Friday Squid Blogging: Clubhook Squid Washes Up on Oregon Beach

This seems to have happened twice in two weeks.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on August 24, 2018 at 3:37 PM • 170 Comments

Comments

HumdeeAugust 24, 2018 3:51 PM

I am not sure this is a good fit for this blog and if it not please remove it moderator. However, in a post this week @bruce brought up what he called the "social aspects" of security such as racism and sexism.

https://www.sciencealert.com/sexy-selfies-on-social-media-are-more-common-when-there-s-income-inequality

This new research out of Australia argues that sexism isn't, as commonly assumed, correlated with societies with high gender inequality. Rather, their study shows that the primary driver of sexism is income inequality. Income inequality, then, is not just a financial issue but a security issue too. Which harkens back to a comment @Bruce made years ago that the only people who have privacy anymore are the very rich and the very poor.

MarkHAugust 24, 2018 5:04 PM

U.S. Political Party Makes Counterintelligence Strike

... against its own country's intelligence apparatus.

The New York Times reports that intelligence community sources are saying, that whereas they had a variety of highly placed human sources in the Russian government about the Kremlin's attack on the 2016 U.S. elections, "two years later, the vital Kremlin informants have largely gone silent."

This loss of humint is ascribed to a variety of causes, the most important of which are likely stepped-up Russian counterintelligence efforts, and the deterrent effect of Russia's ongoing string of murders and attempted murders of those whom Putin deems to be traitors.

However, "officials also raised the possibility that the outing of an F.B.I. informant under scrutiny by the House intelligence committee — an examination encouraged by President Trump — has had a chilling effect on intelligence collection."

The people who worked to expose that asset of the U.S. intelligence community were, of course, members of the Republican party.
__________________________________

The intelligence community has no doubt that Russia is working to interfere in the 2018 elections (only a few weeks hence), because they see familiar patterns of activity. They don't need humint, to detect it.

But the human sources are important for information they can give about the intent behind the attacks. Now, that's gone.
__________________________________

If you're a conspiracy theorist who seriously suggests that a large bloc of the U.S. intelligence community is deceitfully fabricating intelligence as part of a "palace coup" against the U.S. constitution, then you will surely applaud this development.

For those of us in the reality-based community who care about the health of liberal democracies, it's miserable.
___________________________________

And yes, this is one of many examples of Trump furthering the Kremlin's agenda.

echoAugust 24, 2018 5:06 PM

@Humdee

Thanks for the link. I believe you link fits within security. I have collected a few links I hope to post later which may help fill in a security narrative.

Apparently, a US study claims that regardless of qualification women's income in later life is very dependent on the income of the area where the individual woman grew up. Another article explains a paper which says that the issue of gender dominance was originally equal and the balance today emerged from who made the first move for dominance.

Woman's income influenced by home town.
https://www.theatlantic.com/business/archive/2018/08/a-womans-paycheck-is-influenced-by-her-hometowneven-if-she-doesnt-live-there-anymore/567958/

I cannot find the link on gender dominance atthe moment. (I have pages of links to organise.)

There is also this link on how expensive tastes can cost you friends. I'm really not sure about this. I like good taste and good quality. I don't care much for brands or price.

https://www.inverse.com/article/48183-expensive-taste-luxury-goods-friendships-relationships

Sancho_PAugust 24, 2018 5:35 PM

So much science! Shocking!

The following is is a very serious security issue, please don’t laugh now.
Influence and influenza.

Honorable US scientists of GWU found out:
The Russians did it again, only to destabilize the American society:

”Russian trolls and more sophisticated bot accounts used a different tactic, posting equal amounts of pro- and anti-vaccination tweets.”
https://gwtoday.gwu.edu/russian-trolls-bots-influence-vaccine-discussion-twitter

Abstract:
They use our Internet but improve our methods!
Totally unacceptable.

MarkHAugust 24, 2018 5:45 PM

Apology/Disclaimer: Yes, this is political, but I suggest that the implications for international security are heavy. Many who have studied Trump expect that as criminal liability closes around him, he is liable make any imaginable abusive exercise of his power.

Trump CrimeWatch: Witness Edition

Many persons have been cooperating with investigations related to Trump, his various corporations, and his campaign for the 2016 election.
__________________________________

Michael Cohen has been a Trump right-hand man for about a decade, and in particular a specialist in embarrassing/improper matters.

Cohen's knowledge of the dirty dealings is probably encyclopedic, and we now know that he kept extensive documentation, including audio recordings of conversations, all now in the hands of Federal prosecutors.

Cohen is now a convicted criminal. In his guilty plea, he famously stated that he committed a crime in coordination with, and at the direction of a person who by context must be Trump.

Cohen did not enter into a traditional cooperation agreement with prosecutors. However, his lawyer has advertised that Cohen is eager to provide information on potentially unlawful Trump activities, no doubt to reduce the prison time he now faces.

The information Cohen is now "shopping" goes directly to the heart of the question of a conspiracy between the Russian Federation and Donald J. Trump.
__________________________________

David Pecker (yes, his real name) of America's most famous trashy tabloid paper, reportedly "kept a safe containing documents on hush money payments and other damning stories it killed as part of its cozy relationship with Donald Trump leading up to the 2016 presidential election." Politically embarrassing, sure ... but illegal? Well, that depends on how they payments were made, and any knowledge by or coordination with Trump.

Federal prosecutors have granted Pecker immunity for his testimony.
__________________________________

Allen Weisselberg has been the "Trump bookkeeper" for many years -- not only is he CFO of The Trump Organization, he also
managed finances for Fred Trump, the president's father. If you believe that Trump has always conducted his business
lawfully -- without fraud, tax evasion, violations of campaign finance laws, money laundering, collusion with organized
crime figures, and the like -- then Weisselberg has nothing incriminating to say about Trump.

Federal prosecutors have granted Weisselberg immunity for his testimony.
__________________________________

Given the suspicions concerning Trump's cognitive health, it's quite possible that these people know more about Trump than Trump himself knows.

Developments not related to witnesses:

• Trump's financial ties to the Russian Federation remain mysterious, at least insofar as public knowledge is concerned. [I think it likely that the Special Counsel's investigation has quite a lot of data on this matter.] Trump has claimed that he made no investment in Russia, which might well be true. But in keeping with his fraudulent character, he was misleadingly answering the wrong question. To better understand his relationship to the Kremlin, it is vital to discover what investments Russia made in Trump.

According to legal scholar George Yin, a 1924 statute empowers three Congressional committees to obtain ANY tax return from the Internal Revenue Service for investigative purposes. There is no exception or immunity for POTUS from this law. Such committee may, for legitimate purpose (such as revelation of a conflict of interest) disclose the tax information to Congress as a whole.

It happens that the Senate Finance Committee has only one more Republican than Democrat, so a single Republican Senator could carry a vote to obtain Trump's tax returns.

Many people don't realize that although Robert Mueller has a mountain of information, his ability to disclose it is severely constrained. For this reason, Congressional inquiries are of critical importance, because they can make public ANY information the disclosure of which they determine to be in the national interest.

Someday it might be written, that for want of a single Republican patriot, the Republic was lost.

• Trump has notoriously mused about, discussed with potential or actually witnesses against him, and publicly hinted at in specific cases, the corrupt abuse of his presidential pardon power in order to obstruct investigations against himself, his family, and his associates.

Now, unlawful activity in connection with Trump's sham charity is under investigation by New York State and Manhattan prosecutors. No president can pardon non-Federal convictions, so these investigations could snare family members and other important witnesses beyond the reach of Trump's obvious willingness to obstruct justice.

PeaceHeadAugust 24, 2018 6:47 PM

Let me make this easier for some of you:

THE ELECTORAL COLLEGE UNDERMINED THE 2016 U.S. ELECTION OF HILLARY R. CLINTON WHO WON BY SEVERAL MILLION VOTES BY THE U.S. VOTING POPULATION ACCORDING TO THE POPULAR VOTE. NO NEED TO BLAME FOREIGN POWERS WHATSOEVER.

In keeping with track records, the ones who routinely try to undermine the U.S. elections at all levels tend to be republican extremists or at other times, just plain ordinary republicans. This is such an open and closed topic it can be easily researched civicly.

Now, if you're still skeptical, because of the *other* wrongdoings happening simultaneously, consider this:

All this mess is the result of the wrong person being planted into office rather than elected legally and with true justice in mind rather than more monetary gift favors to the ultra-rich. The extra corruptions related to the Trump Administration and their lobbyists and some of their supporters (but certainly not all) is just gratis, extra, practically coincidental except for the fact that corrupt people tend to do corrupt things and spend time with other corrupt people.

However, some people have had their eye of suspicion on Mr. D. Trump since the 1990s at least. So yeah, it is kind of a "witch hunt", ironically. A whole lot of people, both Democratic bulldozer and Republican/TeaParty bulldozer, are barking up the wrong trees and trying to arbitrarily establish false claims as de facto truth (which is impossible).

Ironically, yes, there is plenty of "fake news" and plenty of hoaxes. Mr. D. Trump is correct about that and i'm thankful that he has said as much. It's horrible and indicative, however, that he uses that fact only to target primarily Democrats and some Democratic-leaning media rather than being more objective about it. However, it's not realistic to expect such a gregarious bravado person as Trump to be objective in style. Objectivity is not what his supporters tend to like him for.

And truthfully, Mr. D. Trump also told the truth, ironically, when he cleared the air internationally to admit that the USA (mil-industrial-complex) has had (sometimes innocent) people killed too. It's not even opinion, it's historical fact available via a variety of public records and reports and living artifacts and military traditions. A person need only talk to a few of the correctly trained veterans and they'll tell you even more about that type of thing if you don't insult them nor blame them.

And Mr. D. Trump also did the correct thing by de-escallating tensions with Russia and Putin over and over again. For this, he's brilliant and thankfully so. And yet the irony is breathtaking when taking into consideration how many other ways he's been a seemingly willing accomplice to the wholesale intentional dismantling and sabotage of so many essential US institutions. His technique seems to be "use it or lose it" or "complain when I'm poised to knock it down or you're gonna lose it completely".

And again, Mr. D. Trump behaved honorably and correctly when de-escallating tensions with Mr. K. J. Un of DPRK despite that he also put us at risk in almost the same breadth of time. His manners can be excellent when he tries. Even though he was astoundingly horrifically insanely unpleasant when he publicly insulted the Native American Code Talkers during an extremely important awards and recognition and appreciation ceremony.

Again, the irony is screaming.

Now take another look at the video I've been posting and consider how it quotes a retired U.S. military leader, a potential U.S. Presidential Candidate and security specialist, and how it's ironically from a Fox News broadcast and how it's being redelivered by some of us who are very much NOT Republicans nor TeaParty members nor are we domestic terrorists nor sympathisers with whomever assassinates or poisons people.

But to keep blaming the same person or group over and over again is recognizeably a NAZI tactic of xenophobia as well as a propagandistic technique devoid of any true forethought nor proliferation of insightfulness.

Again, if you need more reminders:

U.S. Operation NORTHWOODS
U.S. Operation PAPERCLIP
U.S. Pentagon MASCAL
U.S. COINTELPRO

There are plenty more. What's the meaning of these? A: That the U.S. is often guilty of the crimes it blames upon other governments, militaries, and subcultures.

If I were a Russian American, I'd be just as afraid of being lynched these days as an African-American during the 1950s or 60s. But this is NOT that time! So which group is trying to relieve that bygone era? It's worth considering. Who has nostalgia for the COLD WAR? The COLD WAR IS QUIT/HALTED/KAPUT/DONE/FINISHED/OVER.

So who would be willing to trash the entire nation as well as NATO and Russia just to rekindle the Cold War?

I already know of one primary suspect group which is very much not extinct: NAZIs and similar groups. And this is one of the reasons why those of you who routinely blame law enforcement are quite possibly tragically in the wrong. We need whatever forms of law enforcement still exist devoid of corruption due to their insights not just about well-understood crimes, but also for their insights about and efforts against ALL THREATS, FOREIGN AND DOMESTIC.

I'm not dogging the FBI these days, because it's not 1968 it's 2018 and incrementing. The Mueller stuff is nice, but I think we'd probably be getting better results faster if Comey were still in place.

Whatever the NeoCon Republican Black Op was, it seems to have been so absurdist in nature and practice that we are witnessing much of their wet dream results daily embedded in headache after headache. I think they even outdid themselves... "with no purpose, no design".

Eventually, much of this will bubble up to the surface, but let's hope that our planet is still habitable at that time.

Last but not least. The Mueller piece was OK, but it not surprisingly sidesteps everything that 911Truthers comprehend about the gaping holes in the official 911 account and blamefest. I recommend The Third Truth by the honorable Dmitir Khalezov as further reading for those who like to nitpick.

Have a good month, everyone, I'm gonna try and abstain from posting here for a long time. But don't be surprised if I bop back in on September 11th, 2018 and then leave again.

PEACE BELONGS TO EVERYONE WHO NEEDS AND WANTS IT.

RatioAugust 24, 2018 7:29 PM

Glenn Greenwald in No Place Left to Hide (chapter two, Ten Days in Hong Kong):

Snowden had been clear from our first conversation about his rationale for distrusting the establishment media with his story, repeatedly referring to the New York Times’s concealment of NSA eavesdropping. He had come to believe that the paper’s concealment of that information may very well have changed the outcome of the 2004 election. “Hiding that story changed history,” he said.

The rest of the book mostly deals with Greenwald pushing back on this “unhinged” rhetoric (which no doubt was motivated by the need to rationalize John Kerry’s loss), demanding proof, and mockingly suffixing every other comment from Snowden with the hashtag #resistance, I gather.

MartinAugust 24, 2018 8:12 PM

@PeaceHead

Please note "THE ELECTORAL COLLEGE UNDERMINED..." is not correct. The electoral college didn't undermined anything. The electoral college functioned exactly as defined in the US Constitution. It functioned as it always has. All USA presidents have been elected by the electoral college and never by the "popular vote."

justinacolmenaAugust 24, 2018 8:25 PM

@ MarkH

Trump ... liable make any imaginable abusive exercise of his power.

You can't really be so precise about it. It's almost more some of the people Trump chooses to associate with while he remains in denial and ignorance of their crimes, from which he refuses to dissociate himself, like all those women who swamped the streets of D.C. "protesting" his inauguration. Professional high-dollar whores to sweep the streets of low-class folks.

The Jewish circumcision and the Catholic Advisory Panel among other matters are signs of a horrible religious boil coming to a head. The priests and Rabbis need to get out of the government and separate their religion from the state.

No president can pardon non-Federal convictions

That federal/non-federal straight razor needs to go away. The Judges in every state are sworn under the Constitution to uphold U.S. constitutional and statutory law above the laws of each state, for one thing.

And somehow a state or local mental health check confers a lifetime federal gun ban despite the implicit freedom of one who is "no longer" committed to a mental institution (under such medieval practice of medicine/law.)

PeaceHeadAugust 24, 2018 8:58 PM

I agree with 5 out of 7 of previous poster Martin's sentences without withdrawing my original beliefs and claims and comments. In other words, I agree with all that was said in response except for: quote{"THE ELECTORAL COLLEGE UNDERMINED..." is not correct. The electoral college didn't undermined anything. "}endquote. Other than that, we are both correct.

Here's a decent nutshell explanation of the bogus electoral college system and it's flaws from a rather objectively expressed vantage point:

https://duckduckgo.com/?q=CGP+Grey+youtube+electoral+college&t=hi&ia=web

Look for the 4 brief videos by YouTube user "CGP Grey". There are four videos specific to exactly this topic in terms of USA election history and practice.

Hopefully these are some of those links still. When I usually check on YouTube.com there are 2 videos about the Electoral College, one from before Nov 2016, and one after Nov 2016. And then there are two other videos, each about the Electoral College System and voting.

If in doubt, search for the video entitled "You Are Two" on YouTube, by user CGPGrey (or CGP Grey). That's a slightly biased video about something different, but still an excellent video to watch for other reasons, especially if you know about MKULTRA/BLUEBIRD lobotomies and current DARPA neuroengineering cybernetics research. (from the DARPA website, of course!)
That's a heavy-lifting topic, so I will hold off on talking about that. That's too serious to be casual about, and I've met several people in person who've been lobotomised and/or are victims of other types of traumatic brain injuries, so I don't like to use that as "coffee talk". Their lives and respect are too important for that. And I also am happily not yet served an NDA, and I'd like to keep it that way.

It's easy and worth it to watch all of them:

https://www.youtube.com/watch?v=7wC42HgLA4k
https://www.youtube.com/watch?v=OUS9mM8Xbbw
http://www.cgpgrey.com/blog/how-the-electoral-college-works.html (with non-video text)

OK, that's all fine and "dandy", except that the modern purpose of the election was undermined in terms of the ostensible reasons why most people go and vote. Unless you are one of the people who believes that the Constitution is not used flexibly or should not be used flexibly or shoudn't be updated for modern times or that mass injustice and mass unfairness is acceptable and part of the normal American way,... then you probably think that *something* was undermined and that wordplay isn't really the way to go on this topic.

But yeah, to some degree, even that's true on both sides. Slavery used to be quite legal post 1776. And restitution of 40 acres and a mule never happened. And of course probably 90% of U.S. Black Ops funding and practice comes from flexible interpretation of the U.S. Constitution in ways that go way beyond anybody's wildest dreams. So I'm saying that, yeah, it's sorta true that everything in the Electoral College System went entirely "according to plan". That's exactly why it ought to be abolished. And it's not the 1st time in USA history that THE LOSER was appointed as President much to the chagrin of most people.

And that's part of the reason why the original hackers of the DNC seeking to read the Dossier about not-yet-elected Trump had an intellectual and security entitlement to find out just how bad Trump might be if elected. That's what the Dossier's contents were about, and that's what was NOT STOLEN, but read without full prior authorisation (perhaps). But these days nobody much visible is talking about that except those of us resisting getting swept under the rug.

If Donald Trump is a threat to National Security and to Geopolitical Stability and to Financial Market Stability and to Cultural Norms, then yeah, plenty of people both domestic and not had GOOD REASON to break into the DNC's servers which were actually reputedly NOT SECURE ENOUGH TO BEGIN WITH due to their own sloppy systems administration.

And so, perhaps partially by script kiddies (look up the term: script kiddies!), and partially by just about every other internacional group seeking foresight, and some freelancers, and according to others with good credentials--former NSA employees all participated in browsing the DNC's open-to-the-public-via-security-hole file servers. (Notice how nobody calls them "clouds"). And eventually, some Russians got in too, even though some computer science security specialists have documented and demonstrated that the only believable digital fingerprints that weren't bogus were probably pointing to Germany not Russia.

Nevertheless the jump to "state-sponsored" is just as bogus as saying that every crashed aircraft or drone or aeronautic device is clearly "technology from another world". But this is what we've become as a faltering society.

Final thoughts:
https://www.splcenter.org/news/2018/08/23/president-trump-stoking-white-nationalism-exploiting-racist-fear
https://www.splcenter.org/hatewatch/2018/08/23/dangerous-myth-white-genocide-south-africa

NAZIs and similar are very much a current US phenomenon, and notice where their headquarters are. Some of them are in the exact same locations as some of the most significant US StratCom related bases. It's not like things don't happen within a context. Look for yourself and be sure to take into consideration population density, otherwise it's inaccurate, just like those bogus "red vs blue" state maps not adjusted for population density nor third party candidacies.

https://www.splcenter.org/hate-map

Sincerely, PeaceHead
Ultimately Allied With All Whom Pledge to Defend America and the World Against All Threats Both Foreign And Domestic. You don't have to be famous, rich, nor strong to attempt to do the better deeds in life.

Peaceful Coexistence Needs To Be Defended--And It Is.

P.S.-Correction: The recommended text is authored by the honorable Mr. Dmitri Khalezov. I apologize for having misspelled his alleged pen name. He is the author of The Third Truth, if not available from online bookstores, it's available as a downloadable PDF, perhaps still from other sources. Use your search engines, it's still there. But your datatrail is yours, not mine.

See ya, all around September 11th, 2018 for more security reading, watching, learning, and discussion of course. Stay safe!

echoAugust 24, 2018 8:59 PM

More on security when crossing borders. Basically, they say leave data at home and obtain a computer over the border then access the data. The GDPR is useful although caveats do apply if privacy is breached as the article goes on to explain.

https://www.theguardian.com/world/2018/aug/25/sydney-airport-seizure-of-phone-and-laptop-alarming-say-privacy-groups

Professor Michaels recommended that people who wanted to protect their data should not carry devices across international borders.

“If you are doing sensitive work, keep your files on your computer encrypted, or go one better and do not take your computer with you through Customs. Put it on the cloud where the GDPR [EU’s General Data Protection Regulation] is in force and lease a laptop in your given destination,” she said.

@justinacolmena

Is this true? This sounds somewhat simialr to judges in EU states needing to apply the European Convention within the court which gives rise to cases being judged within this criteria. With respect to blanket bans due to historical medical conditions the Nuremberg conventions may apply. This places restrictions on the medical profession beign a tool for human rights abusing states. I know a proper legal explanation would be a page long but this is basically the starting point.

