs on CPUs is becoming an accepted idea. But I guess many will just “buy in libraries” and pay the price more than twice…
Alyer Babtu • August 8, 2018 5:46 AM
@Anura @Major @justinacolmena
In the exchanges, (monetary?) inflation and deflation seem to be referred to as if they were of the essence in discussing bitcoin and “regular” currency. Why should they be ? Inquiring minds want to know.
In regard to the meaning of big business, the Federal Reserve, socialism, Keynes/Krugman, you might find the book “Politics and Progress” by Dennis Mahoney interesting. It is about political science and politics primarily, but along the way provides a discussion of the origin of progressivism that seems to suggest these things are not so opposite as one might think.
Clive Robinson • August 8, 2018 5:47 AM
@ Anura,
Alex Jones is a lying, violence inciting piece of shit;
I realy should take exception to your statment, as being outrageously discriminatory. After all there are many pieces of shit that would be horified to be chucked in the same pile of crap as Alex Jones 😉
Wesley Parish • August 8, 2018 5:50 AM
The Mullah Nasrudin was alone in a strange city for the first time in ages, and he was worried that he might forget who he was. So he tied a balloon to his big toe when he lay down to sleep in the caravanserai, after first explaining to one of the other men in the bed next to him, that that was its purpose. The other man however, was a practical joker, and untied the balloon from the Mullah Nasrudin’s big toe and tied it to his own. He was awakened very early in the morning by a panicked Mullah Nasrudin, who thumped him to waken him. “If you are me,” he said in a panicked whisper, “then who am I?”
The Defense Department has produced the first tools for catching deepfakes
https://www.technologyreview.com/s/611726/the-defense-department-has-produced-the-first-tools-for-catching-deepfakes/
The arrival of these forensics tools may simply signal the beginning of an AI-powered arms race between video forgers and digital sleuths. A key problem, says Farid, is that machine-learning systems can be trained to outmaneuver forensics tools.
But of course. Arms races are endemic in nature and industry.
Clive Robinson • August 8, 2018 6:19 AM
@ Major,
The blockchain has other important attributes besides being a data structure and its immutability. Most importantly, it is decentralized, owned and stored by all significant users (Some users can interface through another user who has the blockchain.) It is thereby resistant to interference.
Err no.
You are confusing the attributes / properties of the structure, with the potential attributes / properties of an application using that structure.
To see why try and find the property of a blockchain structure that makes it “decentralized”. You will spend a long time looking quite fruitlessly.
It was a major part of the point I was making in my first comment I was making to you in this thread on the structure.
I could if I wished spend a little while and provide a logical or mathmatical description of the blockchain structure by which it could not only be reasoned avout but certain proofs derived.
However there is no way I could do the same for every possible use of the blockchain people might decide to use it for.
So whilst I can argue specifics about the blockchain structure, I can not do the same for all applications.
One of the things that often goes horribly wrong in security is “The leverage of arguments/proofs”. Whilst I can argue about the properties of the blockchain and any proofs that might arise, most do not hold when lifted up into an application. Whilst this might be due to lack of atomic operations in the app it can also be due to the incorrect sequence of operations on the structure.
One of the things I have spent a good deal of time thinking about over the last third of a century or so is the likes of “Bubbling up” and “Active EM” attacks. Few ever come across descriptions of them and way way less ever consider the consequences of them. Whilst not quite “as rare as hens teeth” the number of people in the open communities considering how to mitigate such attacks (because they can not currently be prevented) is quite small.
The reason for this lack of interest / thought in general is the old “lack of gain”. It’s why the problems with over optomised CPUs has been fallow ground for atleast a couple of decades, but now is suddenly fertile as researchers find prestige to be gained. Thus the first person to make profit from stealing digital currancy via a bubbling up or active EM attack will turn a new patch of fallow ground fertile.
echo • August 8, 2018 7:33 AM
These two videos neatly eplain how the security industry is a sexist boys club.
What do Spec Ops dudes carry every day? Every Day Carry (EDC) Pocket Dump
https://www.youtube.com/watch?v=IgdLAXPxz7w
Dene Adams Concealed Carry Corsets: Purses Are For Lipstick
https://www.youtube.com/watch?v=UEC8t0L2Uy4
Alyer Babtu • August 8, 2018 8:11 AM
@echo
security industry
The interview/hiring scenes early in Kurosawa’s Seven Samurai provide another, practically and psychologically instructive, take on “Every Day Carry”.
Anura,
I state this as an observer:
Coordinated Silicon Valley right-wing censoring is an obvious attempted to sway the fall elections.
However democrats are playing with fire (straight from hell) as Trump is friends and reads Infowars[1][2].
Simultaneously Silicon Valley needs strong White House support to draft the National Privacy standards law. Their obvious goal is to bypass the California GDPR state law (and strengthen their data-mining and influence social media topics).
Knowing Trump’s nature, who is expecting an outcome favorable to Silicon Valley?
Will Trump continue to protect Apple from the latest China threat?
Did this expanding (who’s next) censorship issue already ‘tip the scales’ in yesterday’s Republican Ohio win?
Again I an NOT taking a position but rather stating the obvious poor timing.
However my bet would be their informal, confidential social media analytics showed strong, building support for the opposition Republicans. Thus Silicon Valley Elites had no choice but to vote for the lessor of ‘two evils’ by acting immediately. That they all acted in unison shows considerable private coordination.
The Lawless American Wild-West Still Lives
Sadly I expect the hysterical American meltdown to intensify this fall, with top issues being the Internet’s the lack of privacy and censorship. That Facebook’s want our citizens banking details is of no help.
As Patton said “Nuts”!
[1] Mark Z recently spoke up for keeping Infowars on Facebook. Then, for the first time ever, disgusted Sheryl Sandberg took over and pushed ‘somebody’ aside. The press is silent to this hilarious spectacle.
[2] Why is the ‘free’ press silence on nepotism or the hilarious good cop, bad cop spectacles at 1900 Pennsylvania Ave?
Alyer Babtu • August 8, 2018 10:39 AM
Maker alert !
https://www.theregister.co.uk/2018/08/02/nasa_open_source_rover/
Skizzo • August 8, 2018 10:59 AM
Sorry if this has been brought up already… searching for “helium” was quite the undertaking. 😉 Anyways…proof of coverage for crypto currency.
https://www.rtl-sdr.com/helium-the-sdr-based-cryptocurrency-for-iot/
echo • August 8, 2018 12:16 PM
@Alyer Babtu
I have no idea what you mean. I did have a brief look but am not watching it all the way through. I don’t like weapons especially. I think if you need a weapon you’re doing it wrong. My priorities and skillsets are all different anyway.
Major • August 8, 2018 1:12 PM
@echo
“These two videos neatly explain how the security industry is a sexist boys club.”
I don’t follow. They are hardly representative of the security industry. Just some guys screwing around and a woman selling her concealed carry products to women. What is the problem? The guys joking with the shotgun down the pants? Based on movies at least, it seems like women too make suggestive comments among themselves. I don’t see any bad intentions.
Alyer Babtu • August 8, 2018 1:16 PM
@echo
no idea what you mean
The YouTube videos with their enthusiast flashy style and tech/technique-heavy emphasis tend to distact from the real nature and point of arms. The movie shows how arms have a legitimate social role, and makes a study of the character of the perfect person at arms, by looking at a number of types. The most perfect character carries his weapon but in the “test interview/ambush” scene, doesn’t even resort to it, since his op sec is so good – as he says as he approaches the “interview” “No tricks, now”.
MarkH • August 8, 2018 1:23 PM
@(required):
STRAW MAN ALERT!!!
STRAW MAN ALERT!!!
STRAW MAN ALERT!!!
“Let’s not pretend any economist has a perfect record”
STRAW MAN ALERT!!!
STRAW MAN ALERT!!!
STRAW MAN ALERT!!!
Where have I, or Krugman himself, claimed that Krugman has a perfect record?
The straw-man argument is a completely invalid and intellectually dishonest tactic. I remember a time when a commenter was banned from schneier.com for repeatedly using it.
From the article cited by (required):
“By 2007, the facts were so visible and overwhelming, Krugman and other economists were compelled to alter their conclusions.”
When Krugman saw the data conflicting with his predictions, he correctly concluded that his model was broken. He has written quite openly about this, and why he got it wrong.
That might seem trivial, but there is a segment of ideological conservative economists who never admit that they were wrong and never revise their models, because their models are essentially “religious” — like the beliefs of Soviet Marxists, or the beliefs of some “cryptocurrency” fanboys.
As I wrote above, I don’t accept argument from authority as a guarantee of correctness.
I’ve explained who Krugman is, in response to suggestions that his skepticism about “cryptocurrencies” derives from lack of understanding, or envy toward those who made big bucks (in REAL currency!) by gambling on Bitcoin.
He could be all wrong about this. Maybe in 10 years, China will ditch the renminbi in favor of Ethereum; I can’t prove this won’t happen!
However, Krugman is one of many people who (a) understand economics deeply and (b) can give a list of very strong reasons why nothing resembling cryptocurrencies as they now exist in the real world can match the utility of state fiat currencies.
echo • August 8, 2018 2:17 PM
@Alyer Babtu
Ok This is clearer. I was watching a documentary on special forces (tier 1) selection. Listening to the blurb was interesting as the SAS is predominately a physical exercise but the basic protocol is flexible in lots of ways. One comment further along did say that they don’t want gun nutters and use of lethal force is a last resort in many instances.
