Friday Squid Blogging: Giant Squid Washes up on Wellington Beach

Another giant squid washed up on a beach, this time in Wellington, New Zealand.

Is this a global trend?

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on August 31, 2018 at 4:08 PM • 137 Comments

Comments

echoAugust 31, 2018 4:40 PM

One issue I commented on the other month was allegations of UK police covering up sex trafficking and allegations that the establishment condoned it. Only a wekk or two later an article appeared in the media which I linked to where the police admitted investigating sex trafficking was neglected. They passed the blame onto government for the issues which caused this but basically what I claimed was essentially true.

I have also claimed UK police sexual harssment, verbal humiliation, physical assualt, abuse of powers, perverting the course of justice and covering up complaints by various means including intimidation and deliberately poor investigations. This next article isn't an exact template of how UK police abused me but lists a lot of the main points I have personally experienced in one form or another as well. Yes, a gung-ho police officer tried to rip my earrings out too. This was humiliating on top of everything else which happened before and after. I also had to make sure they didn't drag me face down over the floor because I didn't want to be dropped face first onto the concrete. I wouldn't put it past the police after one police officer bullied me into a side corridor away from survellience cameras on an earlier occasion and I was slammed into a wall before being dragged kicking and screaming out through reception to be dumped in the street. What happened next was pure intimidation and cover up.

I know of other women who told me they had been abused like this by the police for rocking the boat. I'm sure there must be more after reading this article.

I originally went to the police for protection. I didn't expect to be abused.

Reading through the article I have extra evidence and expertise I would like to bring to any public investigation (which UK police have obstructed) but this requires proper and confidential discussion with lawyers.

https://www.theguardian.com/uk-news/2018/aug/29/academic-konstancja-duff-passive-resistance-before-met-strip-search

echoAugust 31, 2018 4:48 PM

I don't have many decent security related links this week. Loosely reading through this article on China buying the gaydating app Grindr there are a huge number of observations about how China operate from a security perspective. There are a lot of links in this article to Chinese law and public policy, and how this compares with the EU, and practical issues concerning Western service and application providers.

https://theconversation.com/should-grindr-users-worry-about-what-china-will-do-with-their-data-95972

echoAugust 31, 2018 5:02 PM

I would make a rubbish spy. Perfect is nevergood enough and if my boss wanted to me to do something I didn't agree with or felt uncomfortable about I would kick up a stink. I also blab.

I don't think I would be a good lobbyist either.

Tom Clancy is entertainment not a political programme!

https://www.reuters.com/article/us-linkedin-china-espionage-exclusive/exclusive-chief-u-s-spy-catcher-says-china-using-linkedin-to-recruit-americans-idUSKCN1LG15Y

German and British authorities have previously warned their citizens that Beijing is using LinkedIn to try to recruit them as spies. But this is the first time a U.S. official has publicly discussed the challenge in the United States and indicated it is a bigger problem than previously known.

https://www.independent.co.uk/news/world/americas/us-politics/paul-manafort-latest-news-cambridge-analytica-charged-sam-patten-a8517051.html

Paul Manafort associate who worked with Cambridge Analytica charged

HmmAugust 31, 2018 6:12 PM

@echo

Not just charged, Patten already flipped.

You know, unless "skeptically speaking" the media is lying? Haha, I kill me.

echoAugust 31, 2018 11:29 PM

The need for ground up redesign hasn't gone away.

https://www.theregister.co.uk/2018/08/31/keystone_secure_enclave/

Boffins trying to build a open source secure enclave on RISC-V. Open source trusted execution component expected this fall.

Privacy like free speech is a qualified right in the UK and the rest of the EU. The UK common law definition for "rare" is buried in pretty obscure Australian criminal case law. My bestguess is the UK Ministry of Justice privately used this case law to award its staff bonus payments while refusing to release this legal advice using Freedom of Information Act loopholes. The Gaurdian never obtained this information and from what I can tell Gaurdian lawyers were not aware of this case law and may have forgotten that within the UK criminal case law can be used in civil cases.

I'm not sure what this Five Eyes statement is meant to achieve.

https://www.theregister.co.uk/2018/08/31/five_eyes_2018_meeting_encryption_terrorist_content/
https://www.homeaffairs.gov.au/about/national-security/five-country-ministerial-2018/access-evidence-encryption

The group is careful to avoid previous criticisms about their desire for backdoors and so-called magic thinking – saying that they have "no interest or intention to weaken encryption mechanisms" – and emphasise the importance of privacy laws. But the thrust of a separate framework for their plans, the Statement of Principles on Access to Evidence and Encryption, will do little to persuade anyone that the agencies have changed their opinions. "Privacy laws must prevent arbitrary or unlawful interference, but privacy is not absolute," the document stated. Although governments "should recognize that the nature of encryption is such that that there will be situations where access to information is not possible", these situations "should be rare".

https://www.livescience.com/63392-black-holes-from-past-universes.html
Physicists Think They've Spotted the Ghosts of Black Holes from Another Universe.

Dear God,

The next time you leave compromising material on your hard disc please remember to securely erase it before beginning a new project.

Yours, the 99.9%.

HmmAugust 31, 2018 11:41 PM


The way you drown an authoritarian-reaching government is in the bath they draw to force bathe you.

If we all carry zero value hard-scrambled drives they'll wish they didn't bother normal people.
Eventually.

Alyer Babtu September 1, 2018 12:23 AM

@echo

They've Spotted the Ghosts of Black Holes

Noting that the Hawking radiation is broad spectrum, and recalling that the universe is just a big computer, readers of this blog will realize that the traces Penrose refers to are just particles of the security glitter from the previous tamperproof laptop case.

Wesley ParishSeptember 1, 2018 1:13 AM

New Zealand and squid/octopuses in myth and legend

https://teara.govt.nz/en/1966/kupe

https://www.tourism.net.nz/new-zealand/about-new-zealand/kupe-and-te-wheke.html

https://teara.govt.nz/en/octopus-and-squid/page-4

According to legend, the Polynesian navigator Kupe was led to New Zealand by the giant octopus Te Wheke-o-Muturangi. Intent on killing the octopus that was robbing his tribe of fish, Kupe, along with his family and some warriors, set out in a large canoe to hunt it down. The octopus swam south for weeks and eventually took shelter near Cook Strait, where Kupe found it. After a ferocious battle, Kupe tricked the octopus into wrapping its arms around some water containers, and killed it with a blow to the head.

No giant octopuses, but a fair few giant squid.

@Moderator, could you please delete the same post I made today on the previous Friday Squid blog. My indexes got muddled for a sec. Thanks

AlejandroSeptember 1, 2018 3:41 AM

@REALFAKENEWS

Re: Coughing up passwords in UK.

Let's not forget PRISM:


"Secret program gives NSA, FBI backdoor access to Apple, Google, Facebook, Microsoft data"

https://www.theverge.com/2013/6/6/4403868/nsa-fbi-mine-data-apple-google-facebook-microsoft-others-prism

I figure for 'national security' issues there is a wide open backdoor to FB and the rest. (Or, very secretly for any reason they want, or no reason, because they can.)

However, in the case you mention it's about ordinary crime, so the illusion is maintained that access is limited.

FBI in the USA never complains about lack of access to FB etal, so the conclusion is obvious. I am pretty sure one of the post-Patriot Act travesties gave them access.

grossbartSeptember 1, 2018 3:53 AM

Emergency services in Switzerland send alerts to their units via pagers due to the good availability of the network. Someone published the information – that was sent in the clear – on a website, leaking sensitive information about the emergency sites.

The rescue organisations are “shocked” that someone would do this and that they should be punished. The government sees the protection of this data in the hands of the rescue organisations, however.

Story in German (English translation)

RGSeptember 1, 2018 4:01 AM


Worsening Myopia in Children
There is an increase in nearsightedness in children everywhere. Many suspect a leading cause excessive up-close eye focusing. Here we compare China's unified response to fragmented West.
https://www.allaboutvision.com/parents/myopia-causes.htm

East vs West Response

China (not reported by the Western Press)
Chinese president Xi Jinping has publicly spoken about the need to help children’s eyesight. Myopia among students is more common and is affecting children at younger ages, Xi said, according to the Xinhua News Agency this month. He called for the nation to address the problem.

China’s new gaming regulator has been revealed after a months-long halt on approvals for new videos games triggered by a massive government shake-up.
The revamp was confirmed for the first time in a document published Thursday on China’s education ministry. China would improve myopia among children and teenagers, under the direction of Chinese president Xi Jinping.
https://www.scmp.com/tech/article/2162114/china-regulators-plan-restrict-number-and-usage-new-games-amid-concerns-over

The West
This might sound glib, but perhaps one of the best things to tell your child to reduce his or her risk of myopia is, "Go outside and play!" https://www.allaboutvision.com/parents/myopia-causes.htm
Comment
Maintaining or improving myopia among our children and teenagers is ignored by our institutions and leaders. It is a non-issue. Rather unlimited, unrestricted Silicon Valley technology is preached as the answer to every aspect of our lives.

Sadly adult parental addiction to individualized, personalized always straining 5 inch screens is directly passed on to children who naturally mimic their parents rude self-absorbed behavior. The result is a new type of (unrecognized) negligence toward their own defenseless children. The adverse effects of all-consuming screen time should be recognized by educators and courts.

Solution
One common-sense solution comes from France ‘smart’ phones are banned in ALL schools and drivers. https://www.engadget.com/2018/08/01/france-bans-smartphones-schools/

ThothSeptember 1, 2018 4:45 AM

@echo

Re: OpenRISC Secure Enclave

The idea of Secure Enclave itself is flawed regardless if it is open source or closed. I have ranted a ton on why Secure Enclave instead of proper security via separation is a huge problem.

Also good luck to the team trying to do that. Being bought out via huge sums of money, investor control over the board, lawsuits, industry coercion, government coercion and all that are part of the package because of how the entire industry and system works. Outliers are not something "The Industry" readily accepts.

I would rather we work towards a system which follows robust designs via separation which the regulars have posted here long time ago.

Bob PaddockSeptember 1, 2018 6:26 AM

https://www.sciencedaily.com/releases/2018/08/180829115456.htm

"Writing in advance of the September 15 issue of Neural Computation, Beatrice Golomb, MD, PhD, professor of medicine at University of California San Diego School of Medicine, says publicly reported symptoms and experiences of a "mystery illness" afflicting American and Canadian diplomats in Cuba and China strongly match known effects of pulsed radiofrequency/microwave electromagnetic (RF/MW) radiation."

bttbSeptember 1, 2018 10:11 AM

Is Wi-Fi considered 'safe', from a Non-Ionizing Radiation (or whatever) perspective for adults and in home or small business environments, based on medical journals or other scientific evidence? Any thoughts or references?

I assume it might make sense to perhaps turn off Wi-Fi at home during the night.

Is there a rule of thumb for a good distance to be away from things like Wi-Fi access points or Wi-Fi printers. Does anybody know a good way to disable, remove, or turn-off Wi-Fi in a Samsung printer (M2835-DW; rated highly by Consumer Reports for a b/w laser printer) without having to install proprietary drivers


A quick search yielded these links:
https://www.theguardian.com/technology/askjack/2012/sep/27/wi-fi-health-risks

https://en.wikipedia.org/wiki/Wireless_electronic_devices_and_health

https://www.ncbi.nlm.nih.gov/pubmed/24162060/ ; review article (2013)

https://www.ncbi.nlm.nih.gov/pubmed/28074013 ; Wi-Fi in Australian schools (2017)

https://www.ncbi.nlm.nih.gov/pubmed/29214149 ; 2017 :

"Discussion:

Our measurements are in line with recent exposure studies in schools in other countries. The exposure levels varied between the different Wi-Fi systems, and if the students were allowed to use their own smartphones on the school's Wi-Fi network or if they were connected to GSM/3G/4G base stations outside the school. An access point over the teacher's head gave higher exposure compared with a school with a wired Internet connection for the teacher in the classroom. All values were far below International Commission on Non-Ionizing Radiation Protection's reference values, but most mean levels measured were above the precautionary target level of 3-6 µW/m2 as proposed by the Bioinitiative Report. The length of time wireless devices are used is an essential determinant in overall exposure. Measures to minimize children's exposure to RF radiation in school would include preferring wired connections, allowing laptops, tablets and mobile phones only in flight mode and deactivating Wi-Fi access points, when not used for learning purposes."

albertSeptember 1, 2018 11:49 AM

@Bob Paddock,
"...strongly match known effects of pulsed radiofrequency/microwave electromagnetic (RF/MW) radiation...."

Isn't that exactly what we discussed in the earlier Cuba incident post?

@bttb,
Note that the RF/MF mentioned above is a -weaponized- use of such radiation. Nonetheless, there's going to be much well-financed resistance against studies involving effects of gHz frequencies on humans. There is too much money involved. There is no interest in providing wired Ethernet connections to pads, printers, etc. Even in rural areas, you're bathed in MW from your own devices. In cities, you're swimming in it 24/7. Schools, stores, workplaces; you'll find it difficult to escape. In years or decades, we may find studies exposing all kinds of health effects from MW. Don't forget, the military has known about the health effects from radar since the 50's. That's why I had to laugh when Swedish 'researchers' found a high incidence of cataracts among commercial pilots, due, they said, to cosmic rays. If they had looked, they would have found a higher incidence of birth defects in pilots children, as well as a disproportionately greater number of female children as well. This is very apparent in military pilots.

Re: printer. Why not unconfigure it? You should be able to do so at the printer, if it's that highly rated.

. .. . .. --- ....

outofrangeSeptember 1, 2018 1:12 PM

@grossbart


The story that you got comes from the State sponsored "SDA" ("Schweizerische Depenschenagentur") and has been copied by the "Neue Zurcher Zeitung" as is. Clearly, the person writing this story has got no idea how pagers work and what their main use is. He probably does not even know the protocol (it is POCSAG) and the frequency. Most emergency services (fire brigade, ambulances) will use 147.325 MHz. This is the Telepage emergency frequency "F3". A paging message gets sent out up to three times. The "old" Euromessage frequency is 456.075 MHz. It still is used by emergency services throughout Germany and France (the broadcaster in those two countries is emessage, a spin off of Deutsche Telekom). In Zurich, the Building Insurance Company (Gebaudeversicherungsanstalt) still uses 456.075 MHz. Several fire brigades in Switzerland also got their own 456.075 MHz local networks.

Whilst Telepage is terrestrial, Euromessage pages are sent via satellite to the various towers. The system is exactly the same as it was with Hutchison Paging in the U.K.

Pagers that broadcast encrypted pages are available. You can choose IDEA encrypted alerts. Swissphone IDEA encodes alerting messages so that eavesdroppers or hackers cannot read it but that authorized parties can. Thus, Swissphone digital alerting is not just fast - but secure as well.

Swissphone in the past was broadcasting Euromessage in Switzerland and some years ago has taken over Telepage, a spin off of the Swiss national carrier Swisscom.

Now, a typical paging message does not need to be encrypted. What is does, however, are two things:

(1) Absolute reliability & redundancy (you can get pagers that also got a SIM card)
(2) Speed (for life critical missions, such as ambulance services)

The contents of a typical paging message would be:

"Fire alarm at John Bloggs Chemicals." What's there to encrypt??? You can page anyway only messages up to 80 characters...