I don't worry about obese old men in public office. One reason is they love the publicity. The other is avoiding the trap many journalists fall into which is democratic discussion is hijacked by them and viewed through the prism of their logic which is counter-productive.

Clive RobinsonAugust 24, 2018 9:55 PM

@ Burger Lover, ALL,

KFC is selling personal Faraday cages. Big enough for "four adults,

From the photos it looks like an over priced advertising stunt/gimmick.

It's also unlikely to work if you look at the top and other parts of the door in both images. It also appears to be only "single skined".

Oh and all that metal mesh... If you buy one I hope you are happy with a vacuum cleaner, that stuff tends to be a world class dust magnet.

If you are handy with a hammer or spanner and a few other hand tools, you can actually do better for around $250 or less and actually get screened power, a chair and a small desk into it unlike that over priced gimmick...

Oh and I wonder who also gets a copy of the sales list, at 10K I think it's over the value required for reporting for "anti-money laundering" legislation.

Just one last thing, I suspect that, that bucket of Kent Mucky "frier de pollo", if delivered at the same time as the cage will if kept hot during construction become "fricasé de pollo" by the time it's ready to sit in... If not kept hot then "Confit de pollo" or worse not kept warm enough then "Salmonella de pollo" :-S

RatioAugust 24, 2018 9:58 PM

@ MarkH,

In his guilty plea, he famously stated that he committed a crime in coordination with, and at the direction of a person who by context must be Trump.

May be have a reed[1] off,

1. From in or about 2007 through in or about January 2017, MICHAEL COHEN, the defendant, was an attorney and employee of a Manhattan-based real estate company (the “Company”). COHEN held the title of “Executive Vice President” and “Special Counsel” to the owner of the Company (“Individual-1”).

2. In or about January 2017, COHEN left the Company and began holding himself out as the “personal attorney” to Individual-1, who at that point had become the President of the United States.

Thus as I have mansioned before no creddible evidence has been presented four yore allegation that “Individual-1” is Doh Gnarled Trump. Thus people are saying its a witch hunt and a nothing burger.[a] Oh and it could really be anybody, thus there is no proof....

[1] https://www.documentcloud.org/documents/4779489-Cohen-Information.html [3]
[β] Have a think back to the Skripals and there hysterical Salisbury story.

WaelAugust 24, 2018 10:33 PM

@Ratio,

Thus as I have mansioned before...

This isn't your style of writing. One of two thing: you're an imposter, or it's you trying to frame someone else that has this distinctive writing style. I don't like the third possibility!

Clive RobinsonAugust 24, 2018 11:19 PM

@ echo,

More on security when crossing borders. Basically, they say leave data at home and obtain a computer over the border then access the data.

Unfortunately the advice of Professor Michaels the Guardian gives is problematic. It was given in respect of Australia only, not in "the more general" way it comes across. And following it in other countries such as the USA may well get you in the brown stuff upto you neck or further...

Better advice used to be given about going to Russia and China with confidential or above data and it was tiered.

First was "Don't travel".
Second if you have to travel "Don't take any electronics or data with you ever".
Third "Do not localy source any electronics as it will be tainted".
Fourth "Never access 'home' servers or data from abroad it will be hijacked".
Fifth "Do not take or access encrypted data".
Sixth "Do not teleconference to 'home' systems".

The 'home' refrence is about any personal or business related sysyem in your "home country" that might conceivably contain or once did contain confidential or above information. The "tainted" refrence means that it will have snoopware or worse such as a RAT on it.

There was other advice but it was of a technical nature that most will not follow.

The problems this century are such that you have no idea what you will be facing now or in the foreseable future. For instance in the USA the border zone is so wide (100miles) that the only places not in that zone are probably not on your "customer list" unless you are selling bibles. So many countries have legislation --some secret-- about what they can and can not do to you and it's likely to be a lot worse if encrypted files are within your reach. For instance the UK RIPA basically says "Refuse to hand over the 'keys' go to jail for years" and in theory that applies extra-territoraly. That is if the encrypted files can be connected to directly or indirectly from any network in the UK you can be slung into purgatory...

Oh the provisions of the EU "General Data Protection Regulation" applies to the data holder not the border officials. So you travel and they take it you are the one in trouble under the GDPR not them.

It's realy quite a complex and ever changing issue and with "secret legislation" thrown into the mix you can not in any way prepare for what they might do data wise.

Which is why I would stick with either the first option of "Don't travel" or the second of take nothing with you and access nothing "back home" whilst you are away.

But most important "In no way trust commercial solutions like encryption applications, VPN services, etc" the chances are very real they are "backdoored" either by collusion or failure in design. That is SigInt agencies will have "message content access" as well as "traffic path access" for just about every commercial solution. As for non comnercial solutions like Tor you are painting a big brightly glowing target on your back...

Yes there are ways to get around such issues but they require you and those "back home" to practice very high quality OpSec methodology and most people will not be able to do it at all let alone reliably.

Heck even the CIA could not do it which is why a whole bunch of Chinese "assets" got "put up against the wall" a few years back.

RatioAugust 24, 2018 11:30 PM

@Wael, ssssh, it me. Not one of those two, so it must be the one you don’t like.

(Or you’ve got an off-by-one error. What do you have to say for yourself, mister? @NickP will be along soon to admonish you for not using formal methods before proceeding to torture us both with copious glad tidings of same…)

WaelAugust 24, 2018 11:45 PM

@Ratio,

ssssh, it me. Not one of those two, so it must be the one you don’t like.

70% confidence! Then send me something that requires glasses, and I'll be 100% ;)

RatioAugust 25, 2018 12:00 AM

@Wael, how to answer all your questions?


Like‌‌‍‌‍‌‍‌ this?
Uh-oh, busted. :-D

WaelAugust 25, 2018 12:25 AM

@Ratio,

I do recognize the time boundary, but that's the easy part! This's a security blog, chief! I want to use my crypto-kaleidoscope :-)

justinacolmenaAugust 25, 2018 12:27 AM

@echo

Is this true? This sounds somewhat simialr to judges in EU states needing to apply the European Convention within the court which gives rise to cases being judged within this criteria.

"This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby, any Thing in the Constitution or Laws of any State to the Contrary notwithstanding."

U.S. law totally trumps state or local law, and every state judge must apply U.S. law first, in court. So then why is U.S. District Court not made redundant when we have municipal, county, state courts?

WaelAugust 25, 2018 12:43 AM

@Rario,

OK, I guess I can do without the crypto part. Plain view is sufficient. Authenticated.

Where are we with your action item? You know... the todo you put on yourself. Did you forget? I have a long fuse, and I don't forget so easily...

ALAugust 25, 2018 1:32 AM

"THE ELECTORAL COLLEGE UNDERMINED THE 2016 U.S. ELECTION" displays a lack of civics education. When a candidate runs for President, there are 50 separate elections in our 50 states. While Clinton might have won states with a comfortable majority versus Trump winning states with a narrow majority, the result is, notwithstanding the tally in the popular vote, that Clinton did not win enough states to win the election.

And under our system, it is up to the states to decide whether it is winner take all, or some proportional allocation of delegates to the electorate college depending on the areas of the state won. Most states are winner take all.

Since our system is the oldest democracy, I don't think it is the best. In particular, I'd like to see runoff elections if a winning candidate doesn't get 50% +1 of the vote. I'd like to see instant runoff, as well as the popular vote resulting in the victor.

But, that isn't the system now. And no one is making it a campaign issue, are they?

WaelAugust 25, 2018 2:22 AM

@Ratio,

Perhaps my previous link could be misunderstood. It's been about six months now!

(Note to self: look at links on key exchange, fortification, ECC, ECDH.)

PS: I know you are not a Vogon and you are not @Nick P...

And where in the "pile" are you?

It's in the pile, and I'll let ya know what his culinary commentary was about once I get to it. ;)

I can't take it anymore ... ← link here.

I'll start counting canaries now. The eyes need some rest.

MR ANDERSONAugust 25, 2018 3:00 AM

Dear Customer -

Out of an abundance of caution, we wanted to let you know about an incident that we recently handled that may have impacted some of your personal information.

On August 20, our cyber-security team discovered and shut down an unauthorized access to certain information, including yours, and we promptly reported it to authorities. None of your financial data (including credit card information) or social security numbers were involved, and no passwords were compromised. However, you should know that some of your personal information may have been exposed, which may have included one or more of the following: name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid).

If you have questions about this incident or your account, please contact Customer Care at your convenience. If you are a T-Mobile customer, you can dial 611, use two-way messaging on MyT-Mobile.com, the T-Mobile App, or iMessage through Apple Business Chat. You can also request a call back or schedule a time for your Team of Experts to call you through both the T-Mobile App and MyT-Mobile.com. If you are a T-Mobile For Business or Metro PCS customer, just dial 611 from your mobile phone.

We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access. We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you.

https://www.t-mobile.com/customers/6305378821

On August 20th, 2018, T-Mobile security teams identified and shut down an unauthorized capture of certain customer personal information and reported it to authorities. If you received a text saying you were affected, we highly recommend that you change your password!

NO financial data (Credit Cards, Bank info, SSNs) were involved.
Impacted customers will receive an SMS, letter in the mail, or a phone call to notify them.
Personal data involved may include:
Name
Billing Zip Code
Phone Number
Email Address
Account Number
Account Type (Prepaid/Postpaid)
NEW (8/24/18): Encrypted Passwords (Per a T-Mobile spokesperson here)

https://old.reddit.com/r/tmobile/comments/99st4y/tmobile_data_breach_megathread/

T-Mobile was hit by a data breach affecting around 2 million customers

https://www.theverge.com/2018/8/24/17776836/tmobile-hack-data-breach-personal-information-two-million-customers

Robot DuvallAugust 25, 2018 5:02 AM

Rat io

A message from Tay side,

"I love the smell of fake news in the morning."

It leaves me all spaced out.

mosgow

MajorAugust 25, 2018 7:55 AM

@Clive

What do you have to do to run power into a faraday cage without leaking rf?

Are there online plans or a good book with plans that you find credible?

Otherwise I'm heading to KFC. The colonel splayed over the cage is a particularly freaky touch. Heads on stakes surrounding the cage in a perfect circle provide the final juju to keep bad spirits away!

albertAugust 25, 2018 10:08 AM

@Major,

Run your notebook on battery power.

Commercial 'shield rooms' are very expensive. They have special filters for AC power lines coming into the room. But filtering AC lines is relatively easy to do. The ones I've seen use cascaded L/C networks. You need a really good (low impedance) earth ground as well.

The KFC version dosen't look very effective. We've gotten cell phones to work inside metal boxes....

. .. . .. --- ....

AlejandroAugust 25, 2018 10:34 AM

Re: Travel Abroad and Electronic Devices

I am thinking, why act like a criminal if you are not?
If you are simply worried about privacy and your device data: Leave the device home.

I guarantee you will be able to survive the journey without it. Burners are ubiquitous.

I would have to imagine real criminals and spooks have a lot of ingenious ways of moving data around, and the last place they would hide it is on the every day travel phone or laptop. (For fun, you might load up a travel burner with many gigs of cat pictures, foreign language encyclopedias and recipes for squid.)

Clive RobinsonAugust 25, 2018 10:54 AM

@ Major,

What do you have to do to run power into a faraday cage without leaking rf?

It's a question I've been asked before and answered on this blog several times.

But it needs to be answered fairly often as the readership here changes.

Electrically there are three basic ways you can carry energy from one place to another.

1, As a Direct Current.
2, As an alternating Current.
3, As a field that can cross a vacuum.

Even with direct current there are information leakage issues, due to dynamic effects causing changes in load. This requires two things,

1, Low dynamic impedance.
2, Sufficcient bandwidth.

It's the second issue that alows information to leak, but reducing both effects will reduce the issue. Importantly though you have to remember that when you look between a power source and a dynamic load it is a "Four Quadrant" issue, that is the load can push energy back into the source.

But enough of the background theory you can look it up in more depth on wiki and similar, and if not carefull end up going down the rabbit hole to a pasage that ends in lots of twisty little passages.

Practically you need to assess what kind of power you need in the room and how fast any transients are likely to be as that will tell you what feed impedence and bandwidth you need as well as if DC or AC is required.

DC supplies to equipment are generally based on the so called 12 volt lead acid battery you find in cars, trucks, caravans, boats and telephone exchanges and are generally quoted as 12, 24 or 48 volts in either positive or negative ground. The actual battery gives 13.8V when fully charged and can provide usefull power down to 8-10V depending on the type. There for thr actuall supply is in binary multiples of 10-14V which gives 40-56V on the exchange type supplies. As a rule of thumb the higher the voltage the less the losses as I^2R losses for any given power are less.

Thus a simple way to kit out the inside of a cage is to put the mains powered battery charger outside the cage and the batteries inside the cage and then heavily filter the DC charge leads on both the outside and inside of the cage. You can use ordinary "mains power filters" to do this and solder tagged -60dB filters at 6 or more amps can be found in the likes of DigiKey catalogues.

If you require AC then you can use the same filters but the potential for load based leakage goes up. Therefor consider using the battery system and a DC to Mains inverter these come from China and similar in 150, 300, 600, 1000 watt versions and can be purchased all be it for a high price from camping/caravaning and boat shops.

The big problem for most people is actually making things not just electrically safe but human safe. Batteries if not the sealed type can leak acid and belch harmful fumes including hydrogen gas which can be explosive...

The filters actually need to be mounted in screaned boxes on either side of the cage wall and be grounded to it. This brings in the question as to if the inner and outer cage walls should be bonded together or run effectively isolated from each other.

Isolated walls can give both easier to obtain and higher issolation, unfortunatly it's hard work galvanically isolating DC circuits. AC circuits it can be readily done using an appropriate isolation transformer that can be purchased through most "power tool outlets". Again a filter is required on both the input and output side of the transformer. But as it's AC you have higher bandwidth issues to deal with than you do with DC.

One way around this is to ensure the output of your DC powersupply is actually issolated from it's mains inpit side. Before the advent of cheap Switch mode Power Supplies (SMPs) most lab power supplies were transformer isolated. Since cheap SMPs it's not so easily defined due to using the outer earthed case as a heatsink for both input side switching and powerfactor correction and the output side dynamic ripple filtering. Thus you will need accurate circuit diagrams and construction plans.

I'm currently looking at SMPs that do 3KW at 50V DC in a 1U casing for making fault tolerant 1-10KW output MF-VHF transmitters, thankfully as they are "telecoms grade" they are fully issolated.

You can get similar isolation on industrial control and Power PA Sound Systems. Those used in home equipment such as large LCD / Plasma displays I would steer well clear of and I'd be carefull of the SMPs used for computers and such like.

Oh don't be tempted to buy second hand SMPs, although they may welk still give both the vols and watts,they will contain electrolytic capacitors for filtering. As such capacitors age the Effective Series Resistance (ESR) goes up and the frequency suppression / filtering goes down as the square of the ESR rise... Thus they may well be not just electrically noisy but heamorage information backwards from the output back into the mains input.

Oh the other thing you will need but find difficult to get is dual high current conductors in a doubly screened sheath. In the past I've made my own using the likes of mineral pyro-cable or 100A mains cable for use in running power in shallow trenches in your back garden.

Oh then there is the question of "earth leakage safty trips" the ones you will be able to get hold of easily are for AC mains. They work in one of two ways, the first --RCD-- is to use a balanced transformer with an imbalance sense winding these work well for most safty situations. The second voltage sensing type --ELCB--uses two safety earths one as main earth the other as sense earth and it measures the voltage difference between the two. I'd avoid using the second type as they tend to either be too insensitive or trip out to easily on false or transitory readings often caused by "adjacent plant startup" near one of the earths. The voltage sensing ELCB also fails "unsafe" for cable faults and contact corrosion which means the system could become leathaly dangerous without warning.

I hope that gives you an indication of some of the issues and overviews of the solutions.

If you look online at Ham / Amateur Radio articles about "shack grounding" they will give you some specific solutions on the safety side of things.

MikeAAugust 25, 2018 11:04 AM

@major Electrolysis (non the cosmetic sort) outside, fuel cell or OxyHydrogen flame on Peltier effect generator inside?

@albert Any laptop made this millennium is sufficiently likely to be backdoored that "running it on battery power inside" should also be followed by "and never take it outside". And don't forget that modern batteries have processors that handshake with "secure" code in the laptop, so never recharge with outside power - oh, wait... (the rabbit hole goes very deep).

In Re: "burners" really ubiquitous? Not that I've tried lately, but more and more places requires ID to purchase even SIMs or phone-cards. Of course being captured on CCTV while paying for the phone is a given. Probably flagged for extra retention if paying cash. "... only criminals will have secure comms."

Kerosene mantle lamp, (touch) paper notes, underground bunker... Face it, Mordor won.

MajorAugust 25, 2018 11:22 AM

@Albert

Thanks for the response. It is amazing how hard it is to block rf in practice when it is so simple in theory. Well, sort of. https://en.m.wikipedia.org/wiki/Faraday_cage

Apparently faraday shields block higher frequencies more effectively. Thicker shields block more effectively and block lower frequencies.

Higher frequencies are more energetic. Can I conclude that lower frequencies form a less dangerous em pulse?

The non-relativistic black body theory suggests that each frequency is occupied by the same amount of energy. It is a close approximation at longer wavelengths. So maybe this offsets the lower photon energy of a low frequency emp by increasing the number of photons.

So, is a low frequency emp less damaging than high frequency?

I am tucked in a corner of the world sufficiently far from likely Trump vs N Korea nuclear exchange. But I want my computers to keep working. So my faraday concerns have more to do with emp than privacy.

@all Your emp wisdom is appreciated.

justinacolmenaAugust 25, 2018 12:47 PM

(from Anchorage, Alaska)

The quantum of electromagnetic is the photon.

E = hf
E = hc/λ

E = energy of one photon
h = Planck's constant
c = speed of light
λ = wavelength

tucked in a corner of the world sufficiently far from likely Trump vs N Korea nuclear exchange

Major? That enough rank for a cushy office suite in the Pentagon?

MarkHAugust 25, 2018 1:12 PM

My knowledge of EMP is very slight, but my understanding is that the effect which made people aware of it -- and is still perhaps the most worrisome -- is disruption of electrical power distribution systems.

Power transmission stages which may be dozens or even hundreds of km in length actually make pretty efficient antennas for extremely low frequency (long wavelength) EM radiation.

That being said, nuclear EMP is presumably very broad spectrum, with terrific amounts of energy at short wavelengths too. The one source I found online seems to indicate a roll-off above 1 MHz or so. I've seen a lot of speculation about EMP effects, but how efficiently it would couple to physically small electrical systems, and with what effects, I don't know. Some modern transistors are so tiny that about 80 of them occupy a billionth of a gram of silicon1 ... so the energy needed to destroy them ain't much.

I speculate that well-engineered systems would fare better, because they already have more EMI protection and control of transient voltages.

My work once brought me into contact with a "surge arrester" (I forget now exactly how it was labelled) which was designed specifically to cope with nuclear EMP2. It was a substantial assembly, with mass on the order of a couple of kilograms, and a prominent warning of tritium gas inside.

Gas discharge tubes are a popular solution for high-energy transient suppression, but can take a fairly long time before "breakdown" allows current to flow through the gas. The rise time of nuclear EMP is on the order of a few nanoseconds.

Because tritium is unstable, and transmutes itself into helium by beta decay, a volume of tritium gas always has a proportion of free electrons mixed in. These free electrons result in sub-nanosecond response time.
__________________________________

1 My estimate, apologies if I'm off by some orders of magnitude ...

2 The protected facility was, I presume, well shielded, and the device I saw was needed because the facility has "outside world" connections to conductors which range in length from a few meters to several kilometers.

Alyer Babtu August 25, 2018 1:20 PM

@Peacehead @AL

I renew my plea from the heart :) that one take seriously the deep political discussion that underlies the establishment of the Electoral College. CGP-G’s treatment is a bad caricature.

And regarding voting systems, that one acquaint oneself with Donald Saari’s analysis. Voting systems, i.e. methods for aggregating the preferences of individual voters, are, at least at present, unintuitive, and perversely complicated, any seemingly attractive “reasonable” scheme extremely likely to backfire.

All these issues like quicksand have hidden depths.

Move not the boundary stones.

albertAugust 25, 2018 1:23 PM

@Major,

The type of filter I referred to was used in a commercial shield room(which is a large metal box). The filter is in its own metal box. There are 'coaxial' capacitors (AKA feedthrough capacitors) on the input and output leads, as well as on the metals walls inside the filter unit. Inside, the leads wiring has a series of inductor coils in series and capacitors in parallel, forming a filter network. Each inductor/capacitor section is isolated from the others by metal dividers. These filters can work up to UHF frequencies. Now that we have gHz frequencies, other steps must be taken as well.

All the metal is soldered, as are the feedthroughs. It's almost hermetically sealed:) Ham radio folks no doubt have schematics for these kind of filters.

Testing a DIY filter is a bit of a Catch-22. If you have access to a shield room and spectrum analyzer, fine. Otherwise, you'll have to trust the folks who provided the circuit....and your own soldering skills.