@MarkH
I respect Krugman. He is certainly very influential in an old school way not seen since the WWII generation.
@Major
Yes but you needed to read between the lines several times over and roll a dozen subjecs in at the same time. Sorry I can be a little opaque like this.
echo • August 8, 2018 2:20 PM
I would have thought simple code which did “stuff” and was properly secure would be less prone to feature creep and cavalier practices and work for the sake of work which is a vicious circle.
https://www.technologyreview.com/s/611727/cybersecuritys-insidious-new-threat-workforce-stress/
Cybersecurity’s insidious new threat: workforce stress
This week’s Black Hat event will highlight job-related stress and mental health issues in the cyber workforce.
PeaceHead • August 8, 2018 2:55 PM
Thanks for this: https://www.icij.org/blog/2018/07/im-worried-that-we-will-run-out-of-sources-when-we-need-them-the-most/
And thanks for plenty of other stuff.
Actual history, education, culture, and present-day happenstance don’t become false just because a Hermann Goering type shows up to declare them such.
There’s a really good resource for studying modern-day security threats with direct and wide overlap with modern-day NAZI’s. However, it would be foolish for me to point it out too much because it could then be victimised by those NAZI’s and would lessen the successes of counter-terrorism experts (people fighting against terrorism) and our allies. So I won’t point it out just because some random persona is eager to make sure that you all forget what was said here.
For anyone still curious to start somewhere, a great starting point is studying the history and happenstance of Operation PAPERCLIP. That gets you into the ballpark. You can take whatever trajectory you want from there.
It’s both a security concern and cryptology issue for self-explanatory reasons. Anybody who can’t comprehend this just disqualified themselves from the conversations.
Thankfully, others responded in kind with corroborating and helpful infos which are helpful to more than just me.
As for security by humiliation or guilt, it doesn’t work with sociopaths; they have no guilt nor shame.
Peace be with you. I’m sure you can afford a couple of paragraphs of me acknowledging that I still read and think. I’m not dead and gone, just going on a vacation from the internet for a while.
Never accept the invitation to go braindead; neither will I.
Check the links on my homepage if you want to get an idea of where my brain is at.
Take care schneierenkraft.
Nick P • August 8, 2018 3:22 PM
@ Major
Yeah they were fun. The companies and academics been catching up to us like Clive said. Least someone is doing the stuff.
Far as Alex Jones, both this Project Censored article and John Oliver video are good links to give out on him. The first shows how many times he’s wrong or lying with his inside sources’ predictions. The second is just hilarious on top of busting him out.
@ echo
Be careful about elitism and specialities? What are you even talking about? I’m a generalist who used to cover everything from hardware/software to human usability to law to economic incentives. These days, I’m mostly focused on assurance activities, marketing, and incentives. Forgetting a lot of old stuff. Still learning new stuff. That’s how it goes.
So far, you’ve decided to go straight to speculative ad hominem with me instead of constructive advice in any sub-field. Be careful about that given it wastes bandwidth and people’s time.
@ Clive
“Oh a noticed a wry blog post the other day about why the computer languages of academia ”
One thing I’ll add the the newest work in source-level verification is addressing things like bit-equivalence, side channels, and so on. The hardware teams are doing that stuff, too. Some are doing hardware/software equivalence or provable integration. The CompSci stuff is kicking ass compared to how it was 10-20 years ago where Java + Intel would solve everything. 😉
The on-board FPGA’s are certainly a good development. Might even let us emulate stronger, security architectures on legacy CPU’s. Maybe, maybe. Too bad that open FPGA never went anywhere. It was 45nm. Could’ve been good for open, hardware prototyping. Still hope out there since there’s always university EE’s needing projects to do. 😉
Anura • August 8, 2018 4:21 PM
New xkcd on voting security:
echo • August 8, 2018 4:29 PM
@Nick P
I’m sorry if you perceived my comment as an ad hominem. It wasn’t meant this way. I felt the reading of your comments (including a few of Clives “code cutter” comments) can appear elitist because they imply, even if this wasn’t the intent, that somebody who doesn’t talk about more technical engineering issues or has the right kind of academic qualification or professional certification is thrown in with the herd of yahoos. Then there is comment about how things were better back in the old days which implies newer or different comment is less valuable or diluting discussion. As for younger people you also have to be aware of vertical propogation and give people space to learn without becoming indoctrinated with dogma and bad habits. All of these are things I have definately observed over the years, mostly propogated by men I might add, which is not to say that women don’t have issues too which academics and policy makers are aware of even if these kinds of things don’t get the same degree of airing.
I’m fairly sure any decent psychologist and/or sociologist can back this up and if you want a deeper explanation they would be the ones to ask not me. If need be I could always dig out of I can find them in my database media articles covering academic sexism, workplace banter, establishment patronising and so on which adequately cover these are as so yes they are a thing.
I have certainly said and done things which weren’t intended as they have been perceived, or censored myself because I either caught myself before I said it or was unsure whether it was a good idea to say it or not. I also have plenty of bad habits which need shaking off too.
Clive Robinson • August 8, 2018 4:50 PM
@ RG, Anura,
Coordinated Silicon Valley right-wing censoring is an obvious attempted to sway the fall elections.
The problem with claiming “censorship” is it’s like beauty in that it’s in “the eye of the observer”, and generally lacks objective measure, such is the nature of belief systems.
My viewpoint is that some if not all social media Silicon Valley companies were not living upto their “expected earning curves” facebook in particular does not look even remotely good. Thus they were finding life a little tough meeting investor expectations.
But as many old timers know, if you have a “flame war” you have traffic and fairly quickly lots of it containing strong oppinion and raw emotion of the sort that “political opinion” / manipulation / rigging organisations legitimate or otherwise[1] would pay top dollar for.
Thus the social media corps cared not a whit who was flaming who, or that it was getting more and more controversial, that brought in more traffic and more opinion and emotion, thus more bucks to supposadly improve those curves thus expectations…
Then the CA political manipulation issue blew up in the UK and the authorities started taking serious intrest (actually rather more than for amature hour from Russia). And the money trail of CA leads back to the likes of Peter Thiel and other Silicon Valley “names”, and the hedge fund runners that they are, shall we say are “birds of a feather”.
If you study those in Silicon Valley, they care not a jot for party politics, they are looking to influance the winners[2]. But their general business ethos is not inline with what in the US would be considered “socialist” aims that are closer to those espoused –but rarely practiced– by the supposed US left of center.
It’s only now that they are getting dragged into criminal enquires related to their relashionships with the likes of CA and the European Legislation can bite them big time even for “US going ons”. Remember facebook got hit for the maximum fine they could be given under the then UK legislation, now the EU law is inplace the same maximum fine would wipe them out of existence. Plus the shareholders have not been kindly just recently to Facebook…
The simplest explanation is that the execs we generaly don’t hear about are flexing their fingers and saying that the old marketing adage about “There is no such thing as bad news” whilst believed to be a truism is actually far from it in certain cases…
[1] All the Silicon Valley Corps are interested in is money from what is to a limited extent a “legitimate front”. Just like banks take drugs and other crime money that has been laundered to an acceptable level.
[2] You need to have a think back to when Pres Obama was having a cosy chat with the Silicon Valley names and one James Comey arived totally uninvited and started throwing his weight around about going dark and I guess “front doors”, “Golden Keys” etc. Obama should have sacked him then and there for that but he did not, which realy should be telling you something…
MarkH • August 8, 2018 5:18 PM
@echo:
I don’t know precisely what Clive has in mind when he writes “code cutters,” but I have some intuition.
I probably should respect credentials more than I do, but my perspective is biased by two kinds of experience:
To me, the most important determinant of the integrity of software is the collection of attitudes and practices brought by the authors. Some examples:
• How deeply do they understand what they’re trying to do, and the tools and resources they are using to attempt it?
• Do they think the problems through, or just open an editor and start typing code?
• How paranoid are they about flaws? Do they just try to get the thing to work — or do they armor it six ways against attack so that it has no alternative but to function as intended?
• To what extent do they lean on testing and debugging tools as an assurance of quality?
• Do they build by accretion, or design with modularity, hierarchy, and abstraction?
• Are their programs engineering documents which another engineer can read with clear understanding?
Perhaps the people who don’t bother with that kind of stuff, correspond to some extent with Clive’s code cutters.
In any case, this is just the perspective of one gray-haired old code cutter.
echo • August 8, 2018 5:59 PM
@MarkH
Yes, all fair comments. I think there’s a lot of space to say there is good and bad wherever a person is on the grid. On the pure technicals I don’t disagree with Clive’s comments. To a large extent he wrote what I was too burned out to write. I’m guessing we all tend to agree in principle.
I like talking about tech stuff with people who know what they are talking about. It’s always nice to talk this stuff over even if I never want to do it as a job again. Vicarious intellectual stimulation is a win for me.
Wael • August 8, 2018 6:32 PM
@MarkH, @Clive Robinson,
I don’t know precisely what Clive has in mind when he writes “code cutters,” but I have some intuition.
Improving on a six-year old limerick…
There once was a programer with a stutter
Whose code had overflows in the buffer
He saw some code on the ‘net
Then he snatched all of et
And commented: // I ain’t no code cu-cu-cu-cutter
There is a fine line between reusing code and just banging on the keyboard _______
tyr • August 8, 2018 6:47 PM
@Clive
Silicon Valley censorship is a previously
solved problem.