There also exist pagers that release an alert if the owner stumbles. Those are so-called hybrid pagers that also are being used in nuclear power plants where an operator is on night shift. Should he get a seizure, an alert would be sent automatically.

In most cases, the encryption of paging messages simply is not necessary. Yet, it would be possible to obtain the encryption feature as an option. Still, it has to be considered that a pager is quite expensive. It typically costs some $600 to $700. However, they are also very robust and are guaranteed a fall of 40 in onto concrete. In addition, depending on your choice, they also are approved for use in hazardous areas, e.g. oil platforms.

In Switzerland, the police force mostly uses simple cell phones. The upper rank, however, is equipped with pagers. The same goes for military commanders.

If you are a simple police officer, driving around in your Volkswagen van, chasing the odd drunk geezer, you won't get a pager. You won't even get Polycom. All you will get is a dumbphone (not even a smartphone). In fact, young police officers nowadays don't even know anymore what a pager is.

As you see, pagers are - as opposed to smartphones - not toys but important and mission critical tools.

Recently, pagers became again quite popular with fire brigades in the States. Just like in Germany and in Switzerland, they erect their own towers, i.e. build and run their own networks.

Last but not least, it is hard to fathom why this privacy issue all of a sudden has emerged. We had unencrypted paging for decades in the U.K. with Hutchison Paging and throughout Europe with Euromessage and the privacy issue never was discussed.

I am much more concerned if Swisscom, the national phone carrier, "looses" datasets of 800,00 customers, Bank Cler and Raiffeisen send bank statements to the wrong customers and the Kantonspolizei Zurich purchases without authorization for $800,000 software and consulting services from the "Hacking Team". I am not at all concerned about unencrypted paging message that could save my life, however.

echoSeptember 1, 2018 4:46 PM

@Alyer Babtu

Noting that the Hawking radiation is broad spectrum, and recalling that the universe is just a big computer, readers of this blog will realize that the traces Penrose refers to are just particles of the security glitter from the previous tamperproof laptop case.

Who knows? Maybe! While the next umpteen billion or trillion years is a logn time away it's plenty of time to begin figureing out backup stratgeies and sidechannel attacks and whanot on the universe so our survivability is greater than zero.

@Thoth

I would rather we work towards a system which follows robust designs via separation which the regulars have posted here long time ago.

This does seem to be the grudging but emerging consensus. The difficulties you highlight are pretty much the same issues in any industry. They are a pain and for all the reasons which have been rpeviously discussed too. At leastyourideas havea seat at the table which is a beginning.

Thiago Dias CorreiaSeptember 1, 2018 5:26 PM

@echo: I really am worried about the "publicity" that evil app called "Grindr" gets. Aids infection in Russia is one of the highest outside black Africa and to me the attitude to indirectly promote an app that matches homosexuals is not just quite irresponsible but outrightly reckless.

Whilst I do not want to stigmatize homosexuals, all endeavours possible to heal those poor fellow human beings should be undertaken (rather than doing the opposite by promoting this evil app).

echoSeptember 1, 2018 6:03 PM

@Thiago Dias Correia

I'm not promoting any app. I very clearly framed by comment as directing people to public policy and security issues.

A proper public healthcare policy and resources need to be in place to educate, and also prevent and detect STDs. This doesn't just apply to LGBT people but also the heterosexual community. Younger people seem to think they are invincible and are not aware or don't take safe practice seriously. Infections are increasing among older people too. Yes, retireees in their 70s and older have sex too especially today as older people are wealthier and escaping stereotypes which wrote them off or isolated them from every daylife.

If you are advocating reparative therapy (i.e. "gay cure") I suggest you review the relevant science and law, and perhaps take this discussion up with your nearest LGBT advocacy group.

Not just Grindr but other LGBT apps, like Scruff, Fem, HER, or mainstream apps like Tinder and OK Cupid and many others exist. They all to one degree or another have their issues. Health and personal security are things to be carefull with which can be provided by good healthcare systems and exercising personal responsibility. Another issue isn't just the physical act of sex but also social violence and discriminatory behaviour.

If there is a problem in Russia I would lay the blame at the door of Putin being a straight white man, and the machismo and sexism of Russian culture. American and most of the Westhad a similar issue but freedom of speech and rights based societies wereable to counter this during the 1980s and onwards. Today the #Metoo generation is combatting sexism and now has a voice at the table. It really isn't the end of the world when people can exercise equal rights and as studies have proven a diverse society is a more tolerant and flexible and resilant and wealthier society and, of course, a more secure society.

HmmSeptember 1, 2018 6:34 PM

@vas pup

"Crime tracking, highways, and lead exposure" -it makes sense in hindsight doesn't it?

Crude measurements of a one-dimensional granular reality it can never competently explain = data.
Is it lead gasoline, hitchhiking, or is it increased data collection?
Or even just reporting of data collected? Which makes the trend "real"?

echoSeptember 1, 2018 6:39 PM

The US series "Tom Clancy's Jack Ryan" gets off to a good start. A young Jack Ryan is seen dancing to the song "Safety Dance" by the Canadian band Men in Hats. Of course the young boy is a trained actor and dances better than politicians, including Theresa May, for the duration of the scene. One song people may recall is "Chirpy, Chirpy, Cheep, Cheep" by the Scottish band Middle of the Road. What is less remarked on is this song achieved global prominance with national leaders dancing all around the world. This is perhaps something to remember with Kofi Annan and John McCain passing and Theresa May's diplomatic tour of Africa and Putins dancing at Austria's Foreign Minister Karin Kneissl's wedding.

I'm really looking forward to the new movie starring Ryan Gosling "First Man". (Grrr.) This was another moment in time when the world was united.

https://www.theguardian.com/politics/video/2018/aug/30/theresa-may-dances-with-scouts-in-kenya-video

https://www.telegraph.co.uk/news/2018/08/18/vladimir-putin-dances-austrian-foreign-ministers-wedding/

echoSeptember 1, 2018 6:58 PM

Sorry. Not Jack Ryan! I was too excited listening to the music to get my facts right. They were Lebanese characters. I'm so used to watching movies with subtitles I don't pay attention any more. I was once 20 minutes into a French drama movie before I realised they hadn't been speaking English.

Matthew WilsonSeptember 1, 2018 7:56 PM

@RealFakeNews: I have read the article with great interest. However, I believe there must be a misunderstanding. Police force of most European countries have direct access to most e-mail providers (incl. Yandex), social media companies, and cloud service providers. Most countries form part of the Convention on Cybercrime hence access data will be provided swiftly. Also, some time ago, I have seen a contact list of my country's police force that listed most e-mail providers and Facebook (and that was not even in the CCC context)...

Very real fake news or again just a misunderstanding.

echoSeptember 1, 2018 9:00 PM

The way the UK arms industry is behaing is like sex pests saying children need to be encouraged because when children grow up the fashion industry needs size zero models. What is wrong with these people????? The UK used to have a perfectly good manufacturing industry and television shows like Tomrorrows world before successive governments and financiers and god knows who ruined everything. These people make me sick!

https://www.theguardian.com/world/2018/sep/01/arms-industry-spending-millions-normalise-weapons-in-schools

Arms manufacturers are spending millions of pounds a year promoting their brands in Britain’s schools, the Observer has learned.

The companies, which between them have sold tens of billions of pounds of weapons to overseas governments, including those with poor human rights records, sponsor a series of school events at which their brands are prominently on display. In addition, they issue teaching materials for use in classrooms that promote the defence sector, sponsor competitions and award prizes.

One company even deployed a high-profile children’s television presenter to promote its activities in a school, while another developed a missile simulator for pupils to “play with”. Critics accuse the companies of trying to “normalise their appalling business” in the minds of the young, but the body representing the defence sector says such an approach is vital if the UK is to produce a future generation of engineers.

ThothSeptember 2, 2018 1:05 AM

@Thiago Dias Correia, echo

Re: "Unwholesome" Computer Applications

Just follow the Chinese model where all applications are to be Goverbment sanctioned and put to Government approved App Stores and prevent sideloading ...........

Wait ... doesnt this sound very familiar the likes of Apple and certain version of portable Windows and even Google probably wants to be in bed with the Chinese Govt ....

Just use the Chinese model since its already working very well since liberty and choice is much less important than Nationaland Social Security.

Wesley ParishSeptember 2, 2018 3:24 AM

moamoa yet ya!!! ElReg serves up a bumper crop.

Spies still butthurt they can't get at encrypted comms data
https://www.theregister.co.uk/2018/08/31/five_eyes_2018_meeting_encryption_terrorist_content/

The group is careful to avoid previous criticisms about their desire for backdoors and so-called magic thinking – saying that they have "no interest or intention to weaken encryption mechanisms" – and emphasise the importance of privacy laws.

What a fool believes, no wise man has the power to reason away

https://www.youtube.com/watch?v=dJe1iUuAW4M


Congress wants CVE stability, China wants your LinkedIn details, and Adobe wants you to patch Creative Cloud
https://www.theregister.co.uk/2018/09/01/security_roundup_310818/

Boffins trying to build a open source secure enclave on RISC-V
https://www.theregister.co.uk/2018/08/31/keystone_secure_enclave/

DraftKings rides to court, asks to unmask 10 DDoS suspects
https://www.theregister.co.uk/2018/08/31/draftkings_ddos_suspects/

C'mon, if you say your device is 'unhackable', you're just asking for it: Bitfi retracts edgy claim
https://www.theregister.co.uk/2018/08/31/bitfi_reluctantly_drops_unhackable_claim/

Brute force physical attack.

Fourth 'Fappening' celeb nude snap thief treated to 8 months in the clink
https://www.theregister.co.uk/2018/08/31/celebgate_hacker_sentenced/

Cobalt cybercrooks phry up phishing campaign to phling at phinance orgs
https://www.theregister.co.uk/2018/08/31/cobalt_bank_hackers_phishing_campaign/

Security bods: Android system broadcasts enable user tracking
https://www.theregister.co.uk/2018/08/31/android_user_tracking/

What they found was that the system broadcasts spaff “Wi-Fi network name, BSSID, local IP addresses, DNS server information and the MAC address” to any application running on the device, even though this is supposed to be protected information, “bypassing any permission checks and existing mitigations”.

Worrying

US government upends critical spying case with new denial
https://www.theregister.co.uk/2018/08/31/us_government_upends_critical_spying_case_with_new_denial/

If the government's case sounds like a series of semantic circular arguments that collapse under their own weight, that's because they are and they do. But given the topic – the identification and prosecution of criminals and potential terrorist supporters – key figures in the political and legal systems have been willing to overlook logical inconsistencies in order to preserve the capability.
What a fool believes ...


Won’t patch systems? Never run malware scans? Welcome to the US State Department!
https://www.theregister.co.uk/2018/08/30/state_department_fail/

Enough of this sort of behaviour, and President Chump The Oneth won't need to ban immigration - it'll be emigration he'll need to worry about.

Hackers latch onto new Apache Struts megavuln to mine cryptocurrency
https://www.theregister.co.uk/2018/08/30/apache_struts_vuln_exploited/

worrying.

And last but definitely OT:
Black holes can briefly bring dead white dwarf stars back to life
https://www.theregister.co.uk/2018/08/31/black_holes_white_dwarf_stars/

Just what you always wanted! A white dwarf zombie!

MarkHSeptember 2, 2018 4:40 AM

@albert appears to assert that air pilots' high incidence of cataracts is due to short-wavelength EM exposure, and not ionizing radiation. He even puts the word "researchers" in scare quotes ...

The association between microwave exposure and cataract formation has been known for generations, and the causative mechanism is generally accepted as "cooking" the lens (i.e., a significant heating effect).

This requires quite a high microwave dosage. The lower absorbed energies which are pretty common in modern life, are not associated with increased cataract incidence.

How does albert know that the air pilot effect is not ionizing radiation?

The radar systems on airliners are surely designed to deliver low doses of microwave energy into the cockpit. What evidence do we have, that the levels are excessive?

Suppose that radars are indeed a cause. If, as I presume, flight attendants would be expected to have substantially lower absorbed radar energy doses than pilots do, then they ought to have lower cataract formation for comparable lengths of time working at high altitude.

It would be interesting to compare their cataract formation incidence to that of pilots. I didn't find data on this, but it appears that at least one large flight attendant health study is underway, so a useful comparison may be possible within a few years.

The specific form of the cataracts may offer an important clue. I don't know the medical jargon, but it appears from my quick reading that the typical cataracts from microwaves are of a different form (I infer, the portion of the lens affected) from the typical cataracts from ionizing radiation exposures.

Who knows, maybe the 'researchers' were aware of this?

JG4September 2, 2018 7:05 AM


@cataract discussion - It is fairly well established that electromagnetic radiation interacts with tissue in far more subtle ways than just heating. That said, I wouldn't look to radar as a significant cause of cataracts in pilots. It appears that the lens cells are not metabolically active, so there is little energy flow to amplify the effects of any electromagnetic fields. In metabolically active cells, very subtle potentials can be magnified to the point of brain tumors, which is a well established and relatively small risk.

If someone wanted to know out if radar exposure is a real risk for cataracts, they could study E-2 crews. In point of fact, they don't want to know. I toured an E-2 around 1980 and one of the crew told me that if you hold a graphite pencil up to the side window in flight, it would arc to the glass. I found that disturbing. In the shop, we were diligent to put a dummy load on the output waveguide of the APN-59's.

Two very important cataract risk factors are sunlight exposure and alcohol. Many of the flyboys like to drink and they spend a lot of time in the sun. Most of the jet canopies are acrylic or polycarbonate, which let through more UV than glass. That would be worse for pilots who fly in the ozone layer, but most don't. It was well known in Thule in the 1950's that you could get a nice suntan through the F-86 canopy, but I'd guess they started added UV-blocking dyes to protect the plastic not long after that. You'd have to control for beach time and golf course time and the use of UV-blocking sunglasses to find out if their UV exposure is above average. Age, sunlight and diabetes may be the best known risk factors.

I really like the government-issue pilots sunglasses and wish that I hadn't lost mine. I did well to hang onto them for 20 years after I got out. I wasn't surprised to find when I measured their spectral transmission that they have hard stops at both ends of the visible.

These articles seem to be scientifically accurate and helpful in understanding.

Cataracts - Causes and Risk Factors
http://www.lifeextension.com/protocols/eye-ear/cataracts/Page-03

Cataracts and Crystallins
https://www.thenakedscientists.com/articles/features/cataracts-and-crystallins

the usual daily compendium

https://www.nakedcapitalism.com/2018/09/links-9-2-18.html
...
Robotel: Japan hotel staffed by robot dinosaurs Phys.org. This is just…weird.
...
Big Brother IS Watching You Watch

Republican Candidates are Paying a Fossil Fuels Conglomerate for Voter Data Mining Counterpunch (Glenn F)

Robert Mueller’s Beltway Cover-Up Tablet (Chuck L)
...
Saudis admit Yemen strike on bus carrying children unjustified Guardian
...

Clive RobinsonSeptember 2, 2018 7:21 AM

@ echo,

Arms manufacturers are spending millions of pounds a year promoting their brands in Britain’s schools, the Observer has learned.