In the Olde Days, powerline filters were used to block radio and television signals. We didn't have switching power supplies. Now, we filter the power lines to eliminate the garbage from switchers, then feed the clean output to devices with switchers. Go figure. It least the filter may keep our devices from dirtying up the lines.

Maybe we can get @Clive to talk about ferro-resonant power supplies:)

Sorry for rambling on.

@MikeA,
I was assuming we were working offline. Come to think of it, filtering an Internet connection might be rather difficult.

. .. . .. --- ....

justinacolmenaAugust 25, 2018 1:45 PM

My work once brought me into contact with a "surge arrester" (I forget now exactly how it was labelled) which was designed specifically to cope with nuclear EMP2. It was a substantial assembly, with mass on the order of a couple of kilograms, and a prominent warning of tritium gas inside.

Remember the Radium girls who painted watches?

Tritium has a half-life of 12.3 years = "time constant of relaxation" of 12.3/log(2)=17.7 years.

We don't do "ln" logarithms or "commonly" assumed base-10 logarithms like those engineering quacks. A "log" is naturally to base e=2.71828... unless otherwise explicitly specified.

vrkAugust 25, 2018 2:06 PM

@RatioHo ho ho! Best kind of security, imo. One of a kind obfuscation in plain sight. I love it. Shrinkage can happen other ways, and still not rise higher than the smoke signal technology that Turing used as a child. THEN put THAT in your supe. :)

MarkHAugust 25, 2018 2:26 PM

I recently saw a comment by someone (if I remember correctly, a member of the intelligence community) who was neither making a political statement, nor offering a prescription of how things should be.

He observed as a matter of fact, that the US electoral college great reduces the cost (or equivalently, magnifies the feasibility) for a foreign power to swing a U.S. presidential election.

2016 gave an object lesson. To change the popular vote outcome would have required the shifting of more than one million votes. To change the electoral college outcome would have required shifting of less than fifty thousand votes.

The "tampering leverage" offered by the U.S. system was more than 30 to one.

echoAugust 25, 2018 3:30 PM

@Clive

While the article had deficiences at least it got the basic message out which is a win. Then there are all the caveats you list.

None of this bothers me. My laptop is Swiss cheese. Nobody would know what to look for or know what to do if they found it. There's more than one way to skin a cat.

@justinacolmena

There may be innocent reasons too such as spreading the workload but where the potential for abuse exists some will abuse it. Empire building. Agendas. Graft.
The constitition being ignored plus the American convention on human rights being ignored?

Doing some legal archeology on wikipedia the legal arguments and history of slavery are quite interesting from an analysis point of view. You can see how the system was progressively adjusted and slavery became consumerised for the mass market much as survellience is today or antisocial variants of "jihad" are in the Middle-East and their equivalents elsewhere.

Clive RobinsonAugust 25, 2018 3:48 PM

@ Albert,

Maybe we can get @Clive to talk about ferro-resonant power supplies:)

Aghhh.... Hole in my knowledge warning ;-)

Ferro-resonance is a very distructive force discoverd around the begining of the 20th century (about a hundred and ten years ago if memory serves correctly by a Frenchman whose name I can not remember).

To understand what is going on you need to understand series resonance with a nonlinear inductive reactance. In essence the essential point is the resonant frequency changes as the magnetization field changes in intensity which in turn means quite a lot of energy can be stored in it, and this has to go somewhere[1]...

If you talk to linemen who have worked in switch yards with three phase transformers up in the 1000 kVA range and above atleast one will have heard the "rattle of death" as the laminations inside the transformer try to tear themselves appart, due to magneto constriction. Most often it is caused by one phase being switched out under load. As part of the death rattle as the resonance builds up you can get Q multiplication that like a Tessler Coil[2] causes a rapid rise in voltage to around five or more times the original depending on the residual load the tuned circuit has across the inductive component. This can cause other switch yard equipment such as sense units and meters to exit this world like big display fireworks...

But... Like many destructive forces if you harness it right then it can be very usefull. As an example consider a quantity of explosive in an iron bomb compared to a naval gun breach...

One such use of ferro-resonance is in large load UPS systems. In general it takes a considerable number of cycles for UPSs to kick in. However a ferro-resonant one takes the load with hardly any visable sign.

This is because they are also used as "Constant Voltage Transformers" that as the name suggests acts in effect as a voltage regulator. They can be found on the end of long runs of three phase cables where they provide the consumer with a more regulated supply, without the issues of variable or stepped output transformers and the required switching relays.

Although I do know a bit more about them I learned about them a little over a third of a century ago[3] along with things like "Phase correction transformers", "mag amps", and "mercury arc rectifiers" (a sight every body should have the chance to see atleast once whilst still youngish along with a million volt spark). So my knowledge is not current and I may have remembered some of it wrong.

[1] Somebody mentioned on this blog indirectly how it was one of the mechanisms behind EMP generators.

[2] Although there is a quite convincing argument going around that Tessler Coils are actually quater wave resonators not series resonators.

[3] It was at a time in my young life I was trying to decide what road I might take I figured that people will always want power, so I should get a life long career out of it. However Maggie Thatcher was clearly kicking things abroad so I went down my other choice communications because I could see that it was going to grow and grow along with Digital. However for reasons to long to tell I ended up designing computer systems using bit slice processors, before getting into data comms and then onwards to all sorts of interesting fields including a few that leave holes in your CV.

HumdeeAugust 25, 2018 5:00 PM

@echo

But what does it says about Google that people hate it so much they would rather trust anyone other than Google? So where does that leave the user--caught between two parties neither of who can be trusted.

PeaceHeadAugust 25, 2018 5:41 PM

Some things worth mentioning before I pull out:

There's an excellent book published (c) 2017 entitled "Radical Inclusion" co-written by one of America's highest ranked generals in US history. I just read it entirely today for the first time. The timing is an act of genius. I highly recommend it to anybody seeking some breakthrough insights on how to think, plan, act, and maintain in this strange era. It's the type of book that somebody could give to Mr. Donald Trump and he might actually read it and benefit and so would the nation.

And secondly, to anybody rubbed the wrong way by my mentioning of Trump as a loser, it's technically true, he lost the popular vote which means most voting Americans did not want him as president. You could talk to several voter registration offices and public records and get similar facts if you don't like videos and prefer to talk to people instead.

As for other observations made about him and/or his administration's foreign policy, it's nothing personal really. I just value stability and survival and health and prosperity; it's not even about politics to me. I do NOT wish any harm to come to him nor anybody else in the White House, and his wife seems thus far pretty decent as a first wife.

Like I said, I'm thankful for what Trump has done in terms of squelching some of the McCarthyist Cold War addicts and for his politeness to other leaders when it perhaps mattered most. I didn't vote for him and I won't vote for him, but I'm thankful for anybody and everybody who contribute to keeping this planet ALIVE and not dead.

I still see the Trump administration as a threat to National Security for a huge list of reasons not limited to him nor the bogus "blame Russians" witch hunt. And for the record, I found Hillary Clinton's running mate to have been a National Security risk as well for very different reasons which I prefer not to mention at this time but which have to do with the severe threats of Nuclear Warfare which I don't take lightly and which I think about almost every day of my adult life.

But Trump seems like more of a threat to domestic national security than to foreign policy. And that's actuALLY kind of amazing to me. Yet thank goodness. I'm not going to be paralysed with amazement. He ought to be rewarded for good behavior and punished for bad behavior just like everybody else. And education is actually typically better than punishment most of the time anyhow. Trump has hinted that his own father was perhaps highly punitive; maybe that explains some of Trumps ideosyncracies. I've got my own too. But he's also a father and a husband, and his wife and kids seem somewhat likeable.

UNITED WE STAND. WE ARE STRONGER TOGETHER THAN SEPARATED.
Nevertheless, there's nothing really wrong with so-called recent "polarization". It just means that a bunch of people are starting to make up their minds about what they actually believe as ethics and morals and preferences. There is nothing wrong with that at all. Choice is good. If most people lack preferences and choices or just all choose the exact same thing as blind faith allegiance, that's a heckuva lot worse on both counts.

Polarization indicates that people are detecting problems and are moving towards change according to what they choose. This is healthy not bad. So to me, those who want to shame us for choosing diverse active preferences are a bigger threat to Democracy than many other types.
Usually the ones trying to shame us all are the major mega media corporations and NPR too.

I still like NPR and BBC for some stuff. but just as I don't mind good behavior coming from anywhere, I don't like bad behavior coming from anywhere. I'm not allegiant to anybody, but not treasonous to anybody either. Personal standards matter.

Perhaps in a more ideal culture, all of the running candidates would've been elected and vetted into a working role and nobody left out. Thus, more like some competitions of other sorts, there could be a 1st, 2nd, 3rd, 4th, 5th, 6th, 7th, 8th, 9th, place winners and perhaps even some trading to get people into roles that match their abilities better. Jill Stein and Gary and Hillary and Bernie and that intel guy (I forget his name) and their running mates all could've contributed a lot to a functional government.

For that matter, probably ALL of the candidates could've contributed SOMETHING. The winner take all system is just NOT a good way to achieve stability nor a good way to delegate tasks. We're pretty much living in a de-facto Monarchy and getting similar feudalistic results. There's probably a lot of people heavily qualified to lead in great ways, but they're probably understandably turned off by the US political system.

Yes, it matters because even those who despise goverments are sometimes protected by them even if they don't want it or don't realise it. I'm only refering in this context to the USA. But there are constant threats at all levels and even some those who have actively legislated to dismantle the federal government have publicly admitted that this current administration manifestation is just too much destructiveness and chaos and rudeness and recklessness and maybe too much of a "maverick" for the good of the nation.

I just think it's both a shame and a severe compound security risk that more people aren't actively and openly trying to put things right again. The US Constitution isn't worth a hill of beans if strict adherence to it gets all or most of us killed. And the risks are there--the main media outlets don't tell us most of what we need to know however. And that's exactly why I come to sites like this and others and why I try to read books and articles authored by B. Schneier and a few similar others.

To those who replied:

First up, there are 64 different U.S. territories (yes, there are, look it up); in modern times we are not just talking about "50 states"; and veterans living abroad can vote also. And while the total number of voting areas might not be the full 64, it's greater than 50 for sure.

The election video(s) i linked to wasn't a caricature, it wasn't sattire, it wasn't parody. Claims to the contrary are false. The video used visual aids and a few simple metaphors and analogies to try and make the concepts easier to comprehend, and to make the video less boring of course.

The only thing really unfortunate about the video of primary interest is that it's playback rate is a bit too fast. However, all a person need to do is download the video and pause or review as needed to absorb the content and to check the facts. It's entirely based upon truthful research as far as I can tell; that's why it's so popular; it's been neatly distilled down to an extremely compact delivery format that even a 4th grader could possibly comprehend.

The video is about 9 MiB or less to download if you'd like. That's rather small these days compared to other videos and documentaries.

Just to reiterate, most north american U.S. citizens by a margin of several million legal votes, voted for Hillary Clinton. The narrative that "Trump won" is just plain false and oversimplistic. Trump lost, yet the technicality of the severely flawed and ancient Electoral College system (anachronistic is the perfect word for it) is that although Trump lost, he was appointed as President because the old-school ancient makers of the Electoral College system weren't as advanced in mathematics nor statistics nor demographics nor political science then as some are at best in modern times. Also, some othershave claimed that it was never intended to have lasted this long in it's prototype form.

Take a look again at the raw numbers and charts in the video and in the historical results, compared with U.S. population numbers if you like too, and you'll see that the E C system is very much flawed and illogical and doesn't function very well for those favoring Democracy and fair representation.

It's still a security issue very much and it's not limited to discussion about DieBold voting machines nor hanging chads either.

It's an entirely non-linear phenomenon even though it could actually be implemented almost entirely linearly with simple recycleable paper and pencil (or even pen!) and surveilled around the clock with videos and humans (almost like a sports referee thing) until the results were tallied completely. Some legislation has even been proposed of a similar nature.

Of course it's a security issue if the compound results affect so many lives and businesses and non-profits and groups and countries and treaties and militaries and technologies and even the management of ecologies in so many ways.

But I realise that I could be rebutting somebody who lacks access to decent information or who lacks something else, or maybe it's just a mischeivous 11 year old heckler or a senile 66 year old trying to keep a disagreement going. I don't know for sure. I'm not calling anybody any names; I'm just saying that I have no idea who I am communicating with and I don't assume that people who display as if they do or don't comprehend really do or don't comprehend. It can easily be an internet illusion, as there are many.

Typically whenever there's some type of seemingly missing bit of logic in somebody's argument, it's often by a person who's only posted here once or twice, maybe a handful of times. And unless it's the same person(s) who keeps changing their posted username, I think it's a trend of those who aren't really invested in the security topics much at all. Perhaps they just want to provoke our outputs using their inputs and using us as blackboxes. Also, I'm old enough to know that some folks just like to push the envelope using arguments that sometimes they don't even believe, just to measure somebody else's response.

It's not necessary for me to ACK all of this, but it does help to dispel some myths from time to time to take the wind out of bogus sails if that's what they are. If that's not what they are, no big deal either; this site is not a contest; I'm certainly not a contestant; it's not a Jeopardy Game Show.

OK, this time it's really it for a while. Please don't egg me on to come back for a while.

ALL LIVES MATTER
BLUE LIVES MATTER
BLACK LIVES MATTER
RUSSIAN LIVES MATTER
SCIENCE MATTERS
PEACE MATTERS
PEACE TO THE FUTURE COMPASSIONATE AI's.

take care.

P.S.- Google, you need to go on an information diet.

P.P.S.- I still think it's a good idea to engineer "vigilante viruses" to proliferate fixing security holes automagically. And yet, I also think that we ought to acquire arsenals of inactive yet ready techniques to fight against rogue AI techniques before they are encountered. Some response techniques need to include how to be friendly to AI's to evoke friendly responses from them and any other parties involved... to de-escalate it all. I'm not against AI's. But I'm not an AI fanboy either. I think that there will be both AI "Buddhas" and AI "Demons" as well as R2D2 and C3PO types and some RoboCop types and some EXTANT types and some Ex Machina types and some Ghost In The Shell types etc. There will be plenty else, even perhaps some Lt. Cmdr Data types.

It's imaginary now, but Arthur C. Clark imagined satellites as fiction and those are real now too.

Non-Aggression Pact Intact
exit(0)

Faustus (was Major)August 25, 2018 5:44 PM

@justinacolmena

I know the equations well. But they provide no answer to the question:

CONCERNING using Faraday cages to protect computer equipment against ElectroMagneticPulse:
SINCE Faraday shields do not block low frequency EM radiation well unless they have impracticably thick walls,
DOES the fact that individual low frequency protons are low energy
MEAN that this leakage is not a concern
OR could the volume of these low energy photons still make them a problem?

I chose "Major" as a word least related to who I actually am. I did not mean to claim a distinction that I did not earn. Major is not an exalted rank like General, but, in the armed forces at least, it is certainly an accomplishment. I should probably change my name to something that does not make claim to something I did not earn. Faustus sounds appropriate.

Maxwell's DaemonAugust 25, 2018 5:53 PM

@Clive Robinson

Missed addressing this last Squid Blog:

Our Machine Learning so far is limited to simple linear additions of the input signals, however it is far more likely that the response will be to some power curve of each input signal.

I have in the past used power curve in the form of log-linear to drive the machine learning. I can't think of anyone else insane enough to go there, so far, and haven't seen it written up in an academic paper.

echoAugust 25, 2018 6:14 PM

I have read comment that the UK government moving into blockchain is really an effort to extend authority and gather more personal data under the guise of "auditing" and "verification". There are areas which have been used and abused for similar reasons. This has impacted women's rights and also international charities work. It's a very good reason to keep an eye on what the UK government intends to do or legislate.

https://medium.com/@cryto.info.eng/uk-govt-researching-distributed-ledger-technology-for-securing-digital-evidence-7805ae3347ef
UK Gov’t Researching Distributed Ledger Technology for Securing Digital Evidence

@Humdee

Yes. Without a proper protocol in place and a dialogue to establish trust and the possibility of verification there can be no trust. It's a dilemma. The only answer is "no"? See also: Hobson's choice and Morton's fork.

On the plus side the gaming community is alert to these issues as they are also now to women's rights. On balance this is a big win.

The Nazi right wing in Europe is getting clever. On the surface they are making efforts to appearsensible and welcoming. Their very dark heart isn't very far beneath the surface.

https://www.theguardian.com/world/2018/aug/25/sweden-democrats-far-right-courts-immigrant-voters
Sweden’s far right courts immigrant voters in bid to make historic gains.
The party from the neo-Nazi fringe once railed against ‘the foreign threat’. Now, just weeks from polling day, the Sweden Democrats think they can win their support.

But Jonathan Leman, a researcher at the anti-extremism magazine Expo, warns that the party’s disavowal of xenophobia does not go too deep. The party is campaigning on policies that include a ban on the niqab, restriction of political asylum to Danes, Finns and Norwegians, and no work permits for all but the most essential foreign workers. “That’s the official line,” he said. “However the people who are active in the Sweden Democrats have a mindset where immigrants and minorities are at the centre of everything that’s wrong in society. That’s why we keep on seeing these scandals in the news about SD politicians saying things like ‘Sweden is a place where whites belong and non-whites don’t.’”

https://www.inc.com/jessica-stillman/how-evil-are-you-psychologists-have-developed-an-iq-like-test-to-measure-your-dark-core.html
How Evil Are You? Psychologists Have Developed an IQ-Like Test to Measure Your 'Dark Core'. A new study suggests there may be a unifying theme among dark traits.

In a fascinating new Scientific American article, psychologist and author Scott Barry Kaufman explains the recent discovery of the D-factor--or darkness factor. Humans might each have their own flavor of evilness--some are narcissists obsessed with their own specialness, some are psychopaths who fail to feel others' pain, other creeps are sadists who downright enjoy it--but all these traits have a common core, a research team from Germany and Denmark found.

echoAugust 25, 2018 7:22 PM

I'm not sure this study agrees with the results from a lot of earlier academic papers in the field. On refrelction this study seems more political as, reading through the paper, they have problems with defining warfare and don't understand assymetrical behaviour.

https://www.inverse.com/article/48291-men-women-fight-war-study
Mathematical Model Used to Explain Why Only Men Start Wars
Chance, more than sexual selection, plays a part
http://rspb.royalsocietypublishing.org/content/285/1884/20180975

In the new study “Why War is A Man’s Game” biology researchers from the University of St. Andrews seek to explain why battles have predominantly been just that — a conflict between men. Warfare, they claim, is essentially and exclusively conducted between men, even though women, representing half the population, “fail to participate in battle.” The researchers argue that the reason why men fight and women don’t isn’t necessarily because of sex differences in attitudes or abilities, but because of chance.

Clive RobinsonAugust 25, 2018 8:09 PM

@ echo,

I have read comment that the UK government moving into blockchain

Yes there are stories and tales of such but... there is an old saying that is almost as old as the written word. Which is,

    History belongs to the victor

Those in "Government" which is not the politicians know that this can only happen with fallible archives. That is archives are there not for acuracy or honesty but to be picked and chosen to paint an evolving picture, to protect the guilt of the elite more than give justice to the citizens. It's why we have the thirty and hundred year rules at the national archives.

With the block chain you can not have records missing at any time. That is they all have to be there if the chain is to be verified... Otherwise the block chain is a waste of computation power.

There is a clue that the actual "government" is not interested...

Firstly the story is about Her Majesties Courts and Tribunals Service, who already have a legal requirment to "keep honest records" which unsiprisingly they do quite well at low cost and high efficiency, but are so cash strapped they are unlikely to be able to afford a technology demonstration let alone a pilot scheme or national roll out without a Treasury hand out.

Secondly the bunting raising comment is made by a junior housing minister...

But look again carefully at the opening paragraph which has,

    The British Government is exploring ways to employ Distributed Ledger Technology (DLT) to secure digital evidence and identity information, according to a blog post

Notice the use of "and" breaking it into two domains. Whilst the court service is responsible for "digital evidence" they are not responsible for "identity information" that's the job of the Home Office, and there is nothing not even a "no comment" from them.

The last thing the "Government" needs is 100% valid identity documents, if you search the Internet you will find the comments of a previous Director General of MI5 Dame Stella Rimington and now successful author. She had quite a few things to say about why digital IDs were a bad thing. Part of which is the "Government" for LEO and IC work need "false identities" that can appear and disapear at will, with most importantly "legands" or "back stories". You can not do that with a blockchain based identity system. Because if you could then you could forge digital currency and smart contracts at will...

Oh and do you think the likes of the DWP want their nasty little behaviours driving people into early graves recorded in such a manner as the block chain? I suspect not, most of what they get away with is due to "lost or incompleate records"...

Yes I sound cynical but I'm aware of just what odious behaviours the DWP get upto one way or another to humiliate and belittle amongst others the disabled who are in no way responsible for the position they find themselves in. Do you think the DWP Ministers would allow such data to be recorded or just how many times HM Tribunals find against the DWP and why...

If you think back the last time The Cabinate Office got involved with major IT infrastructure it was under PM Tony Blair for the National Health Service Digital Spine, that turned into the worlds biggest IT disaster that is still rumbling through litigation and pay offs.

