Interesting video of a robot grabber that’s delicate enough to capture squid (and even jellyfish) in the ocean.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Sherman Jerrold • August 10, 2018 5:00 PM
Back in the 70’s divers made ‘slurp guns’ to gently collect fish, octopi, squid, etc. They were an ~4-6″ diameter clear plastic tube about 18″ long with a spring (or large rubber band), plunger, catch, trigger and round closing panel at the open end.. You could get fairly close to your target, pull the trigger and the target would be quickly and safely ‘slurped’ into the tube and you closed the panel at the end to trap the target.
Also, thank you to Bruce S. and all the people that provide such excellent (and sometimes funny) info here.
What Could go Wrong This Time? Google’s Return to China
By Josh Rogin The Washington Post
“Google is proposing a new Faustian bargain with the Chinese government that isn’t just morally wrong; it’s also terrible for business. Experience has shown that American tech companies that sell their souls for access to the Chinese market also end up losing their shirts.
Ever since the Intercept revealed that Google has been secretly working with Beijing…”
Potential National Security Issues[7]
Lets follow this perspective and be explicit in this security blog:
Google’s secret big-data dossier on every American citizen, military and industrial corporate establishment is second to none. They have the most data, AI based analytics second to none. These guys are brillant at evading accountibility and fending off rules and regulations. Right now these big-data lobbists fund campains and assist in writing new ‘privacy’ laws.
Asking innocently, are these corporate leaders making decisions US citizens? Whats to stop our personal and sensitive data from flowing INTO China?[1]
Thinking Chinese – My Evil Self
Growing ever more powerful why do they need a secret, submissive partnership with the Chinese Communist Part? To meet their 2025 plan they just published being at war with the USA. China goals are world domination in technology and AI, economically, militarily. If I could gain control, I’dmerge the Social Security Numbers based SF86 raw intelligence data (which China stole from the USA government) to secretly build a Limitless[5] Chinese Palantir.[2]/ Then expand it to all western societies.
Who is Craftier?
Right before Google fled China last time, their search engine algorithms/crown jewels were stolen. Ask Clive if history repeats itself.[3]
In summary the Chinese previously successfully stole extremely valuable from the USA government, Google and the US Military (Joint Strike Fight/J14). Now they demand western corporations most prized technology secrets as a precondition for doing business in China[3]. Go figure![4]
http://www.followcn.com/googles-china-plan-isnt-just-evil-its-bad-for-business/
[1] Who has the most advanced real-time mass surveillance tools with no laws or regulations limiting transfer TO China?
[2] long overdue, the military banned personal tracking devices. Shades of Ukrainian Artillary[6] officers!
[3] China wants to admit Google but states they must follow Chinese espionage laws and submit to code reviews
[4] Facebook has repeatably (and embarrassingly) shown its desperate to enter China. Rest assured we all know how secure our Silicon Valley data is!
[5] Unlike the movie you don’t need a pill to outsmart everyone else
[6] typo for Clive from a lefty
[7] I speak only a a concerned American citizen, but this may apply to EU/Nato as well
Alejandro • August 10, 2018 5:50 PM
“Kaspersky VPN blabbed domain names of visited websites – and gave me a $0 reward, says chap”
https://www.theregister.co.uk/2018/08/09/kaspersky_vpn_dns_leak_bug_bounty/
“Kaspersky’s Android VPN app whispered the names of websites its 1,000,000-plus users visited along with their public IP addresses to the world’s DNS servers.”
I don’t need to hear anything more about Kaspersky. Do you?
Tõnis • August 10, 2018 6:47 PM
@Ismar,
As usual the same principle can be used for good to help scientists fight cancer or find causes to some diseases as done by IBM here
https://www.worldcommunitygrid.org/discover.action#curent-projects
The moral question I have here is would it be acceptable to have this kind of software installed secretly on people devices in a way similar to illegal miners do with their software? Or even what would one do when finding exitance of such a software on their devices- remove or not remove it ?
Secretly on other people’s devices? Completely unacceptable and hopefully illegal everywhere. Maybe I think “finding the cure for cancer” is a sham industry (I’m not saying that I do or I don’t), and I would never want those who derive their livelihood from it benefiting by stealing my processor power, bandwidth, and electricity. I might prefer never to give to corporate charities.
I’m enjoying Windows 10 now. I decided, chose to use it. Even Windows 10 allows the user to choose to share his bandwidth when it comes to Microsoft’s Windows Update “Delivery Optimization” scheme. I may even turn it on. For sure I’m much more receptive and open minded toward options like this when their purveyors approach with honesty than when they connive, lie, cheat, defraud, and steal to get what they want. I would delete that secretly installed program you reference even if thought it was a good idea, because I’m disgusted by the way it presented, by the fraud.
echo • August 10, 2018 6:59 PM
Dropbox is narrowing its filesystems support which can leave out some Linux encrypted filesystems and filesystems like ZFS. I’m puzzled why a cloud storage provider application is dependent on extended attributes. Coming so soon after the Spideroak affair?
I personally believe this is because there is too much testosterone in the room. This is staff responsible for decisions at a lower level are not very experienced perhaps both. Add out of touch management and poorly working competition regulation which makes providers become customer hostile and you have a very unhappy situation. The Financial Times in an article within the past couple of days is essentially saying this about the big four accounting firms and that there is a hidden reality of sometimes zero competition and a lowering of staff skill to the detriment of the overall market.
echo • August 10, 2018 7:18 PM
OSNews has some good articles. The first covers a sandboxing mechanism in Windows 10 Enterprise that might form a mechanism for running “legacy” Win32 applications.
The article on a shared family computer has bearing on education and social development which in later years matters for governance and social stability and a sense of shared commoms. Some care needs to be taken to avoid Chinese style Confucianism or Roman style triumvate doctrine.
The last article on sexism covers harrassment from both sides of the fence, people who never experienced the harassment, and management views.
Windows 10 Enterprise getting “InPrivate Desktop” sandbox
http://www.osnews.com/story/30641/Windows_10_Enterprise_getting_InPrivate_Desktop_sandbox
How the shared family computer protected us from our worst selves
http://www.osnews.com/story/30643/How_the_shared_family_computer_protected_us_from_our_worst_selves
Inside the culture of sexism at Riot Games
http://www.osnews.com/story/30640/Inside_the_culture_of_sexism_at_Riot_Games
Axtr • August 10, 2018 8:41 PM
Anyone know of Intel Zero-day exploit that boots various Win OS in hidden VM as server while mirroring client OS from remote C&C without access to wifi, bluetooth, NFC, s-beam or any internet wired connection other than rom emf and able to defeat linux/unbuntu usb or dvd R only boot disk?
Cowgirl • August 10, 2018 9:11 PM
https://www.tomshardware.com/news/x86-hidden-god-mode,37582.html
More backdoors found in computer chips.
Cowgirl • August 10, 2018 9:16 PM
https://www.reddit.com/r/europe/comments/95l4w9/i_am_stefan_soesanto_working_on_cyber_defence/
Stefan Soesanto has an interesting Ask Me Anything up on Reddit. I don’t know how widely his views are shared but I suspect some will find them controversial.
65535 • August 11, 2018 1:06 AM
@ Axtr
“Anyone know of Intel Zero-day exploit that boots various Win OS in hidden VM as server while mirroring client OS from remote C&C without access to wifi, bluetooth, NFC, s-beam or any internet wired connection other than rom emf and able to defeat linux/unbuntu usb or dvd R only boot disk?”
Anything is possible. Can you give us more details on the hardware and software you are working with?
@ Cowgirl
‘More backdoors found in computer chips.’
“The command — “.byte 0x0f, 0x3f” in Linux — “isn’t supposed to exist, doesn’t have a name, and gives you root right away,” Domas said, adding that he calls it “God Mode.”… The backdoor completely breaks the protection-ring model of operating-system security, in which the OS kernel runs in ring 0, device drivers run in rings 1 and 2, and user applications and interfaces (“userland”) run in ring 3, furthest from the kernel and with the least privileges. To put it simply, Domas’ God Mode takes you from the outermost to the innermost ring in four bytes… Domas discovered the backdoor, which exists on VIA C3 Nehemiah chips made in 2003, by combing through filed patents. He found one — US8341419 — that mentioned jumping from ring 3 to ring 0 and protecting the machine from exploits of model-specific registers (MSRs), manufacturer-created commands that are often limited to certain chipsets.”-Tomshardware
https://www.tomshardware.com/news/x86-hidden-god-mode,37582.html
Interesting. I wonder if intel is effected during the 2003 period other than the infamous Intel Management Engine. My guess is probably yes.
“Samuel 2″ (150 nm)
• All models support: MMX, 3DNow!, LongHaul
• FPU runs at 50% of core speed”-wikipedia
https://en.wikipedia.org/wiki/List_of_VIA_C3_microprocessors
It has been a long time since I have seen a socket 370 chip. Nice little backdoor. Christopher Domas intense digging into patents paid off very well. Nice catch Cowgirl.
65535 • August 11, 2018 2:43 AM
@ Tõnis and echo
“I’m enjoying Windows 10 now.” –Tonis
“OSNews has some good articles. The first covers a sandboxing mechanism in Windows 10 Enterprise that might form a mechanism for running “legacy” Win32 applications.”- echo
There is a small beacon of hope in the Windows 10 fog of dispare. It would be nice to run ‘legacy Win32” without workarounds such as using Administrator privilages and so on.
But, Windows 10 Enterprise is still quite expensive for the average Jane/Joe. For large corporation Windows 10 enterprise is somewhat usable.
I will be honest when I thought Steve Ballmer was bad but Satya Nadella downright awful as a CEO.
Nadella has tried to emulate Apple’s success of a thin client ecosystem where root control is difficult for the end user and tied to complex cloud system of “licenses” that is expensive and unresponsive to the needs of its customers. Nadella’s patching system is train wreck were patches crash working machines only to be replace by patches that hobble machines. Nadella’s change is accounting methods is dubious at best and generally helps insiders and hurts outside shareholders.
Here is a sample of Nadella’s patch problems:
“An open letter to Microsoft management re: Windows updating
“Enterprise patching veteran Susan Bradley summarizes her Windows update survey results, asking Microsoft management to rethink the breakneck pace of frequently destructive patches…as Windows 10 turns three years old, I am writing to you to ensure that you are aware of the dissatisfaction your customers have with the updates released for Windows desktops and servers in recent months. The quality of updates released in the month of July, in particular, has placed customers in a quandary: install updates and face issues with applications, or don’t install updates and leave machines subject to attack…the month of July 2018 alone there are 47 knowledge base bulletins with known issues. Some of these were stop issues, but most concerning were the .Net side effects with your own software: SharePoint, BizTalk and even Exchange servers were impacted by these July 10 updates.
“I asked on a scale of 1 to 5, 5 being the highest, how satisfied respondents are with the quality of Windows updates in general. Many respondents were not satisfied with Windows updating in general.
“I asked about satisfaction with patching of Windows 10 specifically: Many respondents were not happy with the quality of Windows 10 updates.
“I am disturbed when I see users and consultants talk about taking drastic measures to take back control of updating and rebooting. Some are disabling Windows Update as a drastic measure to ensure that updates do not reboot systems when they are not wanted. It’s clear that your team also acknowledge that unexpected updates are problematic. But your customers deserve better than “promising” results. They deserve a stable platform that reboots only when they want it to…these changes in each version release have caused confusion, and in some cases behavior that was not expected at all. Dual scan is one such change that caused confusion, and as a side effect caused administrators to have updates installed when they did not want them. The lack of clear communication regarding update changes leads to this confusion.
“Impact on Azure. When one downloads a Windows 10 virtual machine in Azure and deploys it, is often built from a release from several months ago. These patching side effects we see in the traditional operating system channels, impact patching on Azure as well. Recently a RDP patch that was released in March and ultimately implemented fully in June impacted Azure virtual machines. The fact that you had to release a Knowledge Base article to instruct customers to go around this issue showcases that delays in patching Azure, and the lack of clear patching communication causes ripple effects to your cloud platforms.
“As it stands right now, we do not trust the software and the patching quality enough to do so. I thank you in advance for the opportunity to share with you your customers’ views.
“Susan Bradley. Moderator at Patchmanagement.org”
[Next is Ask Woody]
‘Where we stand with the July 2018 Microsoft patches
“Quite possibly the worst month this year for patches… that’s saying something!”
”-askwoody
https://www.askwoody.com/page/3/
[and now]
‘We continue at MS-DEFCON 1: Don’t install any of the July patches’
‘With August patches just around the corner, you’d be well advised to give up on the July patches. Yes, some folks dodged the (many!) bullets and managed to get some of the July patches installed without hosing their systems. But for almost everybody, in almost every situation, the risk of installing the July patches is far, far greater than the risk of skipping them.’-askwoody
https://www.askwoody.com/2018/we-continue-at-ms-defcon-1-dont-install-any-of-the-july-patches/
[The actual Microsoft patch process]
“Microsoft designer and lecturer John Wilcox posted a detailed look at the company’s “update servicing cadence” on the Windows IT Pro blog. In it, Wilcox set out the official patching principles:
• Be simple and predictable
• Be agile
• Be transparent
“Microsoft’s adherence to those principles is the subject of ongoing, heated debate, of course… Microsoft’s patching cycles revolve around Tuesdays. For the past couple of years, Microsoft has been trying to recast the Gregorian calendar in some sort of “A week” / “B week” nonsense, but if you just look at Tuesdays, you’ll start off on the right foot…the first Tuesday of the month, Microsoft usually releases non-security updates for the installed (“MSI”) versions of Office. They’re usually not checked in Windows Update, so they don’t install automatically. On the second Tuesday of the month – Patch Tuesday – Microsoft usually releases:
• Cumulative updates for the various versions of Windows 10, which roll out through Windows Update. These combined security and non-security patches are “cumulative” in the sense that, if you install one of them, you’re caught up on all of your patching obligations for that particular version of Win10.
• Monthly Rollups for Windows 7 and 8.1, which appear checked in Windows Update, so they install unless you’ve turned off Automatic Update. They also contain security and non-security updates, and they’re cumulative (although they may not include some very old patches).
• Security-only patches for Win7 and 8.1. These are only available for manual download and installation. They aren’t cumulative.
• Security patches for the installed (“MSI”) versions of Office, which are checked and ready for automatic installation. Around the second Tuesday, the non-security Office patches are generally changed to appear as checked in Windows Update, so they will install unless you have Automatic Update turned off.
• Finally, Office Click-to-Run (C2R) usually gets updated on or around the second
“Tuesday of the month. If you have the C2R version of Office (as opposed to the installed “MSI” version), you are automatically updated through the Office updating mechanism, which is outside of the usual Windows Update channel.