I'm a "child of the sixties" or there abouts, and I remember every "careers day" we used to get the same old arms manufacturers and armed forces recruiters wheeling in their toys and displays.

I have no idea how much it cost but I'm guessing most schools got such visits, so it's been going on for around half a century to my knowledge.

And yes for my sins I have worked in various parts of both the defence industry and armed forces. And I guess if I wanted it there is a medal or two I'm entitled to. As an opo of mine once put it "you get one for turning up, and you get another one for not getting caught if you're carefull and daft enough to hang around that long". I do however attend every remembrance day to think about friends who were not so lucky. Each year at the parade there are less old faces I remember and sadly more new ones many are young women and their children trying to put on brave faces for "daddy".

FaustusSeptember 2, 2018 7:59 AM

@echo

Have you told us what you were up to, if anything, to attract the ministrations of your friendly local police?

You weren't lecturing them on testosterone, were you?

In the bad old days of New York City I remember watching four cops, a limb in one hand and a club in the other, beating some poor old guy in the middle of the street. I make it a point to intervene when I see people being mugged, and have scars as evidence, but in this case it would have been pointless. Giving somebody a monopoly on violence makes them very dangerous.

I did intervene when I spotted a gang throwing some poor dude repeatedly head first into a car. I called 911 and then distracted them with the news that the police were coming. The guy broke free and a chase ensued to the guy's front door, which the guy's wife, holding her child, was afraid to open. When the cops arrived it was clear they were friendly with the gang. They arrested the victim and then threatened to arrest me for the crime of advising the victim not to struggle against the police. Clearly they would have beat him too if not for my presence. I went with the wife to the police station where they refused to take my statement. It was only after I went to the prosecutor that the idiocy was resolved.

This was the evil 80s in NYC when a large part of the city went unpoliced and the police rolled around en masse in vans, dismounting like an occupying army. I have not personally seen anything untoward in the last 30 years. Spending most of my time on the Left Coast may have a lot to do with this.

HmmSeptember 2, 2018 11:55 AM

http://www.eweek.com/security/linux-kernel-developer-criticizes-intel-for-meltdown-spectre-response

During his talk, Kroah-Hartman detailed the root impact and the response of Linux kernel developers for seven variants of Meltdown and Spectre, though he saved his strongest criticism for Intel's initial disclosure.

"Jann Horn discovered the first issues in July of 2017, but it wasn't until Oct. 25 of last year that some of us in the kernel community heard rumors of the flaw," he said. "That's a long time, and we only heard rumors because another very large operating system vendor told Intel to get off their tails and tell us about it."

Intel really has done themselves zero favors throughout this flawpocalypse.
It's almost Trumpian, fighting the truth and gagging people simultaneously.
This is very much a direct lesson in how NOT to handle a security scandal!

And no fix in sight!

HmmSeptember 2, 2018 12:22 PM


https://www.washingtonpost.com/politics/2018/09/01/an-appalling-robocall-racism-invades-floridas-governors-race-second-time-this-week/

http://www.wtol.com/story/39009448/neo-nazi-robocall-frightens-ia-latinos-takes-us-back-to-lynchings

Neo-nazi robocalls in Florida and Iowa, in 2018, that nobody can get a handle on?

Maybe it's time to start holding telcos accountable for this? I can't believe this continues.
Scam calls either, this should be a surmountable problem. So much for consumer protection focus.

mozSeptember 2, 2018 12:28 PM

@echo and @Clive I appreciate you both posting. Some of us can be both happy that Britain has been defended so far and at the same time think that selling weapons to Saudi Arabia is foolhardy and wrong.

@Faustus follow the Guardian link that @echo gave. It's pretty clear what she was arrested for. Whilst we're there:

I think most of us reading and commenting here have had the "oh my god it's really big and I have no idea what it really does" moment when trying to do security work or just basic software delivery Franken-algorithms: the deadly consequences of unpredictable code is a nice sign that the public discussion on the subject is moving forward. Though @Bruce might like it.

albertSeptember 2, 2018 1:12 PM

@MarkH,
"...The radar systems on airliners are surely designed to deliver low doses of microwave energy into the cockpit. What evidence do we have, that the levels are excessive?..."

Hint: the radar MW come from -outside- the aircraft.

. .. . .. --- ....

echoSeptember 2, 2018 3:33 PM

@Moz

I'm not anti-defence at all. What I am against is misuse of power, and lies, and brainwashing.

It's very difficult to explain things without being shielded by a lawyer and media agent. If I discuss anything too much things run foul of prejudicing any future court hearing or the case being thrown out.

Try getting professional negligience or hate crimes heard in the UK if it involves the establishment. Can I get representation? I couldn't even get a lawyer to print off a one page document which needed countersigning when printing is a billable item. I dug my heels in to complain to the Legal Ombudsman and the lawyer threatened me with an injunction and threatening to call the police and accuse me of harassment!!!!!! Because of this as a UK citizen born in the UK and never having even left the UK in my life I can't even apply for a passport.

I effectively have no rights in the UK hence my desperate saving up enough money to leave the UK and claim asylum in another EU country.

echoSeptember 2, 2018 4:24 PM

@Clive

I'm not sure me and the military would ever get on. I'm too daft and likely not emotionally suited to the military. It did cross my mind. The RAf recruiter was keen. The army recuiter insisted on the Royal Engineers saying I would be bored with anything else. In the end the opportunities weren't there in the UK military or I would have been a square peg in a round hole. As much as I like adventure it's sad but wouldn't have worked out, on reflection.

I can't stand the rah rah glorification of war. It hurts too many people. I'm sorry to say I tune out Rememberance Day. It's too much to cope with.

echoSeptember 2, 2018 5:26 PM

I agree terrorism and far right and foreign pwoer threats are real I am concerned about vested interest scaremongering and UK policy failure which increases these threatsand the risk of these threats development

https://www.thetimes.co.uk/article/mi5-head-andrew-parker-summons-jeremy-corbyn-for-facts-of-life-talk-on-terror-vwxncthlf
MI5 head Andrew Parker summons Jeremy Corbyn for ‘facts of life’ talk on terror.
But the Labour leader has delayed his briefing on threats to Britain.

Corporate inadequacy when dealing with individuals is being used as an excuse to push invasive DNA testing for creating individualised consumer food products.

https://www.independent.co.uk/news/science/nestle-dna-artificial-intelligence-health-personalised-diet-japan-nutrition-a8519626.html

Nestle pivots to health research with artificial intelligence and DNA testing for personalised diets. Corporation moves away from sugary products to focus on market for health conscious food.

"We're getting consumer buy-in because we live in a hedonistic, me-first kind of world," said Peter Jones, a nutritional scientist at the University of Manitoba in Canada. "This is going to be the manifestation of the future. The one-size-fits-all platform is a thing of the past."

Lots of aggression by police for their own safety. No mention of cameras being switched off or investigations being interfered with when public safety is concerned.

https://www.independent.co.uk/news/uk/home-news/taser-cardiac-arrest-police-teenage-boy-coventry-west-midlands-a8519381.html
Teenage boy suffers cardiac arrest after being Tasered by police. 17-year-old in serious but stable condition in hospital after incident

Harsh and overcrowded prison conditions which de-prioritise rehabilition create the circumstances for corrupt officers to profit.

https://www.independent.co.uk/news/uk/home-news/prison-contraband-banned-items-jail-england-wales-a8519106.html
Hundreds of prison officers sacked for smuggling contraband into jail, new figures reveal. Drugs, weapons and mobile phones among the prohibited goods passed to inmates.

More scare stories pushed by a company with a product to sell.

https://www.independent.co.uk/news/uk/home-news/novichok-attack-heathrow-airport-salisbury-poisoning-amesbury-skripal-a8476616.html
What a novichok attack on Heathrow Airport would look like. Exclusive: Experts say thousands could come into contact with deadly nerve agent if it was used at airport or in terror attack. 'The effect would be massive'.

This is another example of too much testosterone in the room "pivoting" and "scaling".

https://www.independent.co.uk/news/world/asia/spy-cam-porn-hidden-camera-checks-seoul-south-korea-authorities-a8519726.html
Spy cam porn fears lead to daily public toilet inspections in Seoul. Cases of illicit filming have spiked, with over 6,000 reported last year.

HmmSeptember 2, 2018 6:05 PM

"More scare stories pushed by a company with a product to sell."

"This is another example of too much testosterone in the room "pivoting" and "scaling".


@Echo

I can see what you're saying about it being a literal scare story, that's to the point.

But you lose me at "product to sell" "testosterone" "pivoting" and "scaling"...
What do you mean by those? How is this a testosterone related concern, frankly?
That strikes me as out of place and even weird to say given the context.

I don't find it unreasonable to imagine what a CBR attack like nerve agents would realistically look like should it happen in a public terminal, I don't think it's unreasonable to talk about that possibility given the recent events. Should nobody discuss that in a public forum? Nobody can write articles about it, experts can't study it and publish their perhaps-scary findings in a report or publication, article or editorial? All of it is some singular-minded "testosterone" groupthink? Hmm.

I guess I don't see what you are implying is being sold. They're going to continue the airport security regime regardless, that is never going to be relaxing. They really don't have much to stop a toxic attack like this in any case. More pat downs aren't going to stop this, facial recognition, AI, tech buzzword trends do precious little for this.

If there's a neurotoxic attack you CAN expect that airport shut down indefinitely and no "selling" will be necessary to ramp up maximum security at others in country, at least for months. There would be hundreds of casualties just from density - in fact I think the authors don't go into a lot of potentially worse soft targets that could really induce some as-yet untapped fears in the population. Airports and bus/train stations are the traditional thought experiment settings for this. It's not like "red dawn" or something brand new, this is what security forces plan for all the time. There are millions of pages of color coded binders on the topic that the public would never be exposed to. I find the actual TA binders the scariest, not the breathless articles summing up expert reports for a breathless clickbait audience.

But testosterone, really? Are we stumbling on a massive subplot here? :p

echoSeptember 2, 2018 6:27 PM

@Hmm

Men have certain behaviour patterns. Men can often be goal driven and lack empathy. This is a stereotype but serves well enough for discussion. I'm sorry to say but too many men I have met seem to think they are special just because they are men.

There is a ladder of seeking advantage. Politicians say or do thing. This creates organsiations and departments and skillsets which are then deployed to seek advantage. During this process products like "Novichok" are created. In turn this feeds another cycle of seeking advantage. Now the formula for "Novichock" is in the wild this creates more advantage and deniability and criminal opportunity. Other people then seek advantage by selling "intellgience" or software and hardware. In all this is a pressure to push aside governance issues and the everyday needs of society. In pressing for advantage this context is entirely lost which explains to a large degree the current UK political crisis of lack of leadership. This has knock-on effects and influences too.

If some of the "authorities" and "experts" I have met read their own manuals and applied the law as it is written and did the job they were paid to discussion would be more fact based and honest. Public policy (especially at levels below government) might also be less a codification of ignorance and prejudices and be helpful instead.

This is a long article with a lot of narrative padding but many of the points made during the article about egotistical behaviour by men and exploitation of women, and the isolation within an industry is akin to what I experienced.

https://www.theguardian.com/fashion/2018/sep/02/academic-exposing-ugly-reality-high-fashion-giulia-mensitieri

It is not just people working in fashion who might recognise themselves in these descriptions. It is a similar scene across all the creative industries and academia, says Mensitieri. She also makes a good comparison with the charity sector where, it is widely held, “doing good” is incompatible with being paid well.

If her theory is true, does she think there is hope for reform? “If you want to change things, you have to look beyond fashion, or whatever industry you’re in, and talk to people in different fields who are working under the same conditions,” she says. “I’m not an optimistic person, but there are interesting things happening at the fringes. There is a strong anti-fashion movement in the UK and, in France, models are working together for better working conditions.” It’s advice that some people working in the fashion industry may not want to hear. “You need to start collaborating – which is an almost heretical thought in fashion. You need to stop thinking of yourself as special.”

bttbSeptember 2, 2018 8:09 PM

From Wikipedia “…Omarosa, is an American reality television show participant, writer, and former political aide to President Donald Trump. She became widely known as a contestant on the first season of NBC's reality television series The Apprentice...”

1) Scoop: How Omarosa secretly taped her victims
2) Inside Omarosa's reign of terror
3) Between the lines: Omarosa's secret tapes
1) https://www.axios.com/omarosa-secret-tapes-record-phone-7ca4d160-4033-4acd-a035-45f3625315d4.html
2) https://www.axios.com/omarosa-manigault-white-house-recording-tapes-5f385fe2-5c7c-425f-814b-8a27fb40843d.html
3) https://www.axios.com/omarosa-manigault-secret-tape-white-house-john-kelly-6e23ffe0-e577-4682-9b7b-a71c8f9e11fa.html

From https://twitter.com/emptywheel/status/1036410814926868480 : "If a reality show star can tape EVERY conversation she had in the White House (including with Trump) what are the chances that lifetime Russia diplomats can do so too?...
Axios' social media intern wants you to know how Omarosa taped virtually every conversation she had in the White House with what Axios calls "her victims." "

Also https://www.emptywheel.net

gordoSeptember 2, 2018 9:00 PM

Off-topic, for those who might have missed it:

Former presidents and preachers joined a parade of pop stars Friday in a singing, hip-swaying, piano-pounding farewell to Aretha Franklin, remembering the Queen of Soul as a powerful force for musical and political change and a steadfast friend.


"Aretha's singing challenged the dangling discords of hate and lies and racism and injustice," said the pastor William J. Barber II. "Her singing was revelation and was revolution."

https://www.youtube.com/watch?v=CnwyCzMsp5A

Full event length: 10:10:05.

---

Eulogy — the Rev. Jasper Williams Jr., pastor, Salem Baptist Church, Atlanta
[48 min; introduction, prayer hymn and eulogy]

---

https://www.washingtonpost.com/news/arts-and-entertainment/wp/2018/08/31/here-is-the-full-schedule-for-aretha-franklins-funeral-service-in-detroit/

HmmSeptember 2, 2018 11:04 PM

@echo

I guess I see what you're after there, but doesn't it make a topic more complicated to overlay the totality of "male pattern" personality issues (as you see them) over top of some already complicated issue like nerve agent terrorism/theater in airports? I mean as difficult as it might be to in reality separate those things, (I'll defer) don't you think for the purposes of a more easily followed discussion it might be more precise to... break those into two concerns that overlap, instead of kind of equating them as peas of the same pod?

The way I read your initial bit it was almost like testosterone was both the cause of the terrorism and the cause of it not being solved, and then also the cause of the security theater article justifying itself? It would be interesting to witness a world run by women and take notes, speaking as a male with an open mind more or less to biases as domineering society has forged them, but I think some of the fundamentals would remain regardless of which gender drew up these analyses.

I'll cede there's a lot of programming and mansplaining and "traditional roles" stuff to break through for females in any sector and certainly security, but they're also (here and now...) free to write articles imagining worst case nerve attacks in airports. Absolutely there's space for women to write themselves into that role too, some do. Eliminating half the world from contingency brainstorming is not a wise starting point for anything. I just think it becomes harder to follow your logic along if we're trying to address male chauvinism and anti-terror security what-if "theater" in the same breath. That's a lot to bite off in one go, isn't it?