Just use moderated usenet newsgroups.
You won’t see anyone or their opinions
you don’t like.
Banning people for their opinions is exactly
like burning books to hide ideas you don’t
like. You can expect Zuckerberg to show up
at your local library with a gascan any
day now.
There was a saying in my youth that the
final removal of human rights would be
done by well meaning grannies who knew
what was best for you, not by evil goons
with agendas.
Nice to see Nick P. here again.
MarkH • August 8, 2018 7:13 PM
@Wael:
You reminded me of two jokes from colleagues.
One suggested that all modern-day software contains code that was copied and pasted from the original programs by Ada Augusta Byron.
The other proposed to recognize a new discipline of “copy-and-paste” engineering, and that a programmer’s resume (CV) should highlight expertise in copying and pasting: the critical skill, for the modern programmer!
Wael • August 8, 2018 7:49 PM
@MarkH
and that a programmer’s resume (CV) should highlight expertise in copying and pasting
Funny 🙂 It’s a mandatory requirement for “Toilet applications developers” (smart pipe thread)
bttb • August 8, 2018 9:08 PM
@(required) wrote:
“Delicious gravy. Not the kind you get in Federal prison.”
I am not sanguine (neither cheerfully optimistic nor confident) about the near term in this country. For example, starting here https://www.emptywheel.net/2018/08/06/goldstones-bare-facts-attorney-damaging-information-democrats-hillary-clinton-useful-to-the-trumps/#comment-745494 (without indentation) :
1 NorskieFlamethrower says:
August 7, 2018 at 1:40 pm
Thank you for this post Marcy, it has generated a thread of discussion of the first time we had a fascist in the White House with a war goin’ into it’s 10th year. I hope everyone here who wasn’t here then or too young to remember goes to the easily accessible public records of that period. I was five years out of military service (including an all expenses paid trip to SE Asia} and finishing undergraduate school in California. I won’t bore you with grandfather stories or personal anecdotes, others upstream have shared narratives better articulated than could I. But what I would like to share is an outline of the history of that period that has followed us in real time with real contemporary characters into the moment we now face.
Rumsfeld, Cheney, Stone, Manafort and George HW Bush are all weedy characters who germinated during this time and are still around today. They grew out of soil fertilized by history and blood for over one hundred years previous. They cut their political teeth on the Nixon experience and learned from that experience. By 1973, the United States was entering the 10th year of our military incursion into Vietnam with a conscripted, citizen army of occupation that had just a few years previous reached upwards of 500,00 in country, in the South China Sea and in bases in Japan,the Philippines, Wake and Guam. Those soldiers, sailors (marines) and airmen (and women) were coming home in increasing numbers and joining millions of their generation on college campuses, in the streets and in government. This changed the political dynamic at that moment and caused structural changes in the military-government-industrial nexus going forward. All of the aforementioned contributed to these changes that corrected the defects in the nexus in 1973 and allowed for the dangerous moment we now live.
If it hadn’t been for the anti-war movement of boomers and the massive numbers of war vets coming home to testify, we would still be in Vietnam. This is where the structural changes of the next 25 years began. Rumsfeld learned that in order to maintain active military presence in the world, we would need a “professional” military and he worked his ass off to get it. The professionalization of the military followed the federalization of the National Guard. The rat fuckers, political hit men and money launderers mentioned above all grew up in the Nixon era.
I will end by saying that from my 3 year experience in the military, I am terribly worried about what is facing us in the next four months. There are many of our fellow citizens whose last refuge of hope is that the military will come down on the side of the people. I am not one of those folks.
Thank you Marcy for this space and allowing me to occupy a small portion of it. Namaste to all here.
Reply
Tracy says:
August 7, 2018 at 2:05 pm
Namaste, @Norskieflamethrower, and the other Watergate contemporaries who have contributed – thanks so much for sharing your views and stories – so valuable to hear!
Reply
marksb says:
August 7, 2018 at 7:52 pm
Excellent placing all this into the context of Nixonian times, NorskieFlamethrower.
I worry as well. If I had been ordered to the base and then ordered to take part in the suppression of resistance, would I have complied? To this day, I don’t know. It wasn’t a specified part of our mission, but if a commanding officer ordered it under martial law, I have to think most would take up the task. We were trained to follow orders, and leave the legal arguments to lawyers, courts, politicians, and command. That’s the way the military is structured. I know a man who as a young National Guard soldier and was called up and sent to the Watts Riots. He complied. They didn’t give him ammo for his M1, but said he probably would have fired on Americans if he was ordered.
Reply
Michael says:
August 8, 2018 at 10:19 am
For the benefit of any youngsters here, I’ll point out that the term “professional” military means volunteer military, just to be clear. And “professional” military does not mean that a volunteer military does not, or cannot, act professionally.
Reply
2 Bobby Gladd says:
August 7, 2018 at 3:47 pm
Norskie, I share your anxiety about the coming months. We are in a very dangerous time.
Reply..."
(required) • August 8, 2018 9:23 PM
@MarkH
” STRAW MAN ALERT!!! ” – really? It was an offhanded comment. We needed an APB?
You could probably just do that once and we’d get what you’re digging at. SIX times, I must have struck a nerve noting Krugman could possibly be wrong again. Tranquilize a bit and maybe let’s have a peek under the straw hat?
“Maybe in 10 years, China will ditch the renminbi in favor of Ethereum; I can’t prove this won’t happen!”
-People in China use Ethereum now already. Does it need to surpass the state entirely?
Of course not. 10 years is an unreasonably short interval anyway, who said that? Hay dude?
“However, Krugman is one of many people who (a) understand economics deeply and (b) can give a list of very strong reasons why nothing resembling cryptocurrencies as they now exist in the real world can match the utility of state fiat currencies.”
-I actually tend to doubt Krugman would himself say anything quite as sweepingly and categorically dismissive of the potential for “digitally transferable fractional assets” *(nobody say currency) to supplant symbolic paper and metal bits or the plastic swipe strips imbued with the magic numbers.
The challenges are of evolving sufficient oversight/regulation and related surety, not utility.
When CC trading volume (or value..) surpasses local state fiat currencies that’s a fait accompli.
$21,982,134,960 = the total value of just bitcoin, today. Somewhere around the GDP of a small nation.
Whether that trust is equally or better placed and retains and grows value ongoing remains to be seen, but that’s also certainly equivalently true of the government’s economic leadership -or not- upon which your chosen value-tokens are judged to be worth trading to acquire -or not- globally, giving them the power of popular utility you seek.
http://www.usdebtclock.org/world-debt-clock.html
But to say that somehow all state fiat currencies are inherently better equipped than anything that any existing CC’s technology can underpin, I’d say that’s probably already wrong – but like Krugman I don’t study the issue extensively or do it for a living say.
Do watch out for straw men meanwhile on your vigilant crusade. But calmly..
Clive Robinson • August 8, 2018 9:38 PM
@ echo,
Listening to the blurb was interesting as the SAS is predominately a physical exercise but the basic protocol is flexible in lots of ways.
It used to be called “basic selection” and even for the “part time forces” varients of the special forces it was tough going.
Yes you could cheat the tests in various ways, but then at the end of the day who would you actually be cheating?
All the first part of basic selection is about is weeding out those who either do not have the physical ability, or do not have the pressence of mind to apply the ability in testing circumstances, or are just unlucky and break a bone or similar due to inattention.
For instance you could have the ability to do an hour long 40cm rise step test in full kit, but could you put in the same level of performance with having to map read your way around a very foggy Welsh mountain range[1] knowing full well that there are 600ft drops from knife edge pathways?
How about the same level of performance but over a rapid timed 15mile route up over down and back up and over again the mountin that at just under three thousand feet is the tallest point south of Snowdonia[2]?
Trust me when I say that the physical level is realy the easy bit, it’s the keeping your mind not only sharp but focused in sometimes quite appaling weather (it killed some soldiers three years back in weather not that much cooler than present).
But… the dance[1] is done after a week of other quite grueling physical and mental tests, where your best friend is a large container of Radox or similar bath salts to get the crap out of your muscles when you get the chance to soak in a very hot bath.
The places the special forces have used for basic selection are fairly well known and have been for something like fifty years[2]. If you fancy taking a walk up there for the view I would thoroughly recommend it. If you are a little more adventurous you can actually walk over what is in effect seven peaks in a day of walking and it’s not as tough as the contour lines on the map suggest, if you pick your route with care[3]. The last time I was up there I humped up around 35lb of radio equipment and worked “HF Portable” “just for the craic” as they say across the water.
But if you feel brave and want to have a go at the fan dance, there is a public version you can have a go at that is nearly the same route. And yes some disabled people have compleated the course including amputees.
I would still go up there today, but officially according to the Doctors I’m supposed to have a “guardian” just in case I “do the usual”. My son is not adverse to the idea as he’s developed an interest in SOTA as it’s now called. But others are not keen at all on us doing it…
[1] Officially “Exercise High Walk” it was more commonly called the “Fan Dance”[2]
[2] The mountain range is in South Wales / Brecon Beacons national park, and the “big one”, Pen-y-Fan at a little under three thousand feet is the lump of interest. There are several routes up but one being only 18″ wide for much of the way is perhaps the fastest. But if you don’t like the idea of looking down at sheep that look as small as match heads I’d take the more normal route.