…the third Tuesday of the month, give or take a day or two, brings fixes for bugs introduced on the second Tuesday of the month… Microsoft releases a “Preview of Monthly Rollup” for Win7 and 8.1 – a collection of non-security bug fixes that (if all goes well) will reappear on the second Tuesday of the following month. Notably, Microsoft hasn’t released a significant new feature for Win7 or 8.1 for at least a few years. Other than bug fixes, time zone changes and the like, the only non-security modifications we’ve seen are designed to increase telemetry…sometime between the third and fourth Tuesdays of the month, each Win10 version gets a second (or third) cumulative update for the month… he patches, pulled patches, re-issued patches, re-directed patches (with changes in “metadata”), plugged IE holes and .NET patches, we see something new on roughly half of the business days in a typical month. Most of the changes are undocumented… Nowadays, newer Win10 versions get three or even four patches, fixes and re-patches per month. Multiply that by three current versions (1703, 1709 and 1803), and there’s a whole lot of Win10 patching going on…”-computerworld
As you can see there seem to be patches released all through the month and many are old re-named or “fixed” patches which still cause lockups and reboots at odd or inconvient times.
The whold Microsoft patch process is mucked up beyond reasonability. As noted, some techs are just completely turning off the patch process altogether hoping that is will be fixed in the future.
Worse, there are dark roomers that Nadella is actively sabotaging Windows 7 systems to force customers into Windows 10 expensive license system. For large corporations Windows 10 Endterpise might be usefull. But, for the average Jane/Joe who cannot afford Windows 10 Enterprise and use Pro or Home versions is is a disaster.
If Microsoft is to recover its public image the first thing is to demote Satya Nedella and find a compentent CEO. Next, is to reverse the changes to Microsoft’s patch system or revert back to the typical cycle including new sku numbers and new OS models. For investors, I believe the changes in accounting methods made by Satya Nadella needs to be reverted back to the normal accounting under Steve Ballmer.
Currently, Microsoft has hit rock bottom and is basically a thin client company that constantly spies on its customers and forces it customers to be “beta testers” while charging them huge license fees [Azure, Office 365 and so on].
Barring the above changes, most Microsoft customers can switch OS to a linux or other OS’s or just use mature versions of Microsofts older line of OS’s with no updates and good AV and other security measures.
Clive Robinson • August 11, 2018 3:30 AM
@ Alejandro,
I don’t need to hear anything more about Kaspersky. Do you?
Possibly not but the two issues raised by the event are much broader than aby one organisational entity. That is we’ve seen them before and we will see them again over and over.
The first issue is not technicall in the ICTsec sense, but one that is sociological in nature.
Bug bounties, especially limited scope bug bounties can be problematic at the best of times, due to the managment of “gain expectation”[1]. It’s just one of the reasons I don’t like them very much. Which is why I tend to give my research results without any real gain expectation[2].
But there is a downside to even giving the results away. Some time before Stuxnet I described on this blog how you might go about delivering malware to supposadly “off line” or “air gapped” systems in a “fire and forget” manner along with how to do “headless” control channels for bot nets and the like. I can not say for certain that those who designed Stuxnet used my ideas or not. But there was also the issue of “code signing” that @Nick P and myself had repeatedly warned about that likewise got used. Since then as quite a few of “the usuall suspects” know other new ideas that have been first aired on this blog have likewise been used without acknowledgment @Thoth has suffered this on a product idea he was actively developing. Sometimes the usage was for questionable purposes, thus we have become more circumspect in describing what we research. And based on the more recent behaviour of the likes of the FBI / DoJ in more recent times it is probably only just in time.
So the sociological side is not just “gain expectation” managment but also “risk” managment as well that gives rise to “the chilling of free speech” which is very detrimental to society it’s self not just the parts where people research.
But onwards and upwards as they say to the technology issues. VPNs are problematic for many reasons and will always leak information in some form and at some level, even if it is just that “protected data” is disproportional to some expected measure, thus indicative that some covert channel is in use.
There are two issues that are in effect unsolved with VPNs and for that matter with other privacy systems and even just mobile systems. They are “discovery” and “scope”, that is how individual end communications end points find each other and what should and should not be visable to an end point and how.
Currently discovery systems fall into two broad types “broadcast” and “look up” neither is covert by design thus privacy is at best difficult for one or both of the communicating end points. Solving this problem is still “an active research” issue, but there have been steadily less new ideas published. Which probably means people are starting to realise it’s a way harder problem to solve than they first think, and the “easy answers” are already “mined out”. The reality is there may never be a way to have full privacy on end point discovery, especially if both end points are mobile.
But scope of what is and is not inside a VPN covarage and how it should be reached is actually a network stack software issue combined with unknown choke point issues.
The basic network stack model is the “single gateway pluss local segment” model in most cases. That is you in effect use broadcast to the local network segment and everything else you send to the gateway address and make it another “routing systems” problem.
The problem with VPNs is what is and is not the local segment. That is what may appear local at the IP layer may not be local at a lower level. Whilst this normally does not matter it does when security is implemented by gapping and choke points. This is because a single network segment may well have choke points such as fire walls and unidirectional routing within an organisational entity on a single network segment. Oh and the delights of Network and Port Translation to have many more local “internal machines” than there are external “IP addresses”. Allof which can be further munged up by the use of both IPv4 and IPv6 addressing on a single homed host or worse multihomed host.
Put simply there is no way any VPN network software can figure this out without assistance. So one solution is when a VPN is enabled there is no local network segment and just the “gateway” which is the local end of the VPN pipe. This can be a real security problem, because if access to a local server is required, it has to be available to the distant end of the VPN pipe, which can mean the local server has to be made visable to public networks thus anyone who want’s to attack it…
Larger organisations thus generaly configure the distant end of the VPN to be local to the servers, and have all traffic routed through what is the central hub. It’s far from an efficient way of doing things and adds considerable complexity and other issues such as printers.
However for smaller organisations using VPNs from an Internet supplier it can be a compleat nightmare and can end up with very restricted systems that hurt productivity.
Most people can start to think up general solutions but there are always edge and corner cases poping up such as printers, making such first cut solutions at best partial.
[1] For some reason we don’t even have a recognized term for “gain expectation” other than at the extremes such as “greed”. The IC use MICE but that does not even have common agreement on what the individual letters in the acronym represent.
[2] My gain expectations are, firstly people give me a name check if they use my ideas, secondly they buy our host @Bruce two drinks if they should meet him. The first drink is because even if he likes it or not Bruce deserves recognition for this blog, which in a way makes him a publisher of ideas. The second is for @Bruce to pass on to me should we ever meet, or any suitable deserving cause he might come across in the mean time. As far as I’m aware the closest we’ve ever come to meeting is both being in University College London (UCL) university at the same time some years ago.
Aradontes • August 11, 2018 3:33 AM
“I can not say for certain that those who designed Stuxnet used my ideas or not”
Honestly how long do we have to suffer this bragging? No Clive they did not steal your work in Stuxnet, you ham.
CallMeLateForSupper • August 11, 2018 7:50 AM
@Ismar
“The moral question I have here is would it be acceptable to have this kind of software installed secretly […]”
My opinion: never secretly.
bttb • August 11, 2018 8:27 AM
Tor and Brave Browser, from https://brave.com/tor-tabs-beta :
“This new functionality, currently in beta, integrates Tor into the browser and gives users a new browsing mode that helps protect their privacy not only on device but over the network. Private Tabs with Tor help protect Brave users from ISPs (Internet Service Providers), guest Wi-Fi providers, and visited sites that may be watching their Internet connection or even tracking and collecting IP addresses, a device’s Internet identifier.
Private Tabs with Tor are easily accessible from the File menu by clicking New Private Tab with Tor. The integration of Tor into the Brave browser makes enhanced privacy protection conveniently accessible to any Brave user directly within the browser. At any point in time, a user can have one or more regular tabs, session tabs, private tabs, and Private Tabs with Tor open.”
Also
https://www.theregister.co.uk/2018/06/29/brave_browser_tor/
https://www.pcmag.com/news/362191/brave-browser-integrates-tor-into-new-private-tab-feature
https://www.forbes.com/sites/martijngrooten/2018/07/08/brave-move-good-for-tor-and-privacy/
https://www.cnet.com/news/brave-advances-browser-privacy-with-tor-powered-tabs/
bttb • August 11, 2018 9:50 AM
Good News (maybe): Trusted End Node Security (TENS) plays Youtube while Firefox is relatively locked down (all add-ons disabled; extension NoScript enabled). For example:
https://www.youtube.com/watch?v=cJtPK3aS4vQ ; Carl Orff :Carmina Burana, Berlin Philarmonic, Seiji Ozawa (about an hour)
English Lyric translation: http://www.austinsymphony.org/files/Carmina_Burana_translation.pdf ; pdf
Clive Robinson • August 11, 2018 10:20 AM
@ Cowgirl,
More backdoors found in computer chips.
I’m far from surprised, there were quite a few changes in the early part of the “naughties” that made me cautious.
It’s why I’ve talked about using pre 2000 chips, as you can still check many of the optically.
People realy should be asking why this sort of stuff is in chips this century and not just why but who actually benifits from them.
After all you generaly don’t build a hidden driving position in vehicles with out having some quite nefarious reasons. You might bring a test harness out to aid production but you would not bother building in everything else. We have jtag for bringing out test harneses so why not just the duplication but remote control ability as well…
Major • August 11, 2018 10:32 AM
… 1000 I WILL PAY ATTENTION TO WHAT I AM DOING
phew!! I hope I will do a better job attributing my posts in the future
@Ismar
I don’t know what you are up to. It is unlikely anyone on this blog is going to support the installation of software without permission. You seem to want to distract and disturb.
@Aradontes
Isn’t it bragging to think you are in a position to issue niggling complaints about key members of this group?
@echo
You relate so much to “testosterone” and such, but I don’t see evidence or reasoning. It is a lot of negativity. You are in danger of conforming to stereotype. Why continually slap at men and masculinity? Without any real argument I, at least, find it tiring.
This is not to question the reality of harassment. I’ve seen it. But testosterone as the reason for not including linux file systems on dropbox? How would that follow?
I’d love to hear a focused argument about why men suck in general or whatever you mean to say. Then there would be something to talk about and maybe my consciousness could be raised. It has been before, such as about the importance of gender neutral terms for leadership positions (chairperson, etc) and terminology such as humankind (vs mankind). I really am willing to understand. Given a chance.
“The seX-Files: I want to believe”
Wael • August 11, 2018 11:05 AM
@Major, cc: @echo,
and terminology such as humankind (vs mankind) […] I really am willing to understand. Given a chance.
Here is your chance: nothing’s wrong with the terminology. Something’s wrong with correct understanding of etymology. From a previous post, link omitted for clarification:
“Man” covers both sexes: both (male and female) are men; the one with a womb is called a woman; the one without, well… is just a man 😉
In other words, Man is “general” and Woman is a “specialization” of the species. The problem arises from the overloaded use of “man”; it could mean an adult male, or it could mean “human”. Similar misunderstandings exist in other languages, too, including languages that have ~12.5 Million words in their vocabulary!
herman • August 11, 2018 11:32 AM
Delicate enough? I like to go paddling in the open ocean and in my experience, squid and jellies can be almost as tough as car tyres.
herman • August 11, 2018 11:37 AM
@echo – Dropbox is mainly a clueless Windows user thing. Why do you need Dropbox, if you can get a Linux server in a data centre for $5 per month?
Clive Robinson • August 11, 2018 11:41 AM
@ Wael,
… including languages that have ~12.5 Million words in their vocabulary!
Whilst I don’t doubt the approximation, ~12.5 Million words kind of defies comprehension. It is after all a little under 2^24 words, or every possible 5 letter password using the upercase alpha charecters, or five letter telegraph codes that are still used for sending MilSpec encrypted traffic…
A quick “napkin calculation” suggests you would need an A4 page size book with 7800 double sided pages with 80 lines of ten 5 charecter groups.
I somehow doubt any individual could memorise them and “a dictionary meaning” for each unless they were in effect self describing compound words. Such as “turninghandletoopendoor” for what in English would be “knob”.
Wael • August 11, 2018 12:23 PM
@Clive Robinson,
~12.5 Million words kind of defies comprehension.
It most certainly does. Hard to fathom… Perhaps it’s good for passwords? I sometimes do that, but don’t try to “crack” my passwords… Speaking of that: a while back I downloaded Dashlane iOS password manager… Was one of the few that did not require “subscription” or a “Cloud Account”. I don’t use “Clouds”. Anyway, I transferred all my passwords from a flat text file to Dashlane. Worked fine and I was happy. I also enabled TouchID for access to it (yes, I know –you caught on to the information leakage here, it’s not an iPhone X.) Then a few days ago, I wanted to retrieve a password. I got the message: “For security, you need to enter your Master Password every 14 days”… ahhh-ba-ba-ba… I forgot it! what to do? No way to retrieve it, so I changed the date on the phone and it worked – it let me use touchID again. Bug? I hope they don’t fix it 🙂 But if they do, next time I won’t fall into that! I’ll save the master password in Dashlane 😉
A quick “napkin calculation” suggests …
Too tired to verify, but I trust your math skills.
Such as “turninghandletoopendoor” for what in English would be “knob”.
That would be German 🙂
I somehow doubt any individual could memorise them …
Only one person. I won’t elaborate more on this, but you’re full of wisdom, and can figure it out.
The other day I looked at digital signatures and blog posts and almost proto-typed something, but I ran out of time… I’ll say more in the appropriate thread. Not sure whether I should talk about it, or just do it then share the “product”. No time to do anything 🙁
Clive Robinson • August 11, 2018 2:12 PM
@ Wael,
I don’t use “Clouds”.
Nope they are considered “Third Party Business Records” from what I can decipher out of various reports on US judical decisions. Which if true means they are just an NSL away at most from the donught munching, gut hanging, gun slinging “Officers of the Peace” 🙁
But onto nore chearfull thoughts,
I won’t elaborate more on this, but you’re full of wisdom, and can figure it out.
I guess God alone knows for certain who 😉
That would be German 🙂
They do have that reputation. However the thought arises, in English you can move words around in a sentance and still have the exact same meaning, if you did that in a German word and spelled the individual words correctly, would the resulting compound word be a “spelling mistake”?
Yes it is such thoughts that reveal the darker, danke parts of my brain…
Not sure whether I should talk about it, or just do it then share the “product”.
I used to do the former as part of the “sanity checking process”. But the level of accuity for that these days sujests that there is a degree of “playing dumb” to get details out of people so they can make compeating products. @Thoth found this to his cost so he went from sharing, to building and selling product.
Thus recent history suggests “just do it and ‘sell’ the product” is the way to go. If you look at Amazon’s behaviour you will also see that planing for only a single product run then doing something else is also a sensible strategy because Amazon have become recognised as IP theives 🙁
echo • August 11, 2018 2:49 PM
@Major
Regarding the sexism topic you’re discussing last weeks squid. I will note I said some men, not men or all men. This is an important qualifier not all women and certainly not all media columnists respect. In this topic I also linked to an article which covers sexism from all sides. There’s so many layers and divisions to the topic, and obsure systems theory which is gaining in popularity but hasn’t made a breakthrough yet the subject is difficult for anyone. The latest theory gaining ground is that conciousness is more of a meta thing, being spread not just within ourself but society, and that this and homeostatis is an aspect of good good mental health and wellbing.
Spooky • August 11, 2018 2:58 PM
Such a shame about those VIA chips (though hardly a surprise). I was saving a few VIA-powered HP thin clients on a spare shelf as a portable source of non-Intel, non-AMD computing. Linux has been patched and I’m sure the *BSDs will soon follow suit, though any serious exploit can probably turn it all back on (since MSR checks are likely performed only once during init). Assuming the hidden core is used to efficiently implement the “Padlock” crypto accelerator, this does not bode especially well for later VIA cores.