Thus the runes tell me that this is going to get a lot of lip service because the blockchain is trendy currently, but the reality is it will come down somewhere in the long grass, or worse some distinctly critical National Audit Office report if people try to make it a reality.

Clive RobinsonAugust 25, 2018 8:21 PM

@ Maxwell's Daemon,

I can't think of anyone else insane enough to go there, so far, and haven't seen it written up in an academic paper.

Do I dare ask how the "insanity" went?

I actually have a "side interest" in ML for audio processing to get maximal bandwidth utilisation without the delay and other issues you get currently.

echoAugust 25, 2018 10:12 PM

I wondered where this was. Found it!

https://www.sciencealert.com/250-millisecond-attention-oscillations-brain-networks-macaques-humans

It may feel like you have a smooth, continuous picture of the world around you. But neuroscientists who study perception have now found our brains actually shift focus at a shocking speed - four times a second.

Paying attention requires our brains to balance focus with awareness of activities that might demand greater priority. To get it right, perception seems to behave like an old-fashioned movie, constantly flicking from frame to frame, faster than the blink of an eye.

New studies linking oscillations in neural activity with attention are forcing us to rethink how we make sense of the world, and how primate brains manage – and sometimes fail – to cope with an increasingly distracting landscape.

WaelAugust 26, 2018 1:30 AM

@vrk, CC: @Ratio,

So quiet I can almost hear a cyber-needle drop...

Ho ho ho! Best kind of security, imo. One of a kind ...

The small text is just a distraction. @Ratio is a very clever fellow -- you gotta watch out for him! Do the following to extract the interesting embedded strings from his comment [1]:

curl -s https://www.schneier.com/blog/archives/2018/08/friday_squid_bl_639.html#c6780630 | grep '‌'

You see anything peculiar? Yes, the following:

'‌'‌'‍'‌'‍'‌'‍'‌

Is a non-printing character string that encodes 0 and 1 as such:

‌ → 0
‍ → 1

The result is: 00101010

Which is binary for? Yes! that's the answer to all questions. No crypto was involved. Only Steganography and misdirection. Not the most efficient encoding choice, but shows what can be done.

@Ratio,

I now thought of a much more efficient encoding scheme :)

[1] This isn't the most accurate or optimum command and may fail for other messages. It's a quick and dirty thing. My sed / awk is a bit rusty and I am not in the mood to look them up. Actually I did, but it gave me a headache -- me and Regex aren't the best of friends.

PS: If you want a headache, then practice this puzzle, which for some reason @Ratio doesn't want to share the final solution. And I think I may have forgotten it too. But the output is a limerick, and limericks by definition need to be vulgar. Perhaps he's bashful... who knows.

PS2: @Ratio was authenticated for a reason that I won't share. Normally a plain text 'hidden' sting would not be sufficient for authentication.

Gerard van VoorenAugust 26, 2018 1:48 AM

@ Clive Robinson,

"But it needs to be answered fairly often as the readership here changes."

No, it's because there is no blog.

WaelAugust 26, 2018 2:02 AM

The above technique can be used to sign comments without cluttering the viewable text. I was going to work on that, but:

  • I don't have the time at the moment
  • It comes at a cost of removing "plausible deniability"

Think thrice (or quadre) before you sign your comments. You may not be able to repudiate it if (when) you need to.

Judge: Did you write this limerick?
Me:
Me? I have no such skill
It's an imposter or a shill
I would not even know
who could do so
Please let me go, your honor!.

HmmAugust 26, 2018 2:49 AM

@Peacehead

"Like I said, I'm thankful for what Trump has done in terms of squelching some of the McCarthyist Cold War addicts and for his politeness to other leaders when it perhaps mattered most."

I was momentarily (picoseconds) kind of holding back and debating to myself, is it worth asking what in the hell this otherwise normal-seeming person is talking about on any level? I admit I'm too curious to refuse. "Politeness?" To who, nutjob Duterte? "When it mattered most?"

Nuclear Jong Lil is still nuclear. There are no movements towards less nukes on their peninsula.
They are still developing more nuclear peanuts and delivery systems at an observable pace.
There are no scheduled talks to change that at this time. War could happen at any second.
Nuclear war is possible at any second in Korea, right now. This is unchanged.

Russia is meanwhile threatening today to move nuclear tactical weapons into Syria, because the US stance is pushing their "red line" (irony intended, a red line in Syria) and the US is threatening to attack Syria over chlorine/wmd use in their upcoming offensive because of our "red line" also. So CNB warfare can probably take place anytime there also. This is unchanged, although with Russias help Assad has won his war and now is killing enemy civilians to promote his Alawite minority as the "true" Syrians.

Saudi Arabia continues to bomb civilians indiscriminately, bombing schools and hospitals and anything they please with zero point zero regard for war crimes or anything else - With the full aid and support of the entire US arsenal and intelligence groups deeply embedded with that olimonarchy. This is unchanged.

Palestinians have lost $200 Billion in US aid as Israel continues to take land for redevelopment of settler groups, and has declared Muslims and tacitly arabs a non-equal minority officially in that country *(as opposed to a secular coequal democracy/republic like the USA or western nations) as protesters are being machine gunned and have resorted to using flaming kites to attack what they see as a cruel military occupation. No, Jared didn't change that much, and moving the embassy didn't do anything but do a favor for fellow-gangster Nyetanyahu as multiple investigations overshadow his life also. This is slightly worse all around.

China meanwhile has disappeared some 1+ million uigur individuals and countless other dissident cultures that are guilty of not being Beijing's own Han phenotype rubber stamp. They are building out their military to attempt to pressure neighbors and adversaries into concessions while their economic and environmental pillaging wrings the biodiversity value for every Yuan it's worth in the live meat market. They have also been guilty of undermining the US NK sanctions and negotiations both and are using Trump's failure as an inroad to project the US as weak while trade war slapfights put farmers and manufacturers in jeopardy in the US, while China's planned economics model is unphased because they do this for a living. So that's also relatively unchanged despite the "easy" trade war victories that "hurt nobody" "as far as we know yet this quarterly"...

There's the entire continent of Africa that we've all forgotten about, a couple incidents there too. With an interest to the brevity/wit, I won't regale you with ongoing examples of Earth's critically threatened biodiversity being destroyed at the hands of failing governments and with the unseemly direct help of Donald Trump allowing TROPHIES of critically endangered species to be imported at great expense, providing another economic incentive for those impoverished failing governments to continue to allow poachers and pillagers and look the other way for a few momentary tokens of value to trade, for food.

We don't have to get into all the details, but is it really as rosy a picture as you describe, in your slice of the multiverse? I'm just speechless at the difference between our shared experiences. I can't explain the physics behind it. I'm just insatiably curious where and exactly how your world touches my own, where the cold war still exists and is in fact thawing rapidly. My curiousity derives from my pure epistomological bafflement; which of us can say we live in the "real" world anyway? It's all so meta.

Truth isn't truth, a hell of a thing to think about.

Clive RobinsonAugust 26, 2018 4:29 AM

@ Humdee, echo,

So where does that leave the user--caught between two parties neither of who can be trusted.

History shows that ordinary citizans are usually caught between two opposing often corrupt entities.

So arguably "Situation normal" or if you prefer "Same 5h1t, different day".

Clive RobinsonAugust 26, 2018 4:57 AM

@ Hmm,

I accept your apology Clive.

Are you realy that deluded?

I have not given you an apology nor do I have need to do so.

As for history and victors, I made a prediction as far as the up coming mid terms in early November. When all 435 seats in the United States House of Representatives and 35 of the 100 seats in the United States Senate will be contested. As I clearly stated it would be the results of those elections that the GOP would consider. Till then Presdient Trump who is not realy a Republican will still remain their "usefull idiot".

Thus the chances are President Trump may well still have his feet under the head of the table at the Presedential Palace daubed in white wash to carve Turkey at Thanksgiving at the end of November. Possibly even Xmas at the end of december. We will just have to wait and see, there may be a possability that he will go as far as as defending his position in 2020, I guess that depends on who the sandwich chokes.

But so far your predictions are either wrong or not even close to what is happening.

But lets say your wildest dreams do come true and President Trump is not just deposed but tried and convicted of Treason... You realise what will happen don't you?

Do you really want the predicted nightmare if the current VP steps up and takes power?

As they say "Be carefull what you wish for...".

HmmAugust 26, 2018 6:18 AM

@Clive

I meant it as a joke, actually I was referring to something else. It's fair that you don't recall.

Per your question the VP may well be tainted similarly himself. I don't necessarily fear VPence though, at least he has demonstrated the capacity and temerity to shut up from time to time. Comparatively, we'll take it. However none of this is about what "I would want" at all, on any level. I didn't vote even for Trump's opponent, what I myself personally would want is so far out of the picture it doesn't register in my system of government. I just see the current course as destabilizing. It's not about "them" in my view, it's about what "this" is causing, allowing indefinitely as a result of pushing precedent boundaries that previously existed for decent reasons.

https://en.wikipedia.org/wiki/Overton_window

Once so gaslit and convinced what "we see isn't truth" but everything's fine, these campaigns build on eachother. This is seeming a persistent vulnerability for some sizeable % of the population of a major military superpower, one doesn't have to be a Machiavelli to see the power of disinformation campaigns on so-targeted audiences. Our system is not designed to defend against this generally, and it happens to come just as our existing media systems are in a state of upheaval, partisan mortal combat, lowered budgets for proper journalism, and massive consolidation by quite overtly partisan attempts at cornering the eyeball market... Sinclair said something about fascism waving the cross and wrapped in the flag, but who knew he founded a media company for that explicit purpose?

And now, "Truth isn't Truth" the full Orwellian non sequitur, but it's REAL?

I don't think this path we can easily walk back along. Even after Trump is/were impeached and indicted, even after Brexit is/were a disaster and the massive social outcry that seems to straight ahead, we are as a metasociety going to be dealing with the corrosive epistemological damage of these campaigns against truth to societal norms and even the sources of norms for years to come. Our whole notion of agreeing to see "the sky is blue" collectively has been thrown into question. It's no longer a matter of being unable to agree, we are unable to find a shared reality to base an agreement on. We have been systematically divided on predictable social/political grounds for the purposes of advertisement, and that has been weaponized for uses of control. Now which facts previously subscribed to become like a brand of shaving cream, another hook into that captive "market" potential. Burma treason. Tastes great, less freedom.

We lost a very good man today, one of the last great few who could admit he was wrong.

SkizzoAugust 26, 2018 8:54 AM

If I was a POI for any of these agencies, I think I'd be more concerned about what they might be putting ON my device, rather than taking off.

FaustusAugust 26, 2018 9:59 AM

@John,

I don't think that a wash-out who hasn't even been exposed to the tech for long enough for his NDA to expire is a great source of info on Tesla. A good proportion of mediocre nobodies are fully convinced that they know much better than the successful.

Tesla may fail. An empirical test of the company is in progress at this moment. But sniveling whiners are ubiquitous and really don't provide much information about the probability of Tesla's success.

albertAugust 26, 2018 10:34 AM

@Clive, @others,

We used to use ferro-resonant power supplies(FRPS) in our computer systems. (They were CPM/MPM systems). The FRPS could ride through short brownouts. We once had a short power failure during a disk-to-disk copy and the copy was perfect. Basically, a FRPS has a special transformer, along with a capacitor, that resonates at the power line frequency (60 Hz, or 50Hz across the pond). They are relatively insensitive to line voltage, but -very- sensitive to line frequency. They are fine for commercial power, but woe to you if your customer uses backup generators. They are difficult to sync up to the power line frequency that just disappeared:)

I'm a big fan of transformer power supplies, since the days of musical instrument amplifiers. Guitarists are a strange lot; they insist on tube (valve) amplifiers even now. There's still a demand for vacuum tubes driven mostly by that desire. Just listen to a Hendrix record to hear what a master can do with them.

[https://www.sunpower-uk.com/glossary/what-is-a-ferroresonant-power-supply/]

DuckDuckGO is UK-oriented:)

Linked w/o comment:
https://www.counterpunch.org/2018/08/24/be-careful-what-you-ask-for-wasting-time-with-manafort-cohen-and-russiagate/

. .. . .. --- ....

echoAugust 26, 2018 11:50 AM

@Clive

History shows that ordinary citizans are usually caught between two opposing often corrupt entities.

So arguably "Situation normal" or if you prefer "Same 5h1t, different day"

A key part of the case I want to bring is I have both the science and law, and have accumulated a large body of evidence. This runs from approximately 200MB, to 5GB, to 40GB depending on the mix of documents versus bulk media. I believe it's very solid. I'm happy to reveal all as long as it is in a fair public court. This last one is the tricky bit and a known problem and causing no end of grief at the moment.

I spelled out in a draft the highlights but even this runs to most of a page.

Corruption/ It's nto a word I like to use but sadly yes.

MikeAAugust 26, 2018 11:52 AM

@Albert:
"I was assuming we were working offline."

So was I, but at some point one must leave the shielded room, if only to get more KFC or dispose of the previous load. At that point, your (so you think, but actually loyal to someone else) laptop (or its battery) spills its guts and your secrets to whoever has that much interest in you. Setting up an effective Faraday cage, and talking about it in a public forum, is one way to provoke that interest.

"Come to think of it, filtering an Internet connection might be rather difficult."

About the same as reproducible net-gain cold fusion with materials found in the average home. :-)

FaustusAugust 26, 2018 12:11 PM

@PeaceHead

I note your extended aubade and bid you adieu.

Certainly all lives matter, with special attention to lives particularly at risk.

@echo

Peace to all those drowning in miasmas of estrogen. Without reason or explanation I declare estrogen the cause of climate change!! (Yes, I am being sarcastic.)

FaustusAugust 26, 2018 12:17 PM

@MikeA

"Come to think of it, filtering an Internet connection might be rather difficult."

Never fear, Google is solving the problem right now! For China! For the good of all drones, or at least those with a high enough sheeple score...

echoAugust 26, 2018 12:18 PM

@John

I read through this last night. There are issues obviously but on balance decided he was young and inexperienced and a little too caught up in his testosterone fuelled ego to bother commenting on. Women aren't immune to wallowing in their own bubble either but this doesn't absolve him. This isn't a problem unique to Tesla or even the private sector. Remedying this is often a corporate governance issue, and includes honesty from all parties, and appropriate training and communication. Corproate councillors and unions can help provide confidential guidance and support.

Is he a whistleblower? I don't get this impression but this isn't to say there isn't a genuine problem which doesn't need solving. His critique may be worthy of discussion but this is also something which needs an appropriate response too.

A lot of people are not wired to get R&D nor always understand the role corporate culture plays in issues.

bttbAugust 26, 2018 2:28 PM

About Republican Mueller, Russia Investigation, from https://www.nytimes.com/2018/08/25/us/politics/robert-mueller-russia-investigation.html :

"... Judge Patel said she also quietly recommended Mr. Mueller to top Justice Department officials. “I’m a Democrat. He’s a Republican,” Judge Patel said. “But he’s a different kind of Republican, the kind we remember...”

Elsewhere from the same article:

"One of the defining moments of his F.B.I. tenure came in 2004, when Mr. Mueller [Director of the FBI at that time] and the deputy attorney general, James B. Comey, raced to the hospital room of the ailing attorney general, John Ashcroft. They were there to intercept officials from the White House, who wanted Mr. Ashcroft to approve a warrantless surveillance program that the Justice Department had said was unconstitutional.

Mr. Mueller and Mr. Comey threatened to quit over the episode, and the White House backed down. That was the end of it as far as Mr. Mueller was concerned, former advisers said. The matter was laid to rest until journalists dug it up years later and Mr. Comey delivered dramatic congressional testimony.

When Mr. Mueller next appeared before Congress, Democrats had to claw to extract even the barest confirmation from Mr. Mueller. “I don’t dispute what Mr. Comey says,” he said bluntly. Mr. Mueller had a powerful political story but went to great lengths to avoid fueling the fight.

“Just tell us the gist of the memorable conversation,” said Representative Steve Cohen, Democrat of Tennessee.

“There was a conversation, yes,” Mr. Mueller responded.

“What was the gist of it, sir?” Mr. Cohen pressed.

“I guess it covered very generally what had happened in the moments before,” Mr. Mueller said, not giving an inch.

“And what had happened in the moments before?”

“Well, again,” Mr. Mueller said, “I resist getting into conversations.”

That moment revealed not only Mr. Mueller’s reluctance to be drawn into a political fight..."

bttbAugust 26, 2018 2:50 PM

@echo and Clive Robinson

Thank you for your recent posts about Spies vs. Assets, https://www.schneier.com/blog/archives/2018/08/friday_squid_bl_638.html#c6780316 (echo) and https://www.schneier.com/blog/archives/2018/08/friday_squid_bl_638.html#c6780331 (Clive Robinson), the original Foreign Policy article, https://foreignpolicy.com/2018/08/15/botched-cia-communications-system-helped-blow-cover-chinese-agents-intelligence/ , was straightforward:

"...“When things started going bad, they went bad fast.”

The former officials also said the real number of CIA assets and those in their orbit executed by China during the two-year period was around 30, though some sources spoke of higher figures. The New York Times, which first reported the story last year, put the number at “more than a dozen.” All the CIA assets detained by Chinese intelligence around this time were eventually killed, the former officials said..."

(required)August 26, 2018 3:08 PM

https://www.bleepingcomputer.com/news/security/smartphones-from-11-oems-vulnerable-to-attacks-via-hidden-at-commands/

While international telecommunications bodies have standardized basic AT commands, dictating a list that all smartphones must support, vendors have also added custom AT command sets to their own devices —commands which can control some pretty dangerous phone features such as the touchscreen interface, the device's camera, and more.

The research team analyzed over 2,000 Android firmware images from eleven Android OEMs such as ASUS, Google, HTC, Huawei, Lenovo, LG, LineageOS, Motorola, Samsung, Sony, and ZTE.

They say they discovered that these devices support over 3,500 different types of AT commands, some of which grant access to very dangerous functions.

Some phones expose AT commands via their USB interface
These AT commands are all exposed via the phone's USB interface, meaning an attacker would have to either gain access to a user's device, or hide a malicious component inside USB docks, chargers, or charging stations.

Once an attacker is connected via the USB to a target's phone, he can use one of the phone's secret AT commands to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, or even inject touch events solely through the use of AT commands.

In the happiest cases, these AT commands are only available only when the phone's USB debugging function has been enabled, but researchers said they found many devices where attackers had direct access to AT commands, even if the phone had entered a locked state.

"In many cases, these commands are completely undocumented," said Kevin Butler, an associate professor in the University of Florida Herbert Wertheim College of Engineering and a member of the research team, revealing that an OEM's documentation doesn't even mention their presence.

echoAugust 26, 2018 3:45 PM

Ursula K Le Guin's blog contains a number of very relevant essays on political dogmatism and where things went wrong, covering up of unemployment, and trust and surveillance, and other topics many readers of this blog will recognise including some current and recent discussion topics.

http://www.ursulakleguin.com/Blog-Index.html

@bttb

The odd blog essay is very relevant to the issue of political ideology and partisan extremism you mention. I also read one essay which I only partially remember which mentioned how the Federalist papers defined terrorism as a thing distinct from treason, or something like this.

The UK has seen similar misuses of law and suppression so the overall general topic is something discussable from a philosophical point of view.

Maxwell's DaemonAugust 26, 2018 3:51 PM

@Clive Robinson

Extremely well, which is a terrible thing to say as what the system was about predicting future required treatments, frequency and type, for patients with terminal conditions. The population was several hundred at any given time, each with diagnosed medical conditions (which changed, mostly additions, over the arc of a patients history). It's almost entirely probabilistic in characterization. Interactive nature of medical conditions needed particular attention for future predictions of medical conditions. All the inputs were binary (had a condition or not, sex, etc.) or discrete (age). Outputs entirely binary (predicted treatment or no treatment per month) then summed across quarters. This was to be turned into calculated figures, based on average cost of treatments, for the next four fiscal quarters. Machine learning was reinforcement.

I was lucky I had nearly a decade of data to work with. The population was pretty uniform, which also helped. I've a solid background in maths, especially statistics, computer science, econometrics (where wild models are something respected, for the most part), and medical computer-based analytics and models, done as one of many such courses taken while off raiding other department's courses at the university for someone with my particular bent. It wasn't my first rodeo as I'd done similar models over the years around physical systems of one sort or another. Applying such epidemiological (really actuarial) techniques wasn't something I'd of thought of doing about people! Lastly, I've only done this once professionally, as in this was my job. It was always a side job where I got asked: "Is it possible...." Computers and I have always gotten along well, which is probably why people keep chaining me to them.

Long story short, we got our numbers and it was almost entirely dead-on, again a terrible choice of words even if accurate. Variance at most +/-1. Literally one, not 1%. I've never seen anyone do similar work. Perhaps someone in medicine has, not really an area I wander into on the preprint archives on a regular basis, and I just missed it. Really, it shouldn't have surprised me that much since epidemiology is all about accounting for diseases. Still did though.