HmmSeptember 2, 2018 11:29 PM

@bttb

""If a reality show star can tape EVERY conversation she had in the White House (including with Trump) what are the chances that lifetime Russia diplomats can do so too?..."

It's not the 1950's anymore, there's no need for an induced passive transmitter in a giant gifted wood-carved seal anymore. They just download and listen to audio recordings taken by former reality TV stars on unsecured personal cell phones as they surreptitiously record chiefs of staff (including in the situation room) without consent or even knowledge. Dozens and dozens of times.

https://www.rawstory.com/2018/09/omarosa-covered-butt-surreptitiously-recording-trump-white-house/

But don't worry, it's all covered by NDA... that some intern signed instead, making it worthless.

Talk about "making it look too easy" right?

echoSeptember 3, 2018 2:59 AM

@Hmm

Some topics arejustto politicised to discuss sensibly. I have gathered plenty of links this week which I could discuss and place in a clear security context. As much as I like to I'm really cautious of the flack it might generate. Public policy and society can move very slowly too. Given how fractious UK politics is I'm not sure it's worth it.

HmmSeptember 3, 2018 3:40 AM

"Some topics are just too politicised to discuss sensibly."

I'm finding that's true. But a little specificity can be like vitamin-C on the sucking wound...

Gerard van VoorenSeptember 3, 2018 5:28 AM

@ Hmm,

We have discussed the Linux problems regarding (not very) Intel (-ligence) more than once.

Clive did have some very good insight in that matter. I would say that the problems are "complex" if you know what I mean but I don't see any real solutions when it comes about Intel. About Linux, I am sorry but I don't think that they are the right "solution" to the problem. OpenBSD is much harder than Linux.

CassandraSeptember 3, 2018 6:44 AM

Re: Hardware Backdoors in x86 CPUs

Special thanks to @Grauhut and @Cowgirl of this forum for drawing attention to this.

Grauhut
https://www.schneier.com/blog/archives/2018/01/spectre_and_mel_1.html#c6767489

Cowgirl
https://www.schneier.com/blog/archives/2018/08/friday_squid_bl_637.html#c6779895

There is a nice paper giving more detail than the BlackHat presentation on Project Rosenbridge:

White paper - P R O J E C T: R O S E N B R I D G E - Hardware Backdoors in x86 CPUs - Christopher Domas - xoreaxeaxeax@gmail.com

Website: https://github.com/xoreaxeaxeax/rosenbridge

The original work called out by Grauhut was Breaking the x86 ISA Christopher - Domas - xoreaxeaxeax@gmail.com

I thoroughly recommend reading the White Paper.

Interestingly, a comment on SlashDot, here points out that the 'alternate insctruction set' invocation was in fact documented in the VIA C3 ™ in EBGA - Datasheet - Revision 1.90 - November 12, 2004. Search for "The new jump instruction is a two-byte instruction: 0x0F3F" in that document.

Cassandra

CassandraSeptember 3, 2018 8:02 AM

By the way, that VIA C3™ data sheet states baldly:

...in the alternate instruction set, privileged functions can be used from any protection level, memory descriptor checking can be bypassed, and many x86 exceptions such as alignment check can be bypassed."

and

"While all VIA C3 processor processors contain this alternate instruction feature, the invocation details (e.g.,the 0x8D8400 prefix”) may be different between processors. Check the appropriate processor datasheet for details."

So Intel processors have the Management Engine, AMD have 'AMD Secure Technology' aka the Platform Security Processor (PSP), ARM have the ARM TrustZone, and it looks like VIA have an 'alternate instruction set'.

If one is in the business of processing secret information, the number of processors available appears somewhat limited. This is not news to many, but it bears repeating. I get the feeling that there are an awful lot of naked emperors, out there.

Cassandra

bttbSeptember 3, 2018 9:22 AM

From an interesting series of Tweets by Orin Kerr, https://mobile.twitter.com/OrinKerr/status/1036451465332551680 :

"If you're upset that they issued a warrant to monitor Carter Page ["an American petroleum industry consultant and a former foreign-policy adviser to Donald Trump" (Wikipedia)] without holding a hearing, you might be interested in some other amazing details about how the system works. (Thread.)

The police are allowed to pull over and detain any driver if the driver is violating any traffic law. Even something super-technical like driving 46 mph in a 45 zone, and even if everyone else is going 60.

It doesn't matter if the officer is lacking in good faith. If a cop who hates Trump sees a car with a #MAGA bumper sticker driving 46 in a 45mph zone, the law is that the cop can pull over that driver b/c of that bumper sticker -- as long as the driver was actually speeding...

stopping and detaining the driver for illegitimate reasons isn't a violation the Fourth Amendment's ban on unreasonable searches and seizures because that law looks to the evidence, not the officer's intent. See Whren v. US (1996)...

Next say the officer pulls over the driver and it turns out the driver has committed a really minor crime, like having passengers without seatbelts. The officer can arrest the driver for that and haul the driver off to the police station. Atwater v. Lago Vista (2001)..."

And what if state law has said that the police can't make an arrest for that minor offense? The Fourth Amendment says the police can arrest them anyway -- and then search them, and stuff on them (except for their cell phones). See Virginia v. Moore (2008); US v. Robinson (1973)...

There's no hearing before making that arrest. Not only that, there's no warrant needed. The officer can make the arrest whenever there is probable cause. The govt then has 48 hours to bring you before a judge to see if the cop was right that he had enough cause to arrest you...

See US v. Watson (1976) (no warrant needed for arrest); City of Riverside v. McLaughlin (1991) (48 hours of detention generally okay before magistrate probable cause hearing)..."

WeatherSeptember 3, 2018 9:48 AM

@Cassandra
I don't think a two byte jump will be a issue, you need 5-6byte long jump to worry about that,it can only go 128places up or down,it could be a issue with it as a condition jump on AMD intel jz is jump if the cf flag is zero,which normally gets set with cmp or test instruction before,but has a bug you can use the and instruction (and binary maths) which set it.
Test eax 41
And eax 02
Jz 0x65
(Bug)

And eax 02
Test eax 41
Jz 0x65
(Non bug)

That 0f3f jump probably isn't a issue

bttbSeptember 3, 2018 9:56 AM

From "A Coveted Lawyer’s Juggling Act May Be Good, and Bad, for Trump" , https://www.nytimes.com/2018/09/02/us/politics/william-burck.html :

"But that was not all he [William Burck] was trying to manage from his room in a hotel near the Champs-Élysées last Wednesday. Part of the time he was on the phone dealing with the legal and political fallout from the abrupt dismissal that day of Donald F. McGahn II, the White House counsel, one of at least a half dozen of his clients who work for President Trump or once did. [besides Donald McGahn II, others include Reince Priebus, Steve Bannon, and, presumably, three more Trump officials (ht emptywheel)]"

[As you may know William Burck is a major actor in the attempted cramdown of "Judge Brett M. Kavanaugh, Mr. Trump’s Supreme Court nominee." too]

"Democrats hope to use the fact that Mr. Burck oversaw a process that led to the withholding of more than 100,000 pages of documents to argue that they know too little about Judge Kavanaugh’s record to move ahead with his [Supreme Court] confirmation hearings on Tuesday [4 September- and estimated to last 3-4 days]."

In addition, other noteworthy things are happening, or might happen, on 7 September: https://www.emptywheel.net/2018/08/26/what-happens-on-september-7/ !

CassandraSeptember 3, 2018 12:14 PM

@Weather

I would strongly recommend reading the linked paper Hardware Backdoors in x86 CPUs together with the 'Alternate Instruction Execution" section in the linked data sheet in Appendix A page 9.

Having done so, contemplate the ramifications of the statement:

"in the alternate instruction set, privileged functions can be used from any protection level, memory descriptor checking can be bypassed, and many x86 exceptions such as alignment check can be bypassed.

Cassandra

Clive RobinsonSeptember 3, 2018 12:28 PM

@ Cassandra, All,

Having done so, contemplate the ramifications of the statement:

As an engineer I'm aware that some of my colleagues have quite a pithy and frankly rude short phrase to describe it, which I won't repeat hear...

Suffice it to say that "more open than the skies above" does not convey the same sense of lack of security and likely intrusion as the pithy phrase does. But even the pithy phrase falls quite aways short...

JG4September 3, 2018 1:28 PM


I forgot to detail the two creepiest surveillance tells in recent weeks. I took the old beater (20+ years Japanese gem) over to CarMax and parked in the lot, went inside and chatted about how long it takes to get an appraisal (40 minutes on a busy day). Didn't show them the car, nor get the appraisal. Two days later I get a letter in the mail with a trade-in offer from what may or may not be an affiliated company. I think they have a license plate camera that I missed, or they did video recognition on me when I went inside. I didn't give them any identity information. I haven't searched for cars for sale, nor for trade-in values. Might have been the same day, I stopped by Walmart and picked up a modest assortment of jerky. Paid cash (almost) as always and went home. Might have been that day or the next, I got an ad on the old Chromebook for the same brand of jerky. If I ever searched for it online, it probably has been one to three years. The net is pretty tight.

https://www.nakedcapitalism.com/2018/09/links-9-3-18.html

...[Richard Russell was still riding his at 87]

‘A different time:’ 93-year-old female Harley rider says it was frowned upon when she started in 1941 Fox (The Rev Kev)

...[think of it as conflict of interest beween profit and customer health]

THE FUTURE OF FOOD: Scientists have found a fast and cheap way to edit your food’s DNA WaPo. J T McPhee: No problem, mate!

[a nice example of system identification in a linear "time-invariant" case; trees grow slowly relative to vibrational modes]

This 16-year-old invented a robot that can help scientists keep trees and forests healthy Business Insider (David L)

[when sloppy coding becomes law]

The AI, machine learning, and data science conundrum: Who will manage the algorithms? ZDnet (David L)

...[our connections are better than your connections]

Ex-CIA officer running for Congress says GOP obtained her unredacted personnel file with sensitive information WaPo (UserFriendly)

...[why live with the fundamental conflict of interest between prevention and cure, when you can let the customer pay for the consequences of your negligence?]

Burn, Baby, Burn

California bill passes PG&E fire liability on to customers ABC Fresno (The Rev Kev)

...[the smart money always has the edge]

Why Technology Favors Tyranny The Atlantic (David L)

...[Amazon is a quagmire of conflict of interest, a microcosm of the human condition]

Amazon’s pricing tactic is a trap for buyers and sellers alike FT (David L)

...[I skipped Kill Me Now because of partisan overtones]

HmmSeptember 3, 2018 2:51 PM

@bttb

48 hours is "detention" during which time you are uncharged. If you can prove they're acting in bad faith you can bring a suit against them in the jurisdiction, but you really don't have any way of avoiding that 48 hours if they want to do it. The idea is that gives them time to solidify their evidence and case for charges to be brought, but also puts a hard limit on that beyond which they are legally bound to release you.

They sure didn't "get" Carter Page on something like going 46 in a 45, (that would be something) nor does he at all appear falsely accused. It's credibly alleged that he's got further contacts that he failed to disclose with high-level Russian officials, and it's proven he's both lied to FBI and passed documents to unregistered Russian agents deliberately in the recent past. If anything I think he's been treated super-professionally by the arresting agencies and agents involved, and I think he'd agree given the circumstances if you asked him. Cohen found them to be super polite even as they picked the lock to his bedroom door at 5am, (with a warrant of course).

https://splinternews.com/here-are-the-secret-documents-about-the-surveillance-of-1827768635

https://www.thedailybeast.com/carter-page-met-with-gave-documents-to-russian-spy-in-2013

WeatherSeptember 3, 2018 3:30 PM

Cassandra
Scarry, but they do say when the computer starts and is in real mode they can toggle the god bit to stop it working

MarkHSeptember 3, 2018 4:00 PM

@JG4:

Your recent experiences of unsolicited advertising are beyond creepy. I suppose we all knew that this was coming, but the panopticon is already here.

We tend to focus a lot on government surveillance, and with good reason. But commercial surveillance is vastly more comprehensive, and governments can grab much of it at little or no cost.

H G Wells imagined a future world (mid-to-late 20th century, if I recall rightly) in which every vertical urban surface was plastered with garish advertising (long before Ridley Scott). But even he didn't imagine the advertisers turning the information pipe in the other direction, with an invasiveness exceeding even Orwell's 1984.

Nietzsche wrote, "when you gaze long into the abyss, the abyss also gazes into you." For abyss, substitute rapacious capitalism ...

echoSeptember 3, 2018 4:45 PM

@Hmm

The intersection of race and sexism has security implications which very few are capable of discussing properly at a scientific level. The two articles I link to are like nitroglycerine.

I am personally in favour of managed immigration and women being appointed on merit. The problem is there are a lot of legacy issues to overturn as well as vested interests on all sides, and the political and media discussion takes everything over. Political parties and the media are so partisan and polarised they barely accomodate alternative views. I will be very unpopular saying I don't deify Jo Cox. I don't deify John McCain either. It's very obvious that people like Tommy Robinson and the likes of Steve Bannon have issues.

On the sexism issue: the UK legal profession is very sexist. Under the guise of simplifying law the government removed a line which obligated employers to produce guidelines. This caused a big stink. The thing is there is a positive obligation uddner the equality act so this line wasn't strictly necessary. In practice people can be very ignorant and lazy when it doesn't impact them hence the stink women kicked up. I shouldn't have to point out the irony of the legal profession not understanding the law, or the reasoning and outcomes behind this but this is how it is.

I shouldn't have to point out the SRA (Solicitors Regulation Authority) when accused of being systemically racist managed to wriggle out of this and surprise surprise find themselves no guilty. Their judgement and the report produced by a black advocacy group make very interesting reading when viewed side by side. It is very obvious there is a whiff of something improper about their findings.

I have personal experience of this kind of problem with lawyers and the SRA myself.

Professor Whiten, of the School of Psychology and Neuroscience at St Andrews, said: “The explanation for the sex difference may be that for females the important thing is to maintain close bonds with the other females they spend their whole lives with in the same group. “They may be less inclined to copy males, who are likely to have less reliable local knowledge.”

Professor Whiten is a man. What a surprise...

The problem with being a woman discussing policy and the science is this is as unfashionable as a woman riding a motorbike pre-WWII. Obvious lezzer...

https://www.theguardian.com/politics/2018/sep/02/batley-and-spen-local-paper-editor-danny-lockwood-divides-jo-cox-town-anti-muslim-views

https://www.telegraph.co.uk/science/2018/08/31/female-monkeys-dont-trust-males-even-obviously-right/

https://www.st-andrews.ac.uk/psychology/people/?mode=profile&group=staff&user_id=aw2

echoSeptember 3, 2018 5:14 PM

I have worried about UK overreliance on US based providers and technologies. This isn't to be partisan but it does have privacy and economic implications. Germany istakign a new and much clearerand stronger line on digital techologies and given the possibility of the UK leaving the EU who can blame the Germans?