I was joking with a friend that we should just go back to using 8086s, 6510s and Z80s but you know what, that would not make any difference–every single one of those chips also contained undocumented instructions and behaviors. Such is the complexity of modern computing (and the inordinate amount of trust we place in those that design it). What a mess.
Cheers,
Spooky
bttb • August 11, 2018 3:06 PM
Click Here to Kill Everybody…, Bruce Schneier, https://www.schneier.com/books/click_here/ , coming in September, received a great endorsement from Cory Doctorow. The endorsement was on a wonderful three hour C-Span talk show https://www.c-span.org/video/?448143-1/depth-cory-doctorow , iirc, with Pedro, which showed just how good a live interview, with call-ins, can be (javascript required).
bttb • August 11, 2018 3:19 PM
Regarding IBM, https://www.wsj.com/articles/ibm-bet-billions-that-watson-could-improve-cancer-treatment-it-hasnt-worked-1533961147 , Aug. 11, 2018 12:19 a.m. ET :
“IBM Has a Watson Dilemma
Big Blue promised its AI platform would be a big step forward in treating cancer. But after pouring billions into the project, the diagnosis is gloomy…
Can Watson cure cancer?
That’s what International Business Machines Corp. asked soon after its artificial-intelligence system beat humans at the quiz show “Jeopardy!” in 2011. Watson could read documents quickly and find…”
Major • August 11, 2018 3:36 PM
@echo
“Testosterone” occurs in your post on drop box in this squid. It is demeaning to reductively explain women’s actions by their hormones and I suggest the same holds for men.
@wael
I think treating men as the exemplar of human kind and women as a special case implicitly suggests humankind is really about men. Male leadership role nouns, at least subconsciously, tell girls that leadership is not about them. Perhaps I am wrong, but I see little harm in using inclusive nouns for humankind and our leadership roles.
We have gender neutral nouns so, at least in English, the confusion you refer to can be avoided.
Etymology is interesting, but even slurs have etymology. I doubt if people of African descent care much about a white guy’s exegesis on the etymology of the “n” word, for example.
I also am happy to do my best to use whatever pronoun for a person they prefer. It’s a small thing for me and deeply important to some others.
I am 100% free speech. But speech still has an impact, and I choose for my impact to be benign unless I am particularly intending otherwise.
echo • August 11, 2018 6:10 PM
Movies are boring at the moment and my brain is frazzled so I’m watching a classic movie again: The Hunt for Red October. I really wish we had more movies liek this not cgi riddled stuff with actors who would blow over in a wind.
@Major
I commented on bad decision making in the Spideroak topic.
@Clive
Further to discussing special forces selection Speigel had an article last week on an alpine mountaineering accident. I personally wouldn’t rely on GPS at all and would prefer map and compass. Maybe I’m wierd but I like cooking a meal in the most absurd of places and conditions. I also remember an anecdote a man at work told me about camping in New Zealand. He bought his equipment there both for saving weight while travelling and because he had been advised what was sold locally was fit for the conditions. He claimed the sleeping bag he bought saved his life when he was in the mountains of Afghanistan.
As a follow on for communications I know smartphones are convenient but for boating they are no replacement for VHF which has better range and provides triangulation for rescue services.
http://www.spiegel.de/international/europe/that-s-it-we-re-dead-disaster-strikes-along-the-alps-haute-route-a-1220184.html
‘That’s It, We’re Dead’ Questions of Accountability After Tragedy in the Alps
Ten alpinists, including a guide with years of experience, set off to cross one of the Alps’ most majestic mountaineering routes, the Haute Route. By the fourth day, a heavy snowstorm was brewing — but the group kept going, with deadly consequences.
Wael • August 11, 2018 9:52 PM
@Major,
suggests humankind is really about men…
Not really! See, back in the day when men were men and women were … ribs… 🙂
Ergo Sum • August 11, 2018 10:24 PM
@echo…
Movies are boring at the moment and my brain is frazzled so I’m watching a classic movie again: The Hunt for Red October. I really wish we had more movies liek this not cgi riddled stuff with actors who would blow over in a wind.
I’ve never seen it, but watched that movie couple of days ego. Asides from being a typical “American cowboy movie”, where the “heroes” will always succeed, it’s been very enjoyable and great casting movie. I love the part where the enemies shoot with machine guns, but don’t hit anyone, while the heroes only need couple of shots to take out the enemy. Within the confine of the all steel submarines nonetheless…
Wael • August 11, 2018 10:35 PM
@Clive Robinson,
Thus recent history suggests “just do it and ‘sell’ the product” is the way to go.
Nothing to sell, really. Just a small proof of concept with some clever[1] ideas and implementations.
[1] In my not so humble opinion 🙂
Thoth • August 11, 2018 11:33 PM
@Clive Robinson
I think I smell something fishy in many products recently.
They do share a working relationship with at least one of my technology partners so I have to be a little careful at ratting and calling them out.
Some big corp just introduced a “new and shiny” Security Key for the FIDO2 / W3C Web Authentication protocol and if anyone have visited my website, they would notice a familiar looking USB key dongle on my page when compared to that big corps’s new USB key dongle.
Not gonna say too much as we surprisingly share the same hardware supplier.
I do not want to go into details too as it will become too obvious.
Is it good or bad ?
Who knows 🙂 🙂 .
Can’t talk about it.
My next open source project that I am working on with my very constrainted schedule, if I ever made it, is a 32-bit ChaCha20 implementation on JavaCard smartcard with 32-bit support.
Initial tests I ran shows it takes 2 seconds to encrypt 64 bytes of data. Not a whole lot fast due to the use of the tiny math unit instead of a proper crypto unit as smart cards dont give you the crypto unit access most of the time. At least, this allows a COTS workaround if AES is anyone’s concern and considering the use of the slow ChaCha20 on smartcards, it can be used in a scenario not for real-time secure comms but for wrapping master keys or for very important short burst async comms that is not expected to do real-time stuff.
Alyer Babtu • August 12, 2018 12:59 AM
@Ismar
would it be acceptable
Granting for the sake of discussion that the software poaching on the computer were instrumental in producing some good, the situation is parallel to that in the story of the coats from the life of Cyrus (quoted below).
The fact that something would be better does not by itself grant the right to act to bring it about. The principle implicit in any act, in this case theft or arbitrary rule, if accepted, even in a limited case, will eventually work itself to its full logical conclusion, which in this case would be tyranny of commerce or government.
“There were two boys, a big boy and a little boy, and the big boy’s coat was small and the small boy’s coat was huge. So the big boy stripped the little boy and gave him his own small coat, while he put on the big one himself. Now in giving judgment I decided that it was better for both parties that each should have the coat that fitted him best … the verdict would have been excellent if I had been appointed to say what fitted and what did not, but I had been called in to decide to whom the coat belonged, and the point to consider was, who had a right to it …?”
431 BC-350? BC Xenophon. “Cyropaedia”
Clive Robinson • August 12, 2018 3:47 AM
@ Spooky,
… every single one of those chips also contained undocumented instructions and behaviors.
Yes but they were usually predictable, as they were usually caused by removing gates –that did address maping in the instruction decode to RTL sequencer– to save real estate or get space to squeaze in other known instructions. They were not entire high power CPU’s with the ability to commit any kind of malicious intent sight unseen.
Further as can be seen by several current projects on the Internet, you could “decap” them and using a human operable optical microscope actually work out the CCT and thus mapping. So we now know for instance that certain “8bit” CPUs were realy “4Bit” CPUs with a little slight of hand to fake 8Bit behaviour.
The price of course that they were “one legged dog slow”.
That said certain ~1USD microcontroler chips have the same capabilities –and more– than 16Bit PDP11 and early 32Bit Vaxen. With the original Unix 2 source code not just available but ported by some enthusiasts…
Thus we could go back to a four serial port multi-user Command Line Interface OS of reasonable repute if we wanted the real “thin client” experience…
Only trouble is where to get real “Glass TTYs”. Because it would feel daft to use such a system with even an old 33MHz 486SX motherboard two port serial one port parallel IO card and 16colour VGA card and monitor (even though I do just that with 8/16/24/32bit microcontroler development boards…
Clive Robinson • August 12, 2018 4:08 AM
@ Wael, Major,
See, back in the day when men were men and women were … ribs… 🙂
Not just “ribs” but “spare ribs” if you think on it 😉
After all we all have an even number down both sides, and like neck bones we share the same number with some of the “Beasts”…
Speaking of beasts if I remember correctly from nearly half a century ago the Bible had more than one or two things to say about them with regards to, coverting, lying down with and a whole lot more…
Oh and as we were taljing about German words just yesterday… Did you know that “He treats his wife like his dog” is actually a complement? Germans in general treat their dogs very well I know someone who not only built their dog an extension to their house they also put ramps in next to the stairs to make life easier for the four footed member of their family 🙂
echo • August 12, 2018 7:07 AM
@Ergo Sum
Yes, looking back it is a bit silly. I also see through all the hammy acting and dramatic lighting techniques. Much like Mark Twain alluded to the world is a much nicer place if you are ignorant and dumb.
From what I can tell the far right arevery verycarefully managed on the surface including internally and in conferance situations. They are learning that they get caught if they open their mouth and that the message is on a nod and a wink. The strategy is very clever as it has the appearance of legitimacy but is really a set of layered traps you won’t be able to act on until it is too late.
Anyone who has dealt with a bureaucracy will recognise this scenario. Paranoia? Not when considering the outcome data. The only solution sometimes, sadly, is to be rich, powerful, or a celebrity as a few legal cases within the past year have alluded to.
https://www.theguardian.com/world/2018/aug/11/generation-identity-leader-quits-neo-nazi-links
Senior member of European far-right group quits over neo-Nazi link. Briton Tom Dupré leaves Generation Identity camp in France after being told by Observer of member linked to racist attacks.
And this article which I posted at the end of the previous squid topic.
https://uk.reuters.com/article/uk-europe-politics-bannon-germany/far-right-german-leader-sceptical-of-bannons-anti-eu-push-idUKKBN1KW018
Far-right German leader sceptical of Bannon’s anti-EU push.
A leader of the far-right Alternative for Germany (AfD) party has poured cold water on plans by Steve Bannon, U.S. President Donald Trump’s former political strategist, to forge a wide populist alliance to undermine the European Union.
echo • August 12, 2018 7:40 AM
@Clive
Oh and as we were taljing about German words just yesterday… Did you know that “He treats his wife like his dog” is actually a complement? Germans in general treat their dogs very well I know someone who not only built their dog an extension to their house they also put ramps in next to the stairs to make life easier for the four footed member of their family 🙂
Yes, things have moved on since the Doom book when women were like cattle and very literally property. The dominant narrative is still driven by men and about men hence various campaigns to raise the profile of womena and one woman scientists efforts to write up the contribution of female scientists for wikipedia. A comfortable prison is still a prison.
The public policy area is by and large accepting of the need for reform but there is stilla problem with driving the early founding feminists ideas of full equality which did as they knew at the time meant that in embracing full equality it meant women would no longer live in a comfortable prison. Women would need to also embrace getting dirty and responsibility with all this entails.
On reflection I’m not sure as democracies we are properly able to articulate let alone implement true freedom for everyone. This obviously frustrates decent minded anarchist libertarians not to mention the second law of thermodynamics.
That said I don’t mind existing in a comfortable prison as long as it’s my choice. WE all make our compromises.
echo • August 12, 2018 7:44 AM
Thus we could go back to a four serial port multi-user Command Line Interface OS of reasonable repute if we wanted the real “thin client” experience..
Too many people’s needs today are too fat to fit within a size zero computer. We’re all plus size compared to earlier generations.
Wael • August 12, 2018 8:04 AM
@ Clive Robinson,
Did you know that “He treats his wife like his dog” is actually a complement?
I did not know that. Now I do.
in English you can move words around in a sentance and still have the exact same meaning
That’s a deficiency of the language! I’ll spare you the pageful or two of grammatical comparison and explanation, but in other languages (so-called Semitic languages) the permutations make a subtle difference in meaning and sometimes a huge difference.
CallMeLateForSupper • August 12, 2018 8:32 AM
@Clive
“if you [swapped the individual words] in a German [compound noun] and spelled the individual words correctly, would the resulting compound word be a “spelling mistake”?
In America, maybe. IANAG (I Am Not A German), but I doubt any German would accept it. It would be “not allowed”(1), and, like e.g. littering, Volk simply do.not.do.it. Auslanders swap letters around willy-nilly – “Finger Check! So Sorry.” – and without sanction. But swapping words within a compound noun and trying to sell that as a mistake would be like … I dunno, unlocking a gun safe, putting the bolt into the rifle, slapping in a magazine, and confronting the spouse, but then claiming “Oh I made a mistake; I meant to simply argue.”
(1) If I had 1/2 Pfennig(2) for every time a German gently advised “not allowed” against one of my actual or proposed deeds, then I would have enough to buy a beer.
(2) Pfennig was equivalent to an American penny. (Moot now, since Germany is on the Euro.) Back in 1979 I received a 1/2 Pfennig coin in change … once. Never even saw a second specimen, and I still had that Verdamt 1/2 Pfennig coin when I left four months later. It wasn’t spendable because every price was rounded up to the next 5 Pfennig.
Clive Robinson • August 12, 2018 8:42 AM
@ echo,
Too many people’s needs today are too fat to fit within a size zero computer.
The joke of it is many developers be they from software or hardware or even science/mathmatics backgrounds, don’t use those to “fat to fit” applications…
You sneak a look over their shoulders and they are using editors and IDE’s the origins of which are vi / emacs / Wordstar…
All of which are just a little up on pure single command line tools such as ed.
I actually know more than one developer who uses wget or curl –both originating in the mid 90s–to pull just the html text and push it via IPC into a simple formatter then into an editor not a browser.
Another one actually sends internal “messages” not to the screen at all but to a “text 2 morse” translator that mixes in over the music audio stream to her headphones. She only opens the messaging app if something of interest comes up that needs a reply… For some reason she appears to be able to keep the visual and both audio inputs not just entirely seperate, but to think about them seperately concurrently. I have pulled her leg that it’s about time she coded up something to use an unused keyboard key as a morse key. The reply she only half jokingly gives is that her colleagues would not like to see her using her right big toe to operate the numeric key pad zero, before a meaningfull pause then saying disparagingly that they are just not flexible enough, befor another pause and a bright little question about can the company send them to yoga classes…
In mathematics its useful to understand functions by providing stimuli then observe a response. Testing for linear, non-linear areas and bounds gives invaluable insight. Then in providing proof, mathematicians simplify by discarding unnecessary clutter.
Similarly, with human reasoning, its useful to debate by taking an issue to its limits. Then ask, is this the desired outcome?
Silicon Valley Censorship
It is fascinating to see the huge amount unintended free publicity as The Valley retrain the public: In essence you really don’t need rules based upon our skewed elite values. Mathematicians discard failing rules as its faster and decreases the number of steps.
Logically then, I’m forced to I agree with these data-miners lead in going directly to websites[1].
This also avoids hidden algorithmic filtering.