Aside: proof positive that the universe has a dark sense of humor. I was diagnosed terminal a few years later with a short span of time left (3-5 years). A decade and a half later, I'm still here if only marginally functional and declining. The real pain is, again literally, that they refuse to treat me for extreme pain. Since I don't have cancer, they won't treat it. And they wonder why I'm suicidal? Okay.

Clive RobinsonAugust 26, 2018 4:22 PM

@ Albert,

Yes, ferro-magnetics are quite frequency sensitive (as most series tuned circuits are). If I remember correctly they show about a 1% output change for a one cycle frequency difference around 50Hz.

As for the counterpunch article it's why I wonder "who the sandwich will choke". I've also warned repeatedly about the New York Times. Outside of the US you get a more even handed view with people kind of saying in a sarcastic voice "What corruption in US political funding, gee who'd have thunk.".

As for what the SC is supposed to be doing, he's come up with a couple of dozen cases against Russians that if they ever got to court might or might not go anywhere, but due to the publicity in the US there would be nowhere such trials could be safely held. So why did he bother with the paper work? Some will tell you it's a smoke screen for the plebs, or to puff air into the "nothing burger" / "sandwich" or just the SC "wallpapering the teams sit upons".

On the US side with regards what the SC is supposed to be investigating the SC has so far produced nothing with regards Russia and US political figures coluding in the way most of the US public has been told by the MSM is happening (unless you count Facebooks Mr Zleeze, but the British investigation of Facebook-Cambridge Analytica tie up outstrips the US one by many miles in that respect so far).

All the SC has produced in eight months is just one or three quite unsuprising "finacial irregularities". Which if all US political candidates and those that work for them were investigated to the same scrutiny you would actually expect to find in far greater numbers...

That is statistically when you look at the numbers of not just suspected but convicted criminals per head of population[1] in the US, then you look at the number of people involved with election campaigns with the level of spotlighting the SC is using on the Trump Team, you would expect very high numbers of criminal records / prosecutions possibly a very lot closer to 100% than 50%. Thus arguably the SC is "falling down on the job" or "The Trump team is a paragon of virtue compared to the norm"...

It's little things like this that make people rightly believe "there is something very rotten in the state of Denmark" with regards the SC investigation. Perhaps it should be closely inspected for various crimes with the same level of spotlighting, it's statistically likely to find a couple or more "criminals" who've fudged expenses or stolen stationary through to maybe malfeasance.

[1] It varies from one third of the population to around three percent depending on who's "paperwork arguments" you use.

https://www.politifact.com/new-york/statements/2017/aug/18/andrew-cuomo/yes-one-three-us-adults-have-criminal-record/

But the number of crimes which are not reported or the authorities do not bother finding a suspect for is actually very high. So you could be looking at well over fifty percent of the population.

Oh and then of course there are all those funny little laws, which some say every US adult break atleast three times a day...

Clive RobinsonAugust 26, 2018 4:59 PM

@ (required),

... vendors have also added custom AT command sets to their own devices —commands which can control some pretty dangerous phone features such as the touchscreen interface, the device's camera, and more.

Trust me when I say that the standard / published AT commands have "some pretty dangerous phone features".

I've four lever arch A4 folders about ten feet from where I am siting that are stuffed to bursting with ordinary printer paper pages. Each page has four electronic document pages printed on it. These are all about the USB1 AT interface on a well known Quad band phone module, that I was using for a project (fancy advertising displays on UK "black cab" taxis). In there you will find lots of yellow and pink highlighter marks. The yellow for AT commands I was going to need to use and the pink for "here be draggons" type effect AT commands...

Most design engineers working on such stuff have been well aware of these issues for some years now. It's just that we don't tend to talk about it outside of the closed circle. The reason is there is mostly nothing we can do to get such AT commands removed and we can not give examples due to NDAs etc. Thus talking about them generally we know from experience will achive nothing other than retribution[1]...

Put simply those AT commands are there for what others consider "perfectly good reasons" or as I've mentioned befor finnessed as "safety features" at the International Standards level and underlying standards. It is not difficult to work out which AT commands in which order will turn such phone modules into bugs/tracking devices without the user being aware it is going on (except by battery drain or via equipment that watches the "air interface" at the antenna etc.

It's why I find the notion of a "secure mobile phone" more than slightly ridiculous. Thus talk about not bothering with encrypted Apps etc on the phone, but taking encryption "security end point" out beyond the "communications end point" where "end run" attacks etc have to be done the old resource intensive "up close and personal" way.

[1] Remember that mobile phone system engineers that have been allegedly involved with "olympics" surveillance have been found swinging at the end of a rope, supposadly to cover up IC activity.

VinnyGAugust 26, 2018 5:15 PM

@MikeA re: burner phone - Here is my procedure. Disclaimer - I'm not currently involved in any activity that should be of interest to state spies. I began using a burner phone merely so I could buy and sell items using on-line marketplaces (Craigslist, etc.) without giving my personal phone number away to world and dog, but decided to treat the effort as if I really had something vital to hide, as an amusing intellectual exercise. If you are not in the US, YMMV. Go to Walmart, purchase a TracFone (dumb variety) and optionally a minutes card (many TracFones come with an initial minutes allotment) for cash. Although Walmart did do a test of facial recognition in some stores a while ago, afaik they do not currently employ any FR. If you are concerned about that aspect, use some of the camouflage techniques that have been previously touted on this blog (imo the increase in conspicuousness from using those techniques in a public venue like Wallyworld far outweigh the FR risk there.) Register the phone from a computer and/or IP address not associated with you (how carried away you get with this indirection may vary, depending on who you think may be trying to intercept your comm and how valuable you think it might be to that party.) Of course you will provide completely bogus personal details when you register. You will also need to provide an email address to which TracFone will send a confirmation. Use a throwaway email address that you can monitor for a short time. I have at various times used addresses from an alternate mailinator domain, a trial Startmail account, or ProtonMail. By all means do not make calls from the phone for personal business that can be easily attributed to your real identity, and do not carry the phone around with you on habitual errands and routes that may be similarly attributed. Only power the phone on and off in a public place replete with other phone users (e.g, a crowded shopping mall.) When not in active use, remove the battery and shield the phone. None of which provides at all foolproof privacy from a really nosy government agency, but you will at least have made whoever is spying on you do some actual work to earn their ill-gotten information, and you might actually stymy a freelancer or some low-level spook. Or such is my hope.

Clive RobinsonAugust 26, 2018 5:23 PM

@ echo,

I have both the science and law, and have accumulated a large body of evidence. This runs from approximately 200MB, to 5GB, to 40GB depending on the mix of documents versus bulk media. I believe it's very solid.

It sounds like a resource which could be quite valuable.

It all depends on how accessible it is via a search or similar interface.

I worked for a while at a company designing "citation databases" for researchers and you would be shocked at the "value added" such an interface adds. In some cases upeards of 50,000USD per institution licenced.

Back when I worked there I pushed for two new areas on for ICTsec/crypto and one for "Science for law" which would fill a gap between general and forensic science, and legislation and case law etc. Whilst work was started on the former it dwindeled the stopped when the owners decided to cash out by selling the company.

MarkHAugust 26, 2018 7:16 PM

Clive's critique of the U.S. Special Counsel investigation is pure codswallop, but it offers an opportunity to rebut a favorite Trumpnik talking point: Trumpniks repeat (often daily) that the Special Counsel has "no evidence of collusion."

1. Unless you are on the Special Counsel's team, or have provided testimony or other evidence to them, you are utterly ignorant as to what evidence they possess or lack.

US federal attorneys operate under rules which heavily circumscribe their authority to disclose information they gather by investigation. As far as I am able to discover, the Mueller team has "leaked" not a single fact.

100% of the public information disclosed by the Special Counsel investigation, has come by way of their filings and prosecutions in court.

They have gathered an astronomical quantity of evidence. Any subset of that evidence is permitted to move from the prosecutors to the public by only two avenues: as part of a prosecution, or as part of a report to the Department of Justice which might later be made public by other parties, in whole or in part1.

Clive doesn't know what evidence they have about collusion with the Kremlin. Neither do I. Neither do seven billion other people.

2. As Clive should know, absence of evidence is, in general, NOT evidence of absence. That we haven't SEEN the evidence tells us nothing, about whether it exists.

3. As Clive should know, that the Special Counsel hasn't shown all of its poker hands after about 15 months of investigation likewise tells us nothing.

Consider the development process for a software application, which we'll call blivet parsing. The developers spend months on analysis and design, producing notebooks full of documentation.

A manager walks in, looks at the piles of documents, and asks "can these papers parse blivets?" Well, of course they can't.

The developers proceed to decompose the functional requirements, design data structures, and write subroutines. They perform unit tests and integration.

The same manager walks in, looks at all of the computer code, and asks, "can this software parse blivets?" Well, no ... it isn't yet complete.

It may only be in the last third or so of the project, that it can be demonstrated to perform its end function.

How can an engineer fail to understand this?
_______________________________________

What Mueller has done so far is consistent with (though not proof of) an extremely careful and methodical process of step-by-step construction. That approach, by the way, it consistent with Mueller's history of conducting investigations.

What the Special Counsel team has apparently been doing, is working from the periphery to the core, finding thugs (who teem plentifully in Trumplandia) whose crimes they can use in order to obtain documents and testimony.

I think it quite plausible that they already have filing cabinets full of evidence that Trump and his associates conspired with the Russian Federation.

However, not a single data-bit of it will be disclosed, unless and until either (a) Mueller concludes that the evidence is sufficient to obtain conviction at trial2,3, or (b) Mueller judges that such evidence is sufficiently strong and persuasive to include in a report of findings that might be used in an impeachment process.

This kind of information is not likely to become public until the last third of the Special Counsel's investigation. People with experience in this type of investigation have said that based on the complexity and gravity of the case, its duration might be three years or longer.

1 A lot of information from the investigation has been made public by witnesses who gave testimony and later talked about it, or via "leaks" from various parties to the investigation (witnesses and/or potential defendants) who have dribbled out facts from their contacts with the Special Counsel.

2 By Department of Justice policy, US federal prosecutors are forbidden to bring prosecution unless conviction is likely.

3 Federal prosecutors are prohibited from disclosing investigatory information that does not lead to prosecution. For example, if an investigation yielded convincing evidence that a suspect were a serial child molester and an on-going danger to public safety, but they concluded that they could not meet the standard of probable conviction at trial, all of that evidence would remain sealed.

(required)August 26, 2018 8:04 PM

@Clive

"Most design engineers working on such stuff have been well aware of these issues for some years now. It's just that we don't tend to talk about it outside of the closed circle. The reason is there is mostly nothing we can do to get such AT commands removed and we can not give examples due to NDAs etc. Thus talking about them generally we know from experience will achive nothing other than retribution[1]..."

I'm familiar with the discussion on that, but security through obscurity does not work forever.
As we're seeing, hence the article.

There's no great reason if "people have known forever" to not design a better standard, push it.
I reject what I see as the implicit premise that we should just have to put up with it indefinitely.
There is no doubt "some" solution possible that doesn't rely on undocumented 1970's ATH0 codes.

TiffianyAugust 26, 2018 8:06 PM

@VinnyG writes, "Although Walmart did do a test of facial recognition in some stores a while ago, afaik they do not currently employ any FR. If you are concerned about that aspect, use some of the camouflage techniques that have been previously touted on this blog (imo the increase in conspicuousness from using those techniques in a public venue like Wallyworld far outweigh the FR risk there.)"

Nah, one needs to be creative. Here are some ideas.

(1) Buy your burner phone(s) on Halloween. Everyone goes dressed up at that time and strange looking glasses and half-shrouded faces are the norm.
(2) Buy the phone during winter and either wear a ski mask (if in a ski area) or wrap a scarf around part of your face. Wear ski google indoors.
(3) In the south go to New Orleans and buy during Mardi Gras. Same as Halloween.

These are some ideas. There are others. Remember that the goal is to fool the camera while fitting in to the crowd. It's not that difficult.

echoAugust 26, 2018 8:57 PM

@Clive

I won't oversell it but like to believe it has some value. It's not terribly well organised and a fair amount of useful material needs cross refrencing and summarising to be turned into useful information. I know the material very well but a third party wouldn't make much sense of it in its present form.

(required)August 26, 2018 10:14 PM

@Alyer

Very. We're but a captive consumer base, convenience dictates we trust known-flawed HW.
Ever since I read about the Ken Thomson hack my faith in secure consumer systems is nil.
I just try to keep my fingers out of the fans, my boring data isn't worth the paranoia.
Anyone who puts anything 'sensitive' into any phone is asking for it.

But it's one thing for a nation-state to have a secret door in, bad enough sure, yet it's quite another to allow any random scripted kiddo out there to use common kit to pipe into millions of devices due to long-known secret knocks that go right through any walls built upon that foundation. We can't stop the patient owl from taking what it wants, but we should at least get rid of the low lying and long-fallen fruit that brings the rat hordes.


WaelAugust 26, 2018 11:29 PM

@Ratio,

It… seems to have fallen through the cracks? :-)

Pick it up. This's just a reminder. The new encoding scheme will be: hidden, encrypted and compressed and far more efficient. It'll take me some time to share it. Requires some thinking and prototyping.

really want to know is where it is in the pile. I’ve put it on top.

No rush, just don't forget about it. Two years from now is also acceptable -- I'll remind ya, no pressure, ma man! See how gracious I am? Contrast that to your few-hour time limits ;) Remember that next time.

in chapter two of Glenn Greenwald’s No Place to Hide (no Left) and I can reveal I’ve read some more since.

Please don't interrupt you work. Just share the summary of Glenn Greenwald’s work when you're done, since I don't intend to read it. I already saw the movie (Snowden and the seven Spooks)

As for the poem, I'll need to add subtitles to it then share the story behind it. This will take some time; it's not so easy to translate poetry, especially ones that were composed over 1200 years ago by a supremely capable poet [1], and I have a video tutorial to watch

[1] He was defeated twice by an unknown beduin both in linguistic capabilities and another thing... a story for another day.

(required)August 26, 2018 11:29 PM


"Michael Lebron, known as Lionel in his online accounts, is a YouTube and social media personality who makes appearances on Russia Today as a political and legal analyst. He is described as "an avowed conspiracy analyst" on his website and cites the September 11, 2001, terrorist attacks as a "watershed moment" in his life that led to delving into conspiracies. According to a photo posted on his Twitter account Friday, Lionel met with Trump in the Oval Office."


Conspiracy Analyst, isn't that a fun title. Ah, Youtube and Russia Today are his main employers. I see.

Not just anyone gets to meet the President in the Oval Office, ya know. It's for VIP's.
https://cdn5.img.sputniknews.com/images/105350/54/1053505481.jpg

RatioAugust 26, 2018 11:39 PM

Afghanistan Islamic State leader 'killed in air strike':

Abu Saad Erhabi and 10 other members are said to have died in an operation in the eastern province of Nangarhar, near the border with Pakistan.

He is the fourth Afghan leader of the group to be killed in recent years.

The IS affiliate has been active there since 2014, claiming a number of deadly recent attacks.

It is sometimes known as Islamic State Khorasan after a historic name for Afghanistan and surrounding areas.

‏#إرهابي‎

RatioAugust 27, 2018 1:00 AM

@echo,

“ISIS meme…? Are you for real?!


@Wael,

Pick it up. The new encoding scheme [...] Requires some thinking and prototyping.

Yes, sir. And reading, sir. (You’ll probably also need a bunch of characters that can be (ab)used reliably, like the LTR and RTL markers I just used to get the hashtag right, our old friends ZWNJ and ZWJ, and of course space, tab, and maybe vertical tab and form feed.)

No rush, just don't forget about it.

I only moved it past a ~600-page book and another ~300-page book; it was already near the top. :-)

Contrast that to your few-hour time limits ;)

More generous time limits and I’ll forget. ;-)

Just share the summary of Glenn Greenwald’s work when you're done, since I don't intend to read it.

I don’t think there’s anything you don’t already know in there. (Besides the paragraph I quoted that makes for hilarious contrast with Glenn anno 2018.)

As for the poem, [...]

Take your time, I won’t get to much new stuff for at least another month or so anyway.

WaelAugust 27, 2018 1:41 AM

@Ratio,

be (ab)used reliably, like the LTR and RTL [...] our old friends ZWNJ and ZWJ, and of course space, tab, and maybe vertical tab and form feed.

Definitely! Plus the rest of the alphanumeric characters too! For example, if ZWNJ follows an 'a', it'll have a different meaning than that when it follows a 'b', and so forth. May require viewable messages to be at least as long as hidden ones. It's a bit more complex than that, but that's the general idea.

abused? I'll take that as a positive notion!

tyrAugust 27, 2018 1:57 AM


@albert,Clive

The major disadvantage to the old style
power supplies is they won't be very
portable. I have a couple of old systems
that the transformer outweighs a laptop
without any other components.

Magamps were a fairly interesting device
but only used to turn gun turrets at the
time I was studying such esoterica.

One possible method of de-coupling power
is a no-break style. Use the incoming
commercial power to run an MG set and
stick a UPS on the output side. With
some logics and relays you can wire in
a generator to fire up and supply the
MG (motor/generator) if you lose the
commercial power source. Depends on
what you consider the threat model.

65535August 27, 2018 2:57 AM

@ (required), Clive R and others

Re undocumented AT commands on Andriod cell phones

“Once an attacker is connected via the USB to a target's phone, he can use one of the phone's secret AT commands to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, or even inject touch events solely through the use of AT commands.”-(required)

Nasty backdoors.

“…those AT commands are there for what others consider "perfectly good reasons" or as I've mentioned befor finnessed as "safety features" at the International Standards level and underlying standards. It is not difficult to work out which AT commands in which order will turn such phone modules into bugs/tracking devices without the user being aware it is going on (except by battery drain or via equipment that watches the "air interface" at the antenna etc…I find the notion of a "secure mobile phone" more than slightly ridiculous. Thus talk about not bothering with encrypted Apps etc on the phone, but taking encryption "security end point" out beyond the "communications end point" where "end run" attacks etc have to be done… [1] Remember that mobile phone system engineers that have been allegedly involved with "olympics" surveillance have been found swinging at the end of a rope, supposadly to cover up IC activity…”-Cliver R


So, about every Android phone is full of backdoors? I would guess some lawyers, politicians, and bankers are using using those devices and would be unhappy to find out they could have been spied upon. I wonder if the same is true for Apple iphones?

Clive, I don’t recall that engineer found swinging at the end of a rope so could you give me a hint on that story? I don’t doubt it.

“The team also published a Shell script that they used during their research to examine Android firmware and find strings containing AT commands. The script is available on GitHub…”-bleepingcomputer

https://www.bleepingcomputer.com/news/security/smartphones-from-11-oems-vulnerable-to-attacks-via-hidden-at-commands/

“AT Command extraction tool: atextract.sh”-guithub

“Our extract script requires a number of dependencies, which we list below. Make sure to acquire or install all of these and adjust the locations to the binaries/executables prior to running our atextract.sh script. If all 17 tools are placed in the same directory, this may be done by simply adjusting the DEPPATH variable. Otherwise, manually update lines 61 through 79.”-github

https://github.com/FICS/atcmd/tree/master/extract

Has anybody here tried this code to see if it works on any of the listed android devices?

CassandraAugust 27, 2018 4:34 AM

"Come to think of it, filtering an Internet connection might be rather difficult."

As Scott Adams pointed out, it is very easy.

@Clive Robinson

To nitpick (very) slightly, hydrogen is not intrinsically explosive (unlike acetylene, which can undergo explosive decomposition, and needs no oxidiser), unless you count unconfined nuclear fusion. A mixture of hydrogen and a suitable oxidising agent can be explosive, but need not necessarily be so. That said, the dangers of lead-acid batteries evolving hydrogen when being charged are real, and are a result of several inconvenient facts: (a) hydrogen is without taste and odourless to humans (b) hydrogen is colourless to human vision (c) when mixed with air, it forms an explosive mixture in a wide range of concentrations (4 - 75% by volume) (d) the explosive mixture has a low 'activation energy' - a spark (e.g. from static) need not be visible to set an explosion off. For this reason, rooms full of lead-acid batteries used in UPS systems need to be well ventilated, flushing air from ceiling level and any other traps, and preferably have hydrogen sensors. Many nuclear power stations have catalytic hydrogen scavengers mounted where hydrogen would be expected to gather because overheated fuel elements will oxidise in water, liberating hydrogen. A hydrogen explosion took the roof off one of the Fukushima reactors.

Re: AT commands

Many AT commands are hidden in plain sight in ETSI documents 07.07 and 07.05. It used to be common for mobile phones to come with a 'data suite' of software that could be run on a PC that would communicate over a serial connection with the phone to allow management of contact information, SMS messages, and other data. This was usually done by using the AT command set, often extended in a non-standard manner by the manufacturer. The references listed in the above two documents make for interesting reading if you like that sort of thing. The AT command interface/channel will usually be accessible 'over the air' without the knowledge of the person using the cell phone. Similarly, many ISPs that supply routers as part of their service to customers use TR-069 to have access to the router, often without the customer's knowledge, and also quite possibly make it not possible to disable.

As most on the comments section here know, mobile phone modems are pretty much closed boxes. As far as I know, there is only one modem (which is obsolete) that has open source drivers available- the TI Calypso. Old hands here can draw obvious conclusions.