[3] Back last century whilst still in my thirties, I did the seven peaks in the early morning through to early afternoon one Saturday, got back to London for a party and danced through the Saturday evening and into the morning. I awoke later that sunday and found I could hardly move and my legs were as though made of oak trees. I hobbled about like a criple for three days whilst the crap cleared out of my muscles. Then atlast I could get back to jogging the eight miles to work again. Thus I would recommend people “warm down” properly if they are going to daft things 😉
(required) • August 8, 2018 9:49 PM
@Bttb
Depressing as hell. History repeats verbatim, only the costumes change. The audience loves it.
Clive Robinson • August 8, 2018 11:09 PM
@ echo,
… because they imply, even if this wasn’t the intent, that somebody who doesn’t talk about more technical engineering issues or has the right kind of academic qualification or professional certification is thrown in with the herd of yahoos.
Taking it in reverse, I’ve kind of made it clear in the past that it is the industry as it is currently managed where the fault lies. The “yahoos” if you like are the “bells and whistles today, stability and security some time never time” advocates that have shapped the industry the way it is. At the end of the day you do what the man who cuts your pay check says or he’ll stop cutting yours…
As for the issue of accademic qualifications etc I again blaim the industry. Most CS courses do not teach the fundementals well enough that they actually become the basis of transferable skills. In the UK certainly outside of a very few unis Industry dictates via “sponsorship” etc what gets taught after the first year. In essence they get taught what the industry thinks it wants, not what it actually needs. Much of the focus is thus on particular tool chains, and library interfaces not on general methods. In many cases students do not get taught what would be regarded as “basic engineering techniques” that those training in engineering disiplines usually do such as basic testing techniques.
I could go on but in general it’s not the students fault. They get taught by what would be mathmeticians if they could get into that faculty, to specifications from business managers who get told what is required by those trying to play for the marketing department.
I’ve previously noted that the term “software engineering” should be dropped, because CS courses do not teach engineering in any form an engineer trained in electronics, areospace, etc would recognize. Heck I know “surveyors” that take more of an engineering aproach to the way they work than many in the software insustry.
I guess what you call “more technical engineering issues” I call investigative research. It’s something the curiously inclined gravitate towards. As I posted just a day or so ago the “usuall suspects” were of all levels from just starting out in their training to grizzeled old gits with 1960’s pony tails, beards and even sandles I guess if that’s the mental picture of an aging nerd of “guru” status you have.
As for being sexist, no, unless people “self declare” we tend to follow the idea of mind of indeterminate gender. Not to be PC or whatever the modern equivalent is these days, but because it’s the mind and what it thinks that appears as the words here, not anything related to gender (unless some one talks about gender issues).
As for “the old days” yes they were quite technical, but the reason as I have also pointed out was those of a political ilk had not thrust their snouts into the potential money trough computer security was becoming.
Personally I would like to see way more capable minds commenting on this blog as more points of view means more discussion thus more thinking. Importantly a persons point of view is based on their life experiences, as is their thinking process with regards the language they speak. Thus I want more perspectives and different thought processes here, which means I do not want the echo chamber effect of SWAM [1]. But it also means I’m not interested in mono thinking and parroting, because originality of thought is what makes me think, consider and evaluate.
The problem I have with saying “we need more women” is it’s like saying we need more vegans or people born under Sagittarius etc. There is no real correlation between them and the itch to be curious about the world around you or in that part of it computer security is expanding into.
Thus the question it should raise is “how do we make computer security more interesting to women / vegans / sagittarians etc. Because just pushing women through a door to make up an arbitary head count in the room serves nobody well, and is only going to cause resentment.
Yes I can understand why women might want to head in the opposit direction at high speed when it comes to mainly male environments, and I object as strongly to the behaviour of some in such monosex environments as those that feel they are in effect treated as “the enemy” or far worse.
Which brings us to the question of how to dissuade what is objectional behaviour from those inside the environment to those currently outside?
In part it’s a catch22 issue, we need a significant prescence to make it an accepted norm of the environment, where all in effect, not just word have equall status.
I’m open to all suggestions that don’t involve overt or covert compulsion or other method that will cause resentment or even 180 discrimination, that is they need above all else to be fair and equitable to all. As the statue of Justice on the courts at the Old Baily indicates often the best solution is to be blind.
I do not know how many women on this blog there are, and generally I don’t want to know, because I don’t want myself or others to be biased.
However it is difficult to keep things hidden, as an example certain typing mistakes indicate that some people may well be left handed, certain turns of phrase what geographical region they are in, have spent time in, or their formative years in. Judging people is part of what makes us human and has and still is a survival trait.
The skill is being able to divorce that judgment process from the point of view and reasoning process the individual demonstrates.
[1] For those unfamiliar with it, SWAM stands for “Stale White And Male”. A complaint that came about through comment about politicians and the makup of their parties…
MarkH • August 9, 2018 12:34 AM
@(required), who wrote:
“to say that somehow all state fiat currencies are inherently better equipped than anything that any existing CC’s technology can underpin…”
Who made such assertion?
Another straw man. It’s a nasty form of trolling, albeit a bit stealthy inasmuch as the trolling is not evident to those who haven’t followed the discussion.
In a reasoned discussion, such antics are a form of pollution.
(required) • August 9, 2018 1:26 AM
@MarkH
STRAW MAN ALERT!!!
STRAW MAN ALERT!!!
STRAW MAN ALERT!!!
-An example of what exactly, not trolling? I digress.
I did quote you directly, which answers your question:
(Krugman) “can give a list of very strong reasons why nothing resembling cryptocurrencies as they now exist in the real world can match the utility of state fiat currencies.”
You made that out as Krugman’s position. I posited it’s not exactly accurate on the merits.
You’re seeming to get awfully worked up about this somehow but I’m not sure I understand
exactly what’s making you so irritable that you can justify such stylistic text decisions, but knock it off please. No eggplant emojis required here.
Thoth • August 9, 2018 2:12 AM
@all
Microsoft dares attackers to exploit it’s Hyper-V hypervisor and also spent time on trying to suggest would-be attackers where to look for bugs.
Link: https://www.theregister.co.uk/2018/08/09/hyperv_hacking/
MarkH • August 9, 2018 3:48 AM
(required)’s formulation is, in fact, not equivalent to the text subsequently quoted.
I shall continue to call out trolling as I see fit … however, I shall not read any more comments from this particular troll, who may accordingly rest easy.
Clive Robinson • August 9, 2018 7:33 AM
@ Bruce and the usuall suspects,
El Reg has a little more on the history of how Meltdown and Spector got known before the “official announcment date, and why Uncke Sam got caught on the back foot and others thought the Chinese Government new before the US…
https://www.theregister.co.uk/2018/08/09/meltdown_spectre_cert_timing/
Wael • August 9, 2018 8:36 AM
@Clive Robinson,
and why Uncke Sam got caught on the back foot and others thought the Chinese Government new before the US…
Your Klingon phinger must be fat! It’s “Uncle Sam“! Any evidence the Chinese government new before the US?
bttb • August 9, 2018 9:22 AM
From comments starting https://www.emptywheel.net/2018/08/09/oleg-deripaska-probably-fed-both-parties-dirt-in-2016-election/#comment-745648 (again w/o indentation)
“…earlofhuntingdon says:
August 9, 2018 at 8:52 am
Disinformation is propaganda. Skillfully played, neither the presence of false information nor its proportion to the whole would be easy to detect. That seems particularly true in the heat of election battle, when so much information would be flying that fact checkers sometimes would be overwhelmed.
Russians, like Madison Avenue consultants for tobacco, drugs, and chemical companies, are quite skillful at it. The CIA and its famous Wurlitzer were once good at it too.
Reply
Trip says:
August 9, 2018 at 9:09 am
Yep. Disinformation either has some actual truth mixed in it, or some element of ‘truthiness’.
This is how the “deep state against Trump” mantra works. The CIA or FBI did shitty things in the past, or someone high up lied. Hence, that is the case now. It’s like rounding up the usual suspects. If some guy robbed a bank in the past that is not direct evidence of a recently committed bank robbery, but it has elements of truthiness and it raises suspicions.
Reply
Peterr says:
August 9, 2018 at 9:24 am
Disinformation is propaganda.
Yes. Disinformation is a tactic, not an end.
Assuming the Russians had figured out that Steele was probing the Trump/Russian relationship, the strategy that this tactic would serve is threefold. First, inserting disinformation would be a way to try to throw Steele off the track. “Follow these breadcrumbs, and pay no attention to that neon sign over there . . .” Second, when the dossier got delivered, the disinformation could be exposed as false by the Russians, if that didn’t happen through above-board research by US media/politicians, thereby discrediting the whole. Third, fighting about the disinformation would stir up the kind of political conflicts among various US political parties/groups that the Russians were busy stoking via Facebook, Twitter, and other means.
Critical to this kind of disinformation play is getting the mix of true and false information right. Presumably Steele was finding true information, so the Russians only needed to figure out what false information to feed him. Too much disinformation would likely have alerted Steele that he was being played. “Why does none of this new stuff line up with what I already know?” It has to be (a) plausible enough that it fits the overall direction of what Steele already knew, (b) not specific enough that he can categorically rule it out as false, and (c) tantalizing enough that he’d include it in his report, even if it carries disclaimers like “I’ve only gotten this through one source, but it’s intriguing enough to pass along.”