The lesson is don’t use social media as a reliable, unbiased news sources expecting a variety of perspectives.
Rather use the free and open Internet to explore news sites in other countries and cultures. These riches are rewarding. Biases then become all the more obvious.
Unexpected Consequences
Further this attempt to skew the 2018 elections (by silencing the opposition) only exasperates the transfer of advertising dollars to Amazon[2].
Many thanks to Silicon Valley in providing proof that their sites provide unnecessary clutter.
Rather than spoon feeding, PLEASE continue teaching people to go directly to web site with a simple book mark[3].
Good show chaps! Next example, please?
[1] My bookmarks include folders for News, Tech Sites, A/V Stuff, Weather
note: links are stripped of personalized tracking references (site.com/ref=…)
[2] Amazon’s violation of trust in selling customer purchase history is a serious issue for another time
[3] Use this opportunity to show the technically disadvantaged how to create a bookmark
Spooky • August 12, 2018 9:03 AM
@ Clive,
Well, you’re certainly right about later chips belonging in a separate class in terms of their complexity and potential for hidden evil (the earliest Z80s had fewer than 10,000 transisters and were built on a 4000 nm process; the first 486 chips had more than 1,000,000 transisters and the process size had shrunk to 1000 nm). Now the transister count is up into the billions and process sizes are somewhere around 10 nm. There’s no telling what lives on that die with your microprocessor… You’d be lucky if there was only one parasitic core with a built-in backdoor. Your example of using a modern MCU + 4 serial ports would be more than adequate for most of my use cases–just add an S-100 bus and bam you’re back in the 70s. No complaints here. 🙂
Although, I expect most of this blog’s readership would rather set themselves alight before accepting a future largely populated by such ancient tech. 🙂 A thousand glittering lights along the Ganges… Also, any MCU that you can buy these days is bound to have been manufactured on a modern process, meaning that the ability to peer under the hood after a decap would be somewhat limited (then again, you only need one or two friends with access to an electron microscope to perform a basic verification of the expected layout for a simple chip; not impossible to arrange with good Uni connections). Still, good food for thought.
I initially thought you were kidding about those glass TTYs–they are actually becoming quite hard to find! And the prices for refurbished ones are eye watering. I suppose CRT manufacture (esp. with monochrome phosphor coatings) must be gradually winding down now. How very sad. Plenty of formative connections in my youth were rendered in various shades of green and amber. At least the phosphors of the mind take decades to fade into darkness…
Cheers,
Spooky
albert • August 12, 2018 9:27 AM
@Ergo Sum, et al,
A Russian submarine commander with a Scottish accent?
How about Tom Cruise as the 6.5 foot, 250 pound, Jack Reacher?
Hooray for Hollywood!
@echo,
You’re right about CGI, but what really sticks in my craw is audio ‘enhancement’. It’s everywhere, even in documentaries. Modern film making is being ruined and improved by technology. It’s exactly the same in sound recording. Singers don’t even have to sing on key, they’ve got pitch correction. Todays productions are artificial creations. People seem to like them. Strange.
. .. . .. — ….
JG4 • August 12, 2018 10:21 AM
Julia 1.0 Released After a Six-Year Wait
https://developers.slashdot.org/story/18/08/11/0149223/julia-10-released-after-a-six-year-wait
…
“We want a language that’s open source, with a liberal license. We want the speed of C with the dynamism of Ruby. We want a language that’s homoiconic, with true macros like Lisp, but with obvious, familiar mathematical notation like Matlab. We want something as usable for general programming as Python, as easy for statistics as R, as natural for string processing as Perl, as powerful for linear algebra as Matlab, as good at gluing programs together as the shell. Something that is dirt simple to learn, yet keeps the most serious hackers happy. We want it interactive and we want it compiled….”
https://www.nakedcapitalism.com/2018/08/links-8-12-18.html
…[chem-bio security]
How smallpox claimed its final victim BBC (The Rev Kev)
…[attribution of authorship]
A Songwriting Mystery Solved: Math Proves John Lennon Wrote ‘In My Life’ NPR (David L)
…[Empire is a machine…]
Imperial Collapse Watch
A Decalogue of American Empire-Building: A Dialogue Unz Review. Chuck L: “Only ten theses, not ninety five, but they should provoke some interesting discussion.”
…[liars, thieves and murderers]
Newly released official documents show CIA head Gina Haspel directly supervised waterboarding at “Black Site” in Thailand. Sen. Intelligence Committee Chair Richard Burr and Vice Chair Mark Warner hid that, demonstrating once again that today’s Senate “oversight” means “overlook.” Hold your nose and read: Ray McGovern (Chuck L)
…[it’s a club and you ain’t in it]
Secret DMV office near California Capitol serves lawmakers and their staff Sacramento Bee. No need for them to queue like the peasants.
…
Clive Robinson • August 12, 2018 11:29 AM
@ CallMeLate…,
If I had 1/2 Pfennig(2) for every time a German gently advised “not allowed” against one of my actual or proposed deeds, then I would have enough to buy a beer.
Ah “non permiso -v- permiso” or “Continentals -v- Brits”. You can apparently blaim Napoleon for the “non, non, finger wag”.
Some say that this attitude difference was why Britain was very late joining the EEC and also why Brexit was inevitable. Apparently neither view point is true. Having lived through “the in” and will probably live through “the out” I view it as the first verse of a very slow rendition of the Hokey-Cokey. As Arny almost said “We’ll be back” one way or another, it has an inevitability of nearly all Federal systems.
The problem is clearing out some very antiquated Franco-Germanic views and practices out of the unelected and undenocratic top of the hierarchy, oh and the rampant fraud from top to bottom.
Speaking of the pfenning, it was another Napolionic bastardisation of LSD (what the British “Pound, Shilling and Pennce” was based on, but from the remains of the Roman Empire). For some reason Napoleon liked tens not twelves even though the latter is way more usefully divisible. I guess it was what he was used to since his revoloutionary forebears replaced the “livre tournois” (“Tourns Pound” livre being derived from the latin for “pound” that gives the L in LSD). Put simply as Napoleon went kicking the arse out of Continental Europe the local currency effectively got the reveloutionary treatment and got decimalized…
Britain keeping LSD the smallest valued coin was the “fathing” at 1/4 of a penny, although I have a few most have never ever heard of them as coinage. All they have ever heard is “Not worth a brass farthing” meaning something of little value as it was a forgery of the lowest value coin. The pfenning likewise has a simillar fate as does the picayne which few Americans will recognise, but gives rise to the word “picayunish” meaning “of little worth”.
Thus you could if you wish say to an American “Your oppinion is picayunish” with little fear they would understand what you mean…
But atleast the picayune is worth
A “bit”, more than “my two cents” 😉
Hmm • August 12, 2018 2:01 PM
@echo
“I personally believe this is because there is too much testosterone in the room.”
For dropping .zfs support? Care to explain that gem?
Sort of an insulting non sequitur, can you imagine if a male had said the converse of that?
People do stupid things all the time without their gender being the driving factor.
Sometimes the case can be made that gender-culture plays a role, but for dropping .zfs?
Do you know something we don’t on this?
The empowered equality-minded woman who cried wolf didn’t help advance the debate much.
Let’s save that for when it’s more applicable – which is plenty enough.
Clive Robinson • August 12, 2018 4:21 PM
@ hmm, echo,
For dropping .zfs support? Care to explain that gem?
I can think of a number of reasons, but a “too much testosterone in the room” one is “Not Invented Here” (NIH) syndrom. It’s an “in-group -v- out-group” behaviour that has solid roots all the way down to the primative instinctive tribalism we have in our “monkey brain”…
ZFS was designed by Sun Microsystems and is now a registered as a trademark of Oracle Corporation. Who let’s be honest are not exactly popular in a multitude of circles for a whole heap of self inflicted reasons.
In the stricter FOSS movment the use of even minutely encumbered software is a cause of raised blood preasure, ire and flames in various forms.
But what of the commercial sector? Oracle have a reputation of going over board on what they see as potential Intellectual Property infringment, especially when they have purchased it by buying it up from a take over etc. Oracle -v- Google was fairly public and eye wateringly expensive to both parties and achived little of worth.
Even lawyers get twitchy when faced with that sort of “berserker behaviour”, and advise “long barge pole” treatment of anything such a corporate might think it has as IP. Lest it acts as a magnet or lightning conductor.
Whilst ZFS is a reasonably good file system it comes with a lot of extras, that would need to be supported. If it is also not used by a significant percentage of customers it could easily be seen by the likes of “marketing” and other reputedly “testosterone ridden primates” in walnut corridor as costing more than it is worth to the business.
The thing is men talk about other men as being testosterone riddled and nobody generally blinks an eye or they even laugh amongst themselves about it with expressions about other men having “brass ones”, “more balls than brains” etc. Women likewise make simillar hormon related comments about other women. Nobody sees it as sexist untill it’s said across the sex divide either way.
In essence it’s a basic example of “in-group -v- out-group” or if you prefere a form of tribalism. We will take way more from within our group than we will from outside the group. We see external critisism and we “close ranks” or “circle the waggons” and attack back as a basic response. In efect “killing the messenger” rather than dealing with the message in a rational manner.
echo • August 12, 2018 5:16 PM
These are very interesting results but should not be viewed in isolation. I have observed similar mechanisms within a general popultion within discrimination-economic contexts. What is interesting is how the alt-right have tipped over the edgeand lately gained such prominance. Every abuser needs their “enablers” and there are those who may perceive the alt-right as “useful idiots” to further an agenda but really they are playing with fire.
https://www.vox.com/science-and-health/2017/8/15/16144070/psychology-alt-right-unite-the-right
Psychologists surveyed hundreds of alt-right supporters. The results are unsettling.
This article may have hit the nail on the head. The view of some who control instititional power is conflating power and discrimination in harmful ways. I have personally experienced this kind of bureaucratic abuse where work to combat discrimination effectively halted because of organisational power struggles. The exercise of power became more important than solving the problem as the Rabbi very clearly identifies.
https://www.jta.org/2018/08/10/news-opinion/progressives-new-definition-racism-prejudice-plus-power-mean-jews
Progressives have a new definition of racism: ‘prejudice plus power’. What does that mean for Jews?
Oh, dear. Oh, my.
https://bgr.com/2018/08/10/ancient-human-ancestors-went-extinct-because-they-were-lazy/
Ancient human ancestors went extinct because they were lazy.
In news that should surprise absolutely no one, scientists now believe an ancient ancestor of modern humans died off because they were too lazy for their own good. In a new study published in PLOS One, archaeologists present some incredibly interesting findings, including the fact that Homo erectus was a big ‘ol slacker.
@Albert
When making a movie on a low budget the cheapest way to improve production quality is good sound! The second way to improve production quality is good lighting. The critical difference between a low budget movie and high budget movie is in the “money shots” and sheduling. A lot of the big money is spent on safety and consistency on demand.
@Clive
Your examples are extreme but they are very plausible for getting things done. I like a more expansive experience but know the need for 90% of the bells and whistles isn’t there. Don’t get me wrong. I like my magical box. It’s just all the baggage which comes with it.
@Hmmm
I wondered where you had slinked off to. The basic issue is developing a counter narrative and making sure this narrative sticks on the table. Discussion has already moved on.
echo • August 12, 2018 6:49 PM
Oh no! I suppose I’m going to have to watch this. It is totally unreal, of course. Every woman knows that a man only dumps her because she deliberately makes herself so undateable he thinks its his idea. It’s the same with couples directing shopping trollies. The man has the illusion of control while pushing the trolly. When camera recordings are played back every move is clearly directed by women.
https://www.imdb.com/title/tt6663582/
The Spy Who Dumped Me (2018)
Audrey and Morgan are best friends who unwittingly become entangled in an international conspiracy when one of the women discovers the boyfriend who dumped her was actually a spy.
I didn’t know Christine Hamilton was the leader of UKip Wales. The problem with UKip is their policy ideas can theoretically have a sound basis taken in isolation. The problem is how they become conflated with discrimination and fiscal policy which is often used to obscure political control. I personally do agree the Burkha is a tool of oppression and this and other issues do need to be tackled. The problem which I am unsure she perceived in time is how good and decent policy in principle can become twisted with emotionally manipulative impressions. This is very dangerous territory as social hysteria is whipped up and darker elements of control take over. This is also worrying given how Canada has been left alone when it made a stand against human rights abused of women equality activistsin Saudi Arabia.
Another data point is how organisations such as Isis often use women as enforcers to control women. This is one problem UK education regulation ruled out a few decades ago to prevent female schoolteachers driving young girls too hard in the classroom as a mirror to a, then, male dominated authoritarian society. In some quarters this has crept back especially in private girls schools with the excuse that more “discipline” is required to counter “misbehaviour” alongside a rise in attempts to place ex-military in teaching positions in state schools to instill “discipline” into boys. By “discipline” do they mean well formed and polite behaviour or do they mean “rote learning”and “obeying authority because it is authority”?
https://www.shropshirestar.com/news/uk-news/2018/08/12/christine-hamilton-dumped-from-charity-over-kkk-tweet/
Christine Hamilton dumped from charity over KKK tweet
The veteran reality television contestant linked the extreme group with the burka.
https://www.theguardian.com/world/2018/aug/11/canada-saudi-arabia-support-us
‘We don’t have a single friend’: Canada’s Saudi spat reveals country is alone.
As Saudi officials lashed out at Canada, the US remained on the sidelines, signaling a blatant shift in the relationship.
Yes, I need to practice this more!
http://uk.businessinsider.com/trick-navy-seals-use-to-overcome-fear-2018-8
Here’s the technique Navy SEALs use to overcome fear and adversity
I believe some of the points raised in this article are of good general use in any team or business setting.
https://www.inc.com/marcel-schwantes/want-a-happy-marriage-science-says-couples-should-do-these-7-things-for-each-other-often.html
Want a Happy Marriage? Science Says Couples Should Do These 7 Things for Each Other Often
Author Eric Barker dissects the book, “The All-or-Nothing Marriage: How the Best Marriages Work,” and discovers scientific-backed behaviors for a happy marriage.
justinacolmena • August 12, 2018 9:52 PM
@echo
The problem with UKip is their policy ideas can theoretically have a sound basis taken in isolation. The problem is how they become conflated with discrimination and fiscal policy which is often used to obscure political control.
Typical government. A half-baked “solution” to a temporary problem becomes permanently established and used as a means of control far beyond its nominal or originally claimed purpose.
I personally do agree the Burkha is a tool of oppression and this and other issues do need to be tackled.
You can’t just make a law to ban a certain type of head covering. There is just no respect. You’re ripping a lady’s hat off and cutting off her hair, and she can’t even duck under a shawl or have anything to cover her head in the freezing pouring down rain or a windstorm without getting arrested by the fashion police.
And the next thing you know, you’ll be cutting out part of her brain like they did to Rosemary Kennedy, and pulling all her teeth and giving her dentures just because she’s “old” and not because anything is really wrong with her teeth.
The Muslims aren’t Jews or Christians, but Moses decreed eye for an eye, tooth for a tooth, wound for wound, burning for burning, stripe for stripe, hand for hand, foot for foot, and Job suffered skin for skin and life for life. The law went too far and there was no salvation under it, but that law, which cuts off body parts with unnecessary force, is repealed by an even greater force, the door which shuts and no one opens, and which opens and no one shuts.