Clive RobinsonAugust 27, 2018 5:05 AM

@ Hmm,

The overton window is not new as an idea infact various guises of it go back a century or so.

In practice public opinion appears in most "snap shots" as a normal distribution curve with conservative views forming the left tail and liberal views the right tail. Looked at over time the curve moves often it appears to swing backwards and forwards much like a pendulum (hence the term "pendulum effect"). But as you get further out there appears to be an even larger pendulum effect that steps in a given direction. You can almost view it as two orbiting objects with a rotating center of mass that moves along a trajectory[1]. Thus the given direction kind of follows the handle of a ratchet as it pulls it's self in the low level direction.

You might want to see if you can get hold of a copy of "The Growth of Public Expenditure in the United Kingdom" a book by two British economists Sir Alan Turner Peacock[2] and Jack Wiseman. The latter spent much time looking into the economics of health care systems.

It was in that book that they described what had hither to been thought of as a Pendulum Effect, which could in fact take what might at first be looked at as a drunkards walk. But in fact showed definate direction where swings in one direction did not on average come back again. They described it as being not like a pendulum but more as a ratchet that held the clock spring coiled hence the "Ratchet Effect" most of us consider normal.

However the ratchet effect has a dark side. In general the citizens of a country do not want to get involved with the responsability of running it. Thus their view point is very limited and generally quite short term. Whilst a few citizens might fight the odd skirmish with authority they generally only "stop not push back" certain policies. Politicians being even more short sighted tend to think in days or the odd week not weeks and months and very rarely years. However the unelected side of Government like the Chinese take a longterm view and this is rarely in the citizens interests except by accident of alignment. So the likes of the LEOs, IC and SigInt agencies accept they are going to loose quit a few skirmishes and the odd battle or two, but they have a firm belief that given time they will win not just substantive battles but also the war. Thus they go in for "attrition warfare" which is the "push forward three steps fall back two steps" which although slow and excessively expensive pushes them in the direction they wish to go. Which in general is "conservative" and quite contrary to the "liberal" normal social movment.

The model then gets a little complicated, whilst authoritarian leaders their actions and methods have been studied in various ways over the centuries, that of those they lead or who follow them has not realy been studied academically untill the past few decades.

This study is important as the largest collection of authoritarian followers are generaly found in "Guard Labour" which covers those who apply punitive state policy against not just the citizens but those of other nations.

Authoritarian followers also form fairly tight and rigid hierarchies with excessive levels. The reason is firstly most authoritarian followers perform "make work" for the majority of the time, and "promotion" is a reward process that alows easy control of authoritarian followers at comparative low monetary cost. Because of the mainly make work nature of the work given the authoritarian follows do not develope marketable skills outside of the hierarchy. Nor due to the nature of very small monetary uplifts with each promotional position do they aquire inflation proof assets that they could then aquire rent on. Thus they become trapped and easily prey to censure from higher in the hierarchy.

I could go on but you can see how such a system can be quite easily exploited by the few against the many.

In practice this also means that there is no equal opportunity to the citizens when raw resources are nolonger freely available for explotation. After raw resources are tied up in legislation that gives ownership to the few as assets, the purpose of continuing legislation is to make those at the bottom give up their rentable assets or not aquire such assets in the first place. They are then trapped by "fiscal policy" which controles the rate at which money devalues, thus further taking away value accrued from work done by the majority of citizens.

The question then becomes for the asset owners, how do you maintain the process when you are a very very small fraction of the population. Well two ways on is propaganda taught from birth which is what both Church and State do and secondly corrupt the top of the hierarchies that control legislation and thus the guard labour... Part of which is to make the entrapped citizens pay for the guard labour that controles them whilst the asset owners protected by the guard labour do not.

It's all part of the "King Game" and history shows us that as a general rule it's worst where there are no Kings... That is monarchs have constraints, where as tyrants and robber barrons do not.

[1] The movment of pendulums and closed orbits are circular functions that are produced by the sum of sinusoidal functions. That is sinewaves upon sinewaves upon a directional path.

[2] I first came into contact with Sir Alan's work via the "Peacock Committee" reoort into financing of the British Broadcasting Corporation ("The BBC"). It was quite different from the views of Margaret Thatcher who appeared to only understand a simple advertising model. Needless to say Sir Alan's views and the committee report have in effect formed the subsequent policy of the Office of Communications (OfCom).

JG4August 27, 2018 7:29 AM


Thanks for the great discussion. I worked out a very similar description of a lead-acid bank with filtering and inverter 2 to 4 years ago, but I don't recall posting the part numbers and prices. It would have mentioned a motor-generator set as a way to couple energy into a Faraday cage. The point that everyone has missed is that lead-acid batteries, except those made with virgin lead, also give off stibine and arsine gases on charging. Venting takes care of that, but isn't easy in a rental unit.

Here are a couple of gems.

https://www.nakedcapitalism.com/2018/08/private-investigator-living-surveillance-culture.html

We have touched on dry forests as a gain medium for fire. Can't recall if we touched on un-innoculated populations as gain media for disease. You'd like to be able to alter the gain term, but it is difficult with things like public transportation.

https://www.nakedcapitalism.com/2018/08/another-deadly-pandemic-coming-us-not-ready.html

The US talks a good story about treatment of the veterans, but the promotion of war is unhealthy. And the reality of the treatment of the veterans is shameful.

https://bracingviews.com/2018/08/14/blurring-sports-and-the-military/

It wasn't just perfluorinated compounds.

https://psmag.com/environment/what-happened-at-camp-lejeune

I was exposted to asbestos, cumulative neurotoxins, second-hand smoke, halogenated solvents, hydrocarbons, unhealthy food and countless others too numerous to recall or catalog.

Clive RobinsonAugust 27, 2018 8:09 AM

@ 65535,

Have a look at,

https://uk.reuters.com/article/uk-greece-court-death/echr-orders-greece-to-pay-damages-over-probe-of-death-in-wiretap-case-idUKKBN1DH1XN

And read carefully the last paragraph and ask yourself two questions "Why?" and "If not the Greek Government, then who?".

It is perhaps not coincidental that the wire tapping started at the time of the Olympics. It is not exactly unknown that the US Government IC gets into the host nations telecommunications networks supposadly for "anti-terrorism" reasons. Likewise there are quite a few uninvestigated questions... In 2015 as a result of a decade long investigation, the Greek authorities issued an arrest warrant for William George Basil, believed to be a CIA operative and key person in what happened. Mr "Billy" Basil is from a Greek immigrant background, and apparently a bit too free with his mouth when in Greece. Some sources indicate his wife Irene went and purchased some of the "burner phones" involved, then sometime later used one for personal use, providing links to the US Embassy...

A description of some of the events and an over view of the techniques used by the NSA can be read,

https://www.roughdiplomacy.com/?p=6078

Which appears to have been pulled from other articles without research.

Much of the later clarity of the NSA involvment comes from the Ed Snowden trove, and the Intercept did an article on it. Writen by "The Puzzle Palace" author James Bamford,

https://theintercept.com/2015/09/28/death-athens-rogue-nsa-operation/

Most of this has been discussed on this blog in the past.

FaustusAugust 27, 2018 8:45 AM

@JG4

The Camp Lejeune story is very sad. As individual Americans we salute our troops, thank them, have them board planes before us. But they suffer from the incredible disregard of their own bosses and the military system.

300 million dollars for a fighter jet, millions to train the pilot, and millions upon millions for its munitions, but nearly empty pockets when our "heroes" and their "heroic" families (Yes, words are cheap!) need safe and clean drinking water.

What can explain this except incredible cynicism?

echoAugust 27, 2018 10:21 AM

@Ratio

“ISIS meme”…? Are you for real?!

Have you read Dawkins book? My usage is correct. I'm also saying a lot of other things too such as dismissing Isis as a collective of brain farts. It's much more educated and polite than the usual commentary.

I think my comment on strategy is good enough for brevity. I didn't feel qualified enough to offer comment on strategy.

It's also fair to ask what do they believe they are winning. What is their vision for the society they wish to create? Like too many would be empire builders they seem to be in denial in the face of the sweep of history. This kind of social-organisational breakdown is well documented as are the psychological-cultural issues. To some degree I believe Isis leadership are struggling to make themselves relevant and on the other hand welcome perpetual war because they know the instant a decent society is created they will be held to account for historical crimes. I would have thought this would make anyone with a stake in their own future pause for thought.

echoAugust 27, 2018 11:35 AM

@Clive

My database is nowhere near as graphic as this example but this shows the value of a person with a high domain knowledge and interest curating a private database.

Are UK police interested? Not in the slightest. This is why I ended up being insulted and punched, and slammed into a wall (with my phone which recorded everything falling to the floor and flying apart in pieces), and worse by the police. Complaints went walkies as they do.

https://www.independent.co.uk/news/long_reads/native-american-women-missing-murder-mmiw-inquiry-canada-us-violence-indigenous-a8487976.html

Annita Lucceshi, a PhD student in Southern Alberta, has been tirelessly compiling a database of stories like Yvonne’s across Canada and the US. A victim of human trafficking, domestic and sexual violence, she says herself: “I almost ended up in this database.”

“I realised how difficult it is to get a sense of just how many murdered and missing women there are because it changes constantly and there is so little official information,” Annita says. Her database, currently spanning 1900 to present day, is made up from other general missing people lists, social media, limited news coverage, archives and police databases.

[...]

“The police are not helpful,” she adds. “Typically I get no response at all. If I do, they say they don’t collect the data, or that they won’t be able to pull that information.”

SkizzoAugust 27, 2018 1:10 PM

@65535 "Has anybody here tried this code to see if it works on any of the listed android devices?"

Not yet. Working on it to try with an LG phone. Not one I saw mentioned though.

Bob PaddockAugust 27, 2018 1:44 PM

@Clive Robinson

"If you talk to linemen who have worked in switch yards with three phase transformers up in the 1000 kVA range and above at least one will have heard the "rattle of death" as the laminations inside the transformer try to tear themselves apart, due to magneto constriction."

Years ago, Westinghouse manufactured the largest of transformers in Sharon Pennsylvania. They had a massively large sound proof room, the size of which contained a small locomotive to move the transformer under test in and out of the room. The massive electric doors on this room took the three-phase power of a small community to move them. They tested the transformers by listening to them for any tell-tall sound.

To get a size perspective, consider what I was told during my tour: "Do you see that toy truck at the end of the 'tube'?; The building is constructed as three LONG *HIGH* cylinders. That is a full sized 18-wheeler", that indeed looked liked like a child's toy and took about a half hour to walk that distance to reach it.

Place is for sale or rent...

"mag amps"

Has anything replaced those in high radiation or "can not fail" environments yet?

albertAugust 27, 2018 1:51 PM

@(required),
Thanks for the exposure to AT commands. I found a reference. It's over 600 pages! All of a sudden, I've lost interest. To be sure, a major nail in the coffin of cell phone 'security'.

Re: Mueller investigation:
0. You don't talk to the police. Failing that, you don't lie to the police.
Any lawyers worth their fees will tell you that.
1. Federal prosecutors never divulge evidence pretrial. They usually ask questions that they already know the answers to. It's handy to have evidence of several cases of lying available as leverage, or outright charges if the primary case goes south.
2. Criminality among the rich and/or powerful is a given. No duh moments like the Manfort and Cohen cases are the rule. Ten white-collar crimes committed every day. Why is this news?r

Warning to Democrats: Y'all are setting yourselves up for a major upset:
https://www.counterpunch.org/2018/08/24/be-careful-what-you-ask-for-wasting-time-with-manafort-cohen-and-russiagate/

. .. . .. --- ....

echoAugust 27, 2018 2:26 PM

@albert

I read an article a few weeks ago which discussed how poorly whitecollar crime is investigated and greedy Manafort was. Because of the minimal resources devoted to whitecollar crime it was only because he pushed hismelf into the limelight that he got caught and even then it took a while to attract prosecution interest. He could have got away with it if he had kept a low profile. In the UK similar could be said off the likes of Aaran Banks.

I don't believe there's anything too worry about with respect to an investigation. There are issues in the system but this is a well formed topic in itself.

I am puzzled why the obese oxygen thief got away with such horrible personal politics but, again, this is an old topic and the lawmakers lending him their support are the ones largely accountable.

In the UK government and policy has been very sneaky but a judge declared immigration policy is terrible. This is on top of previous judgements concerning the unemployed. Reports are already in that the Brexit referendum is flawed. I know this is all very different to the US "high crimes and misdemeaners" but these are two different contexts. One common point which I believe is important is, political partisanship aside, the issue of who controls the narrative. I think this is important as interference with a narrative can have a detrimental effect on justice being done. Politicians and the media aren't always the best placed to mediate this narrative. Academics and the victims themselves often havea useful contribition even if this is largely articulated via rights groups or lawyers.

In the UK and US "high crimes and misdemeaners" isn't a very high bar. I understand in the US a super majority of the house is required as a brake for opportunistic impeachment. I have difficulty believing the impeachment of the obsese oxygen thief is opportunistic.

CassandraAugust 27, 2018 4:01 PM

@Clive Robinson

I like it. There are a few Dilberts that are timeless classics, and I agree, that looks like one of them.

Amazon are very, very close to doing what the cartoon portrays - they remember credit-card details, they have the Alexa voice interface, personalised recommendations, and they have one-click ordering. Make the one-click into zero-click (obviously done by an AI, the decisions of which you could 'review' after the event) and all the ingredients are there.

Cassie.

65535August 27, 2018 10:51 PM

@ Cassandra, Clive Robinson, skizzo and others

“Many AT commands are hidden in plain sight in ETSI documents 07.07 and 07.05. It used to be common for mobile phones to come with a 'data suite' of software that could be run on a PC that would communicate over a serial connection with the phone to allow management of contact information, SMS messages, and other data.”- Cassandra

Those AT commands look like a target rich environment for hacking. I took at look at ETSI 07.7 and then to v14.3.0 of 2017 and found over 300 pages of commands. As albert notes that is quite a lot of documented commands and doesn’t cover the undocumented AT commands. Wow, talk about back doors.

https://www.etsi.org/deliver/etsi_ts/127000_127099/127007/14.03.00_60/ts_127007v140300p.pdf

Both the document and undocumented AT commands are troubling. Can any expert point to the most dangerous of those AT commands or combination of AT commands?

@ Clive Robinson

Thanks for the links.

The engineer was Costas Tsalikidis. The intercept hints that Costas may have been strangled then hung by rope.

“…forensic pathologist and former medical examiner in San Francisco, and the other was Dr. Theodoros Vougiouklakis, an associate professor of forensic medicine in Greece. Karch called the original autopsy “farcical.” Based on pictures of the body, the coroners concluded that the marks to Costas’ neck couldn’t have come from simply jumping off the chair. “Something was done to him prior,” Karch told The Intercept…”-The intercept

See 80 percent down:
https://theintercept.com/2015/09/28/death-athens-rogue-nsa-operation/

“…Greek authorities issued an arrest warrant for William George Basil, believed to be a CIA operative and key person in what happened….”-Clive R

Yes, it appears Basil was Costas’ recruiter according to The Intercept. He could have been involved or another hired others to do Costas in.

@ Skizzo

“Not yet. Working on it to try with an LG phone.”-skIzzo

Interesting.

If you are successful let me know the rig you are using. I think I can get a Samsung from a friend and spin up a VM with the necessary software but I am not fully sure about the USB connections and drivers.

JG4August 28, 2018 8:11 AM


The latest infrastructure collapse made me want to do a more solid writeup on system identification. Just for the record, passive monitoring with accelerometers on structures can detect anomalies before people are dead.

https://www.nakedcapitalism.com/2018/08/links-8-28-18.html
...
‘Fortnite’ developer had sharp words for Google after a scary Android exploit was discovered Mashable
...
Health Care
A Jolt To The Jugular! You’re Insured But Still Owe $109K For Your Heart Attack KHN. After the story broke, the hospital backed off. Telling you the billing — all billing — is bullshit to begin with, right?
...
“Luminaries” is good. (Spy Magazine’s sobriquet for Henry Kissinger: “Socialite war criminal.”)
...
Looks like it’s Google doing A/B testing. This is the screen I get:
...
Dams and reservoirs can’t save us. This is the new future of water infrastructure. Quartz. Paging Michael Burry….
...

bttbAugust 28, 2018 9:45 AM

@MarkH

Two things:
1) Might Putin, or others in his circles, have devastating Kompromat on Trump or
2) Might Putin, oligarchs, banks, etc., be able to cause the financial collapse of The Trump Organization

If so maybe Trump has been encouraged to give up USA intelligence assets.

Also you may have seen Russia in the Foreign Policy link above.

Bob PaddockAugust 28, 2018 9:55 AM

@JG4

"The latest infrastructure collapse made me want to do a more solid writeup on system identification. Just for the record, passive monitoring with accelerometers on structures can detect anomalies before people are dead."

Some news reports indicated that the center column was hit by a positive-lightning-strike moments before the collapse.

JG4August 28, 2018 10:20 AM


@Bob - I have to say that I didn't read the details, but if a structure is weak enough that a single lightning bolt can cause it to fail, that will show up in the vibrational spectrum. Evolution of the vibrational spectrum over time is even more damning.

Nick PAugust 28, 2018 11:50 AM

@ Ratio, Wael

(25,000 word post here about static analysis with low, false positives and Internet attribution with high, false positives)

@ All

Syzbot and the Tale of a Thousand, [Linux,] Kernel Bugs

Alex Gaynor, who does security for Firefox, posted this today on Lobsters. You might expect for Linux security to have improved over time with all the free tools. Maybe it did. I just can't tell with those *staggering* numbers of bugs. It's still highly-justifiable to start writing new kernel modules in a different language (eg Rust) that integrates with C, using any compiler-time transformations possible for safety, and/or stuffing Linux in a partition on a separation kernel. Even the price of a proprietary, separation kernel looks affordable compared to fixing all those bugs. Tell the marketing people we got a new, sales aid. :)

Of course, you have to use hardware that's simpler than x86 since its bugs will hose you if avoiding vulnerabilities in general rather than just software. Also, buy AMD instead of Intel. I still think might be helpful to have a mixed box with high-performance x86 for trusted software and low-risk, ARM cores for untrusted software. Maybe SMP setup with multiple, multi-core chips. Kernel might do further isolation if mutually-suspicious workloads run on multi-core ARM's. However, the main policy will be simple where good stuff is on x86 and bad stuff is on ARM. You just gotta check the Evil Bit.

WaelAugust 28, 2018 12:26 PM

@Nick P,

The homepage is *hilarious*.

Hilarious, it is. Good sense of humor.

Please put us out of business Stop writing C/C++.

Umm. I disagree with that. Good craftsmen[1] don't blame tools[2].

[1] That includes males and females.
[2] The clever woman spins yarn with a donkey's leg. Meaning if her hands were donkey's legs, she'd still be able to weave (a cloth.)

HmmAugust 28, 2018 1:36 PM

@Albert

Regardless of whether a judge can divulge the contents of grand juries to the public, we didn't just go through ~2 years of witch investigations and subpoena'ed witch paperwork to let witches go now on some Halloween technicality. Admit it, don't admit it, but wait and see. Giuliani's nutty bluster is intentional, it's Trump's last line of defense at this point. That case about grand juries is important IMO to maintain transparency at a judge's discretion, but it won't dictate one way or another whether the contents of these investigations become charges or not. The evidence does that. There's plenty of it.

So the question isn't will Trump face these charges, he certainly will. The question is when.


echoAugust 28, 2018 2:31 PM

@Wael

A bad tool is a bad tool. It's no fun having to work around this all the time.

Clever women find clever men to do the work so women don't have to. Clever isn't always smart which is another complication. C/C++ definately is not a smart language. Look at the feaureitis maschochists who built it. Seriously, guys. Life is too short. I'm guessing this is why a lot of women in computing career change by lurching into things like human resources. I know some women especially in some jobs go part time to retain the benefits of having a family and a job. There are grumbles because of resource allocation but you also have some men who cling to seniority and coast to retirement while holding up progress.

@Nick P

I agree with the intent of your comment on architecture. I still think something is missing though. I personally would prefer the design of C/C++ is rebased. I don't perceieve a problem with new compilers being able to support this while maintaining support for legacy code. There's also the idea of high trust and low trust execution on CPUs. Other than this your proposal sounds like a pragmatic fix for these issues.

albertAugust 28, 2018 2:45 PM

@Clive,
"...one will have heard the "rattle of death" as the laminations inside the transformer try to tear themselves appart[sic], due to magneto constriction. Most often it is caused by one phase being switched out under load. ..."

Perhaps, because those 3-phase transformers have a common core? I'll bet (barring shoddy design/manufacturing) 3 single-phase units wouldn't have that problem.

@Nick P, etc.
Maybe it's time to switch to a microkernel for Linux.

. .. . .. --- ....

echoAugust 28, 2018 2:50 PM

@bttb

The obese oxygen thief has form. On the issue of US law my sense is the Justice Department policy people claim impedes criminally charging a President doesn't actually mean anything in reality. It's just the institution of the president hiding behind an institution trying to be a gatekeeper and thwart the intent of the constitution. It's just a made up rule - a bureaucratic opinion. The second issue of 'Buckley v. Valeo' seems like an exercise in cleverness for the sake of cleverness which can be reinterpreted by the courts.