Feeding too little disinformation runs the opposite problem. Too little, and it won’t throw Steele off the paths he was pursuing. Too little, and it won’t get noticed by US folks looking to poke holes in it. Too little, and when it is revealed as false, it won’t be seen as a big enough problem to discredit the whole dossier. Too little, and it won’t stir up the poo-flinging among US political interests.
This is not “too clever by half” — this is how the intelligence game has been played for generations. When Eisenhower was planning the DDay invasion, he and his staff knew that the Germans were collecting plenty of true intelligence that an invasion was imminent. By feeding plausible-but-false information about the timing and location (Calais, not Normandy), they accomplished a high degree of surprise.
The danger of a disinformation campaign like this is that it alerts the opposition to what you are trying to hide/obscure. If your enemies are headed down a blind path, you let them go; you only try to divert them if they are going somewhere you don’t want them to go.
Reply
earlofhuntingdon says:
August 9, 2018 at 9:37 am
As Smiley observed, “Topicality is always suspect.”
Information from the other side that fits too neatly what you want to find threatens to be unreliable. Steele, former Russia desk officer for MI6, would have been familiar with the problem, which suggests that disinformation fed to his sources must have been good.
Another benefit of this sort of campaign is that it would make all of Steele’s work suspect, a boon to Putin. Like Trump, he operates best in secrecy.
Reply..."
Clive Robinson • August 9, 2018 9:55 AM
@ Wael,
The argument put forward by some –without real knowledge– is that Lenovo were “in on the secret” that Uncle Sam was not as it was a Chinese company…
However I likewise have no knowledge, so when some one who verifiably works for Lenovo in the US says it did not leave the secret did not leave the US, it falls to a balance of credibility.
Which kind of makes Lenovos person fractionaly ahead on “knowledge” of the matter. However I still have no evidence of their reliability or those around then.
So the jury is definitely not even at the consideration stage.
Alyer Babtu • August 9, 2018 11:31 AM
@Wael
Klingon phinger
But perhaps not – Sir Clive may have been in the ambient field of the “techno” beats of Nanoplex
Running with Pinking shears • August 9, 2018 12:27 PM
@ all above who are trying to have their pudding without eating their meat
With apologies to Messrs. Waters, Gilmour, Barrett et al.
We don’t need no Facebook nation
We don’t need YouTube control
No Twitter banning from the app screen
Zucker leave that Jones alone
Hey! Sandberg! Leave Info Wars alone
All in all he’s just a point of view in the mall
All in all you’re just another brick in the wall
echo • August 9, 2018 12:51 PM
@Clive
I have half wondered about the feasibility of doing dry run just to see what the selection test was like but this is only to satisfy my curiosity. I certainly do recommend warming down! I had been recovering from being ill for a long time and hadn’tbeen out much for ages. Like a dufus I hadn’t been to the train station for ages and took a wrong turn. I suspected something was up when what I was seeing didn’t match the distance I had travelled. After asking a group of people I bumped into I had a long run to the train station in work boots wearing a backpack with a heavy coat (just in case), sandwiches, and drink inside on what was then the hottest day of the whole year. I made the platform with two minutes to spare! This was the second time in my life I haven’t warmed down properly and my tendons were complaining too. I couldn’t walk properly for a week.
Security is a process and equality is a process. This is my short answer.
On disinformation: I’m currently wading through responses to complaints. I’m trying to work out if the replies are genuine error or disinformation. Both are very different in facts and tone but both have done a very good job of making claims which I don’t agree with and leaving things out and coming to conclusions which I disagreed with before the situation which led to the complaints. They talk a lot but somehow seem to miss the target or talk around the target, and actually fail to acknowledge the critical issues I mentioned as concerning me which I knew would cause a problem.
Here’s some links to articles I discovered while burning my eyes out in bed with too much blue light:
Bizarre Phenomenon That Intrigued Leonardo Da Vinci Can Finally Be Explained
https://www.sciencealert.com/role-of-surface-tension-not-gravity-hydraulic-jump
Brad Pitt Claps Back At Angelina Jolie: I’ve Given You Millions Of Dollars Since Split
https://hollywoodlife.com/2018/08/07/brad-pitt-responds-angelina-jolie-child-support-accusations-gave-millions-divorce/
Use this Harvard Law checklist to prepare for any negotiation
https://qz.com/work/1139744/harvard-law-schools-advice-for-prepare-to-negotiate/
(required) • August 9, 2018 1:10 PM
@Mark
“(required)’s formulation is, in fact, not equivalent to the text subsequently quoted.”
Actually it was very much so. Observe.
You said “very strong reasons why nothing resembling cryptocurrencies as they now exist in the real world can match the utility of state fiat currencies.”
That’s an extremely broad brush, and Krugman isn’t as obtuse in his measured statements of doubt.
Your straw house is on fire Mark. I’m sorry you take it so personally for whatever reason.
Crytocurrencies exist now that already have more “utility” than some state “fiat” currencies.
That’s by any measure you’d like to make, volume, value, global acceptance, “utility” – whichever.
Deal with that reality or don’t, but your statement is not equivalent to Krugman’s own.
His doubts about the feasibility of such technologies are much more nuanced.
QED
Alyer Babtu • August 9, 2018 5:15 PM
Day of the Triffids, anyone ?
Thoth • August 9, 2018 8:40 PM
@all
Person who report on Kaspersky’s leaky VPN receives no big bounty. Little wonder why there is more vulnerabilities hoarding and weaponizing behaviours these days.
Link: https://www.theregister.co.uk/2018/08/09/kaspersky_vpn_dns_leak_bug_bounty/
Clive Robinson • August 10, 2018 2:36 AM
@ echo,
You left out the blue light kills eyes article,
https://www.sciencealert.com/how-blue-wavelengths-light-affect-retinal-cell-tissues-eye-disease
Which arguably is the most important one for “readers” here, and just another reason not to look up into the sky…
Speaking of which we may not have much choice on looking up if Pres Trump gets his way with,
Whilst it sound like the future to some, it’s very “James Bond Movie” to others. But there is a very real security and political aspect to it which is already causing several nations to raise complaint over how the US is “monopolizing space” to their scientific, economic and security detriment.
One aspect is that for nearly all orbits there is “earth territoriality issues”. That is any closed/circular[1] orbit that has a polar element or is not at geostationary orbit hight will overfly/cover other nations territory in potentially hostile ways.
Unless the growing number of nations with launch capability[3] actually sit down and come to a realistic consensus for an international oversight body[4] the security issue will degenerate rapidly. Which could as China has demonstrated result in a nation unilaterally “closing space” off to the rest of humanity (look up the Kessler syndrome AKA the Kessler effect, collisional cascading, or ablation cascade, which is a positive feedback cascade failure event where orbital debris increases in a chain reaction).
[1] Outside of inter planitary body journeys most man made objects launched into space are of effectively closed circular[2] orbits that will eventually decay back to earth and mainly burn up in the earths atmosphere (or should do) it’s generally just a question of time if the object is launched correctly.
[2] Although most two body orbits when drawn look eliptical the mathmatics is that they are all circles. The simplest way to see this intuitivly is to get a childs hoop or similar ring and hold it at two opposit points at arms length. As you rotate the hoop/ring you see it change from being a circle through all the closed elipses through to a single line and back again. You can actually use this observation and K12 maths to calculate basic orbital mechanics including the two centroids/focus points (you will however require a bit of calculus to calculate the instantanious orbit velocity).
[3] The UK and South Africa are in the odd position of having voluntarily given up a “super power status” technology. For South Africa it was nuclear weapons, for the UK it was indipendent launch capability.
[4] Any international body for this must not be formed in the known failure model of the United Nations with the “permenent security council member veto” problem. That is no clique of nations should be able to put their interests above others with regards space, otherwise we will get the same tyranical “Super Power” issues we see in current geo-politics.
Wesley Parish • August 10, 2018 6:25 AM
Happy happy joy joy!
Some real doozies from ElReg, just proving that anyone can find themselves addicted to the taste of their own toes, though some do insist on adding condiments as well:
https://www.theregister.co.uk/2018/08/10/internet_of_things_encryption_snooping/
What they found is that even with encrypted payloads, light bulbs, power switches, door locks, speakers and the like reveal their activity in how, rather than what, they communicate: the duration of a traffic spike, the length of packets in a communication, packets’ inter-arrival time, deviations in packet lengths, whether the user is contacting the device locally or over the Internet.
https://www.theregister.co.uk/2018/08/10/spiderlabs_social_mapper/
Use this to match profiles to names of people at an organization. Nothing could possibly go wrong here
https://www.theregister.co.uk/2018/08/10/data_center_hacking/
The duo probed whatever kit they could get hold of – mainly older equipment – and it could be that modern stuff is a lot better in terms of security with firmware that follows secure coding best practices. On the other hand, what Waisman and Soler have found and documented doesn’t inspire a terrible amount of confidence in newer gear.
https://www.theregister.co.uk/2018/08/10/autonomous_car_hacking/
https://www.theregister.co.uk/2018/08/10/mobile_pos_insecurity/
“If a product costs less than $100 it’s not going to have some level of [security] development,” Galloway said. “Some vendors are following PCI to the letter and only implementing minimum requirements.”