Hmm • August 12, 2018 11:00 PM
@echo
“The basic issue is developing a counter narrative and making sure this narrative sticks on the table.”
I’m fine with the necessary narrative, but admit it just doesn’t always apply in all situations.
If you apply it where it particularly doesn’t belong you damage the narrative, the point.
Hence the story of the empowered female who cried wolf – or any other situation.
“Slinked off to”? I hadn’t commented for 24 hours or so, I thought you’d be more pleased. Too bad.
Hmm • August 12, 2018 11:10 PM
Pretty sure there was a ton of early CGI in Red October. All the torpedo scenes & hull maneuvers.
Now I’m really asking for it I suppose.
echo • August 12, 2018 11:23 PM
Speak for yourself! I want to be with people who want to get out alive!
“I wanted to be part of a group of people that would be willing to die for each other.”
Hmm • August 12, 2018 11:37 PM
https://krebsonsecurity.com/2018/08/fbi-warns-of-unlimited-atm-cashout-blitz/
Krebs is warning about a globally coordinated ATM “cash-out” event about to happen.
Or if you believe they still exist, the FBI.
Hmm • August 12, 2018 11:47 PM
“I wanted to be part of a group of people that would be willing to die for each other.”
That’s the right amount of testosterone.
echo • August 13, 2018 12:05 AM
These two articles highlight contrasting approaches to problems. The first is asteroid impact versus volcanic action causing extinction of the dinosaurs. The second is a look at the unique brain of the elephant.
https://www.theatlantic.com/magazine/archive/2018/09/dinosaur-extinction-debate/565769/
Gerta Keller was waiting for me at the Mumbai airport so we could catch a flight to Hyderabad and go hunt rocks. “You won’t die,” she told me cheerfully as soon as I’d said hello. “I’ll bring you back.”
http://earthsky.org/earth/elephants-unique-brain-neurons
In terms of cognition, my colleagues and I believe that the integrative cortical circuitry in the elephant supports the idea that they are essentially contemplative animals. Primate brains, by comparison, seem specialized for rapid decision-making and quick reactions to environmental stimuli.
Clive Robinson • August 13, 2018 5:07 AM
@ echo,
The first is asteroid impact versus volcanic action causing extinction of the dinosaurs. The second is a look at the unique brain of the elephant.
They almost combine as well…
The elephant is the mountain of land creatures, whilst it does have preditors, untill recently they were only a minor issue. Thus the elephant could aford to think contemplatively.
However if you have ever seen the damage a single “rouge” elephant can do to a village or when a heard decide to remove trees etc you might consider them like volcanoes.
Humans on the other hand are descended not just from the trees but also tree dweling species who’s fight or flight instinct is mostly a case of unreasoned head for the trees, then when relatively safer think in an initial reactive way then occasionaly in a contemplative way to deal with the problem.
The result of such thinking is generally “group action” that is they form groups not just for increased safety as many herbivours do, but like other primates they take it forward into “group hostile action”. In fact more so than most, which has ment that mechanical specialisation that many creatures evolve, is less important than cerebral specialisation.
But this in of it’s self has caused significant issues, mechanical specialisation tends to be a linear outcome process and quickly reaches limits (see peacock tails). The results of cerebral development have tended not to linear increases in outcome but outcomes to an above unity positive power. Which can as we have seen with the Internet result in “An army of one” globe spanning result. Which could have a similar effect to a major asteroid strike.
That is in effect there is no warning that is of consequence and the outcome is wide area devistation if not global weather effecting for decades if not centuries. However we believe that there are larger earth shattering outcomes possible, which accounts for why we have a moon… Man may not yet quite be capable of such destruction levels, but we have certainly thought out how they might be achived not just in fiction but scientific fact. Scarily it turns out to be a time / energy trade. That is little effort and then wait a long time, or big effort and wait a relatively short time. It is these sorts of trade off that usually get mankind into the most trouble…
After all it only takes one idiot with sufficient resources to think “I’m going to die anyway, so I might as well take as many of you as I can with me”. Which as recent years has shown is becoming a more popular idea…
Arguably it’s already happened with the sea state change after 9/11. You could hope it stayes “Security Thearter”… but there are now way to many rice bowls held by short term graspers, thus we have passed several tipping points and the tail spin spiral is getting both steeper and faster… We could already have started to an “extinction event” the question is can we stop it at say the extinction of society, or will it run on to the extinction of mankind, or worse?
It’s one of the downsides of contemplative thinking, you can with some experience see where things can go and actually most outcomes are likely to be detrimental one way or another…
Wesley Parish • August 13, 2018 5:21 AM
@usual suspects
What’s the time? It’s Def. Con. One
Say, what’s the time? Just get me some
An 11-year-old changed election results on a replica Florida state website in under 10 minutes
https://www.pbs.org/newshour/nation/an-11-year-old-changed-election-results-on-a-replica-florida-state-website-in-under-10-minutes
An 11-year-old boy on Friday was able to hack into a replica of the Florida state election website and change voting results found there in under 10 minutes during the world’s largest yearly hacking convention, DEFCON 26, organizers of the event said.
AWS error exposed GoDaddy business secrets
https://www.zdnet.com/article/aws-error-exposed-godaddy-server-secrets/?ref
“Essentially, this data mapped a very large scale AWS cloud infrastructure deployment, with 41 different columns on individual systems, as well as summarized and modeled data on totals, averages, and other calculated fields,” the cybersecurity firm said.
Even Anonymous Coders Leave Fingerprints
https://www.wired.com/story/machine-learning-identify-anonymous-code/
Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt’s former PhD student and now an assistant professor at George Washington University, have found that code, like other forms of stylistic expression, are not anonymous. At the DefCon hacking conference Friday, the pair will present a number of studies they’ve conducted using machine learning techniques to de-anonymize the authors of code samples. Their work could be useful in a plagiarism dispute, for instance, but it also has privacy implications, especially for the thousands of developers who contribute open source code to the world.
Which is not exactly unexpected. My first real understanding of the previously amorphous concept of style came when my Latin lecturer told us in her class to read given texts and note the terms, the phrases, and the word forms and the phrase forms used in the sentences of different authors.
When I learnt programming, I soon discovered that I could tell the difference between what I wrote and someone else, because certain constructions just would not occur to me – I’d spent some time prior to undertaking that course reading Tanenbaum’s Minix book and Comer’s Xinu book, and even writing Pascal I could not write in a purely Pascal way – though mind you, I’d also read Brinch Hansen’s Solo book, and found I could write reasonably compact and readable Pascal as a result.
@anyone who’s interested
man is a general word for human in not only english, but also in German; in German, Mann means someone, somebody, a person.
In German and Dutch, the word for woman is separate from the word for person: Frau, and vrouw. In English, it derives from wif-man, the weaver. Since weaving resulted from having something to weave, and having something to weave resulted from land possession and land use, we might conclude that the Anglo-Saxon settlers held women in high regard, in line with Tacitus’ report on the Germanic tribes’ respect for women. In other words, it wasn’t woman as chattel, it was woman as contributor to general welfare and household prosperity. (The English word Wife is derive from wif – weaver.) FWLIW – YMMV
CallMeLateForSupper • August 13, 2018 8:28 AM
@Echo
“The man has the illusion of control while pushing the trolly [grocery cart]. When camera recordings are played back every move is clearly directed by women.”
I think so, though I read studies. The very scenario you describe has amused me for decades. Man pushes the cart and loads/unloads large/heavy items; that frees his spouse for the more nuanced tasks such as navigation between stops, judging relative values, assessing deals, reading labels. In short, he humps, she accomplishes the main task.
A different but related scenario also amuses me: man drives the family bus, drops spouse off (at the market entrance if she is lucky), and goes off to reconnoiter parking spots, where he kicks back and shifts his brain into neutral. As in the other scenario, spouse does the actual shopping. Around the corner from my house are the post office, a “dollar” store, two drug stores, a good LBS (“local bicycle shop”), to name a few. I have to pass the dollar store when going to and coming from any of the other places, and so I scan the lot for “guard” occupied vehicles. (I have noticed that said vehicles often are huge late-model pickup trucks. Make of that whatever you will.)
Clive Robinson • August 13, 2018 8:32 AM
@ Bruce,
There are stories that the Defcon Hotels have been using “goon squad” security personnel, who are not properly identified by either ID or other Hotel security staff.
Worse they are behaving in the manner of common criminals by going through individuals bags and belongings and taking things.
But they also appear to be not just hatassing people and significantly frightening them they are also threatening reprisals if peole complain or even talk about it.
Unsuprisingly with Hotel Staff behaving in this way, it appears that there may be copycats impersonating the staff and their behaviour for their own personal benifit / reasons.
https://www.secjuice.com/defcon-hotel-security-fiasco
Unsuprisingly people got scared.
Usually when this sort of thing goes on the resulting behaviours sink to low levels and people will behave in ways they would not normally do, often resulting in violence before those with sufficient authority step in to sort out the goon squad behaviours. Usually much to late in the day when organisational reputations have been significantly harmed in public.
echo • August 13, 2018 8:54 AM
@Clive
Yes I noticed there is a flow to these for various reasons, say no more. Here are two more.
I don’t know how Mark Zuckerberg manages to pull off his uncanny valley face. He manages to carry lots of expressions like sinister emotionless robot and naughty schoolboy caught red handed at the same time.
The next article is longwinded but I found a useful re-read of cognitive biases. Weall makes mistakes like this and sometimes I feel the message sinks in better if it’s written in the right way. Some of it may be useful for writing up statutory complaints.
https://www.bloomberg.com/view/articles/2018-08-12/mark-zuckerberg-is-totally-out-of-his-depth?cmpId=flipboard
Mark Zuckerberg Is Totally Out of His Depth
And so are all the big boys of tech.
https://www.theatlantic.com/magazine/archive/2018/09/cognitive-bias/565775/
The Cognitive Biases Tricking Your Brain
Science suggests we’re hardwired to delude ourselves. Can we do anything about it?
VinnyG • August 13, 2018 10:03 AM
@albert re: modern movies – I don’t disagree with your point, but since this is the squid, I’m going to pick on you (apologies) to vent about a pet annoyance: the rampant conflation of “key” and “pitch” in the context of errors in musical performance. A musician who plays a tunable instrument and (for example) plays an non-accidental notation “F” note as a natural in a composition written in the key of G-major would be “off key.” Another musician playing the same instrument and piece who failed to tune his instrument to the A=440 concert orchestra pitch (or other agreed-upon standard tuning) would be “off pitch.” OK, in the first example, I suppose the musician could be said to be both “off key” and “off pitch,” for that particular note only. In the case of a singer, failure to match pitch and failure to distinguish the correct key are also different errors that may in some cases occur simultaneously, with “off pitch” representing by far the most common error. Before someone quotes some crowd-sourced modern dictionary (is that now redundant?) definition at me in refutation of my claim, I will concede the common usage argument, but don’t care, as the fundamental (intentional:) difference remains and is important. I am thoroughly cognizant of music theory, but occasionally sing “off pitch” (some who know me might quibble about “occasionally” 🙂 [pedant hat removed]
echo • August 13, 2018 10:32 AM
I’m watching Where Eagles Dare again. Actually, one book I loved was The Great Escape (and Colditz!). This makes me wonder… The WWII generation were very educated, especially some officers who used the war to conduct archaelogy and who later went on to enhance their field and were a big influence in driving mass eduxation, and skilled crafts people too. This makes me wonder if we faced a cataclysmic event would we have the skills and wherewithal today? How resilient is civilisation?
Clive Robinson • August 13, 2018 10:47 AM
@ VinnyG,
Before someone quotes some crowd-sourced modern dictionary…
But what about the major and minor?
With out them where would all the old jokes be about dropping pianos down mine shafts to try to get “a flat minor”…
(ducks, runs, dives and takes cover 😉
Clive Robinson • August 13, 2018 11:27 AM
@ echo,
The Atlantic article contains my favourit “faux fallacy”,
It’s false because of an unrealistic assumption of “a fair coin” and even more fun, the assumption that “a coin no matter how fair can not land on it’s edge”. I’ve seen the latter twice in my life but the former is unexcusable because how would you test for a fair coin in the first place. Look at it this way how many heads in succession would you need to be confident the coin was not fair?
The answer is there is not any number of all heads all tails or the occasional edge that will give a true as opposed to probabalistic answer…
As for the film you are watching it gets a big ahhh in my house, because of a certain female actress, who after prommoting the film in England decided that staying was a good idea…
echo • August 13, 2018 12:11 PM
@clive
Oh, I just love the drama and adventure and loud bangs.
I do know what you mean about coins landing on their edge! I have observed a few things which seem to concur with recent articles citing papers on the world as it happens. I have had to shoehorn their conclusions a bit but do observe randomness in action which gives systems a binary quality. But as you say coins can land on their edge sometimes too or, or any number of alternatives as celebrated magicians are wont to prove. I suppose it all depends what your filters are.
Oh you naughty man! I just noticed your flat minor joke. I thought you meant children they sent down the mines but you probably meant men.
I just saw a woman walk past with long bright pink hair! Speakign of daring according to the trivia Ingrid Pitt escaped over the Berlin wall.
I always had a big mouth and used to go on about the political schooling interrupting my quest for thespian glory. I used to think like that. Not good in a police state.
I know the feeling.
echo • August 13, 2018 12:15 PM
One more extra: Ingrid Pitt was also in a concentration camp during the war.
justinacolmena • August 13, 2018 12:15 PM
A fair coin will land heads up 50% of the time, independently at each toss.
Of all sequences of six tosses of a fair coin in a row, 1/64 = 1.5625% of the time, there will be six heads in a row.
Now if from a long sequence of random coin tosses, a five-head-in-a-row subsequence is chosen uniformly at random from the 1/32 = 3.125% of the five-toss sequences which are all heads, what is the probability that the next toss is tails?
Is there a subtle loss of uniformity here which we are missing?
Clive Robinson • August 13, 2018 4:39 PM
@ justinacolmena,
<
blockquote>Of all sequences of six tosses of a fair coin in a row, 1/64 = 1.5625% of the time, there will be six heads in a row.
We are in danger of straying into “goat territory” with this 😉
Actually it will not be 1/64 in the current throw sequence unless the seventh toss comes up a tail, otherwise the running odds would be 1/128 ~0.78%, or on it’s way to 1/n where n is a function of the system in use and would be infinite in an unbounded system.
But also you have the short test window issue if you throw six heads, then a tail and then another six heads as your first throws then clearly 1/64 is not the odds you are getting. In practice there is only so much data you can store so you might well drop or miscount long run sequences.
As I said there are lots of assumptions made about fair coin systems, especially when you are trying to find out if the coin is fair or not.
It all sounds a bit academic until you realise just how important it is with electronic True Random Bit Generarors (TRBG / TRNG) to have continuous “running tests”. So you can see if the generator is developing any one of a huge range of maladies, some by chance others by design of hostile entities.
bttb • August 13, 2018 4:41 PM
@echo
“Far-right German leader sceptical of Bannon’s anti-EU push [The Movement].”