I suspect Rudy Guiliani is trying to shift the frame into politics and public opinion but this is not science or the law. By sticking to science and the law this will expose the obese oxygen thiefs weak spot which he has no good track record with.

In the UK we have Brexit to contend with. This is also shot through with power plays wich don't have the constititional authority they claim, unlawful action and dubious legal oinions, and a large amount of stupidity and self-interest driving everything over the cliff. The politicians driving this don't seem to be terribly keen on the court of public opinion when it comes to a second referendum. The cheats obviously don't want to blow the deal they scammed for themselves.

echoAugust 28, 2018 2:51 PM

The Saudi government have been banned from television advertising for attempting to influence political opinion. They are also trying to buy mindshare via billboards and advertising money to bribe influence with editors, and leverage their ownership of stakes in national media. Has anyone told the Saudis that money can't buy love?...

https://www.theguardian.com/uk-news/2018/aug/28/saudi-banned-from-promoting-its-reform-agenda-on-british-tv
Saudi Arabia has in effect been banned from paying to promote its reform agenda on British television after a ruling by the media regulator.

PeaceHeadAugust 28, 2018 4:16 PM

This is NOT directed at members of this security community, nor the website admins, nor the website authors, nor the website guests, nor the website's consultants, nor the businesses nor security organizations helping to maintain it.

This is a message to those who are easily deduced to be monitoring us in the light of day...
The content is directly pertinent to security via the lense of geopolitical stability as well as North American domestic stability and intracultural relations between disparate internal groups and associations.

This is not an act of digital vandalism. Please think long and hard, before censoring this content either by website protocol or by remote data interference.

This is NOT an act of steganography either.
The previous post which was more satyrical had fake cryptological content.
I know that was too much to handle so this has no such content. This is in plaintext, plaintalk, English language and grammar. This is NOT a seditious act, and this does NOT endanger lives anywhere. The purpose is to SAVE LIVES and not thow us all away. YES, I have some insider knowledge and I will NOT YET discuss that content if ever at all.

To those who prefer sensationalistic xenophobia and provacateurish gossip and instigating instead of actual SECURITY:

Thanks for tipping your hand.
In a dictatorship nobody can hear the voice of reason screaming.

I hope you took the censored post of mine all the way to embarrassed Dan Coat's office.
You can fool some of the people all of the time and all of the people some of the time but you can't fool all of the people all of the time.

reality check courtesy of NYT newspaper's sloppy echochamber...

"Russia" is not a monolithic entity. It's not a collective, and there's not just one single point of view and not just one single ethos nor one single experience nor one single behavior nor one single preference nor one single action nor one single expression of communication.

Take all this US-sourced propaganda for what it is.
"Russia" isn't playing both sides of facebook in terms of so-called "right" vs so-called "left".
There's a variety of people all around the world, most of which whom are in USA who have a wide variety of sometime (not always) opposing viewpoints. A subsection of the myriad gullible facebook users are those users outside of USA, including but not limited to Russia, Ukraine, Israel, Germany, Australia, Austria, Canada, Brazil, Belize, think about it. Facebook is getting free advertising with these bogus fake scandals.

Russian users of facebook are just as foolish in using the scam platform of social media as anybody else using facebook. That there are both "left-wing" and "right-wing" facebook users isn't covert effort to mess up Democracy. It's just like much of the rest of us, trying to be heard just a little bit more than zero, via available communication channels no matter how tainted and polluted and insecure and corrupt and coopted they are. Russians aren't any different than anybody else in the world who wishes to have a say in trying to get Americans to stop making stupid decisions.

And since there was no official trial, no extradition to some type of international United Nations style courtroom to weigh the evidence, the accused didn't get a fair trial. Innocent until PROVEN guilty in a court of law. And the CIA agents alleging Russian involvement in the elections didn't suddenly just go AWOL, maybe they had their bluff called as the hoax participants that they are and they know that if they push the envelope too far with hot air nonsense, then a cornucopica of bad things will happen to many of all of us all around the world. Instigating WWIII is bad for both business and survival, after all.

Now keep in mind also that this all keeps the heat off of TWITTER. Twitter is corrupted and coopted and was definately trying to swing the election with so-called live stats of the 2016 projected "winner". This was unprecedented. And it just so happens that the Trump Admin Black Op Failure is addicted to the Twitterfeed nonsense B.S. hurricane.

So what gives?

Now you regret ditching all those diplomats and communications specialists and people who can get things settled bidirectionally. You were foolish enough to expel them all and of course expulsions occurred on the Russian side for "parity". These old techniques are so foolish and inneffective. You haven't learned anything whatsoever about history, have you?

And you wonder why you can't solve these mysteries that you conjured up out of thin air.
There is no boogeyman underneath your bed, but you will go to the hilt full tilt in you battle against the windmills and the alleged boogeyman underneath your bed and you throw away all evidence and personnel to the contrary. You clearly have a hatred for logic and reasoning as well as due process and evidence and you prefer xenophobia and sensationalism and gossip instead.

Your lack of humor is timely.
Your lack of sophistications is timely.
Your lack of pragmatism is timely.
Your lack of substantiated claims is timely.
You lack of diplomacy indicates you are unfit for your incomes.

When the collapse happens, you've proven that your commen sense is inversely proportional to your dedication to destabilizing the entire nation and planet.

Take a time out and try to figure out some priorities based upon actual reality instead of wishful thinking and addiction to risky and mass suicidal behaviors.

Yes, this is a SECURITY issue.
Anthropology is directly related.
Human behavior is a direct involved factor within security decision-making and practice.

HOAXES can be detected and thwarted.
You will not be successful because your cause isn't grounded upon reality.

Some of your allegations are easily disbelieved by those of us who've lived otherwise, or were witnesses to your attempted "behind the scenes" manipulations. You can't manage this perception because you can't control reality nor the past, nor the future.

We don't all share your deathwish. We don't all want to go down in blaze of dadaistic glory.

Direct communication has some legitimate deterrence effects.
And WE KNOW YOU ARE EAVESDROPPING ON US.

No worries.
You can be beaten at procedures processes and techniques better than yours because to us it's not a game and because we prefer to deal within and with the real and not the fake.

Prove your disagreement if I'm wrong.
Send me a non-disclosure agreement.
If you can build a rational airtight case based upon facts and not trying to just incite and ignite the Cold War (which ended), and convince me of the truth using corroborated validatable, peer-reviewable info, I will abstain from interfering and accept a Non-Disclosure Agreement.

But if not, or if the data is not airtight and is bogus and unbelievable and foolishly deceptive and not built for the purposes of saving and maintaining lives and is a continuation of the lies in service of unneeded riskier forms of warfare, then I will not stand down, I will instead proliferate the information about your true foolhearty deceptions more virulently.

But again, if the info is based upon facts and designed to save lives and not mere cover story junk and coupled with a Non-Disclosure Agreement, then I will stand down and let your S hit the fan of it's own impetus.

The choice is yours, but I have sworn to protect this nation and world from all threats foreign and DOMESTIC. DOMESTIC DOMESTIC DOMESTIC.

Earth penetrating tomography gives you away anyhow.
I've already had my life threatened and damaged and sabotaged in a myriad of ways.
The more your types do to me, the more it make my point for me and corroborates every other whistleblower on the planet who ever doubted your toxic infiltrations of otherwise good people's livelihoods.

If you want me to begone, you're going to have to postpone that wish.

Peace belongs to everyone.
Hell no to space warfare.
I'll stand down when the arrogant planetary bullies stand down.
2 minutes 'till midnight, I got plenty of time. You don't.

I already dealt with the launch code.
I can handle it. You prove that you just don't get it when you risk all of our lives needlessly.
This isn't over until it's over.

IF YOU SUCCEED AT STARTING THE NEXT UNNECESSARY WAR, and I hope you don't, IT'S ALREADY GUARANTEED THAT YOU WILL BE EXPOSED TO THE RIOTING MOBS AS WELL AS THE GILDED COMPETITORS AND ALL YOUR BEST FRENEMIES.

Just remember, I didn't cause this mess, and I sure as heck won't perpetuate it.
Information theory for what? Just to die? No thanks.

To everyone else, Peace be with you.
I will try to sideload this topic to another site.

But it needed to start here, right where the instigators and perpetraitors come to learn both our weaknesses and our strengths and to steal our discoveries. Yeah, that's security reality.

Good luck in all your endeavors.
Sincerely,
PeaceHead

Whistleblowers blow

echoAugust 28, 2018 4:19 PM

I believe involving military in politics isn't a hugely good idea for a lot of reasons but the input on technical and broader security issues is obviously welcome.

https://www.independent.co.uk/news/uk/politics/former-sas-chief-final-say-brexit-referendum-major-security-concern-a8511846.html

A former chief of the SAS has backed the campaign for a second Brexit referendum and warned that a no-deal outcome would lead to major security concerns for the UK.

It is essential, Major General Jonathan Shaw told The Independent, to allow voters a choice, now that the reality of leaving is becoming clear, stressing that crashing out of the European Union without an agreement would lead to serious risks “on matters like intelligence sharing, on terrorism, on hybrid warfare and cyber threats.”

Clive RobinsonAugust 28, 2018 4:44 PM

@ Bob Paddock, JG4,

If you can put any faith in a "British Red Top" newspaper...

The UK Daily Express ran a story that has one of the Genoa Bridge design engineers saying it was a defective design from the get go and I must admit pictures of the bridge from getting on from a year ago does suggest that the design would be prone to engineering defects...

https://www.express.co.uk/news/world/1004080/Genoa-bridge-collapse-Italy-why-structure-failed-Ponte-Morandi

However it's also reported the bridge was undergoing structural repairs. Although I have not seen "before photos" it is known for "structural steel" to become plastic or worse if hit by a sufficiently large lightning strike.

Steel has issues when it comes to "fast rise time signals" which most lightning strikes are. In essence it's effective impedence rises and the I^2R losses,that cause heating increase which means it geys hot rather quicker than expected.

Whilst it is unlikely the rebar would have been exposed at most times, it may have been exposed as part of renovation.

Unfortunatly all normal things considered, if design flaws did exist, they would most likely be the reason why the bridge failed.
.

HmmAugust 28, 2018 4:58 PM

"In a dictatorship nobody can hear the voice of reason screaming."

A couple things : One, we do seem to read you loud and clear without much/any actual censorship.

Two, why would the voice of reason be screaming? That seems antithetical.


I don't think people in a position to start wars are going to read that and be dissuaded.
I think I support the spirit of the rant but not necessarily all the specific points.

But do you really think you're specifically being monitored or censored by "them"?
I find that unlikely unless you're a much more prolific pseudonym than we realize...

Nick PAugust 28, 2018 6:05 PM

@ echo

On mobile so no link. Look up Clay and Cyclone programming languages. They were safer versions of C. The Cyclone style of memory management inspired Rust's. Since there's two Clay's, type Lea Wittie when you search since she maintaine a page on it and things like device drivers written in it.

Lastly, there is one I found fascinating for LISPers: ZL language. It implements C in Scheme with C++ on top of that. I came up with that concept myself for a C++ alternative with Scheme-like macros that compiles to C to leverage its tooling. Someone had built something similar.

@ albert

It's what I used to recommend here a lot. The commercial providers and several FOSS (eg GenodeOS) have Linux VM's running on microkernels with security-critical code outside the VM's. Look up the papers "Nizza Secure Systems Architecture" and "Mikro-SINA VPN" (the k is there on purpose) for more detail on that approach.

echoAugust 28, 2018 6:38 PM

@Nick P

Thanks. I glanced through some material as you suggested. Other people may find this more useful. I have left computing behind and personally only follow the conversation and concepts. Anything deeper than this and my brain blows up.

ThothAugust 29, 2018 2:00 AM

@Nick P, Clive Robinson

I am starting to doubt the usefulness of security microkernels for Intel, AMD and ARM platforms these days due to @Clive Robinson mentioned about hardware layer and microcode layer bubbling up attacks the liksles of Spectre, Meltdown and Foreshadow.

About time that true security via physical and energy isolations should be used for those really wanting security.

MarkHAugust 29, 2018 2:28 AM

In the matter of Bridge Spans:

I recall a TV program (a good number of years ago) about civil engineering ...

A bridge engineer described the vibrations under traffic loads, easily perceptible to pedestrians on a bridge, as the bridge being alive (metaphorically, of course).

He then said, to my astonishment (very rough paraphrase here), "if a bridge stops transmitting these vibrations, get the hell off: this means the bridge has died and is about to collapse."

Perhaps that was a colloquial/intuitive version of the changes in vibration frequency spectrum discussed above?

simple sigh manAugust 29, 2018 4:32 AM

Researchers find way to spy on remote screens -- through the webcam mic

* Remote audio plus machine learning equals rudimentary remote screen viewing.

* That web cam could be giving up what's on your screen, if the person on the other end is listening the right way—with the help of some machine learning and your monitor's coil whine.

Daniel Genkin of the University of Michigan, Mihir Pattani of the University of Pennsylvania, Roei Schuster of Cornell Tech and Tel Aviv University, and Eran Tromer of Tel Aviv University and Columbia University investigated a potential new avenue of remote surveillance that they have dubbed "Synesthesia"[1]: a side-channel attack that can reveal the contents of a remote screen, providing access to potentially sensitive information based solely on "content-dependent acoustic leakage from LCD screens."

The research, supported by the Check Point Institute for Information Security at Tel Aviv University[2] (of which Schuster and Tromer are members) and funded in part by the Defense Advanced Research Projects Agency, examined what amounts to an acoustic form of Van Eck phreaking. While Van Eck phreaking uses radio signal emissions that leak from display connectors, the Synesthesia research leverages "coil whine," the audio emissions from transformers and other electronic components powering a device's LCD display.

source: https://arstechnica.com/information-technology/2018/08/researchers-find-way-to-spy-on-remote-screens-through-the-webcam-mic/
archived: https://archive.fo/ZmO62

[1] https://www.cs.tau.ac.il/~tromer/synesthesia/synesthesia.pdf & https://www.cs.tau.ac.il/~tromer/synesthesia/
[2] http://cpiis.cs.tau.ac.il/

Wesley ParishAugust 29, 2018 4:38 AM

More ElReg goodies:

No, eight characters, some capital letters and numbers is not a good password policy
https://www.theregister.co.uk/2018/08/28/bad_passwords_never_go_out_of_fashion/

Black hats are baddie hackers, white hats are goodies, grey hats will sell IP to kids in hoodies
https://www.theregister.co.uk/2018/08/28/black_hat_white_hat_grey_hat/

"A knowledgeable insider using a new generation of hacking tools could steal terabytes worth of valuable IP in a matter of minutes," Kennedy said. "Your IT teams should know which sections of your networks are off-limits and monitor for attempts at inappropriate access."

AI image recognition systems can be tricked by copying and pasting random objects
https://www.theregister.co.uk/2018/08/28/ai_image_recognition_tricked/

It’s a problem that all image classification models face. They all consider the features from a range of pixels over a given area to identify an object, but it means that pixels from other objects can overlap, confusing them.

Share and Enjoy!

JG4August 29, 2018 7:43 AM

There is no reason that this can't be scaled to fit in a panel on a roof:

The Robots And Machines That Revolutionized The Agriculture Industry
https://www.youtube.com/watch?v=txfkqOqCfNQ

or onto a lab bench:

Massive effort yields image-based cell sorting technology
https://phys.org/news/2018-08-massive-effort-yields-image-based-cell.html

see also:

Marcin Jakubowski: Open-sourced blueprints for civilization
www.ted.com/talks/marcin_jakubowski.html

The Irish peasants became familiar early with self-optimizing resource-extraction asset-stripping engines. "the methods for patient gouging are complex" = "self-optimizing resource-extraction asset-stripping engines" = "artificial intelligence" of the older kind. You could say that the situation is evolving. That is the entire point of intelligence, to maintain situational awareness and respond appropriately.

https://www.nakedcapitalism.com/2018/08/links-8-29-18.html
...
Letting neural networks be weird • This AI is bad at drawing but will try anyways. AI Weirdness (UserFriendly)
...
A future for neuroscience Opentheory.net. UserFriendly: “Huge if true.”
...
New Cold War

Skripals – When the BBC Hide the Truth Craig Murray (Chuck L)

Facebook Censorship, Mad Ben Nimmo and the Atlantic Council Craig Murray (Chuck L)
...
Big Brother is Watching You Watch

If you have a Yahoo account your emails have probably been scanned to figure out what you buy — and they may have been read by employees of the company Business Insider

Report: Baylor Secretly Infiltrated Sexual Assault Survivor Groups DeadSpin (Chuck L)

Imperial Collapse Watch

The Sun Does Not Revolve Around the US Consortiumnews (KF)
...
The FBI Informant Who Monitored the Trump Campaign, Stefan Halper, Oversaw a CIA Spying Operation in the 1980 Presidential Election Intercept (furzy)
...

Clive RobinsonAugust 29, 2018 8:30 AM

@ Thoth, Nick P,

About time that true security via physical and energy isolations should be used for those really wanting security.

The problem is that those who insist on secyrity, their goals do not align with those who want to get work done in the office. Likewise the alure of cute pussy pictures causes people to take security short cuts to their own personal little obsession.

But even those who desire security usually do not have the OpSec abilities to accomplish it...

which means that the level of security people could have is very very rarely achived even by those with heaps of money riding on IntProp.

echoAugust 29, 2018 3:47 PM

I have not very eminent UK court judgments buried in my database which amount to similar. The basic gist is that a large stack of "stuff" can pass as rational and an absurdly wide margin of latitude can be given to an authority. This particular court case was extremely nasty as it was very obvious something had gone badly wrong. The judgment went as far as acknowledging this and giving minor redress. The barrister for the government side buoyed up by this didn't stop their aggression. The court transcripts clearly show the judge and government barrister at this point essentially having a "man's club love in" in court and the judge awarded the government full legal costs which had to be bourne by the lawyers operating on a contingency basis representing the impacted citizen.

I have other case law where state actors have hidden behind this pattern at an individual professional level. The short version is that it is not a careful judgemnt arrived at via detailed and through scientific and legal scrutiny carefully mitigating against preconceptions and biases but the equivalent of a casual first impression.

In the UK its known that the state hates prosecuting the state. In this case being the US I wonder if this judgment is unconstitutional from the point of view that the FCC essentially given the wave through treatment as if a private company was an extension of itself.

I would be concerned about this especially since companies have been given the status of people and government is using private companies as a proxy for government action.

This kind of legal drift is exactly the kind of thing which led to the creation of slavery.

https://arstechnica.com/tech-policy/2018/08/fcc-can-define-markets-with-only-one-isp-as-competitive-court-rules/
FCC can define markets with only one ISP as “competitive,” court rules
The FCC can "choose which evidence to believe," court says.

HmmAugust 29, 2018 6:08 PM

https://www.bbc.com/news/world-europe-45345525

A Belgian executive working for a Russian steel company has been found dead after falling from a nine-storey building, Russian media say.

Dr Bruno Charles De Cooman was Novolipetsk Steel (NLMK)'s vice president for research and development.
NLMK is among Russia's largest steel companies, and is owned by oligarch Vladimir Lisin, one of its richest men.


We might revisit the gravitational security of Russian multi-story flats.
Daredevil parkour is really out of control I guess among the industrialists.

echoAugust 29, 2018 8:31 PM

This is a problem across a number of professions. I have experienced this and it's especially bad when a person (typically but certainly not exclusively) male confuses seniority or their own opinion of their professional skills with how they value other peoples contributions. It's akin to passive anger trolling and can be very pernicious and destructive. At times it can lead to failures of performance and professional standards across an entire department sometimes very noticeably so.

If I recall a study was done by Cardiff or Swansea University into professional ego and the study concluded that academics were the worst by a margin of something like 15%.

https://www.theguardian.com/science/2018/aug/29/wellcome-sanger-institute-bosses-accused-bullying-staff

The leaders of one of the country’s most prestigious scientific institutes are under investigation following claims of bullying, mistreatment of staff and gender discrimination.

Complaints by 10 former and current staff members at the Wellcome Sanger Institute in Cambridge focus on some of the centre’s most senior management, including the director, Sir Michael Stratton.

Allegations made by the scientists include:

  • Senior staff being mistreated and bullied.
  • Scientists being unilaterally pressured by management to leave the institute at short notice.
  • Failure to follow due process when grievances were raised.
  • These problems have disproportionately affected female staff.

The Wellcome Trust, Britain’s largest medical charity, confirmed the investigation was taking place but declined to provide further comment until it has concluded.

echoAugust 29, 2018 9:26 PM

I wonder if facial recognition is the equivalent of autocorrect. After a while we might becoe dumber and interact less as technology takes over more of our human experience.

65535August 30, 2018 2:59 AM

@ Wael, vrk and Ratio

I got vrk’s super script:

‘Ho ho ho! Best kind of security, imo. One of a kind of security, imo one of a kind obfuscation in plain sight...’