Given some of the bellicose comments from Trump and the threatof a tradewar with the EU and pulling out of the WTO coming up next the EU is developing more independence. On one level this may be a "clever" negotiation to get the EU to spend more and doo more but indepence and home grown technologies and forging relationships outside of the Five Eyes group will have an impact. The US may begin having to work harder just to stand still and begin to pull its own weight in other ways.

https://www.reuters.com/article/us-germany-cyber/germany-seeking-independence-from-u-s-pushes-cyber-security-research-idUSKCN1LE1FX

BERLIN (Reuters) - Germany announced a new agency on Wednesday to fund research on cyber security and to end its reliance on digital technologies from the United States, China and other countries.

Sancho_PSeptember 3, 2018 5:38 PM

@outofrange

Seems your informative posting was drowned in noise, no reply, so I’ll bite:

@grossbart’s posting was regarding protection of personal data, as in “Alarm - Wohnungsbrand bei Emil Outofrange, 8050, Bahnhofstr.123”.
In times of widely used SDRs this data should not be transmitted in the clear, at least to keep bystanders away.

But your focus is on (1) reliability and (2) speed and you wrote:
”I am not at all concerned about unencrypted paging message that could save my life, however.”
... How to say that politely, this seems a bit shortsighted to me?

The real issue is a different one, it’s not “encryption” to protect personal data, it is authentication of messages.

This may not be an issue in Switzerland, as they do not have real enemies.
But what about the USA, with enemies all over the place?
Imagine the Russians send a fake alert! Then, at the meeting point, Putin, hiding in a black van, will shoot them with his radar gun.
In the following chaos your life saving message will be lost, China may send warships and the Rocketman will go nuclear, who knows!

These are the challenges nowadays.

echoSeptember 3, 2018 5:45 PM

UK prisons suffer from too much testosterone in the room. I note they don't discuss prisoners respectfully and their response is to demand more power and more training (and more money) and harsher punishments and more boys toys. Has it ever crossed their mind that prisoners are people too? Not really because it's always about the institition and power and containent.

Women's prisons are much less overtly violent but women suffer indignities too. Most of these are essentially stopping women's self expression and relationship building and harsh environments which undermine emotional wellbeing.

I have read reports on prisons and medical discussion on alternative standards of care. I have tried to donate £4000 worth of books and get staff discussing these issues. They say they are interested and want to collect but never followed through on multiple occasions. In the end after ringing around local public libraries and charities and nobody wanting to do the work (but stick their hands out for money) I decided to throw them in the bin. This is a large collection of detective novels, thrillers, scifi, history, sociology, law, popular science, philosophy, classics, encyclopedias and so on going straight in the trash. Why? I prefer solutions not spending my life filling in complaints forms. I have already thrown out the first tranche of books as the local council recycling department couldn't be bothered to escalate the issue with management. Only another £3500 worth of books to go.

How many people have to die before the UK state gets a clue? Now they are moaning because it affects THEM they may get a hurry on...

https://www.independent.co.uk/news/uk/home-news/prison-officers-ae-inmates-prisoners-accident-emergency-poa-a8521206.html

Clive RobinsonSeptember 3, 2018 6:08 PM

Space Farce, or Skies of Death

    The weaponization of space represents a real threat to the security of everyone on Earth.

Prof. Michio Kaku PhD, City University of New York.

As some might have noticed both the President and Vice President of the USA want to go all "James Bond Moonraker" on the rest of the world.

    It’s not enough to have American presence in space. We must have American dominance in space.

Donald J. Trump, US President.

The V.P. Has made some false statments about what is actually going on.

    Our adversaries have transformed space into a warfighting domain already and the United States will not shrink from the challenge.

Michael Pence, US Vice President.

The reality is the only winners will be the short term profiteers in the US areospace industry with hundreds of billions to trillions of US tax payer dollars wasted with very very little to show for it. Except that it will force an escalation effect with other countries trying to prevent any other nation having "domination".

As for everyone else short term and the entirety of the world medium and longterm it will be a disaster, with the prospect of hundreds if not thousands of years of "nuclear winter" dropping out of the heavens and space entirely closed off to humanity possibly for the rest of what will be a much shortened human existance.

https://www.counterpunch.org/2018/08/14/turning-space-into-a-war-zone/

To say it is utter madness is an understatment and others have noted that it makes the likelyhood of a nuclear World War III vastly more probable to the point of inevitability.

Edward Teller the so called "Father of the Bomb" was in part responsible for the nickname "Ronny Ray Gun" for then US President Ronald Reagan. Due to his crazier ideas (Project Excalibur) giving rise to the Star Wars idiocy a third of a century ago. Which back then would have bankrupted the US to provide nothing even close to being of use. Whilst technology has moved on, it has actually not progressed far enough to make any of the ideas from SDI even close to viable now, nor would you expect it to be for a good few years yet at the most optomistic estimate.

Whilst NASA claims it wants nothing to do with the militarization of space NASA would almost certainly benifit indirectly. As the likes of Boeing, Space X, etc get increased spending and the price per metric ton of lift capacity drops.

Such lift capability for "human capacity" might just be available after April next year when the contract with Russia for astronaut seats to the ISS effectively stops.

bttbSeptember 3, 2018 6:13 PM

From https://www.youtube.com/watch?v=ISmgOrhELXs , George Thorogood- One borbon one scotch one beer, about 9 minutes.

“My neighbors called the cops on me because I played this too loud. The cops came and, arrested my neighbors.”

Also

https://genius.com/George-thorogood-one-bourbon-one-scotch-one-beer-lyrics ; about 8 minutes

https://genius.com/John-lee-hooker-one-bourbon-one-scotch-one-beer-lyrics ; about 3 minutes

If you don’t drink ethanol, don’t worry. For example, although Rumi, afaik, didn’t drink wine, he wrote things like ( https://en.wikipedia.org/wiki/Rumi ) :

“On the seeker’s path, wise men and fools are one.
In His love, brothers and strangers are one.
Go on! Drink the wine of the Beloved!
In that faith, Muslims and pagans are one.[70]”

https://www.youtube.com/watch?v=TJjuTNVs9MI ; The Poetry of Rumi (Barks & Bly), 6 minutes

https://www.youtube.com/watch?v=leTkV4HySDA ; Poems of Rumi by Coleman Barks & Robert Bly, about 9 minutes

Also
https://en.wikipedia.org/wiki/Rent_party

WeatherSeptember 3, 2018 6:44 PM

Clive Robinson
About star wars,you don't need lasers a incept missiles with compressed gas or hyazine instead of fins,for targets in the atmosphere or shotgun with 10k bb,s for stuff higher up,
If they are trying to weapons space because of north Korea or Iran what's it doing with other country.
Type of a good topic to discussed (weapons in space)

Clive RobinsonSeptember 3, 2018 9:31 PM

@ Bruce and the usuall suspects,

You might find this of interest,

https://www.usenix.org/conference/usenixsecurity18/presentation/scaife

It is difficult to spot card skiming devices these days, even those who have seen a few still miss new ones.

Three researchers at the University of Florida decided to look into the problem,

    In this paper, we perform the first such study based on skimmers recovered by the NYPD's Financial Crimes Task Force over a 16 month period. After systematizing these devices, we develop the Skim Reaper, a detector which takes advantage of the physical properties and constraints necessary for many skimmers to steal card data. Our analysis shows the Skim Reaper effectively detects 100% of devices supplied by the NYPD. In so doing, we provide the first robust and portable mechanism for detecting card skimmers.

RatioSeptember 3, 2018 10:00 PM

@Sancho_P,

This may not be an issue in Switzerland, as they do not have real enemies. […] Imagine the Russians […]

January 2018, Trump Tower Russian Lawyer, Natalia Veselnitskaya, Exposed in Swiss Corruption Case:

The Moscow operation behind the now-infamous Russian-Trump Tower meeting in June 2016 included a direct attempt to enlist a foreign country’s law-enforcement official as a virtual double-agent, according to a court case in Switzerland.

One of Switzerland’s top investigators has been fired after allegations of bribery, violating secrecy laws, and “unauthorized clandestine behavior” in meeting with the very same Russian actors linked to the Trump Tower encounter.

Details of the explosive case have been published by investigative reporters for the Tribune de Genève and Tages-Anzeiger newspapers in Switzerland. The officer, identified only as Victor K., traveled to Moscow—against the expressed wishes of his superiors—where he spoke to Natalia Veselnitskaya, the lawyer who met with Donald Trump Jr., Paul Manafort, and Jared Kushner at Trump Tower.

July 2018, German broadcasters targeted by Russian hackers:

Germany's intelligence service (BND) had warned two weeks ago of the potential cyber threats facing several key bodies, including the country's public broadcasters and media companies.

The BND also said that the Spiez Laboratory in Switzerland, which specializes in chemical weapons research, was also among Sandworm's targets. Its Swiss lab had been tasked with analyzing the Soviet-era nerve agent Novichok that was used to poison former Russian double agent Sergei Skripal in Salisbury.

A spokesperson for Spiez Laboratory said officials had encountered one phishing attack, sent via a document used in a workshop. However, the institute itself had not been affected.

Como bien dices, Rojos por todos lados.

echoSeptember 4, 2018 12:00 AM

Active Measures is a new documentary. To anyone with a decent and well rounded knowledge of the Cold War and post Cold War years this documentary is a semi-relaxing trot through of all the issues. I found it interesting unpicking the documentary narrative with other perspectives and knowledge from other sources. Nationalistic bluster and passive anger paranaoi aside it has its funny moments too.

Q. How does Russia launder money into America?

There is a pause and a smile and a laugh, and another pause and you KNOW what is coming next.

A. Everything I know that's interesting I can't tell you.

https://www.theguardian.com/film/2018/apr/30/active-measures-review-documentary-putin-trump-election-meddling
Active Measures review – middling doc on Russian election meddling.
While there’s an impressive roster of talking heads, including Hillary Clinton, this exhaustive documentary struggles to move past outrage

WeatherSeptember 4, 2018 12:26 AM

Cassandra
If you look around 2011-12 in the Friday squid threads I posted a asm virtual machine base that could fit into a boatloader with the is or programs not detecting it, it could also xor code and data and decode it on the fly, with the ids part you could filter access to HDD sectors and real ram address plus asm instruction if you wish.
There was one on pastebin that got removes for copyright, but a better one latter from short text or another site like that.
Wouldn't mind if someone finished the program to get it working as I'm not going to go back to it

Portia como BaltasarSeptember 4, 2018 1:53 AM

Ratio: "Como bien dices, Rojos por todos lados."

Solo una libra de carne, pero no una gota de sangre.

Wesley ParishSeptember 4, 2018 6:12 AM

@Clive Robinson, Weather

Re war in space

One book I read in the late eighties on War In Space made the rather pertinent comment that in many case the easiest way to win any such war in space TM (whoever), was to cut the power cable to the control and communications office here on Earth. Another book that I read on the topic in the early nineties said that orbital mechanics had ruled control of earth orbit out of anybody's hands.

That being so, the only way to gain control TM (whoever) over earth orbit, is to saturate it with your own satellites. And the only realistic way to do that is to work out a way to clear earth orbit of space debris. And the only workable way to clear earth orbit of space debris is to work together with other space powers, not against them. (I mean, seriously, do you expect that Russia is going to take US de-orbiting of any Russian satellite alleged by the US to be defunct, lying down? Change the national labels, and you have your answer. Ditto for the other space powers.)

We've had about thirty years' grace to sort this sort of problem out, and all we've seen is people sitting on their hands and twiddling their thumbs. They undoubtedly derive great satisfaction from rectal stimulation, but it doesn't solve the problem.

WeatherSeptember 4, 2018 12:04 PM

Useless fact post

The human brain has four states that fall into frequency ranges.
0-5hz sleep
6-20 emotional
21-30 imagery and memory
31-40 full awake

When you look at TV or computer screen the screen refresh rate of 40-100hz the brain tries to match and get insync,stop you going to lower brain states,
Audio of 800-550hz left right speakers can also sync up.

Weapons
Knotch out grenades can be made when force able locked then lowered to 2-3hz

echoSeptember 4, 2018 5:00 PM

@Wesley Parish

Both the moon landing and the Gulf War went through a single point of communications failure. One pair of garden shears and the world may have turned out very differently.

Sancho_PSeptember 4, 2018 5:26 PM

@Ratio

Oh I am shocked! The Swiss have met a Russian! My Ricolas likely poisoned!

Right, the Reds again.
But our “reports” and “warnings” are always unspecific. Reading them I smell manipulative efforts, not information.
This is why I tend to be unconvinced. Give me more. In dubio pro reo.

I don’t remember how many Russians I met, shook hands, even worked with. People like you and me. Both, good and bad ones.
And what? Did or do they control me? OMG.

To influence media (accredited “investigative” reporters), and the medium (Internet, by bots and filters), this is the power’s way to inform the public. Their pravda.

Don’t confront and discuss, simply suppress controversy.
Put it under the carpet, silently, without investigation / legal consequences.
Make it simply disappear, today!
Tomorrow it will be forgotten, hidden by a bigger sensation / scandal.
Hopefully.
But it doesn’t always work. Some ideas keep coming up, some even slowly changing the political landscape.
Boy, _then_ are we shocked: That _Trumps_ everything.

So I’m afraid to censor is a very bad tactic in the long-term.
But probably we don’t need the long-term any more.
The crocodile’s second term may do.

HmmSeptember 4, 2018 6:34 PM

"Right, the Reds again."

"Russians" as a slavic people are not under suspicion of anything here. That's a hard nyet.
Why pretend this isn't a fact worth noticing? What's the harm in facts? Why smokescreen?

It's Veselnitskaya, the Russian lawyer who met Trump Jr. at Trump Tower. THAT meeting, yes.
The one everyone wants to forget the details about, and a few did under oath. Newsworthy.

She's been caught lying about her employment and employer specifics, topics of discussion relevant to a certain Robert Mueller III because The President of the USA's son provably lied about the specifics of their meetings and communications. That son of the President did so UNDER OATH TO THE CONGRESS not to mention to the FBI, either of which would be a felony worth 5 years in prison, depending. (Each count? Ouch.)

So that's why it's kind of interesting that :

Veselnitskaya works for the Russian government. She tried to deny that at first, no hoax.
There's no Russophobia required to see this fact nor do you have to be "deep state" to read it.
She is also credibly accused of trying to recruit the Swiss law enforcement official.
Typical of Russian foreign services, or you know, a big hoax. Whatever you want.
But she did get caught lying about it and she does work for them. Both Trumps lied also,
(though only Junior to Congress and FBI so far.)

There was another female Russian national who is now under arrest for "similar ++" accusations.
Maria Butina. https://www.thedailybeast.com/russia-nra-arrest-this-is-as-close-as-it-gets-to-collusion
It's not her. I can see how you could find all this talk about individual Russians to be a theme.

Isn't it then interesting how this theme of Russia and the President doesn't just put itself to bed, despite all the President's attempts to do that? To pretend "Putin's fine, he's fine?"

Should the media just forget it? Should Mueller? Should we just imagine Russia as Alaska?

Or should we just continue to report the actual specifics and stop pretending this is all Russophobia?

Which makes more sense.

echoSeptember 4, 2018 10:47 PM

Yes, extending polcie powers and bodycam useage really will prevent police abuse by sexual harassment, and blind eyes being turned and cameras being turned on and off to create a fabricated narrative, and being punched and slammed into walls and all the other abuses of power the police indulge in.