With Bannon’s connections to ‘big money’ and expertise in election dirty tricks, perhaps some parties will interface with Bannon or The Movement, not directly, but through cut-outs. On this side of the pond it can be hard to remove criminals (presumed or actual) from the Executive Branch (White House).
From an interesting article in Foreign Policy ( https://foreignpolicy.com/2018/08/10/how-to-kill-a-presidential-scandal-trump-russia-watergate-iran-contra/ ):
“… the other great political scandal [not Watergate] of the last half-century—the complex set of crimes known as Iran-Contra—parallels President Donald Trump’s alleged coordination with Russia to skew the 2016 presidential election much more closely and offers us greater insight into how the scandal will likely unfold in the future. And if Iran-Contra’s lessons have been oddly forgotten, we might want to consider why. Because there, the perpetrators succeeded.
“The bottom line in Iran-Contra is: Cover-ups can work,” James Brosnahan, a prosecutor in the independent counsel’s Iran-Contra investigation, told me in a phone interview. “And that’s what we should be worried about here.”
Iran-Contra involved a feast of malfeasance. The initial crime was the Reagan administration’s illegal provision of military aid to anti-communist Nicaraguan guerillas known as the Contras. Separately, top administration officials ordered the illegal sale of anti-tank and surface-to-air missiles to Iran, in a series of (failed) exchanges aimed at the release of American hostages held by Iran-linked terrorist groups in Lebanon. Administration figures, led by National Security Council staffer Oliver North, then illegally used the proceeds from these Iran transactions to purchase more weapons for the Nicaraguan Contras. Finally, officials illegally falsified a presidential directive ordering the Iranian arms sales, and—in a cover-up of the preceding crimes—Cabinet and other top administration officials illegally obstructed investigators, lying to Congress and prosecutors in the process.
This was a scandal that could have taken down a presidency. When details of Iran-Contra exploded into public view in 1986, even President Ronald Reagan’s own chief of staff, as well as other Cabinet officials, feared that impeachment might be forthcoming.
In Iran-Contra, Reagan administration officials illegally conspired with multiple foreign regimes to alter U.S. foreign policy. In Iran-Contra, part of the scandal revolved around inappropriate—and often illegal—dealings with a hostile, expansionist foreign power, a destabilizing force in its near-abroad and a sponsor of terror. In Iran-Contra, powerful administration figures lied to federal investigators about their relations with foreign officials from this hostile country. Perhaps this rings a bell.
The parallels to Trump-Russia don’t end there. In Iran-Contra, the independent counsel investigating the scandal, Lawrence Walsh, was a deadly serious Brahmin lawyer with a sterling Republican pedigree; he nevertheless faced withering criticism from members of his own party, just as special counsel Robert Mueller has as he investigates Trump and his circle. Congressional Republicans attacked Walsh’s team for its purported partisan bias, clamoring for the resignation of key investigators, and railed against the probe’s purported waste and corruption. They even demanded that an investigation be opened into Walsh’s (spurious) improprieties…”
Alyer Babtu • August 13, 2018 4:53 PM
@echo @Clive Robinson @justinacolmema
fair coin
There are also the methods going back at least to von Neumann for using a biased coin to generate the equivalent if unbiased coins. One of many links
echo • August 13, 2018 5:10 PM
This is one for anyone into retro. It may be the worlds most secure in production computer because it’s so old all the exploits have been sent to a care home.
http://www.osnews.com/story/30649/PC-RETRO_Motherboard_Kit_IBM_clone_computer
PC-RETRO Motherboard Kit: IBM clone computer
Sed Contra • August 13, 2018 6:16 PM
@echo
we’re hardwired to delude ourselves
“Your mind may not be much good, but it’s all you’ve got to misunderstand with.” – James Thurber, “Let Your Mind Alone”, 1935.
Weather • August 14, 2018 3:21 AM
The NSA have a stone number of Rc5 outside there building can you send the code as they are offering one million in money, and its just multiple, I need some money, but will be interesting to match time to value, maybe they wouldn’t be so stupid to leave a Carney but then I found mixing wind turbine with gas turbine generator might be a good thing,maybe the solar prob needs 20k Delta vee but it takes 5.6delta vee to reach mares,so maybe some thing is bull shit,maybe its a commit orbit,but Voyager at the 80is escaped the solar system, needing stuff we can’t do know,maybe = ioio can help
bttb • August 14, 2018 8:57 AM
Two from emptywheel
1) https://www.emptywheel.net/2018/08/13/what-stones-latest-lies-tell-us-about-muellers-case/
2) https://www.emptywheel.net/2018/08/13/the-dossier-as-disinformation-why-it-would-matter/
1) “After a puff piece in the NYT over the weekend, Roger Stone took to the Daily Caller to attack Mueller’s case against him. As bad as the Daily Caller is, it actually ends up being far more informative than the NYT because Stone is so bad at telling lies they’re informative for what they mirror.
So assuming, for the moment, that Stone’s piece reflects some kind of half-accurate reflection of what witnesses have said they were questioned about him, here’s what we learn. ..”
2) “When I wrote this post suggesting that Oleg Deripaska may have been in a position to make sure Christopher Steele’s Trump oppo research was filled with disinformation, a lot of people not only doubted that the dossier includes disinformation, but scoffed that even if it did it would matter. (See this post for more expert people talking about the possibility the dossier was seeded with disinformation.)
In his testimony to the House Intelligence Committee, Fusion GPS’ founder Glenn Simpson said that the Democrats used the Steele dossier in an effort, “to help [] manage a, you know, exceptional situation and understand what the heck was going on.” The same, we know from an endless series of Devin Nunes-led stunts to conflate the dossier with the FBI investigation, was true of the FBI.
The Democrats and the FBI used the dossier to figure out what was going on.
So to the extent information in the dossier was deliberately inaccurate — particularly in cases where it conflicted with publicly known or (given geographic location and known Steele network) knowable, more accurate information — it would lead the Democrats and the FBI to make incorrect decisions about how to prepare against or investigate the Russian attack.
And while I can’t tell whether the following examples arose from disinformation or some lack of due diligence or plain old hazards of human intelligence, all are examples where using the dossier to make decisions would have led the Democrats or the FBI to waste resources or act with less urgency than they should have. ..”
Weather • August 14, 2018 11:10 AM
Just been night dreaming,but if you have a spacecraft with a hydrogen ion engine and a scoup in the front,you could send other fuel ships to disperse hydrogen in front of the other craft, it could then add energy and fire it out the back and over time gain enough speed to get into a geo orbit around the sun,if the tanks got filled say to 95% fuel to payload it could then boost to the nearest solar system, if it collects hydrogen between solar system, it could sling to yet another solar system, it still won’t beable to stay in the solar system it gets to,but would still get valuable data,slight problem with a high power sand blaster,but uriaium in theory should last 10000 years as a power source,there is a lot of small planets and moons far out that have hydrogen that the fuel ships could use and they don’t have to match speed just spray the gas across the orbit of the craft,it might once in orbit around our sun when then boosted take 12-20 years to reach the closest solar system,
I think it might cost a little bit through
Bob Paddock • August 14, 2018 12:44 PM
@Clive Robinson
Clive, to your ‘Goat’ reference:
“A TYPE OF SIMULATION WHICH SOME EXPERIMENTAL
EVIDENCE SUGGESTS WE DON’T LIVE IN” by
SAMUEL ALEXANDER published a few days ago.
https://arxiv.org/abs/1808.03225
https://arxiv.org/pdf/1808.03225.pdf
What is a ‘Fair Coin’ if we are in a simulation?
It should be 50%. Does it not being 50% prove that we are, or are not, living in a simulation? Seems to be what the above paper is trying to get at, using Single Event Upsets.
Are there any other tests better than this to check a random number/event generator?
https://csrc.nist.gov/publications/detail/sp/800-22/rev-1a/final
For those that don’t know the ‘Goats’:
The movie “Men that stare at goats” is a reference to Remote Viewing.
By anyone’s measure Joe McMoneagle is the best Remote Viewer in the world.
As far as I know he is still teaching a class once or twice a year on learning to do it yourself at The Monroe Institute in Virginia.
We really can’t rule out staring at the REG won’t change the results, as tests in Parapsychology have found…
Clive Robinson • August 14, 2018 3:20 PM
@ Bob Paddock,
What is a ‘Fair Coin’ if we are in a simulation?
The answer is “whatever the entity running the simulation wants it to be.
Which kind of shoots down Mr Alexander’s argument.
I could go into it at depth, but lets just say any “encompasing” simulation sophisticated enough to alow you to build a “test” simulation within it would be able to not just recognize it as a movable object but more importantly change the inputs to your test simulation as befiting the environment it is in within the encompassing simulation.
Look at it this way it would no the differencr between “it’s raining and you are indoors” and “it’s raining and you are outdoors”. Thus why should the encompassing simulation treat Mr Alexander’s test simulation within the encompassing simulation any differently?
The only way Mr Alexander’s idea would work is if the encompassing simulation was deficient in some way and more importantly being a part of the encompassing simulation you were somehow able to not only become aware of the deficiency but build a test simulation to demonstrate it without the entity running the encompassing simulation beong aware of it.
If you look back through this blog you will find that @Wael and myself have had “turtles all the way down” conversations about the supposed origin of our universe (oh and about Seth Lloyed, who thinks the universe has all the required properties not just of a computer but a program running on one…).
So moving on to,
Are there any other tests better than this to check a random number/event generator?
Definitely for a whole heap of reasons. NIST SP-800-22 “marks a point in time” at which certain statistical tests had been “suggested, discussed, attested, recomended approved and finaly published. By which time the world had moved on and both new questions and tests had arisen.
It’s down to the consequence of times arrow and “known knowns, unknown knowns, and unknown unknowns”…
SP-800-22 Can be looked at as a starting point. Thus if your generator passes it then “It might, only might be a usefull generator”. The chances are that even if it your generator does pass it will still be a fairly ropey generator.
Oh and in the case of a TRNG / TRBG as they are “unbounded” they will at some point fail the tests occassionaly and pass on other occasions.
Weather • August 14, 2018 4:01 PM
0% or 100% is easy to workout you need 50%,and you are thinking a coin with heads or tails is not 50%, that is 100%, its hard to explain but 10101010 mixed with a random source will get close to 50%,but I posted about 7 years ago that explains it,it like 100% random is extcal not as its not 50% but 95% inverse you can rule out, so if you have a RNG mix it with 0% is 101010 and you move to 50%.
Give me time and I will try to remember the logic.
But don’t confuse probability and chance,eg in lotto no matter what I chose the probability is the same,but I can get the chance to 100% from 5-6 months, learn that difference,eg 123456 in lotto can be ruled out,but it has the same probability.
bttb • August 14, 2018 4:08 PM
14 August and 12 August, respectively
https://www.bloomberg.com/view/articles/2018-08-14/montenegro-takes-on-russia-america-and-a-former-cia-officer : “The tiny country’s prosecution of the plotters of a failed 2016 coup makes some big allegations.”
https://www.nytimes.com/2018/08/12/world/middleeast/iraqi-spy-isis.html : “The Iraqi Spy Who Infiltrated ISIS”
Alyer Babtu • August 14, 2018 5:45 PM
Re simulation, fair coins
Of course von Neumann also said anyone who tried to arithmetically simulate randomness must be in a state of sin.
Alyer Babtu • August 14, 2018 5:49 PM
But, again, on the other hand
https://fas.org/sgp/othergov/doe/lanl/pubs/00326867.pdf
Apologies for falling into spam posting mode …
echo • August 14, 2018 7:09 PM
This makes a change from young men tricked into believing they will be heroes. The assassins of Kim Jong Nam were actually young women tricked into believing they were hired to play pranks for a television show?
In regular phone calls from prison, Siti tells her mother they were tricked into believing they were taking part in a prank TV show. Benah explains: “She told me: ‘Mum this whole thing is a set up, I was tricked’.” Lawyers say the pair had been paid to take part in similar pranks at airports, hotels and shopping malls in the days before Kim’s death.
echo • August 14, 2018 7:16 PM
Another constititional legal challenge to Brexit. Hooray!
Also a possible answer to defusing the extreme right wing. Once off their inflammatory and divisive positions (and jokes and gags like the neo-nazi Ukip) when questioned they have no answers to how to help constituents in their ordinary lives.
https://www.theguardian.com/politics/2018/aug/14/british-expats-in-eu-launch-brexit-legal-challenge
British expatriates have launched a fresh legal challenge against the 2016 referendum, arguing that the result has been invalidated by the Electoral Commission’s ruling on leave campaign spending.
and
“Many people across the EU, myself included, are reliant on bestowed rights to live their daily lives; there must be zero tolerance when it comes to cheating, misrepresentation and non-disclosure of information.”
Ultimately, the interview also highlighted the strategy some German politicians have told me they see as the most effective one against the AfD: to hold them to the same standards as other politicians, and watch them fail to deliver anything substantive. When I spoke with MPs from all the major political parties earlier this year, they were divided on whether to ignore or engage their far-right counterparts; however, most agreed that the AfD would either have to step up on political substance or else stand to lose credibility. “These should be questions that should be easy to answer for any political leader, because they are so important for the future of Germany,” Dirsus, the political scientist, said. “The AfD wants to talk about refugees because this is where they can score points, but they clearly don’t have answers on any of the other topics.”
echo • August 14, 2018 7:29 PM
German pharmaceutical company Fresenius Kabi does not have a position on the death penalty? It’s objection isn’t to the death penalty but reputational damage?!?!! Pardon? If their reputation wasn’t damaged before saying this? It is now.
In court filings challenging the use of its drugs, German pharmaceutical company Fresenius Kabi said that it does not take a position on capital punishment but that it believes the use of its product in executions could damage its “reputation, goodwill and business relationships”.
gordo • August 15, 2018 12:12 AM
@ bttb,
This is my favorite line, the last line from the https://www.emptywheel.net/2018/08/13/the-dossier-as-disinformation-why-it-would-matter/ article:
And all that’s before you get into how perfectly the dossier has served to discredit a very real, well-founded counterintelligence investigation and entangled Democrats and the press in expensive lawfare.
That the folks involved in running the counterintelligence probes-investigations-operations or imbroglios didn’t know what they were holding, that they were holding or how to hold it gives the rearguard a bad name. Anyway, fwiw . . . * I mean, what’s a narrative without a timeline? A plot without a theme? 😉
* (Please note that nobody cited has been charged with wrongdoing or crimes, unless the charge is specifically referenced. Temporal relationships are not necessarily evidence of a correlation.)
“And now you know the rest of the story.”
Clive Robinson • August 15, 2018 4:03 AM
@ gordo,
That the folks involved in running the counterintelligence probes-investigations-operations or imbroglios didn’t know what they were holding, that they were holding or how to hold it gives the rearguard a bad name.
Yup, it’s kind of what I expected to come along with regards the Steel Dossier because of the degrees of seperation and that Neither Steel or anyone else appeared to be looking for and verifying second and third independent sources.
Just very bad Intelligence practice from begining to end realy…
This is yet another “Gift that has the potential to keep giving and giving”…
Bob Paddock • August 15, 2018 6:54 AM
Was Ham Radio used to avoid NSA intercepts in Fusion-GPS?
echo • August 15, 2018 7:13 AM
This is one single example of UK authorities takign advantage and ignoring legal history and established best practice. Legally, a child of almost any age is competent to make decisions. At the same time a child is more easily bullied or confused because children lack life experience or ability to stand up to an adult.