Just about says it all for their security perceptions, doesn’t it. Sitting on top of the cheapest bid; now it’s true of everybody.
https://www.theregister.co.uk/2018/08/09/kaspersky_vpn_dns_leak_bug_bounty/
https://www.theregister.co.uk/2018/08/09/body_cameras_face_recognition/
Smith responded in clear terms that current facial recognition is simply not accurate enough to “make operational decisions,” ie: for police to use it to recognize individuals and use positive responses as justification for automatically and unquestioningly apprehending people. Well, the computer says you’re wanted, so here come the cuffs, we can imagine a conversation with officers going.
https://www.theregister.co.uk/2018/08/09/whatsapp_message_manipulation/
https://www.theregister.co.uk/2018/08/09/neural_network_malware/
Since it’s difficult to work out what triggers the payload, such a model would be very difficult to tackle, the researchers argued. Rest assured, however: the IBMers have not released any code, and there’s no sign of any malware using this machine-learning technique in the wild.
Confluence of malware and AI. It’s beginning to look a lot like Precambrian, everywhere I look …
And last but hardly least, on a Witless In Washington note: kids, don’t do this at home –
https://www.theregister.co.uk/2018/08/10/us_military_space_force_proposed/
Pence, who we really hope knows that Star Wars is a fantasy movie and not a documentary, said the time had finally come for the military to take charge in space after the environment has turned from “peaceful to contested” to “crowded and adversarial.” The US fears China and Russia will dominate space and launch satellites that are capable of jamming American signals, destroying US sats, and firing weapons at other targets.
Commented upon by various –
What a joke. The same right wingers that hyperventilate over “big government” suddenly have no problem with the creation of a wasteful, redundant “Space Force.” A new bureaucratic monstrosity. The same f[*]cks that say we’re too broke to help the sick or feed impoverished kids.
— Aiden Wolfe (@AidenWolfe) August 9, 2018
Is it worth pointing out that this is equivalent to painting a bullseye on one’s back and stepping in front of a a group of marksmen with high-powered rifles while shouting, “Betcha can’t hit me!!!”?
FWIW, the US Space Farce does begin to look like a malicious suicide note to the rest of the world.
echo • August 10, 2018 9:06 AM
@Clive
Yes, fair point. I was waffling so much I thought I’d trim my links.
@Clive @Wesley Parish
I don’t know about this space force thing. It seems like an ego thing and I cannot see how it helps with social and economic issues
Clive Robinson • August 10, 2018 10:47 AM
@ echo,
I don’t know about this space force thing. It seems like an ego thing and I cannot see how it helps with social and economic issues.
Part of the problem is that people get to feel quite unclean when they realise that “what is good for making war” is actually of more use “building the economy”.
It does not matter if it’s art, artisanal, engineering, or science, war is so often an enabler that we don’t realise what then follows would probably not have happened without the conflict.
In war often the most vital place to take and hold is “the high ground” it generaly improves everything for those on high whilst being quite detrimental to those on the low ground. At it’s simplest you can see further the higher you are thus you can see much much further and thus have greater knowledge.
Economics is likewise about better or more extensive knowledge. Knowing what tommorows weather is going to be helps many people in many ways. So knowing the likely weather for next week has much greater utility. Likewise movment of other things such as fire and pests like locusts, wasps and other insects can be predicted almost as well as weather. Which also includes the “ultimate pest” mankind be they marauders, migrants, or just the displaced.
The list goes on and on, space is in effect the ultimate high ground not just to observe, but deploy forces under your control. It works for both war and economics, which means you gain both political and economic power over those not on such high ground.
Space is also belive it or not “a vital resource” and is becoming more so by the hour. Looking at the history of “rights” for water and grazing and the repeated conflicts they caused should give most a reason to “pause for thought”.
As I’ve noted several times in the past the next “resource wars” will be about energy. It’s fairly clear the US and China has decided to “button up” the second and third worlds inherant resources and prevent them developing independent reliable alternatives such as nuclear energy etc. The name of the game is the same as with drugs pushers “Make them dependent, then bleed them dry before you turn them into vasals to be exploited as less than slaves”.
In effect the problem with “green energy” is it is “unreliable” and many of the raw resources required are now much as oil was in the 1970s a source of “political control”. Research has got to the point where we know that collecting energy in space and using EM systems to transport it is within a lifetime of development.
Controling space in effect gives the same sort of control but of a much much larger sphere of influance as does the Russian supply of gas to various Eastern European countries.
For those who were adults in the 1980’s Margaret Thatcher publically made it clear why the UK could nolonger hold on to Hong Kong. Both the water and energy supply came from the Chinese Mainland, and they frequently “turned the tap off” to make a political point. Thus they could turn it off long enough to reduce the over populated area to panic if not death, with little more effort than pressing a button.
It’s this level of political control on earth that the control of space would give a nation in just a few generations time.
But it goes further, the earth has finite physical resources, there are vast disks of resource rich rocks just floating in space waiting to be exploited by robotic systems, likewise controlling what is in effect “the gateway” again would give immense political control.
These are the sort of stakes neo-cons and the like salivate over. Likewise the larger Corporates. Imagine if you will the likes of Facebook or Google not only controling your information supply but that of energy and raw resources. Have you any idea what rent they would seek off of such power? Now ask yourself why they are getting heavily into autonomous vehicals both for the road and sky, and how quickly they would do the same for space?
bttb • August 10, 2018 11:31 AM
With QAnon ( https://en.wikipedia.org/wiki/QAnon ) in the news, perhaps talk about the deep state is relevant. For example, https://www.npr.org/2018/08/09/633019635/opinion-why-the-term-deep-state-speaks-to-conspiracy-theorists (about 7 minutes audio; transcript available) :
“The deep state – really only the name is new. The citizens of democracies have always been suspicious about concentrations of unelected power. In the late days of the Roman Republic, Cicero denounced the triumvirate who had usurped the role of the Senate as the imperium in imperio or the government within the government.
Nowadays, the alleged usurpers go by more pedestrian names – the invisible government, the hidden government, the shadow government. Those names often reflect plausible concerns, sometimes about the lobbyist and business interests who shape regulation and policies, sometimes about the career civil servants who seem to care mostly about protecting their bureaucratic turf. But the allegations can also tip over into the convoluted narratives of conspiracy theory, where people are covering bulletin boards with pins and string to show how everything’s secretly connected to everything else. The deep state story conforms to the intricate grammar of those conspiracy narratives.
The term was marginal in American politics until it was picked up by Breitbart News in 2016 and quickly adopted by the president and his allies. The president has been appending it to his tweets as a kind of mantra. Where’s the DNC server, and why didn’t the FBI take possession of it – deep state? It’s an elastic label. Depending on the occasion, it can encompass the Justice Department, the intelligence communities, the FISA courts, the Democrats and the media. In short, it’s a cabal of unelected, leftist officials lodged deep in the government who are conspiring to thwart the administration’s policies, discredit its supporters and ultimately even overturn Trump’s election. It’s gotten to the point where some of the president’s defenders are describing the Russia investigation as an attempt to launch a coup. That’s not a word we’re used to hearing in American political discourse.
But then there’s something alien about the phrase deep state itself. Until recently, it was chiefly used for developing countries like Turkey and Pakistan where the government answers to shadowy elites in the military and intelligence services and where coups and purges are routine occurrences. Granted, not many people who talk about the deep state are aware of that origin. But there’s a trace of those dark connotations in the very decision to talk about the state rather than the government. It’s a marked choice of words.
In America, what usually comes to mind when you say state is the political units that make up the United States, like Alabama or Wyoming. Apart from a few locutions like church and state or state secrets, we don’t often talk about the state the way other nations do to refer to our central government or to the country as a whole. And, as William Safire noted in his political dictionary, when Americans do use the state that way, the word is freighted with totalitarian connotations. He pointed to phrases like the garrison state and police state. And you could add state terrorism, surveillance state and, above all, enemy of the state, a label that exists only in countries that make political opposition a criminal offense.
Liberal critics of Fox News take advantage of those connotations when they describe the network as state television. The phrase brings to mind the media that serve as mouthpieces for autocratic regimes in China and Russia, not the government-run networks in New Zealand or France. And conservatives rely on those same connotations to add a maligned note to the epithets they use to denounce the overreach of government programs. Safire described welfare state as an attack phrase that was synonymous with creeping socialism. The American right borrowed the nanny state from British conservatives during the Thatcher years, and the regulatory state was added a decade later. When the state takes on that totalitarian color, it becomes a monolith that expands to fill every corner of society. That’s the very definition of totalitarianism. As Mussolini put it, everything within the state, nothing outside the state, nothing against the state.
[…]”
The text above is from the transcript, not the link above.
echo • August 10, 2018 3:01 PM
@clive
These are the sort of stakes neo-cons and the like salivate over. Likewise the larger Corporates. Imagine if you will the likes of Facebook or Google not only controling your information supply but that of energy and raw resources. Have you any idea what rent they would seek off of such power? Now ask yourself why they are getting heavily into autonomous vehicals both for the road and sky, and how quickly they would do the same for space?
I have no illusions about this like Brexit. The problem is neither fix the governance and democracy and economics and discrimination and other rights and welfare issues before anything happens and any promises made about after are worthless.
Meanwhile back down to earth and about more immediately practical issues. I just had one ECHR office pass me on without discussion to another office and they neatly edited my reason for contacting them and the other office seems to have developed the idea they can plunder my work for free to assist a relatively high profile case in progress. Erm, pardon?
(required) • August 10, 2018 6:21 PM
@Bttb
If “State” TV is further refined to “Party” TV, that’s even more on the nose isn’t it?