Please excuse my undignified sarcasm. The old canteen culture never went away whatever anyone says. It's just covered up better. They think "Oh, dumb stupid woman she's not going to do anything about it."

https://www.independent.co.uk/voices/editorials/police-crime-rising-stop-and-search-essential-how-a8522856.html

RatioSeptember 5, 2018 6:30 AM

Salisbury novichok poisonings: police name two Russian suspects:

Two Russian nationals have been named and charged over the novichok poisoning of Sergei and Julia Skripal in March in Salisbury, Wiltshire. British police and prosecutors made the announcement on Wednesday.

Police said they were travelling on authentic Russian passports under the names of Alexander Petrov and Ruslan Boshirov and arrived in the UK on an Aeroflot flight days before the attack. The Crown Prosecution Service said there was enough evidence to charge them.

[…]

The investigation has recovered CCTV of the two suspects after they flew into Gatwick airport and they stayed in the City Stay hotel in east London. After arriving on Friday 2 March on an Aeroflot flight, they went to Salisbury on what police said they were satisfied was a reconnaissance trip on Saturday.

They returned to London that day and went back to Salisbury on Sunday, when police say that CCTV showed them in the vicinity of the Skripal house. Police believe that after contaminating the front door of the house, they immediately went to Heathrow via train and London underground and flew back on Sunday night at 10.30pm.

[…]

[Sue Hemming, CPS director of legal services, said:] “It is of course for a jury to decide whether the evidence is enough for them to be sure of the suspects guilt. We will not be applying to Russia for the extradition of these men as the Russian constitution does not permit extradition of its own nationals. Russia has made this clear following requests for extradition in other cases. Should this position change then an extradition request would be made.

“We have, however, obtained a European arrest warrant, which means that if either man travels to a country where an EAW is valid, they will be arrested and face extradition on these charges for which there is no statute of limitations.”

“Hoax!”, “Where’s the evidence?!”, “Russophobic!”, “Nonsense that is clear to anyone with half a brain!”

Looking great, guys! If only I were that smart …

JG4September 5, 2018 7:43 AM


I referenced two previous incidents of smart-phone surveillance here:

https://www.schneier.com/blog/archives/2017/07/me_on_restauran.html#c6757202

but I couldn't find my original comments. There has been one more memorable incident since then. I will detail all three later, or find the first two.

The usual daily compendium

https://www.nakedcapitalism.com/2018/09/links-9-5-18.html

...

A reliable credit-card skimmer detector: a card that detects multiple read heads boing boing (Dan K)

Trajectories of the Earth System in the Anthropocene UserFriendly Proceedings of the National Academy of Sciences (UserFriendly)

...[this probably addresses the side-channels created by local oscillators]

Get ready for atomic radio MIT Technology Review (David L)

...

Fully Autonomous Cargo Ships Face Enormous Challenges Wolf Street. EM: “Excellent detailed rundown on the various projects underway in a crucial transport segment which in contrast to cars does not have the added complications of road conditions/closures, bumper-to-bumper traffic, pedestrians and cyclists. If full autonomy faces ‘enormous challenges’ here, that says much about the prospects of same for automobiles.”

...

Clive RobinsonSeptember 5, 2018 7:50 AM

In the lunch time news it finally looks like actuall evidence is starting to come out of the Sailsbury nerve agent attack.

More information is being sought on two people named as "Alexander Petrov and Ruslan Boshirov" on their travel documents[1]. They are believed to be Russian nationals or atleast traveling on Russian issued pasports they traveled under to the UK.

Unless the passports can be shown to be genuine but stolen (which terrorists have been known to do) It finally confirms that at some level there has been Russian involvment. The downside however is Russia is a country known for both crime and bribery at all levels and all positions, so it is possible that the passports were obtained by criminal methods (Something no doubt Russia will claim etc).

Which is probably why the UK police are seaking assistance.

That said, the most important thing is,

    “Prosecutors have concluded that there is sufficient evidence to provide a realistic prospect of conviction,”

Which means that in the case of the two individuals they have been charged --in their absence-- with criminal acts that are now supported by court admisable evidence not supposition. We have yet to hear if there is other evidence to charge others with involvement. Hopefully we will hear something in the near future but I am not holding my breath. Because even though European Arrest Warrants have been issued and similar Interpol red notice documents, it is known that Russia currently will not extradite Russian nationals, so this has not currently been sought. So any further evidence or information on who was behind the killings and who they worked for directly or indirectly may never be publicized.

It would appear that this release of information has been waiting on independent evidentiary tests by the Organisation for the Prohibition of Chemical Weapons (OPCW).

https://www.independent.co.uk/news/uk/crime/salisbury-attack-suspects-name-russia-alexander-petrov-ruslan-boshirov-novichok-skripals-a8523586.html

[1] However the UK Met Police Counterterorism team think they are probably ailias.

WaelSeptember 5, 2018 9:08 AM

@Clive Robinson,

Corry Doctrow has an f-bomb titled argument about the latest Five-Eyes nonsense,

I don't have time to read the thing. However... Five-Eyes, five f-bombs. Do the math :)

MarcusSeptember 5, 2018 11:46 AM

Tails 3.9 is out -

https://tails.boum.org/news/version_3.9/index.en.html
https://git-tails.immerda.ch/tails/plain/debian/changelog

Tails 3.9 is the biggest update of Tails this year!

It includes two new features on which we have been working for more than a year:

- Additional Software
- VeraCrypt integration

https://tails.boum.org/install/download/index.en.html
http://dl.amnesia.boum.org/tails/stable/tails-amd64-3.9/tails-amd64-3.9.iso
https://tails.boum.org/torrents/files/tails-amd64-3.9.torrent

bttbSeptember 5, 2018 12:44 PM

2) https://www.emptywheel.net/2018/09/05/bill-clinton-did-not-win-an-election-by-getting-a-blowjob-the-danger-of-lindsey-grahams-willful-ignorance-about-russian-interference/

1) https://www.emptywheel.net/2018/09/05/brett-kavanaugh-was-in-the-loop-on-broader-precursor-to-john-yoos-stellar-wind-memos/

From 1): "In the second, he [Senator Patrick Leahy] asked Kavanaugh [Supreme Court Nominee] whether he still stood by his claim not to have been involved in the authorization for Stellar Wind, Bush’s illegal wiretap program. Kavanaugh almost immediately reverted to the dodge that George Bush used when denying he had ignored FISA — referring to just a subset of the program, for which the Bush White House invented the term “Terrorist Surveillance Program.

But Leahy persisted, asking specifically about this document (see page 13; significantly, Steven Bradbury left the document off a FOIA Vaughn Index about documents pertaining to the “TSP”)

[...]

Leahy already asked to have the documents showing Kavanaugh’s involvement in this memo released publicly. He renewed that request today.

This underlying September 17 document has never been released, so we don’t know how extreme John Yoo got. But we may soon have the proof that Kavanaugh was involved in authorizing surveillance that goes beyond the scope of what we know got authorized as the Stellar Wind program."


From 2) "In his statement in Brett Kavanaugh’s [Supreme Court] confirmation hearing yesterday, [Senator] Lindsey Graham embodied the problem with Republicans’ deliberate ignorance about Russian interference in the 2016 election.

As part of his statement, he raised the time Joe Biden pointed out what a hypocrite Brett Kavanaugh was for believing presidents should not be investigated during their term but nevertheless thought it necessary to ask Bill Clinton the following questions:

[...][graphic language]

Lindsey did so to suggest Biden’s comments about the Clinton investigation refute the claim that Trump picked Kavanaugh to protect himself from investigation, as if the investigation of Clinton for a blowjob was as legitimate as Mueller’s investigation into whether Trump cheated to win the election.

To justify such an absurd claim, Lindsey suggests that the Mueller investigation is only about whether Trump acted improperly when he fired Comey."


VinnyGSeptember 5, 2018 2:56 PM

@moderator: I'm late in on this, but in the interests of academic inquiry, can you find anything in the 2nd comment in this thread (from "Paul Gregg") that is even remotely technical in nature, let alone related in any direct way to infosec? Or is the fact that the publishing media related to some otherwise purely political issue (in this case, alleged free speech bias)happens to be internet-hosted now sufficient to meet AUP here? I also find it somewhat interesting that Mr. Gregg seems to think that the past tense of "strike" is "stroke."

bttbSeptember 5, 2018 3:38 PM

An Opinion piece from a "center-right perspective", https://www.washingtonpost.com/news/opinions/wp/2018/09/05/kavanaugh-stumbled-over-two-critical-tripwires/ :

"... Kavanaugh [Supreme Court Nominee] made the problem much worse by his refusal to answer two critical questions — whether a president can self-pardon and whether a president must respond to a subpoena.

There was this exchange:

'Sen. Dianne Feinstein: “So you can’t give me an answer on whether a president has to respond to a subpoena from a court of law?”

Kavanaugh: “My understanding is that you’re asking me to give my view on a potential hypothetical, and that is something that each of the eight justices currently sitting on the Supreme Court, when they were sitting in my seat, declined to decide potential hypothetical cases.”'

And then Sen. Patrick Leahy (D-Vt.) asked if a president could self-pardon. Again Kavanaugh demurred: “The question of self-pardons is something I’ve never analyzed. It is a question that I’ve not written about. It is a question therefore that is a hypothetical question that I can’t begin to answer, in this context as a sitting judge and as a nominee to the Supreme Court.” Why not? He’s not being asked about a specific case. He would not even say whether the president in effect could give a bribe — promising immunity if a witness wouldn’t testify against him.

It is mind-boggling, in one sense, that a federal judge doesn’t have a concrete answer as to whether the president can shred the Constitution in this way. “Can a president bribe someone?” is not a hard question. “Does our constitutional system permit the president to go on a crime spree and pardon himself?” shouldn’t be up for debate. And yet Kavanaugh ducks answering.

There are two possibilities here — he doesn’t want to answer and alienate one side or the other, or he really could facilitate a constitutional crisis. No senator, Democrat or Republican, should gamble that he really in his heart doesn’t believe these things are permissible. You can gamble with many things, but the future integrity of the Supreme Court should not be one of them.

Republicans and Democrats here need to consider the real possibility that Kavanaugh was picked precisely because he’d be the most likely judge to let President Trump get away with unconstitutional antics. If so, the problem is even worse: Trump is nominating the one otherwise plausible judge who might let him pardon himself, avoid a subpoena and bribe associates into maintaining their silence.

I am not saying this is the case. I am saying there is a not unsubstantial risk that this is going on. It is up to senators to make the case that they cannot confirm someone who leaves the door open to a constitutional fiasco. He can give more definitive answers. He can recuse himself. But confirming him as things currently stand would be constitutional malpractice."

echoSeptember 5, 2018 3:41 PM

@bttb

Yesterday, I read Monica Lewinsky was giving a television interview and was punked by the (male) interviewer who ignored pre-arranged boundaries by bringing up THAT subject. Oh, the excuses he made after. Monica's response was to emphaisise she was an anti-bullying advocate before walking out. Former UK defence secretary John Nott famously walked out of a studio interview after being verbally insulted. This is remembered as a notable incident whereas Monica is disenranchised and silenced again. I'm sure Monicas interviewer considers himself a hard bitten journalist and tough guy and never learned a thing.

@Clive

Yes, as much as we have evidence we have no evidence. While a Russian extradition is not technically possible the issue of trusting the Russians is an issue. On paper the Russian offer to cooperate with an investigation is there but what would happen next? Cover up? More dead bodies? Getting someone alive and appearing in court is just the beginning.

American rogue operations are glamorised in American movies and those who get caught, as with the Italian Olympics, are usually disappeared back to America and are never extradited.

Sancho_PSeptember 5, 2018 5:17 PM

@Clive Robinson

Cory Doctorow is right, but …
He’s talking about gov and other criminals potentially having “access” to our, the plebs, holy personal and “private” communication.
Here I agree with nazzional security, this would be likely the least problem.
However, gov, state, politicos, business, trade, financial secrets, all fair game?
Um, really, I don’t know. I mean USA, Russia, China, Japan, Germany, Korea, … vice versa?

But Cory Doctorow had only half a sentence for the crucial part, that part that should ring alarm bells even in politicians:

“Access” also means write access.

That is, criminals or “evil foreigners” (see above) could fake any communication / conversation, not only invent stories, but place them into anybody’s mouth / account / conversation / burp.
Fun.

Are our nazzions ripe for this?

echoSeptember 5, 2018 6:09 PM

The Novichock investigation seems to have preliminary results. Two men are accused and alleged to be GRU officers. I remain open to the possibility this may have been a criminal operation perhaps involving corrupt officers.

https://www.theguardian.com/uk-news/2018/sep/05/uk-builds-pressure-on-russia-after-naming-spies-as-novichok-attackers
PM points to Putin as Russian pair accused of novichok poisonings. Britain to lay out case against Moscow at UN with May saying suspects were GRU officers.

GoFundMe is sadly an avenue many desperate people and causes must follow. This story involves a homeless man being defrauded of the amazing amount of money raised for his welfare. This is really sad for everyone involved. I hope things turn out for the best. In the meantime GoFundMe has mitigation measures in place. I am glad GoFundMe's guarantees of protection are not empty words.

https://www.independent.co.uk/news/world/americas/gofundme-couple-homeless-veteran-johnny-bobbitt-fraud-a8524266.html

GoFundMe​ released the following statement: "We are working with law enforcement officials to ensure Johnny receives all of the funds raised on his behalf.

"While we assist law enforcement with their ongoing investigation, GoFundMe is also working with Johnny's legal team to ensure he's receiving support while the remaining funds are being recovered. GoFundMe has given $20,000 to a bank account created by Johnny's legal team to provide assistance during the investigation."

The fundraising platform also stated that in the "rare case" funds are misused, "donors and beneficiaries are protected" by GoFundMe.

echoSeptember 5, 2018 6:42 PM

I wondered a few months ago after reading an article on astronomers processing data to reveal stars on the other side of the galaxy whetehr the maths or tools developed could be used in cryptanalysis. Nobody said a peep!

This particular article doesn't explicitly mention marketing or finance like another article I read. It does highlight the warm and fuzzy sounding uses and a few more cynical uses.

https://www.reuters.com/article/us-amazon-com-chile-telescopes/amazon-eyes-chilean-skies-as-it-seeks-to-datamine-the-stars-idUSKCN1LK0Y7

SANTIAGO (Reuters) - Amazon.com is in talks with Chile to house and mine massive amounts of data generated by the country’s giant telescopes, which could prove fertile ground for the company to develop new artificial intelligence tools.

[...]

The particular tools developed for the astrodata project could be applicable for a wide variety of other uses, such as tracking potential shop-lifters, fare-evaders on public transport and endangered animals, Julio Pertuze, a ministry official, told Reuters at the event announcing Chile’s aim to build a virtual observatory on the cloud.

[...]

“So a tool that might get developed in LSST or the astronomical world could be applicable for Amazon in their commercial world.”

echoSeptember 5, 2018 7:00 PM

Securityissues are mentioned at the top of the article which goes on to discuss poverty as a motivator and inequality. The article also touches on police corruption at the very end which the police claim has been dealth with. (Hah hah.)

https://www.independent.co.uk/news/uk/crime/cash-machine-explosions-robberies-atms-smash-grab-flying-squad-armed-a8524746.html

Thieves are blowing up cash machines in potentially deadly explosions that have been sweeping across the UK.