The fact the police did not appear to consult with medical or legal experts does not surprise me. It also doesn’t surprise me that doctors and lawyers act outside of their competence or ethical guidelines by not consulting either, or don’t catch mistakes like this which can compound problems. Why also was nobody able to act until the story was broken by the media and politicians risk averse to bad publicity applied pressure?
Another question is why did earleir obscure legislation empower the police to act this way? Can it be said they knew and acted regardless?
Given what I know about the system I don’t believe this is the only abuse of power.
Too much testosterone in the room? I believe so.
https://www.theguardian.com/uk-news/2018/aug/15/child-spies-must-have-an-appropriate-adult-present-at-meetings-home-office
Children being used as informants must have an appropriate adult present in meetings with the authorities, revised official guidance says.
and
The requirement did not feature in an earlier version of the code, published in 2014, and its inclusion follows intense scrutiny of the practice of using so-called child spies after peers discovered powers covering the practice in obscure secondary legislation.
Thoth • August 15, 2018 7:24 AM
@Clive Robinson, all
I believe one of the final nails in the coffin for Intel SGX et. al. has arrived. Foreshadow has the ability to break the security promises Intel SGX et. al. brings to the table.
The attack gets better over time as the gift simply keeps giving endlessly.
Bye bye, Software Security Enclaves. Nice to have met you but its time the myth of using shared CPU and RAM for Secure Execution should be put to rest.
People just don’t listen and want to cheapen out and thus turn to Intel SGX/AMD PSP/ARM TZ et. al. and this is the result.
Do proper physical, logical and energetic separation if true security is desired.
Links:
– https://foreshadowattack.eu
– https://www.theregister.co.uk/2018/08/15/foreshadow_sgx_software_attestations_collateral_damage/
Clive Robinson • August 15, 2018 7:49 AM
@ Bob Paddock,
<>Was Ham Radio used to avoid NSA intercepts in Fusion-GPS?<>
Whilst I would not rule it out the NSA and FCC do actively listen to all Ham Radio traffic and have done since before the NSA even existed.
A more likely explanation is that they own a sail boat.
It’s no secret that Ham Radio numbers have been dropping, but worse for the ARRL their membiship base is declining like a brick in free fall. Meanwhile a technology called Pactor wich enables connection to the Internet accross HF and VHF was developed by Hams.
A private company has set up a service based around Pactor for Day Boat and similar sail boat hobbyists, but it costs around 250USD to use each year and is slower than a snail on mogadon.
some of the ARRL commity decided that they wanted some of this action so they have upset amature radio enthusists world wide because they want Pactor services across the entire HF spectrum using way way to much of the available bandwidth.
so it could be as simple as that “Nellie” has a sail boat and wants to connect to the Internet via HF comms.
but that does still leave open the question as to what is in her EMails she might get via Pactor servers in Eastern Europe etc.
Clive Robinson • August 15, 2018 8:16 AM
@ Alyer Babtu,
Of course von Neumann also said anyone who tried to arithmetically simulate randomness must be in a state of sin.
He was correct from the theoretical point of view and the lamentable algorithms of the time.
However the world moves on. Consider three words,
1, Random.
2, Chaotic
3, Determanistic.
Can you find sensible theoretical discriptions for them without to many assumptions? That are also meaningful in a practical way that might be of use?
The thing is when you start considering these words from the practical “black box” approach you discover things are not what you might expect. Especially if you are only observing the outputs.
CallMeLateForSupper • August 15, 2018 8:41 AM
Speaking of randomness and TRBG/TRNG ….
Mark Burnett, a security researcher, sees a pattern in certain data posted on certain message boards.
“This wild conspiracy theory [QAnon] relies in part on coded messages posted on message boards such as 4Chan or 8Chan by someone who only goes by the moniker “Q,” an alleged government insider who has been leaking information online.
“But as it turns out, these coded messages may be totally meaningless, ‘random typing’ according to a security researcher who has studied code creation.
…
“Burnett said he noticed a pattern in the codes: ‘almost all the characters’ in the codes alternate between the right and left hand or are close to each other in a normal QWERTY keyboard.
…
“‘The funny thing about people is that even when we type random stuff we tend to have a signature. This guy, for example, likes to have his hand on the ends of each side of the keyboard (e.g., 1,2,3 and 7,8,9) and alternate’, Burnett wrote in his thread.”
https://motherboard.vice.com/en_us/article/9km87z/qanon-codes-are-random-typing
echo • August 15, 2018 10:15 AM
@CallMeLateForSupper
This is why when I rely on random manual input for password generation I mix things. Even then I have biases and can very clearly see this myself from the output. When used in a password context this obviously narrows the search space by a huge margin. It also screams fingerprint.
echo • August 15, 2018 10:49 AM
This whiffs of a lot of slow burn pigeons coming home to roost. This is quites typcial of the UK state.
Inadequacy, and take it or leave it, and seat filler all combined with penny pinching and robbing Peter to pay Paul. At some point issues turn into problems and problems reach critical and turn into disasters before people die (or lose their jobs or starve) with the inevitable “lessons must be learned” and “never again in our time” public enquiries.
Throw in Brexit and food banks and the UK is in a bit of a self-inflicted pickle.
https://www.theguardian.com/uk-news/2018/aug/15/with-676-counter-terror-investigations-how-do-police-focus-resources
With 676 counter-terror investigations, how do police focus resources?
A report from parliament’s intelligence and security committee published in December revealed that MI5’s counter-terrorism activities were increasingly focused on “high-risk casework”.
Alyer Babtu • August 15, 2018 1:06 PM
@Clive Robinson
find sensible theoretical discriptions for them
Sir, the exam is too hard 🙂
Random I gave up on long ago and await enlightenment from someone’s breakthrough, except in the sense of “chance occurrence”, e.g. Completely by chance I encountered my old professor when changing levels to get to another line in the subway, but he didn’t recognize me.
Chaotic and deterministic overlap where initial conditions are sensitive and don’t seem theoretically to necessarily involve “random”.
Some heavy statistics and assumptions would seem to be implied in trying to see what case if any a physical system’s outputs fell into, especially as one can usually only model a simplified version if the real thing.
I loved this “takedown” cautionary tale of coin flipping
http://statweb.stanford.edu/~susan/papers/headswithJ.pdf
Edward Nelson
https://web.math.princeton.edu/~nelson/
has some interesting looking papers and books on his website where he ponders probability theory and also stochastic mechanics.
Major • August 15, 2018 2:08 PM
Am I slow on the uptake? Is @echo a bot? She never answers a question directly and her posts don’t really hold together. Sorry, echo, if I am mistaken but to me your posts read like Sokal’s hoax in Social Text, locally plausible, but as a whole I normally am not clear what you are talking about.
echo • August 15, 2018 2:18 PM
What puzzles me is the panic over immigrants entering the UK when in other places of the world where extreme wealth and poverty lie right nextdoor to each other divided by walls much less imposing than the Berlin wall or sometimes just a road don’t experience the same influx of raving hoards.
https://www.huffingtonpost.com/entry/drone-photographer-inequality_us_5b3ba00ee4b09e4a8b27e5dd
How Using A Drone Changed The Way This Photographer Saw Inequality
Alyer Babtu • August 15, 2018 3:26 PM
Much, including security, depends on dinner.
https://arstechnica.com/science/2018/08/mit-scientists-crack-the-case-of-breaking-spaghetti-in-two/
Maria, butta giù la pasta !
Clive Robinson • August 15, 2018 3:43 PM
@ Alyer Babtu,
Ahh the coin flipping paper… I think it’s been on this blog, but can not remember how far back…
Oh by the way, I can alter the way a “flip up and land in the hand” coin flip comes out, every time 😉
Even after the coin has come to rest and I like every one else can not see it.
I’ve described how before and one commenter said at the time “remind me never to gamble with you”.
Oh just remember I don’t gamble, so… if I offer to make a bet with you it’s fairly certain I already know what the outcome is and I’m doing it to teach you a lesson (I never bet more than a pint so the lesson is cheap 😉
echo • August 15, 2018 4:44 PM
I have just been watching videos on British army ration packs. The one for “the men” (i.e. NCOs and below) is ghastly. It’s full of sugary junk food and peak viewing time brand name tea and, well, you know. “Scoff.” I scuttled off to the British army officers ration pack video. Oh, Lord. Back to civilisation! This is more like it! Tablecloth. Plates. Knife and fork. Salt and pepper… I didn’t know they could fit all this in the box. How do they manage without breaking the plates?
What’s REALLY inside a British Army Ration Pack – NCO’s
https://www.youtube.com/watch?v=QfblJvcEB9I
British Officer’s Ration Pack
https://www.youtube.com/watch?v=4-XMlGGZkJk
JG4 • August 15, 2018 7:39 PM
https://www.nakedcapitalism.com/2018/08/links-8-15-18.html
…
Big Brother is Watching You Watch
Los Angeles is first in US to install subway body scanners Associated Press. Great. I see a future with no public transportation for me. I opt out of scanners at the airport. As a reader who has worked on military-related projects has pointed out, if you go through and airport scanner, after as few as two trips, they can match your scan to you, effectively creating a biometric ID
Sacramento welfare investigators track drivers to find fraud. Privacy group raises red flags.
Google tracks users who turn off location history BBC. I’ve assumed this to be the case, that if your device has GPS location, the only way to disable that is to put it in a Faraday bag or remove the chip.
Imperial Collapse Watch
(Why US Leadership Stinks & Drones Don’t Work) Leadership in organizations people believe in Ian Welsh
…
WhiskerInMenlo • August 15, 2018 9:24 PM
What does “President Trump has ordered former CIA Director John Brennan’s security clearance to be revoked.” imply for Brennan and other in a security context.
Without a clearance it is unclear to me if Brennan can be compelled to testify on classified topics. Is it possible that he cannot be asked because he is not cleared for the topic or he cannot reply? i.e. the code words cannot be uttered in his presence or by him.
Might sound like:
Q: “Mr Brennan we would like to explore the evidence involving the REDACTED program and correspondence bounded by the dates REDACTED to REDACTED.
Are you familiar with that program?”
A: “Sir, respectfully I am not in a position to confirm or deny any program hidden behind redaction and should I venture a guess it might be construed to be a breach of the National Secrets Act. The veracity of such a guess and discussion simply cannot be addressed without violation of law. I refer you to essays and books by Kafka and also Catch-22 a Novel by Joseph Heller as a preliminary framework to understanding my predicament. For the slow readers in the room there is a movie on Catch 22.”
For much of this the Fifth does not apply as the testimony is likely not incriminating to Brennan and others in his no-clearance situation yet the act of testifying violates the law.
Those asking the question may also be in violation should they utter classified code words and phrases to individuals not cleared to be read in.
Congress could fix this in a number of ways but…
Is this is like forgetting the name of a critical account and its password in an opaque MAC secure operating system with a strong policy.
Clive Robinson • August 16, 2018 2:01 AM
@ Thoth, All,
I believe one of the final nails in the coffin for Intel SGX et. al.
For the architectute it’s certainly “dead man walking” but we went through the whys of that back when discussing C-v-P.
There is an old story about “The Russian Bear” from tzarist times. Put simply it was the idea you could not kill the Russian Bear and by implication the tzarist monarchy. Well we all know how that went with the Potekmpin Bridge and later the fall of the Communist replacment.
Intel’s chief exec and presumably other C coridor primates there act and behave like the Intel bear equivalent also has the same longevity and freedom from censure…
Well the end I think has already been written, the question is what can be salvaged. The Bear died but Mother Russia survived, what I wonderwill be Mother Intel, if there can be one…
GregW • August 16, 2018 3:21 AM
China beats US. File under “paper paper never data”:
Seems like the CIA doesn’t know how to red team their own stuff, or when to…
JG4 • August 16, 2018 6:40 AM
https://www.nakedcapitalism.com/2018/08/links-8-16-18.html
…
Big Brother is Watching You Watch
The Unlikely Activists Who Took On Silicon Valley — and Won New York Times (David L)
St. Louis University Is Installing Amazon Alexa-Enabled Echo Dots Campus-Wide Fortune (Brian C)
The eminently hackable police bodycam BoingBoing
A Group of Engineers Say They’ve Created a Way to Detect Bombs and Guns Using Basic Wifi Gizmodo
Imperial Collapse Watch
Botched CIA Communications System Helped Blow Cover of Chinese Agents Foreign Policy
…
bttb • August 16, 2018 12:12 PM
fwiw, My political/economic views tend toward eclectic (selecting or choosing from various sources).
fwiw, If I was a whistleblower (business, government, non-governmental organization (NGO)) I would try to choose who to leak to carefully and try to cover my a$$. For example, The Intercept’s, presumably, poor handling of, presumably, Reality Winner’s documents regarding state election hacking by, presumably, Russia.
https://boingboing.net/2018/06/21/reality-winner-changes-plea-to.html
https://en.wikipedia.org/wiki/Reality_Winner
1/
VinnyG • August 16, 2018 12:32 PM
@ECHO Re: 5250 clone kit – If they offered a similar kit for the PC-XT (5160 iirc?) I might buy one. My (admittedly a bit foggy at this juncture) recollection is that considerable improvements were made in the IBM PC for the XT, beyond the availability of a hard drive. IMO the soldering would be the easy part. After that you would need to (re)learn how to code in compatible languages and systems, because nothing current would run in 256 kB (with no paging) even if you could port/translate it. Surprisingly, it looks like 5-1/4″ floppy disks are still readily available…
bttb • August 16, 2018 12:43 PM
https://www.youtube.com/watch?v=n0POmdK18WU ; Respect – Aretha Franklin
Does Putin have more respect for Snowden than (useful idiot?) Trump. iirc, A while back, Putin may have implied that Snowden should have taken his grievances, complaints, etc., through the appropriate corporate or governmental complaint, or whistleblowing, channels.