Nick P • August 10, 2018 7:42 PM
@ all
Linked in URL field to my summary of decades of research in software assurance techniques for anyone interested. Might be new people that missed out several years worth of links and discussion who would like to avoid Googling it. 😉
@ tyr
Nice to see you, too. I’ve been posting mainly on Lobsters since there’s lots of builders there. Mostly CompSci work on languages, verification, and empirical stuff. Stories can be accessed here. Slowing down on social media a bit, though. Looks like I’m also currently at 666. I need to submit something before “watchful” people start connecting dots. 😉
@ MarkH
“The other proposed to recognize a new discipline of “copy-and-paste” engineering”
I’ve seen it called StackOverflow-Oriented Programming.
@ echo
” that somebody who doesn’t talk about more technical engineering issues or has the right kind of academic qualification or professional certification is thrown in with the herd of yahoos. ”
I’m actually an independent researcher who rarely publishes in established venues, doesn’t patent my stuff (others seem to…), and doesn’t even work in security industry since it’s bullshit. I work in jobs where I can talk to lots of people to understand them better to develop ways of pushing them to get our democracy in order. Most problems come from messages not targeted correctly. My main hobby is trying to build invincible systems. Reforms via solving hard problems next. You could say security is same for me but more focused.
So, it would be quite self-defeating for me to judge people on basis of how much technical writing they do or traditional qualifications they possess. I was an absolutely-vicious and blunt debater in the past, esp on here. I’ve softened it up since I think we’ll get more uptake of good solutions by being diplomatic. Turns out human and marketing side of things was vastly more important than technical solutions I focused on a long time. It wasn’t wasted since few have or can even obtain the knowledge I accumulated. I can still work to get that to broader audience in an easier-to-consume way. I just know I need to be working with these bandwagons and biases instead of against them since they’re effectively unstoppable. I’m still calling out bullshit, though, since I’m hardwired to do that for greater good. 🙂
“As for younger people you also have to be aware of vertical propogation and give people space to learn without becoming indoctrinated with dogma and bad habits. ”
We’ve been doing that a bit more in high-assurance. It was highly prescriptive before with us focused on specific methods. Groups like Galois Inc were pushing a goal-oriented focus. Some others were talking about properties of systems which are sort of a result-oriented focus. The methods themselves can be really dynamic so long as each is proven empirically to do what they say its doing. I think we can give more room for growth in IT and INFOSEC than we did in the past.
However, I should note that there’s a need for constraint in IT in some circles. There’s endless piles of Java/.NET projects going nowhere, JavaScript frameworks, static site generators, and so on. It just goes on and on reinventing the wheel adding about nothing every time. Engineers in other fields come up with standard, proven solutions to as many problems as they can which they can just plug in with minimal effort. They can usually also analyze them somehow to know they’ll work in isolation and integrate. So, I still think we should do the same in vanilla, software development with the analytical aspects supported by accessible methods such as Design by Contract.
“mostly propogated by men I might add, which is not to say that women don’t have issues too which academics and policy makers are aware of even if these kinds of things don’t get the same degree of airing. ”
I’m glad you added that last part given I’m a white, male moderate who was a victim of structural racism and sexism that many liberals dicussing these issues say doesn’t exist or even ban me from forums for claiming it does. We have no voice in mainstream, liberal circles despite a huge number of us existing. To me, it’s a large problem of in-group vs out-group with politics over reality regardless of who is the in-group. The pattern is usually the same in the U.S.: those in power pull in, favor, and promote those like them. And, in IT industry, it mostly played out in men’s favor against women where corrections would mostly help women but they’d sometimes help men. I mean, how many people have you seen cry sexism when it’s an all-women startup or business? At least they called out Huffington Post that one time with Tommy Cristopher’s tweet being hilarious.
My part in this is to support methods that counter discrimination but stay fair as possible. I’ve always pushed blind auditions and evaluations based on clear, peer-reviewed criteria for performance. GapJumpers is one company doing it like in this article I pulled out of Google as a quick example. To deal with supply aspect, one modification might be an algorithm that does a best-effort attempt to pull in equal members of each race who are then blindly evaluated. I say best effort since some areas might not have equal numbers that apply. Algorithm will handle that. Only after that’s impossible would I want to consider things like quotas. Still, they better be either qualified candidates or really close to qualified candidates that require minimimum investment in training.
It’s pretty clear to me that racism and discrimination against non-White, non-Asian, and non-Male is high given it doesn’t take friggin’ geniuses to write CRUD apps, PHP, junior analyses for data science, QA tests, and so on. If companies or universities really cared, it would be straight-forward to train large numbers of minority members at once in that stuff. Really, deep stuff that takes longer with self-selection factors might be harder. However, I don’t think most care at all. On top of it, the types of liberals that talk about equality the most block or mistreat white males when they’re in power. They need to end their politically-motivated discrimination, too, as this overall process happens.
“I’m fairly sure any decent psychologist and/or sociologist ”
I don’t trust them. Their ideas mostly seemed like they were trying to fit the data to theories they like which weren’t produced with the data. That was my impression of various introductory courses and studies I saw. You’re supposed to instead go from data to hypothesis to tests, iteration, and so on based on them matching data. For instance, reading some studies or articles would make you think structural discrimination never happens to whites or males or we’re all super well-off. Further, they seem to argue for minority views but huge numbers of minority members have views more like mine. I rarely see that represented. They also actively suppress such dissenting views with some even saying those that disagree are inherently brainwashed or something. It’s clear that each institution or group seems to have strong views, those views heavily bias their research (esp questions they ask), and then the results are untrustworthy due to such contamination. It’s basically like forging data even though I don’t think most are intentionally doing it: just echo chambers, filter bubbles, or whatever.
I mean, I did learn interesting things from psychology and sociology. I found out just a year or two ago about the in-group/out-group model from sociology that fits my observations of tens of thousands of people. I still gotta study it more. Some stuff was just fun to read, too. I just can’t rely on the stuff since it’s all too much of it is heavily-biased and unscientific starting in the minds of the researchers and their institutions that want to perpetuate pre-existing ideas more than find new ones that contradict them. It would help if they learned to argue the other side honestly. My strategy was keeping people with strong, civil disagreements on social media so I could see a broad picture of America whenever something went viral. Painful but so rewarding.
“I also have plenty of bad habits which need shaking off too.”
Same here. I”ll be attempting to work on them again this year a bit at a time. 🙂
justinacolmena • August 10, 2018 8:38 PM
hatred of government and worship of property
There’s a more-or-less private club or “establishment” there…
The Sami natives of northern Scandinavia were falsely accused of worshipping a stump in the ground, they might have cached some food at a certain location on the tundra and had some ceremonies to orient themselves to return to that place later on, if a hunting trip was not as successful as hoped.
The Mormons had a holy “Plat of Zion” to lay out Salt Lake City on the plains of Utah.
The ancient Hebrews after their departure from Egypt wandered in the wilderness for 40 years before the time was right for the conquest of the Canaanites and a return to the land which had been promised to Abraham nearly 500 years earlier. And they balked at leaving the fleshpots of Egypt.
Now the government has taken our guns, pulled our teeth, stolen our silverware and other valuables, circumcised, scarred, and mutilated us, and run us off “property” at gunpoint.
Our modern version of land-ownership under the National Association of Realtors® with title insurance, mortgage protection, homeowner’s insurance, conditions, covenants, and restrictions, and so on and so forth, has attained the complexity and outright evil of the system of “villeinage” practiced in medieval Europe for land ownership and tenancy. They are extremely active and hard-hitting in politics, especially local and state, where they sometimes fly under the radar of bona fide federal law enforcement and other non-establishment awareness.
Wesley Parish • August 11, 2018 1:11 AM
@Clive Robinson, echo
The biggest joke is that nobody can actually control entry into orbit, or control any given orbit without suffering major collateral damage themselves. That’s what all this hoo-haa about space debris is all about:
https://www.nasa.gov/mission_pages/station/news/orbital_debris.html
https://en.wikipedia.org/wiki/Space_debris
https://www.space.com/topics/space-junk-orbital-debris-news
If you militarize space in the sense of deploying weapons in Earth Orbit, you will periodically need to test them, to assure yourself that they work. Space debris de-orbits at the fairly predictable rate, faster in Near Earth Orbit because of atmospheric drag. But if NASA is worried about the viability of entering orbit because of the risk that anything in any given orbit will encounter space debris on an intersecting orbit, then perhaps it is a sign of politicus spongiform encephalopathy to ramp up a space arms race.
Considering that trade now is vitally dependent on space-borne communications and navigation. You see, I do choose my words carefully – any Great Power so stupid as to militarize Earth Orbit in the sense of arming satellites, deserves to crash and burn, and the usual response of lesser powers and opposing Great Powers has been to assist them in doing precisely that. One thinks of the Great Coalition that brought down Napolean Bonaparte.
I consider it highly ironical that I included provisions tangentially relating to space debris in something I wrote – my Draft Treaty on the Neutralization of Outer Space – in 1988, when it hadn’t yet reached its current epidemic proportions. I was trying to be comprehensive as well as comprehensible, and I feared that I would not be comprehensible to any working space-qualified engineer if I did not clear up that as a potential misunderstanding.
Clive Robinson • August 11, 2018 11:17 AM
@ Wesely Parish,
The thing that amuses me is the International Space Station collission avoidence plans.
With about 150-200million bits of junk out there most of which are to small to track but could do some sort of lethal damage, the US and Russian mission control centers only worry about the 1/10,000 risk objects that could do structural damage (of significance, what ever that might mean).