Police say the strength of some blasts has been comparable to “a bomb going off”, seeing millions of pounds stolen, buildings destroyed and local infrastructure decimated.

Almost 100 gas explosions targeting cash machines were recorded by police in England and Wales last year, including 23 carried out by a single gang that stole more than £1.5m in a three month spree across the Midlands.

Bob PaddockSeptember 5, 2018 7:04 PM

Related to the SDI and Space Weapon comments:

November 15, 2018 | The Mary M. Gates Learning Center, Alexandria, VA

The 2nd Annual Directed Energy Symposium will provide a forum to discuss the efforts to develop and leverage DE technologies in support of U.S. national security needs and battlefield overmatch. The symposium will focus on Service and DoD DE roadmaps, DE’s role in National security and the future Force, R&D initiatives, acquisition and funding updates, and much more.

The event is free for those in the Military and Government. Muggles and Accademia must pay.

http://directedenergy.dsigroup.org

This is the oldest SDI like document I've come across, anyone know of one older or more interesting?:

"Virtual State Engineering and Its Implications." ADA065762 by T. E. Bearden Report Date : Jan 1978 http://www.dtic.mil/dtic/tr/fulltext/u2/a065762.pdf

"... Such applications include electron current dissolution (dudding of electromagnetic circuits), cancellation of electromagnetic fields, de-activation (dudding) of nuclear warheads by transmutation of fissionable materials, and simple production of particle beams of enormous power density. Electron current dissolution is also effective against the nervous systems of biological targets."

If you see something, say somethingSeptember 5, 2018 7:07 PM

https://www.nytimes.com/2018/09/05/opinion/trump-white-house-anonymous-resistance.html

Opinion
I Am Part of the Resistance Inside the Trump Administration

I work for the president but like-minded colleagues and I have vowed to thwart parts of his agenda and his worst inclinations.
Sept. 5, 2018

Leer en español

The Times today is taking the rare step of publishing an anonymous Op-Ed essay. We have done so at the request of the author, a senior official in the Trump administration whose identity is known to us and whose job would be jeopardized by its disclosure. We believe publishing this essay anonymously is the only way to deliver an important perspective to our readers. We invite you to submit a question about the essay or our vetting process here.

President Trump is facing a test to his presidency unlike any faced by a modern American leader.

It’s not just that the special counsel looms large. Or that the country is bitterly divided over Mr. Trump’s leadership. Or even that his party might well lose the House to an opposition hellbent on his downfall.

The dilemma — which he does not fully grasp — is that many of the senior officials in his own administration are working diligently from within to frustrate parts of his agenda and his worst inclinations.

I would know. I am one of them.

To be clear, ours is not the popular “resistance” of the left. We want the administration to succeed and think that many of its policies have already made America safer and more prosperous.

But we believe our first duty is to this country, and the president continues to act in a manner that is detrimental to the health of our republic.

That is why many Trump appointees have vowed to do what we can to preserve our democratic institutions while thwarting Mr. Trump’s more misguided impulses until he is out of office.

The root of the problem is the president’s amorality. Anyone who works with him knows he is not moored to any discernible first principles that guide his decision making.

Although he was elected as a Republican, the president shows little affinity for ideals long espoused by conservatives: free minds, free markets and free people. At best, he has invoked these ideals in scripted settings. At worst, he has attacked them outright.

In addition to his mass-marketing of the notion that the press is the “enemy of the people,” President Trump’s impulses are generally anti-trade and anti-democratic.

Don’t get me wrong. There are bright spots that the near-ceaseless negative coverage of the administration fails to capture: effective deregulation, historic tax reform, a more robust military and more.

But these successes have come despite — not because of — the president’s leadership style, which is impetuous, adversarial, petty and ineffective.

From the White House to executive branch departments and agencies, senior officials will privately admit their daily disbelief at the commander in chief’s comments and actions. Most are working to insulate their operations from his whims.

Meetings with him veer off topic and off the rails, he engages in repetitive rants, and his impulsiveness results in half-baked, ill-informed and occasionally reckless decisions that have to be walked back.

“There is literally no telling whether he might change his mind from one minute to the next,” a top official complained to me recently, exasperated by an Oval Office meeting at which the president flip-flopped on a major policy decision he’d made only a week earlier.

The erratic behavior would be more concerning if it weren’t for unsung heroes in and around the White House. Some of his aides have been cast as villains by the media. But in private, they have gone to great lengths to keep bad decisions contained to the West Wing, though they are clearly not always successful.

It may be cold comfort in this chaotic era, but Americans should know that there are adults in the room. We fully recognize what is happening. And we are trying to do what’s right even when Donald Trump won’t.

The result is a two-track presidency.

Take foreign policy: In public and in private, President Trump shows a preference for autocrats and dictators, such as President Vladimir Putin of Russia and North Korea’s leader, Kim Jong-un, and displays little genuine appreciation for the ties that bind us to allied, like-minded nations.

Astute observers have noted, though, that the rest of the administration is operating on another track, one where countries like Russia are called out for meddling and punished accordingly, and where allies around the world are engaged as peers rather than ridiculed as rivals.

On Russia, for instance, the president was reluctant to expel so many of Mr. Putin’s spies as punishment for the poisoning of a former Russian spy in Britain. He complained for weeks about senior staff members letting him get boxed into further confrontation with Russia, and he expressed frustration that the United States continued to impose sanctions on the country for its malign behavior. But his national security team knew better — such actions had to be taken, to hold Moscow accountable.

This isn’t the work of the so-called deep state. It’s the work of the steady state.

Given the instability many witnessed, there were early whispers within the cabinet of invoking the 25th Amendment, which would start a complex process for removing the president. But no one wanted to precipitate a constitutional crisis. So we will do what we can to steer the administration in the right direction until — one way or another — it’s over.

The bigger concern is not what Mr. Trump has done to the presidency but rather what we as a nation have allowed him to do to us. We have sunk low with him and allowed our discourse to be stripped of civility.

Senator John McCain put it best in his farewell letter. All Americans should heed his words and break free of the tribalism trap, with the high aim of uniting through our shared values and love of this great nation.

We may no longer have Senator McCain. But we will always have his example — a lodestar for restoring honor to public life and our national dialogue. Mr. Trump may fear such honorable men, but we should revere them.

There is a quiet resistance within the administration of people choosing to put country first. But the real difference will be made by everyday citizens rising above politics, reaching across the aisle and resolving to shed the labels in favor of a single one: Americans.

The writer is a senior official in the Trump administration...

Clive RobinsonSeptember 5, 2018 7:07 PM

@ echo,

On paper the Russian offer to cooperate with an investigation is there but what would happen next? Cover up? More dead bodies?

Various people have suggested that there have been atleast another twenty murders over the past few years.

The problem is that the police and coronors investigations appear to have been not at all thorough and natural causes etc attributed. Thus evidence may have never been gathered, let alone make it into court.

It is of note that the deaths all happened at a time when the current PM was busy gutting police and their support services when she was at the Home Office...

Thus the deaths are in effect mear speculation currently. But are also unlikely to be ever properly investigated.

The problem which I caution about is evidence that is suitable for court. If you think about it there are three steps,

1, Gather.
2, Analyse.
3, Present.

If you make swingeing cut backs that effect any step along the way then the evidence will not go towards getting a conviction. Mrs May has scythed the first two and as we know previous goverments of both stripes have cut back hard in the legal proffession including the CPS...

Hence it's highly likely the evidence was never gathered and "extra bodies" will remain as speculation indefinitely...

WeatherSeptember 5, 2018 7:13 PM

Welcome to the fish bowl
Https://ibb.co/i7jTqK is a diagrams of hydrogen atom, other atoms have more center and outer parts the outer parts react to each other and neighborhood of other atoms,
A map can be formed from point X along a link/chain of atoms to point Y, if point X,Y are measured then the chain between can be worked out.
0x7fffffffffffff80000000000000 buf[400000000]

Sorry if it doesn't belong on this site

ScaredSeptember 5, 2018 10:21 PM

So GRU sent two agents on Aeroflot (!) to Gatwick and they used the Tube with its ticketed entry/exit gates so their travel could be tracked and they traveled during non peak hours and they seem to have stopped for a security camera selfie at every gate (on an empty platform next to each other so even the dimmest evening news viewer can recognize them). And then they dropped the remaining Novichock in a recycling bin near the scene and so on and on. Would Mossad act as clumsy as this? Wait... maybe they did?

WeatherSeptember 5, 2018 11:08 PM

Scared
In the photos, what gene pool do they look like.
Did he get killed for something in the past,not the real target,nuclear then chemical is biological next
??

ScaredSeptember 5, 2018 11:32 PM

@Weather: They look Russian alright... I would be disappointed if they didn't.
My take is:
False flag: 40% probability
Russia showing the world they can do whatever they want: 40%
Too much vodka: 20%.

WeatherSeptember 6, 2018 12:41 AM

Scared
Frantically Christians maybe,3/4 hors men ,havnt heard much from that ozlo Sweden group,
Don't know :shrugs

Clive RobinsonSeptember 6, 2018 1:52 AM

@ Scared,

Would Mossad act as clumsy as this? Wait... maybe they did?

From the technical security point of view, you have to remember that England has more CCTV recording systems than any other by a long long way[1].

So much so it is almost impossible to use English Public Transport without being recorded at every point along the way by several cameras.

But with the London Congestion Charge and other Automatic Number Plate Recognition systems in use in even quite small retail outlet parking spaces, it's again very difficult at best if not impossible to drive a vehicle in or out of London or most larger towns without getting caught on camera.

I've mentioned before how it is becoming steadily more impossible to travel more than a mile in the Greater London and surounding areas without getting on a CCTV recording. Even allyways now have CCTV supposadly to catch "fly tippers" and vandals.

In fact if you can get a look at one of those "street lights at night from space" pictures of the entire South East corner of the UK then you can more or less bet that every illuminated pixel you see has a CCTV with recording system associated with it, probably many.

It was this sort of blanket coverage by CCTV that alowed that Mossad Assasination team in the Middle East to be identified.

Currently the issue of linking it all up to track people 24*365.25 is a resource one still requiring significant human input.

But as @echo has pointed out above technology is making what once seemed impossible mundane. Not in decades as it used to, but in tens of months tops.

Do you remember that self taught AI that learnt to play chess in around four hours and then beat computer systems created by humans that had taken years of programing, that in turn could beat the best of Grand Masters?

Well that's going to become more the norm rather than the exception, and we will have no clue as to how much of it works.

Well that's the sort of technology public transport opperators want to automatically catch fare dodgers, so they can then drive the price of fares up to levels where ordinary workers will have to stop putting even minimal food levels on the table just so they can get to work. That is even though having what appear to be well paying jobs they will fall below the poverty line...

When the backend AI systems have paid for themselves with high value activities they will in turn drop down the scale to the point that law enforcment on the masses will become a major source of income. Remember that "Three crimes a day" that every one is supposed to unknowing / unconsciously committ. Well the fines will get deducted automatically from your bank account. If you want to appeal well the costs will likewise by automatically taken in advance, and if you don't have the money in an account then tough luck, no justice for you.

Oh and money goes missing from your account, well guess what in the UK you first have to go to the bank. They nolonger issue bank statments to people, yet to even consider investigating your complaint the first thing they demand is all your bank statments... If you ever do get it to court, the chances are you will lose because the banks claim their systems are perfect and will not alow them to be inspected for "commercial confidentiality" or other hogwash to snow the judge. Imagine trying to examin an AI system...

Oh and have a look at what went on in India recently which is a cash economy, the government decided to remove the high value notes from circulation to kill the black economy they believed existed and force it into banks where they could get it. It was a major disaster, little or no black market money was found, and the whole countries economy dipped atleast 1% doing unimaginable harm to people at the bottom of society. In the process moving economic wealth into even fewer hands at the top.

Well when you couple that sort of stupidity to AI you know where it is going to go... Yup "Hell in a hand cart".

Oh and remember the US legislators brought in what appeared like limitations on private spying. But gave blanket immunity to those that handed the data over for free to the US "guard labour"...

[1] It used to be quoted as twenty times the next nearest country, which is the same as US military spending which might be coincidence or show a measure of guess work on those compiling their figures.

echoSeptember 6, 2018 3:01 AM

Apparently, last year India's supreme court ruled everyone has a right to privacy. I never noticed this or can't remember reading about it before! The article also goes on to say after some back and forth on other issues they also just overturned an old British Imperial law banning certain activities "against the order of nature"...

https://www.theguardian.com/world/2018/sep/06/indian-supreme-court-decriminalises-homosexuality

“What changed everything was last year’s privacy judgment,” said Gautam Bhatia, a Delhi-based lawyer and legal scholar. “In August 2017, the supreme court held there was a fundamental right to privacy, and as part of that, five judges said the 2013 decision was wrong.”

He added: “It was unprecedented. The judges commented on a completely unconnected case to say it was wrong. But once they said it, with the imprimatur of a full bench behind it, section 377 was gone, implicitly if not formally.”

The decision legalises behaviour that many Indians say was accepted in their culture before the imposition of conservative Victorian mores during the British imperial era. The anti-sodomy law was imposed in the Indian colony in 1860 as part of a raft of laws against public vice and immorality instituted across the British empire.

@Clive?

Did I? I looked... Yes I did!

Things have certainly moved on since doing everything by hand. Dame Jocelyn Bell Burnell is investing her winnings in a fund for underrepersented people in science because “Increasing the diversity in physics could lead to all sorts of good things.”

https://www.theguardian.com/science/2018/sep/06/jocelyn-bell-burnell-british-astrophysicist-overlooked-by-nobels-3m-award-pulsars

Bell Burnell was born in Lurgan, Northern Ireland, in 1943, and after spells in York and Glasgow arrived in Cambridge “rather by accident” to pursue a PhD at the university’s Cavendish laboratory. While poring over literally miles of data from a new radio telescope she helped to build, she spotted a faint and unusual signal: repeating pulses of radio waves.

“It was a very, very small signal. It occupied about one part in 100,000 of the three miles of chart data that I had,” Bell Burnell said. “I noticed it because I was being really careful, really thorough, because of impostor syndrome.”

Impostor syndrome strikes when people doubt their own achievements and develop a deep sense that they will be outed as a fraud. In Bell Burnell’s case the condition manifested as a fear she would be thrown out of Cambridge: “I’m a bit of a fighter, so I decided that until they threw me out I would work my very hardest. Then, when the time came, I wouldn’t have a guilty conscience. I’d know I had done my best.”

Wesley ParishSeptember 6, 2018 3:32 AM

Further note on the nullity of the word Terrorist

http://www.palestinechronicle.com/farmer-terrorism-is-the-new-slogan-for-jewish-settlers/

In less than three months, Jewish settlers have destroyed over 2,000 trees and grapevines in the occupied West Bank. Rights group B’Tselem has issued a detailed report on this destruction, including testimony from Palestinian farmers. Bales of hay and barley fields were also destroyed. The destruction wrought by Israel’s settler-colonists equates Palestinian agriculture to terrorism; slogans sprayed on Palestinian property following the destruction included “No to farmer terrorism”.