Regardless, who might Putin respect (professional or otherwise) more: Trump or Snowden?
https://www.youtube.com/watch?v=jfc0lli4YRk ; Aretha Franklin – Chain of Fools (w/Spanish Subtitles)
https://www.youtube.com/watch?v=XEdkfV6Tk88 ; Aretha Franklin – Chain of Fools (2011)
2/
echo • August 16, 2018 2:10 PM
This is an interestign article which suggests men who display empathy and caring for others may be picked on. This is the other side of the argument which highlights how authoritarian and sociopathic some organisations can be when driven by macho zero sum cultures. Women can and do make fun of men and not always side with men doing the right thing because of group self-interest which means a double indignity can be suffered. Because of this I believe it is worth questioning the illusion of leadership carefully crafted by men and women who acquire seniority. This study may help counter some of the unfairness and wrong practcie in the work environment to everyone’s benefit.
https://www.scientificamerican.com/article/men-who-advocate-for-others-in-the-workplace-face-backlash/
Men Who Advocate for Others in the Workplace Face Backlash
Study shows a cost for males who defy gender stereotypes
@VinnyG
I suspect you are right. My memory is foggy too and wasn’t sure what international model numbers were so assumed. (Fatal mistake!) The PC XT and PCAT were fine. I’m not sure about memory and floppy and hard disc controllers. Freedos should work. Thereis also a free for commercial use version of Gem, and also FreeGEM and OpenGEM which is a bit more extended. I’m fairly sure most peoples copies of Microsoft DOS and Windows which may run on this had bitrotted their way to the refuse bin by now. Otehr lightweight and sometimes surprisingly well featured alternative OS exist. I have no idea if they will be functional on hardware this old though.
bttb • August 16, 2018 3:57 PM
1) https://www.emptywheel.net/2018/08/14/there-are-still-mueller-prosecutors-whose-work-weve-barely-seen/
2) https://www.emptywheel.net/2018/08/16/if-you-have-rick-gates-and-omarosa-you-dont-need-george-papadopoulos/
3) https://www.emptywheel.net/2018/08/16/andrew-millers-five-month-stall-leads-to-a-six-month-investigation-of-roger-stone/
3) ”The DC Circuit has just released its briefing schedule for Andrew Miller’s appeal of his subpoena to appear before Mueller’s grand jury. The hearing in that appeal will be sometime after the matter is fully briefed on October 9. Altogether, Miller will have stalled his testimony for five months by then.
That means Mueller will have been pursuing evidence against Roger Stone, as the most visible evidence of the ongoing investigation, for six months.
As a reminder, here are some things that Mueller appears to be investigating, and here’s what we can learn about the investigation from Stone’s latest lies.”
WhiskersInMenlo • August 16, 2018 5:04 PM
@Spooky
Such a shame about those VIA chips
….
I was joking with a friend that we should just go back to using 8086s, 6510s and Z80s but you know what, that would not make any difference–every single one of those chips also contained undocumented instructions and behaviors.
All is not lost on the old hardware…
most have now been reimplemented and public VHDL or emulators are easy to find.
The hacker community has some new tiny FPGA boards with enough resources to
make interesting machines.
Chapter one: for those that do not know where to begin give a look at the Motorola MC14500B
and the red manual for it.
Chapter two: can be a look at the Magic-1 machine. The design is simple enough that a single person could build it.
Windows-10 containers is a cool software framework for machines that will surface after these crazy days.
Operating system design could take a step back and the old main frame roll the job in roll it out to drum unshared hardware (no concurrency) can allow a different class of system management (OS on an I/O channel processor 360 style).
A clever person can build their own Magic-1 with a unique binary instruction and maintain it from source code modulo a single header file for the local instruction set binary code and hardware decode maps.
MIPS hardware is still encumbered but RISC5 is an opportunity with working tools.
A sea of modest processors on a motherboard could solve simple problems like the VPN foolishness and pinch points it has.
Small machines like the Raspberry Pi are teaching good lessons economically at virtually all levels in the hardware, OS and application spaces.
echo • August 16, 2018 6:23 PM
I suspected I may not have been the only person to think up “Quantum Neural blockchain AI”. I couldn’t be bothered to think through it. Because.
Yup, according to the physics, we know we are “quantum”. Neural nets capture many core features of how our brains seem to work. Blockchain—at least as a general concept—is somehow related to individual and societal memory. And AI, well, AI in effect tries to capture what’s aligned with human goals and intelligence in the computational universe—which is also what we’re doing.
OK, so what’s the closest thing we know to a QNBAI? Well, it’s probably all of us!
Maybe that sounds crazy. I mean, why should a string of buzzwords from 2018 connect like that? Well, at some level perhaps there’s an obvious answer: we tend to create and study things that are relevant to us, and somehow revolve around us. And, more than that, the buzzwords of today are things that are somehow just within the scope that we can now think about with the concepts we’ve currently developed–and that are somehow connected through them.
WhiskersInMenlo • August 16, 2018 6:50 PM
Words per language.
https://en.wikipedia.org/wiki/List_of_dictionaries_by_number_of_words
The top in this list is:
Korean 우리말샘 (Woori Mal Saem, 2017) 1,100,373 words Online open dictionary including dialects of South and North Korea.
gordo • August 16, 2018 7:40 PM
From a couple of days ago, an interview video with Bill Binney on The Jimmy Dore Show [12:21], posted up on RealClearPolitics, my favorite line from Mr. Binney was his comment on the recent Mueller indictment of 12 Russians:
For reference, the above-mentioned indictment (in ocr-friendly PDF format).
Clive Robinson • August 17, 2018 3:03 AM
@ VinnyG,
… because nothing current would run in 256 kB (with no paging) even if you could port/translate it.
It depends on what you mean by “current” dare I mention some stack bassed languages such as Forth, that have the advantage of being their own OS if you want and not actually requiring an MMU to do multitasking (unlike most other languages + OSs). As far as I’m aware there is bootloader code for various CPUs that contains Forth you can “rip out” Free Gratis.
As for hardware,
Surprisingly, it looks like 5-1/4″ floppy disks are still readily available…
Not all 5.25 floppies have the same interface as back last century or so due to amongst other things electrical voltage changes as TTL level interfaces became CMOS-TTL then CMOS levels (ie the gap band between TTL high/low and CMOS high/low is different) so you might need to add compatability via resistors etc.
My solution to these problems is generally go RS232 +-5V or +-12V via thos neat little converter chips and if there is no native serial support available on the CPU board just “Bit Bang” a parallel status line or two via a fast timer interupt loop. This has the advantage of giving you access to the newer high tech stuff without real probs (except speed). but the major pluss point for me is RS232 makes a good security choke point that’s easy to instrument, so you can look for nasties or build data diodes with protocol firewalls etc (look up SLIP or PPP if you want Internet protocols but the SLIP stack is way way easier for a whole heap of reasons).
Alyer Babtu • August 17, 2018 5:55 AM
@echo
think up “Quantum Neural blockchain AI”
I wonder what Federico Faggin and/or Carver Mead is thinking about these things, in as much as they have devoted a lot of effort towards neuromorphic (neurotrophic?) computing.
Clive Robinson • August 17, 2018 7:16 AM
@ bttb,
<
blockquote>Does Putin have more respect for Snowden…
<
blockquote>
To be honest I don’t think Putin cares that much as long as they are all pissing out of his boat.
Which is kind of the point realy, unlike US politicians that want everyone else to do and say as they want…
Alyer Babtu • August 17, 2018 9:11 AM
And in other news of fresh disaster
echo • August 17, 2018 11:58 AM
@Alyer Babtu
I wonder what Federico Faggin and/or Carver Mead is thinking about these things, in as much as they have devoted a lot of effort towards neuromorphic (neurotrophic?) computing.
I have no idea. I’m wondering when the UN and EU will twig how routinely state human rights abuses occur in the UK. Reviewing over five years of media reports I wonder what an AI would make of what a mathematician would call “special functions” buried in the information theory mess we call UK bureaucracy.
Clive Robinson • August 18, 2018 5:40 AM
@ Alyer Babtu,
And in other news of fresh disaster
The idea of overloading the electrical infrestructure at the consumer end is not new, and has been mentioned several times on this blog before.
The difference between the two predictions is in the past we were talking about the dangers of the “smart grid”… The reason for which is those who own and manage the energy infrastructure failed for entirely profit motivation reasons to do, not just the required upgradeds, but even the required basic maintenance so the grid was crumbling (and still is in places). So they came up with a wheeze they would get the politicians to legislate their gailings onto their customers…
The hidden part of the Smart Grid would be Smart White Goods etc which basically ment that the grid operator could change the settings on your AirCon, Heating and other devices that used above a hundred or so watts of power. This obviously would add around 5-20USD to every white good you buy and have it controled by others you have no control over…
Some postulated the heating off in a blizard or heating on at night during a heatwave as a way to kill people. I was more interested to point out the problems of insecure communications which are way to many to list in one place. But I’ve repeatedly noted that the Smart Grid and it’s Smart Meters are potentially a major surveillance device down to being able to know what you are watching on TV when you are cooking even down to opening and then closing your fridge door. More scarry when you are in your electric shower, using your hair drier etc. But… Smart meters have an instalation life of around thirty years, and we have yet to have a NIST approved crypto system be secure that long…
But you will also find discussions about the “cascade failure” effect of knowing which critical point to cause to fail that it in turn causes other points to fail in the equivalent of a “chain reaction” and a wipeout effect as wide area as you would get from a nuclear device…
We are lucky at the moment in that solar activity is low therefore Space Weather is relatively benign currently. However if the lack of essential maintenance and required upgrades continues to happen, a single solar event could wipe out the Continental US electricity grid…
But attention has moved from the security issues of the smart grid now the IoT has so many low hanging fruit security faults it’s squelching under foot.
Clive Robinson • August 18, 2018 10:36 AM
@ echo, Alyer Babtu,
Quantum Neural blockchain AI
And similar such random conectletts of jargon, used to inflate the bubble of sunk cost investor wealth still further 😉
This might amuse,
Alyer Babtu • August 18, 2018 2:50 PM
@Clive Robinson
overloading the electrical infrastructure
Thanks for the nice summary. I was struck by the symmetry: smart grid worries might center around its failing to be smart enough about power, but there is the less obvious information risk also; wi-fi control has the obvious information risk, but then has somewhat in the background a power management risk.
Everyone needs more of these lessons in “thinking hinky” as you say. Get the habit of reviewing, separating what the intention was when building the thing from what capabilities (unexpected, unplanned) the implementation brings with it. “You had one job”, but now you have tens of jobs. Is there a science of designing that “one job” so it handles all those other jobs from the start ?
QNBAI
Sounds like something a kamikaze unit might shout as they begin their attack ! 🙂
I recall a lecture by an AI guy from UCLA where he said “no smart brains without smart senses”. It seems to me Faggin and Mead were taking that to heart.
Faggin also said something new was needed because a “conventional” computer the size of your typical brain if capable of doing what the brain does would have so high a power requirement that it would vaporize itself when you turned it on.
Clive Robinson • August 19, 2018 5:06 AM
@ Alyer Babtu,
Faggin also said something new was needed because a “conventional” computer the size of your typical brain…
Various people have said similar for a very long time. I think even Alan Turing made a similar comment, when the switching device was a thermionic valve (tube) drawing around ten watts in heater power alone.
The point is that the brain does not use hard switching devices like valves, transistors, and the logic gates they are formed into. In essence it uses something like chemical batteries that pump sodium from battery to battery very slowely, and in a form of pulses. Somebody only half jokingly said it worked like a water clock made of lard.
The real arguments though are not about “hardware” because the assumption is we can solve that in some way as it already exists as six pounds of mixed fats.
No the arguments are much more difficult to even think about and are,
1, What is “original thought”
2, Where do “unique ideas originate”.
Oh and the lesser but potentially much harder to solve “how do we recognise/select” them to bring them into conscious use.
Much as Alan Turing insisted that the first computer have a “noise source” in it, later generations have moved on to other more curious ideas of nondetermanistic sources such as quantum effects. The UK mathmetician Roger Penrose upset more than a few people with his ideas, but we are now finding quantum effects poping up in various biological systems such as chlorophyll and smell etc. Almost like a “can’t see the trees for the wood” problem. That is you can see a wood or forrest clearly as a single entity from a distance. But get dropped in without knowing what a tree is, then you have no chance of telling you are in a wood or forrest, let alone recognise it as a single entity.
But after all the fun and games it still gets back to “original” does it actually require “random” would “chaotic” be a better fit[1]… But then how do you go from noise to signal and how do you enhance the signal till it’s usefull.
Simple maths and logic says that the entire process is not a random one amplified to the n’th degree. There has to be some form of direction such as a set of feedback systems tied in with recognizer constructs like matched filters.
But that just moves the problem to that of the filter constants… Which when we get a handle on it, will probably like an air bubble under newly put up wallpaper, just move somewhere else when you bare down upon it.
The result is we are still not anywhere close to “original” or even finding an origin to start looking.
[1] Which in part was what my question to you the other day was about.
echo • August 19, 2018 5:21 PM
@Clive
Perhaps we don’t fully understand how massive parallelism works? This isn’t counting the basic nervous system as a processing device of sortsor the specialisation of the eyeball and optic cord as a pre-processor. There’s also issues with digital emulating analogue. A simple thing like the brain storing numbers logarithmically have be important. I strongly suspect this last one is part of perception as studies reveal how ratings tables of games are strongly logarithmic.
I don’t pretend to understand this. I suspect “chaotic”has somethign to do with this and half remember reading something along the lines of if the body (or was it brain?) wasn’t chaotic it wouldn’t work because it would be a brittle system or something like this. It’s also a wonderful least effort system given what it manages to achieve relative to computers.
Alyer Babtu • August 19, 2018 9:26 PM
@Clive Robinson
the arguments are much more difficult to even think about
Sir, this exam is even harder than he last one, and it covers material that was not in the book. 🙂
Totally out of my depth, and putting the propeller on backwards, but –
Do we even have original ideas, or do we just through sensory inputs and reflection on them come to understand something that was always at least potentially there ? Perhaps we are all by our nature intrinsically followers. No sensory input, no cognition so to speak.
The “classical” account (Aristotle and Aquinas, as opposed to Descartes), although it is much in the shade now, seems to convincingly show that 1. we do know real things; 2. that the knowing of real things is prior to our knowing that we know, which occurs when we relfect on our act of knowing a real thing; and that 3. some kind of immaterial acquiring of a form in cognition, which is actuated by and a similitude of the nature or form of the real external thing, is the only way to explain knowing; if knowing was purely a change of material form, a third thing would thereby be involved, and we would not know the original thing but at most something else, or rather nothing. This account does not have the “moving bubble” problem.
Alyer Babtu • August 19, 2018 9:37 PM
That is, he knower immaterially has to acquire the form of the thing as known and so must become it, identically. There is no ”third”, as in material change.
JG4 • August 20, 2018 7:30 AM
Now you’ll be tracked by sensors in your underpants. This is a brilliant presentation.
file under signs of the times, from a few days ago. you can’t be too careful, or too safe.
Police Chief Defends Use of Taser on 87-year-old woman
https://www.nakedcapitalism.com/2018/08/links-8-21-18.html
…
There is a leftwing way to challenge big tech for our data. Here it is Evgeny Morozov, Guardian
How to completely delete Facebook from your life Mashable
CorF • August 20, 2018 6:14 PM
Two “high speed” internet internet service providers (ISPs) are available in my
area; Comcast or Fios (Verizon). I am looking for relatively cheap options and service. Price wise they appear to be about the same. Probably 1 or 2 year contract.
Any recommendations or things to consider?
If I go Comcast, do you recommend Netgear, Arris, or other cable modem (approx. 50 to 100 USD and with no routing)?
If I go FIOS, how about ethernet direct to FIOS ONT from customer supplied router?
Thanks,
Comcast or Fios
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Ismar • August 10, 2018 4:56 PM
We hear a lot about crypto currency mining malware by using people’s devices processing power without asking them first.
As usual the same principle can be used for good to help scientists fight cancer or find causes to some diseases as done by IBM here
https://www.worldcommunitygrid.org/discover.action#curent-projects
The moral question I have here is would it be acceptable to have this kind of software installed secretly on people devices in a way similar to illegal miners do with their software? Or even what would one do when finding exitance of such a software on their devices- remove or not remove it ?