But the fun bit is when the ISS can not be shifted or shifted in time… You get this,
Do you see anything about mittigating the effects of the Soyouz being struck by a lethal or receiving significant structural damage?
Nope me neither, I had occasion to ask about this apparent oversight in their procedures as the preceading procedure actually significantly increases the risk of fatalities (ie more than one on any given event).
After chatting with someone who had gone through the training, I was left with the impression that it had been concluded that the only advice that could be given was about as much use as the old “paper bag over the head” advice for civilians if inbound nuclear weapons occured. That is of no use at all so they don’t even give platitudes…
As you probably know some of that junk is “human waste” from the early maned rocket flights such as Apollo (any one else remember the joke line in the film about “constalation urinus”?). Well I’ve been told that due to certain effects these bits of junk actually evaporate and recondense repeatedly. So whilst there is little danger of “taking one for the team” with one, every other bit of junk gets a fine coating… What is apparently not known is if any viable biologicals remain to spread through space…
The scarry bit is hardly visable paint flakes having impact energies equivalent to bullets. Thus an astronaut could in theory get killed not just from the impact energy of the paint flake, but potentially of some virulent disease from fifty year old astronaut toilet flushings…
I know you write stories, but some of this stuff you just could not make up and be believed 😉
JG4 • August 11, 2018 11:26 AM
@Nick P – Thanks for all you’ve done.
@Clive – Enjoyed your particularly long screed yesterday.
https://www.nakedcapitalism.com/2018/08/links-8-11-18.html
…
Imperial Collapse Watch
Cables Detail C.I.A. Waterboarding at Secret Prison Run by Gina Haspel New York Times (UserFriendly)
Big Brother is Watching You Watch
Social media posts could ruin your college dreams, lawyer warns RT
Millions of Android Devices Are Vulnerable Right Out of the Box Wired
…
echo • August 11, 2018 3:03 PM
@Nick P
Fair comments. I don’t disagree much in practice although will nitpeick “decent psychologists and sociologists”. By “decent” I meant those with a clue on the subject. I agree a significant part of the problem is in the politics and as you note there are too many politicians of all colours and sexes who when gaining authority become part of the problem. I guess the same is true of any walk of life, really.
I can be snappy and chew the face off a rhino when I want to among other things. It’s not always helpful is it?
bttb • August 11, 2018 4:13 PM
Regarding Anonymous and QAnon, from https://mobile.twitter.com/emptywheel :
“emptywheel retweeted
@dangillmor
At @engadget, a deep look by @violetblue into how Anonymous is resisting a takeover of its brand by right-wing extremists. engadget.com/2018/08/10/ano…
View summary · Reply Retweet Like”
https://www.engadget.com/2018/08/10/anonymous-deals-with-its-qanon-branding-problem/
also
https://www.emptywheel.net ; Go down the rabbit hole.
https://www.nytimes.com/2018/08/10/us/politics/roger-stone-russia-investigation.html ; A rat-f?cker in Mueller’s crosshairs.
echo • August 11, 2018 4:46 PM
@bttb
I read today the German far right is rejecting Bannon because they are not as extreme as he believed, more far right lite. They also point out that German politics sympathetic to the right is more diverse than Bannon believes. I’m sure they may have their own hidden motives for not wanting Bannon near them so I’m not sure what this means one way or another.
bttb • August 11, 2018 6:17 PM
from emptywheel.net, https://www.emptywheel.net/2018/08/11/like-a-rat-fucking-stone/ :
“In my post [another link] outlining all the investigative steps the Mueller team has taken with Roger Stone since Rick Gates flipped, I pointed to some things that seem to relate to questions Mueller has asked”
[…]
Along with Miller, Kristin Davis [‘Manhattan Madam’ or former procuress] also got paid by one of Stone’s PACs [Political Action Committees]. Neither was paid enough to pay for the legal fees they’ve incurred covering their testimony…”
also
https://www.nytimes.com/2018/08/10/us/politics/roger-stone-russia-investigation.html ; a repeat link from above
Clive Robinson • August 12, 2018 3:54 AM
@ echo,
I can be snappy and chew the face off a rhino when I want to among other things. It’s not always helpful is it?
Oh I don’t know… it would be one less rhino to worry about 😀
I don’t know if you know but back in the 1980’s in teaching RHINO was another name for persistent truants, as it was the acronym for “Realy Hear In Name Only”.
echo • August 12, 2018 7:27 AM
@Clive
I like Rhinos although would admit the conversation does lack in content and delicacy somewhat.
I have never heard of this. There is the American hard right derogatory term of “RINO” (Republican in Name Only). I think some Tories on the hard right tried to import the same term into the UK but it wouldn’t fit a snappy acronym and died off. The left tend to have verious cliques ho use a variety of labels for attacking each other which is why things appear more muddled on the left.
I can’t think of anyone in the UK who properly articulates the organisational versus individual aspects of political parties.
Bong-Smoking Primitive Monkey-Brained Spook • August 12, 2018 7:53 AM
@Running with Pinking shears:
With apologies to Messrs. Waters, Gilmour, Barrett et al.
Nice!
All in all you’re just another brick in the wall
Suggestion, given some of the characters you mentioned…
b → p
wall → stall
Perfection!
Wael • August 12, 2018 7:58 AM
@Alyer Babtu,
But perhaps not – Sir Clive may have been in the ambient field of the “techno” beats of Nanoplex
Perhaps! I don’t know for sure.
Clive Robinson • August 12, 2018 11:58 AM
@ Wael, Alyer Babtu,
Perhaps! I don’t know for sure.
I don’t do blub-tub, so…
I’ve narry a scooby yer ken?
Sancho_P • August 12, 2018 4:40 PM
@Clive Robinson, re “… to move the crew into the Soyuz spacecraft …”
From my understanding this is the classical “minimize the risk by reducing the attack surface” – similar to avoid unneeded SW complexity (e.g. multitasking/multiuser OS).
But I dunno the size of Soyuz in relation to ISS.
Additionally, already enclosed in the Soyuz there might be a small chance to return, even if a “flying chorizo” severely damaged the ISS (anyway, hatches would have to be closed before the event …).
bttb • August 13, 2018 3:45 PM
@PeaceHead
I enjoyed your link (International Consortium of Investigative Journalists (icij.org)) above, too. For example,
“… [icij] Do you think it’s dangerous for you to criticize Russia?
[Snowden] Yes. There’s no question, it’s a risk. Maybe they don’t care, right? Because I don’t speak Russian. And I am literally a former CIA agent, so it’s very easy for them to discredit my political opinions as those of an American CIA agent in Russia.
[icij] Still, Kremlin-critics die under mysterious circumstances in Russia and elsewhere
[Snowden] Maybe, but, I am already someone who the world’s most powerful intelligence agency considers a real threat. If I wanted a safe life, I would still be in Hawaii, working for the NSA. (Snowden was a contractor for the National Security Agency at the time of the leak.)…”
bttb • August 13, 2018 3:49 PM
Regarding Barrett Brown, who spent 4 years in prison stemming from the FBI’s investigation into the 2012 Stratfor email leak, and Wikileaks https://www.thedailybeast.com/julian-assange-went-after-a-former-ally-it-backfired-epically :
“…Brown is no fan of the intelligence agencies. Yet he has been unsparing in his public criticism of his former ally. “WikiLeaks is bullshit” and “WikiLeaks is over” are two of his recent tweets. An appearance last month at the hacktivist HOPE conference in New York featured Brown in conversation with this reporter and is said to have contributed to Assange’s desire to retaliate.
During that appearance, Brown reflected that back in WikiLeaks’ early days, “I was very much enthusiastic about WikiLeaks existing. I was enthusiastic about Assange jumping into the vacuum here and serving in a leadership role in an effort to enforce transparency on fascist institutions.” But now, Brown continued, “It’s time for [WikiLeaks] to pass the baton to something with the moral authority and the capability” to publish whistleblowers’ exposés of powerful opaque institutions.
(“It was difficult for me to come out and have to criticize WikiLeaks for the first time. I just did four years in prison largely because I was inspired by WikiLeaks.”
— Barrett Brown)
“I will always defend Julian Assange against governments. They are not going after him for his vices, they’re going after him for his virtues. They’ve been going after him since the very important work that he did. I was not opposed to that release of the DNC emails because that is an appropriate thing for a leaking organization to do,” Brown said.
But Assange, Brown continued, “has collaborated closely with outright fascists. He has uttered absolute demonstrable falsehoods over and over again recently… It was difficult for me to come out and have to criticize WikiLeaks for the first time. I just did four years in prison largely because I was inspired by WikiLeaks. It wasn’t fun for me, but it was a necessary thing for me to do if I was to maintain intellectual honesty, which is all I have…”
echo dot setup • May 23, 2019 12:44 AM
Top tips to download Alexa App for Alexa setup and Setup Amazon Alexa Echo Devices (Echo setup, Echo Dot setup, Echo Show setup, etc.) by visiting here
alexa setup
echo dot setup
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
YabbaDabbaDon't • August 3, 2018 5:02 PM
https://www.bostonglobe.com/metro/2018/08/02/tsa-says-quiet-skies-surveillance-snared-zero-threats/dsCm4BG3pq8v3xhi01zhLI/story.html
After spending millions of dollars TSA’s “quiet skies” program discovered that the skies were indeed quiet.