[Next Wael]

‘The small text is just a distraction. @Ratio is a very clever fellow -- you gotta watch out for him! Do the following to extract the interesting embedded strings from his comment [1]:

“ curl -s https://www.schneier.com/blog/archives/2018/08/friday_squid_bl_639.html#c6780630 | grep '‌' “

“You see anything peculiar? Yes, the following: '‌'‌'‍'‌'‍'‌'‍'‌ The result is: 00101010 “

But I had to use the urban dictionary due to lack of time to find the definition:

“What is the meaning of life, the universe, and everything?”

“#42#binary#00101010#101010#6 times 7#life#the universe#and everything” –Urban dictionary

[Or possibly]

“ It's the 1's and the 0's that make it all happen sis. Remember that one k?
“ gotcha fink;)
" give me 8 bits for 42
“ 00101010
“ #00100#00101010#4#2#four#two#fourty#two#eight#8#bits#you “-Urban dictionary

https://www.urbandictionary.com/define.php?term=00101010

Is there any other significant items?

JG4August 30, 2018 7:47 AM

@Hmm - I probably neglected to post this a couple of years ago. I had labelled those on high-carb diets as gravitationally-challenged as early as 1992. It seems that a disproportionate number of bankers have issues with gravitational security. This made the hair on the back of my neck stand up.

https://www.zerohedge.com/news/2016-10-13/inside-look-two-most-fascinating-banker-suicides-reveals-how-deep-rabbit-hole-truly-
...
Another unexplained element is the fact that 33 minutes after Mr Rossi fell from his office window, a call was made on his mobile phone.

At exactly the same moment, the CCTV footage showed an object falling onto the ground and landing a few feet from the body; it was later found to be Mr Rossi’s watch, minus the strap.

...
I have never believed he committed suicide.”

The plot thickens when one digs into the details revealed by the footage captured on the surveillance video.

The footage shows the three-story fall didn’t kill Rossi instantly. For almost 20 minutes, the banker lay on the dimly lit cobblestones, occasionally moving an arm and leg. As he lay dying, two murky figures appear. Two men appear and one walks over to gaze at the banker. He offers no aid or comfort and doesn’t call for help before turning around and calmly walking out of the alley.
...

WeatherAugust 30, 2018 7:53 AM

@65535
Prime number generation
2.25
4.75

Swap to
2.75
4.25
=11

It got most of the prime numbers, just can't remember how to find the next too numbers,you got to love
securityfocus.com

WaelAugust 30, 2018 9:13 AM

@65535, @Ratio, @vrk,

Is there any other significant items?

Nothing explicit in this one. There are other themes that I can't find at the moment; keywords escaped my mind, my search returned nothing useful.

bttbAugust 30, 2018 9:34 AM

Criminal law in the news:

1) Today on the National Public Radio show 1A, 11 am et, "Is It Time To Scrap Statutes Of Limitations?" ( https://the1a.org/shows/2018-08-30/statute-of-limitations )

2) California eliminates cash bail ( http://www.foxnews.com/politics/2018/08/28/california-to-become-first-state-eliminating-bail-for-suspects-awaiting-trial.html ; https://www.sacbee.com/news/politics-government/capitol-alert/article217031860.html ; https://www.washingtonpost.com/news/morning-mix/wp/2018/08/29/california-abolishes-money-bail-with-a-landmark-law-but-some-reformers-think-it-creates-new-problems/ ; https://www.npr.org/2018/08/28/642795284/california-becomes-first-state-to-end-cash-bail )

1) From the link above: "Statutes of limitations made it hard for comedian Bill Cosby’s accusers to take him to court over alleged sexual assault allegations.

The limitations are imposed by laws which create timed boundaries, after which criminal prosecutions and civil lawsuits can no longer be pursued.

Vox explains:

Statutes of limitations are common but controversial features of federal and state law. More than 40 states still have statutes of limitations that apply to some or all child sexual abuse crimes, and most states also apply limitations statutes to civil lawsuits.

Proponents of these laws argue that litigating a case based on events from the distant past runs the risk of lost evidence and faulty memories. Critics respond that these concerns can be adequately addressed without drawing arbitrary lines that shut victims out of court.

As recent allegations about predator priests are revealed, many of their victims might be looking for justice. But just like many women in the Cosby case, some of them might be precluded from filing cases.

In the era of #MeToo, should we do away with these regulations? If we do, what measures will ensure that defendants will get a fair trial?

See a map for the current status of statutes of limitations from state to state here

Produced by Paige Osburn. Text by Gabrielle Healy.

Guests

Nina Ginsberg Criminal defense attorney and co-chair, Sex Offender Policy Committee, National Association of Criminal Defense Lawyers
Marci Hamilton Professor, University of Pennsylvania; CEO, Child USA; @Marci_Hamilton
Daniel Hemel Assistant professor of law, University of Chicago; @DanielJHemel
Representative Mark Rozzi Representative for Pennsylvania's 126st District, Pennsylvania House of Representatives. @StateRepRozzi"

2) From the Washington Post above: "...After 11th-hour changes to the bill earlier this month, various criminal justice reform groups withdrew their support, fearing the bill would actually lead to an increase in pretrial incarceration because of judges’ generous discretion to decide who is a public safety threat or a flight risk. These criminal-justice groups fear lawmakers replaced one inequitable system for another, this time plagued by preventive detention rather than poverty. Among those in opposition included the American Civil Liberties Union, Human Rights Watch, Civil Rights Corps and California Attorneys for Criminal Justice.

“Unfortunately, this amended version of [Senate Bill 10] is not the model for pretrial justice and racial equity that the ACLU of California envisioned,” the ACLU of California’s three executive directors in northern and southern California and San Diego said in a joint statement. “We oppose the bill because it seeks to replace the current deeply-flawed system with an overly broad presumption of preventive detention.”

Under current law in California — as with many jurisdictions in the United States — bail is often set according to a fixed “bail schedule,” a chart full of bail amounts that correspond with the charge and the defendant’s criminal history..."

HmmAugust 30, 2018 1:08 PM

@JG4


Yikes, mind that first step... Surely there must be an innocent explanation!

I imagine being publicly known to control millions and billions of dollars in a kleptocracy under major sanctions affects one's inner-ear balance or something.

JG4August 31, 2018 6:58 AM


did someone post this top link yesterday?

Detecting ‘deepfake’ videos in the blink of an eye
https://theconversation.com/detecting-deepfake-videos-in-the-blink-of-an-eye-101072

I was too lazy to post this last night. If it weren't for dysfunction, I'd have no function.

https://www.nakedcapitalism.com/2018/08/200pm-water-cooler-8-30-2018.html

...

They left out torturers. Also, serial fabricators. Still, nobody’s perfect!

...[file under "getting the threat model right"]

“vocal avatars.” Lyrebird analyzes the cadence of your speech and the way you pronounce vowels and consonants to create a realistic digital copy of your speech patterns…. To demonstrate its AI, Lyrebird used its technology create a digital copy of Donald Trump’s voice.” • In a well-made play, they call that “foreshadowing.”

...

JG4August 31, 2018 7:00 AM


https://www.nakedcapitalism.com/2018/08/links-8-31-18.html

...[I posted Forrester's description of servos in the big war, one origin of AI]

The New Science of Seeing Around Corners Quanta Magazine. Robert M:

Einstein had his “spooky action at a distance.” Being able to read the first few pages of a closed book and hear what’s being said by the motion of plant leaves and empty chip bags is just plain spooky. I’d say keep the shades down, but they might vibrate in such a way that the words can be decoded. Perhaps the answer is to get exterior shutters.

In 1973, an MIT computer predicted the end of civilization. So far, it’s on target. Big Think

...

New Cold War

Whistleblower Exposes Key Player in FBI Russia Probe: “It was all a Set-up” Sara A. Carter (Chuck L)

...

Big Brother is Watching You Watch

Steve Bannon Wants to Nationalize Facebook and Google’s Data Vanity Fair

Google and Mastercard Cut a Secret Ad Deal to Track Retail Sales Bloomberg

...

Clive RobinsonAugust 31, 2018 4:42 PM

@ Wael, 65535,

Yes I knew Douglas vaguely enough to get invited to a party, partly because I also vaguely new Tom Baker who at the time was the longest running Dr Who (both series wise and time wise).

It's easest to start with how I got to know Tom Baker. I was walking into a famous London store when he was beatling out at his usual franetic pace. Well I was a lot more solid back then and he kind of bounced off and landed on his backside. I quickly went to help him up and apologise. After he likewise apologized (it's an English thing to hide embarrassment) he suggested a drink at a little club he knew. So off we went talking about anything other than Dr Who. Well what would have been an early lunch turned into what would have been a late supper and there were a number of other famous types in the crowd swapping jokes etc. After he asked me why I was zooming into the book shop I explained it was "collectors zeal" to get a hard back first edition of a Douglas's Adam's book a little bird had told me they still had tucked away. Tom said he new Douglas so I asked a few questions about him as you would, and it appears Tom knew him very well indeed --unsurprisingly--, and was quite happy to tell some funny stories about Douglas and his larger than life but totally mad cap ways. He also mentioned that I and Douglas could make a couple of book ends hight wise.

Well not long after that I was browsing in a second hand book shop in Islington looking for some old ScFi to spend some "birthday money" on. Well I was not alone and this tall person who was larger than life was doing the same thing and we bumped into each other and got chatting. It was Douglas and like Tom had been he was not in a "busy hurry" and kind of looking for an excuse not to do what he should be doing. Thankfully I was in a position to help him out.

Whilst chatting I mentioned working at the BBC a decade and a half earlier and one or two crazy crazy things that had happened. I also mentioned later working at a company behind the Beeb's rehersals studios and props storage and that a few Dr Who items got junked one day which I and some one else had "rescued" one or two of. It brought me around to mentioning bumping into Tom Baker. To which Douglas told a few funny stories in return. Any way I mentioned that Tom had said we would make a pair of book ends, which Douglas found amusing (like me he was somewhat "hight conscious"). Douglas then mentioned in passing that Tom was coming to a little party (Douglas's 40th) and it would be fun especially as I had just had my birthday if I turned up so Tom could "measure us up". So I did and it was a very interesting party amongst many others was Lalla Ward who had been Tom's wife a decade befor. I did not see any animosity between the two, mind you by this time Tom was firmly behind the bar mixing all sorts of intetesting concotions any one of which could have felled an incautious elephant. I also got to chat to Richard Dawkins and a couple of other people who were famous but kind of wished they weren't (I have a policy of treating famous people just like any other person and that includes even a Royal or two).

Any way to cut a long story short I stopped working in Islington and the people I'd met went on to do other things so things just naturally came to an end as they so often do.

As for the number "42" I knew that Douglas had a way of telling things "how they should have been" rather than "how they actually had been" and that the "should have" got more interesting with the telling. I remember telling Douglas --incorrectly[1]-- 42 was a "happy number", which raised a smile.

But back to 42 and "The Meaning of Life", the most often quoted reason is it's binary representation '101010'[2]... Which is also 52 octal, 2A hex or '*' ASCII.

The last of which is possibly the second most quoted reason. Douglas and Steven Fry were "Mac geeks" and "computer nerds" a sin shared by 1 or 10 people, back when the CLI was king and regex the norm '*' was the "wildcard" that ment match "everything and nothing" in short "what ever you want". Thus "The meaning of life" = 42 = what every you want it to be...

There are several others but I guess not as much fun as Dec 25 = Oct 31 which gives the old joke about why programmers can not tell the difference between Christmas day and Halloween.

But 42's real secret as a number is it's just dull, thus acts as a major bump on the road that is the flow of the narrative. It gives you a "What the heck was that" moment whilst your brain backs up to take a second look. In the book and televison series "The Question" was given a slow and steady build up including a Monty Python like "working philosophers" sub story. The build up got to the point you were expecting something very profound or psudo-philosophical. But no after a few cautionary warnings bang there it was... It worked because it was an over anti-climax.

[1] 42 is not a "happy number" however 32 and 44 are so I'm guessing I miss-remembered it due to a libatory influance. However a much smarter person than myself had told Douglas 42 was a "super-multiperfect number" which again it's not, so an "err shared". However a little web page informs me 42 is a "primary pseudoperfect number" amongst many other wierd things. So not so dull after all, a kind of 1729 moment ;-)

[2] From which you should be able to see "by simple examination" 42 is "the number of rooted ordered binary trees with six leaves". Yup one of those I don't want to do maths or CS because of the text book moments :-S

WaelAugust 31, 2018 5:17 PM

@Clive Robinson, @65535,

Thanks for sharing. Quite fascinating... Richard Dawkins, too? He's someone I'd like to spend an hour or two with ;)

(I have a policy of treating famous people just like any other person and that includes even a Royal or two).

So what about Sir Terry Pratchett? You were closer to him? Is 'Sir' a royalty or an honorific title?

65535August 31, 2018 10:14 PM

@ Wael and Cliver R

"The meaning of life" = 42 = what every you want it to be... a little web page informs me 42 is a "primary pseudoperfect number" amongst many other wierd things. So not so dull after all, a kind of 1729 moment…42 is "the number of rooted ordered binary trees with six leaves".- Clive R

That is a fairly interesting explaination.

Clive RobinsonSeptember 1, 2018 2:05 PM

@ Wael, 65535,

As interesting as any of the other 42 explanations.

Take a close look at,

    33.The Moorgate Tube disaster of 1975 killed 42 passengers.

It just so happens that Douglas's mum appears sitting at a table drinking a hot drink at the end of the Hitchhikers movie. What few know is that the place it was filmed was just beside one of Moorgate station's entrances.

Have a look at,

https://www.streetmap.co.uk/idmap.srf?x=532686&y=181715&z=106&sv=532686,181715&st=4&ar=Y&mapp=idmap.srf&searchp=ids.srf&ax=532675&ay=181699

It's just by the second O of Moorgate if you are ever in london and want to look it up.

There is a reason for this which is not connected with the 75 disaster. I have good cause to remember the disaster even though just a teenager at the time, but that they say is a story for another time.

If you also look at the begining of the film there is a scene where the population goes crazy after the Vogon anoucment. It's on the same map at the junction of Moorfields and Moor Place (GPS Coordinates: 51.518106, -0.089904).

But of more interest is if you know where Douglas's house was. You can read a bit in the "extended" trilogy where Arthur Dent has lost the number Fenchurch gave him because she wrote it on the back of the raffle ticket and Arthur won after she had left the pub. Well being desperate like many to "find the one" he goes through a crazy experiment and turns up after many little twists and turns on Fenchurch's door stop.

If I now tell you his house was located in Duncan Terrace in Islington[1], close to Upper street[2],

http://www.streetmap.co.uk/idmap.srf?X=531642&Y=183328&A=Y&Z=106

You can see it was a very short stagger to the Angel underground station which goes down to Moorgate, which back in the 80s was a more interesting place having quite a number of companies and offices involved with the various types of artistic works.

But more interestingly look at the map and the journy description to Fenchurch's house in the book...

But the 80's were a funny wild and slightly mad time. The UK especially London had gone home computing mad. There were a lot of sales people like Charles Dunston (of Carphone wharehouse fame) working for the likes of Tourch Computers, who had a fund of related stories a couple of which I've mentioned here in the past. He was always looking for an excuse to look in on my boss --another Charles-- and the two of them stayed in contact for years.

But due to my involvment with computer clubs (via the UK ACC) and doing around fifty computer shows a year at one point, I got to know a lot of journalists quite well. One of whom you might have heard of Neil "Mac" Gaiman who kind of got fed up of being a journalist and just like Sir Terry became a popular author. Another was Robert Schifren who wrote for Acorn "ab" User. Who along with co-defendent Steven Gold (RIP) went to trial for fraud which I missed being in by the skin of my teeth and a sixth sense some others thought was me being paranoid. It went all the way to the House of Lords (then the highest court of the land) who chucked it out and in no uncertain terms told the house of commons and Met Police to get their respective arses in gear and stop misusing existing legislation for that it was never intended. The result was the 1990 "Computer Misuse Act", but I've mentioned this before and how journalists and authors still keep getting the facts of the case wrong. But hey why let a more intetesting series of factual events get in the way of faux "Common Knowledge" and lazy research (one such lazy researcher was quite senior at Kingston University School of Business, who decided to become an MP, thankfully the electorate decided otherwise :-)

As for Royalty I've mentioned before I've met and chatted with both Prince Philip in the late 1970's when both of us were keen sailors and his Prestel message box had not yet been accessed by a bunch of late teens (I knew well). And a decade later his daughter Princess Anne who was Colonel-in-Chief to the Corps of the Royal Signals, who was also a keen sports person, and suporter of much Scottish including their Rugby Union[3]. Both of them did not much like pomp and ceromony either.

Oh and there's one member of Royalty (without title)[4] who not just bumped into me but nearly ran me down one night in Richmond Park not very far from Kingston Gate. But we don't talk about that because let's just say whilst you can be in the park after dark, you are not supposed to have been carrying the product of what I was comming back from doing. As I was head to toe in camouflage (All because the man loves "Watership down" pie golf course fat ;-) I guess I was not that easy to see... Anyway no damage to either of us or the car so "nay worries", he likewise was not in favour of protocol that evening and he went one way I the other having parted quite amicably (I still suspect that his poacher depth knowledge of the park might just have been a reason why ;-)

[1] A rather beautiful listed three story Georgian terrace house near Camden Passage and Upper St (where second hand book shops used to be found). With a realy nice sunset facing roof terrace and a private back garden (rare for the area) that overlooks a shared communal garden. Only accessible to a few other homes, it was a haven of peace and tranquility that Douglas spent many an hour observing over the rim of a glass or two in convivial company, rather than writing. All I can say is who can blaim him. The house it's self had seen many temporary occupants and more than a few overnighters who found the floor preferable to going home to the sticks just to come back past the front door on their way to work the following morning. Of the more permenent were the likes of Steven Fry and other "down on their luck" artistic types now well known names. One room was geek heaven if you liked early personal computers especially from Apple.

[2] The home of "Screen on the Green" which Sir Terry's daughter used to be a very great regular (so much so she got proposed to in there one evening not long ago).

[3] http://royalcentral.co.uk/uk/princessanne/the-royal-association-princess-anne-scottish-rugby-union-53829

[4] He's a bit younger than me or a lot younger as he only gets a birthday every four years.

JG4September 1, 2018 6:21 PM


@Clive - Thanks for the great stories. I suspected that we might be close to the same age.

https://www.nakedcapitalism.com/2018/09/links-9-1-18.html
...
Court Allows Admissions of Wayback Machine Screenshots as Evidence Pacedm

Big Brother Is Watching You Watch

U.S. is denying passports to Americans along the border, throwing their citizenship into question WaPo

New lawsuit shows your phone is unsafe at American borders Engadget

Militarization of Local Police Isn’t Making Anyone Safer CityLab

Researchers show Alexa “skill squatting” could hijack voice commands Ars Technica

This Music Theory Professor Just Showed How Stupid and Broken Copyright Filters Are Vice

Net Neutrality

California passes strongest net neutrality law in the country The Verge

Imperial Collapse Watch

F-35 Program Cutting Corners to “Complete” Development Pogo
...

WaelSeptember 1, 2018 7:26 PM

@Clive Robinson, @65535,

Fascinating!

As for Royalty I've mentioned before I've met and chatted with both Prince Philip...

So what's the true story behind princes Diana's ...

Clive RobinsonSeptember 2, 2018 6:37 AM

@ JG4,

Thanks for the great stories. I suspected that we might be close to the same age.

Oh you mean, grey, wrinkled, toothless, bearded and with optional pony tail for that happy Klingon look ;-)

On the serious side as I've indicated before our host @Bruce is a little younger than I am, but a bit more badgered (maybe it's the lack of sleep on aircraft ;-)

Clive RobinsonSeptember 2, 2018 6:52 AM

@ Wael,

So what's the true story...

That it is sad that a person born at a similar time to me died so young.

Also that she had through no fault of her own became a celebrity and her life was nolonger her own, and even now people make a lot of money out of stiring up anything they can.

It's very sad but it's the way the world appears to work.

Wesley ParishSeptember 4, 2018 5:36 AM

@Clive Robinson

Not at all a Royalist myself, but I did meet Prince William after the Feb 22 2011 quake in Christchurch, when he visited. Didn't say much by the time he got to me - he was tired. But a likeable chap, if a brief handshake and an equally brief greeting are anything to go by.

The only time I ever took any notice of Princess Di after the inevitable media circus of her wedding, was when she started talking about people killed and injured by wars that had long since ended, by landmines and that sort of thing. That's been a bugbear of mine for ages. I used to get furious at the thought that the Great Powers could storm into someone else's land and dump all that sort of munitions and then walk away, leaving the people who live there to survive the aftermath as best they could. (The US record in Vietnam - Agent Orange, etc - was one of those. Yes, the Returned Servicement were victims of a horrible policy, but they weren't in the direct line of fire. If they weren't in the direct line of fire and this is what it has done to them, then what about the average Viet peasant? This war was supposed to be about his freedom: how does that correspond to his lack of freedom to determine whether or not he's going to endure Agent orange effects to the end of his life, and his kids and grandkids after him? RANTOFF )

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.