In 2004 I watched on TV, open-mouthed, as an Indian federal politician referred to those Christians, Buddhists and Muslims who would seek to lift the dalits out of their second-class citizenship status by welcoming them into their communities as equal participants, as religious terrorists.

Which is why I refer to it as pterorism as often as I can. Pterorists are descended from pterosaurs ... :)

H.M.MüllerSeptember 6, 2018 3:38 AM

At Lawfareblog, Jim Baker has published a second installment on Artificial Intelligence – A Counterintelligence Perspective.

It is mainly high-level talk, but its fifth "key point" is titled "our [the US's] poor cybersecurity posture poses an existential threat." It argues essentially that huge amounts of data are, if used as "Big Data", a valuable resource to adversaries, and hence have to be protected like other valuable resources from them; two quotes:

"... the possibility that their gobbling up of our data will enable them to reach Artificial General Intelligence (AGI)—that is, AI that is roughly as smart as humans across all dimensions of cognition—before we do."

"AGI in the hands of an adversary would pose an existential threat to the United States and its allies. And that is on top of the existential threat already inherent in the vulnerability of U.S. critical infrastructure to cyberattacks intended to disrupt or destroy those systems. Even if AGI is not possible, the quest for it will drive behavior toward accumulating more and more data, and that will benefit other, less comprehensive but still important, AI systems."

I, small software engineer, do not see how this can be achieved ...

CallMeLateForSupperSeptember 6, 2018 8:28 AM

Some readers here will remember the testing of facial recognition systems at Chicago's public transports - subways etc. - that was in the media several years ago. The Intercept reveals that the software being tested was a product of International Business Machines (IBM).

https://theintercept.com/2018/09/06/nypd-surveillance-camera-skin-tone-search/

Development and sale of "applications" is such a large portion of IBM's bottom line (and at the expense of hardware dev/sale) that the company ought to consider changing its name to something descriptive of what it actually does. Perhaps "International Software as a Service Corporation".

ScaredSeptember 6, 2018 9:23 AM

@Clive
This assassination was right up Russia's alley, but why did they make no attempt at hiding their tracks? Just a little bit of plausible deniability? They are described as *intelligence* officers but I wouldn't be surprised to hear they did all their travel on the same Oyster card (bought with a Russian debit card?). And they would know the joke about UK having more security cameras than people, wouldn't they? Why don't they wear (different) glasses, a scarf...? Even in the UK, sunglasses would have had them stand out less... And the same clothes and beanies in every picture? I can see the point in one agent watching the other, but that doesn't mean walking in lockstep the whole time.
And flying directly from Moscow and back to Moscow two days later?

Bob PaddockSeptember 6, 2018 12:18 PM

@JG4

"Get ready for atomic radio MIT Technology Review (David L)"

Feels like it is based on Ted Anderson's Plasma Antenna work.

Which is based on using Neon Bulbs as antenna/demodulates for 10 GHz back in the 70's.

See Ted's book and YouTube videos on construction.

These do have security implications in that they are hard to detect when not in use.

http://www.ionizedgasantennas.com/about-plasma-antennas.html


H.M.MüllerSeptember 6, 2018 1:27 PM

@CallMeLateForSupper

"[IBM] ought to consider changing its name to something descriptive of what it actually does." ... well, it designs and sells Turing machines for businesses internationally - just what its name says ;-)

echoSeptember 6, 2018 4:42 PM

https://www.theguardian.com/film/2018/sep/06/if-anyone-can-maga-it-is-nasa-how-first-man-put-a-rocket-up-the-politics-of-space

“When you think of Neil Armstrong and when you think of the landing on the moon, you think about the American flag.

No I don't! I can only speak for myself and my experience of how family and friends treated the moon landing but it was never an AMERICAN achievement but a shared experience in which America, obviously, played a strong leading role.

Chazelle’s omission of the flag-planting was deliberate, but not politically motivated, the director said in response. “My goal with this movie was to share with audiences the unseen, unknown aspects of America’s mission to the moon – particularly Neil Armstrong’s personal saga and what he may have been thinking and feeling during those famous few hours … This film is about one of the most extraordinary accomplishments not only in American history, but in human history.”

Chazelle was supported by Armstrong’s sons and James R Hansen, author of the nonfiction book First Man, from which the movie was adapted. In a joint statement, they said: “We do not feel this movie is anti-American in the slightest. Quite the opposite.”

I agree with this.

echoSeptember 6, 2018 5:33 PM

https://www.independent.co.uk/news/uk/politics/terror-laws-home-office-designated-areas-three-clicks-human-rights-border-security-bill-a8525666.html

A new law that could see people imprisoned for up to 10 years if they enter “designated areas” abroad is being proposed by the government.

Without announcing the plan, it has introduced a completely new clause to the Counter-Terrorism and Border Security Bill, which MPs and peers have already expressed human rights concerns about.

“Entering or remaining in an area” designated as a terror risk by the home secretary would become a criminal offence under the Terrorism Act 2000.

Anyone found guilty of the proposed crime could be jailed for up to 10 years unless they had a “reasonable excuse” or were already there when it was designated.

“In making such regulations the Secretary of State would need to be satisfied that it is necessary to restrict UK nationals and residents from entering or remaining in the area for the purpose of protecting the public from a risk of terrorism,” a government document says.

In my experience this proposed policy is another example of how the UK state overreaches itself. None of this is about protecting citizens but framing citizens with the need to prove their onnocence or face a mandatory sentence. There are lots of problems within the UK as police abuse and how the DWP treat the disabled and unemployed and lots of other beaurcratic and legalistic mechanisms which only give more power to the petty minded or are a clever way of sliding past parliament and judges ways of cutting state expenditure.

These kinds of no-go areas already exist in some areas of public policy like healthcare because the UK negotiated an exemption from the single market. There are other effective no-go areas driven by police no-criming rape. I view this policy as creating yet another no-go area for citizens.

The fact the policy has the "full support" of the security services is no surprise if they suffer from linear minded mindsets and crave power and love judging and preaching to other people. They're all the same...

“The government has a duty not only to protect the rights of those who are investigated and prosecuted, but to preserve the fundamental right to life of those who may be targeted by terrorist and hostile state activity.”

The criticisms which this article does report are all pretty good and reasonable. Why is it the government and others wih power crazed interests not do their due diligence before drafting legislation or advocating positions? Why? I have my suspcions and it's not terribly polite to spell them out.

ScottSeptember 6, 2018 6:57 PM

@echo

Hmmmm...and not that it matters. But the Apollo moon missions were designed/engineered by Americans, the rockets were built by Americans in American, the astronauts were American, and the project was paid for by all the American tax payers. The moon project was executed by American's National Aeronautics and Space Administration (NASA). Yes Neil Armstrong said, "That's one small step for man, one giant leap for mankind." Hence, all "mankind" should celebrate, enjoy and feel pride the accomplishment. But, when doing so, it is probably appropriate to made mention of America's contribution the the event.

Probably you're too young to have seen first hand the television coverage of that monumental event.

echoSeptember 6, 2018 7:47 PM

@Scott

The moon programme was based on German intellectual property developed during the war. The Soviets had access to this too and to some degreefirst pick of the German enginners. It's estimated that approximately 30% of the Apollo programme which mattered was British.

Almost all of Hollywood is built on first generation European immigrants. It can be argued persuasivly thatmost of the new research being published in America and many critical Silicon Valley companies are dependent on first generation imigrants now not just from Europe but rom around the world. Let's not getstarted on Henry Tizardsvisit to America during the warwherehe handed over a massive treasure chest of British secret inventions to America for help during the wareffort, or Gordon Welchman who essentially laid the foundations for the NSA becoming a serious operation.

Kings of old claim this that and the other because their nameplate is on an object and it was their money paying for it but this doesn't mean it was exclusively theirs. Ditto the cult of the "great leader" and all other manifestations of the same.

Really, these nationalistic chest beating exercises are hold hat, and frustrating and ultimately very boring.

At no point did I take away an atom of Americas role and achievments. What I object to is individuals who themselves were justa cog in the wheel or not there and not even born stamping their feet with man-child sheepdip stained obsese oxygen thief rage that anyone else should share in the glory.

I am actually old enough (just) to have witnessed the moon landing. My whole family was up watching the landing in the early morning around my mothers black and white television set. I was not yet two at the time but I was there and awake too! Years later we were invited over to a sisters house for dinner to watch the landing of the first ever space shuttle. I follow all the exciting news about SpaceX. I couldn't be more invested hut America isn't the only pebble on the beach. Maybe it was the way I was brought up or the fact the UK has, by and large, a more international outlook but as proud as I am of British achievements and successes this doesn't mean I'm blind to others achievements nor foreigners role in supporting British achievements such as the conquest of Mount Everest.

I grant you some Americans may feel justified in being aggrieved the planting of the flag was not included in the movie but the flag is definately shown. If it makes you happy I bought a pair of star spangled bikinis (halterneck and bandau styles) for wearing in better weather because they look nice.

Clive RobinsonSeptember 6, 2018 11:17 PM

@ Scared,

They probably did know that they were going to get caught on surveillance, thus knew they were "on the clock" to get in and out as quickly as possible. Thus speed of operation rather than pointless trade craft was the key factor.

That probably got home to who ever sent them by studying the earlier Alexander Litvinenko Polonium 210 assasins, Mossad Middle East asasination and more recently[1] the tracking down of a person who may well have been the "Umbrella Assassin" of the Bulgarian author and journalist Georgi Markov.

It was for the two shown in effect their "Swan Song" "Field Operation".

We have reason to believe that there are two types of assasinations being carried out in the UK by Russia unfortunatly the majority have gone unnoticed by the authoritie. The two types are those potentially of necesity and those that are designed to send a message.

What you may not remember is very shortly after the Salisbury nerve agent attack on Sergei and Yulia Skripal, for which these two appear to be responsible for, there was a supposed "suicide" of Nikolai Glushkov in New Malden Surrey[2].

That of the Skripal's attempted assassination was designed to send a message, but the latter of Mr Glushkov was apparently staged to look like a suicide, thus an assassination of necessity not of publicity.

Nikolai Glushkov lived quietly but according to neighbours he had visitors with expensive cars that may have been from the Court Case he was involved with.

Initially it was thought he had committed suicide, but due to the events in Salisbury a much more extensive investigation established it was murder. Since then appart from bleatings out of the Russian Embassy nothing further is publically known.

But there have been atleast twenty other untimely deaths of Russians in the UK and a number of people are saying they were assasinated by Putin's hench men.

Because these other deaths were not treated as murders or assassinations they did not draw the level of attention thus investigation the Salisbury poisonings did. Therefore if they are assassinations the assassins have got away with it and can remain in the field for now.

Oh and the reason for using a Russian airline, well it's a matter of juresdiction. The rule is in effect once the aircraft is "wheels up" it's legal juresdiction is it's home nation, not that it has just taken off from even though still in it's airspace. Thus the pilot would possibly be a "special" who knew he was not to return to UK or other juresdiction friendly to the UK under any circumstances... The two men might also have been carrying Black Diplomatic Passports as well such that they would in effect be protected in other countries even if they were friendly to the UK. Such is the way dirty politics is played by many nations.

[1] https://www.telegraph.co.uk/news/uknews/crime/9949856/Prime-suspect-in-Georgi-Markov-umbrella-poison-murder-tracked-down-to-Austria.html

[2] https://www.theguardian.com/uk-news/2018/mar/21/glushkov-family-devastated-after-russians-in-london

echoSeptember 7, 2018 12:01 AM

@Clive

Nikolai Glushkov lived quietly but according to neighbours he had visitors with expensive cars that may have been from the Court Case he was involved with.

This was a case I was trying to remember as an example.

I think one reason why I get confused trying to explain things is I'm following completely different cases and arguments to what men tend to. This gives me memory problems too. The weird thing is I could go on about an issue and I know men will look blank even though a particular issue, usually but not always a discrimination issue, has been running heavily in the media for months to the point you would need to live in Outer Mongolia not to have heard of it.

I can't comment on operational things. I have no clue only speculation. Myself I would want to be far more sneaky about things. I'm grateful I never had to nor do I want to be in a position of having to live with it.

I would have more sympathy for the UK state if the state weren't trying bully and impoverish people and be generally nasty on the sly behind a very thin veneer of "legally arguable" abuse.

What horrible world.

Clive RobinsonSeptember 7, 2018 3:49 AM

@ echo,

What [a] horrible world.

Yes and no.

It is said that those who live inside their heads have built the world but those who insist on living in other peoples heads run the world, with the rest sandwiched and some what bemused in between.

In a way those on one side of the normal distribution that show autistic traits do build and run the world as they become engineers, scientists and similar. Whilst those on the other side of the distribution that show psychopathic traits do tend to run the populous as they populate senior positions in managment and politics.

On both sides the people tend to be "focused" or "goal driven" some fanaticaly so. Which most people in between are not.

Mostly engineers and scientists care not about the implications of what they do untill others point out the potential hell of what they have done.

For instance engineers and scientists have made all forms of modern communication possible, so much so most people do not know or realise it. But communications in the majority of it's myriad of forms is mostly the product of war in the last two centuries.

It is those who "run the people" that gave rise to the wars that took scientific curiosities and drove the engineers to turn them into products of the war machine. Which aftereards received the swords to plough shears treatment.

Man does not realy progress by success but failure. If you have an idea and nothing goes wrong with it then you've not realy learnt anything. It's analysing what goes wrong and why that teaches us something, going on and fixing it teaches us a little more.

So yes our world is the phoenix from the ashes of human failing.

Knowing the who and the why for the most egregious of failures does make it look like a horrible world. But we are looking at it from the comfort that it has brought to us...

History shows us just how miserable human existance was as little as eighty years ago. Nearly all our social progression was during the two great wars that for various reasons broke the bonds of servitude sufficiently that we could then push forwards without their constraint.

Unfortunatly as our host @Bruce has noted we have in the process remade our shackles and bonds anew. As he has indicated most things these days are computers with things attached where as in the past we just had the things. That is a toaster is now a computer chip with a heating element and ejector system attached. Those who control those computers control our lives.

Crypto wars II we are currently fighting is for control of not just those computer chips but the information they inhetently gather. That history teaches us in most cases can and will be used against us untill such time that we can yet again break free for a short period of time, just to place ourselves back into servitude...

Clive RobinsonSeptember 7, 2018 7:08 AM

@ Thoth and the usual suspects,

You might find this supposed secure end to end crypto security snafu of interest,

https://palant.de/2018/09/06/keybase-our-browser-extension-subverts-our-encryption-but-why-should-we-care

It's the usual issue in that they either do not know oe do not care about side channels so heamorage information...

Just one more example of why caned crypto products like browser extensions and apps realy should not in anyway be trusted.

ThothSeptember 7, 2018 8:52 AM

@Clive Robinson, all

Re: Keybase Snake Oil

I remember I did mention in the past that I am highly suspicious of Keybase. I still am very wary of them and this simply confirms my stance.

Well, what can we say ?

Another snake oil as usual. More snake oil incoming.

Clive RobinsonSeptember 7, 2018 11:13 AM

@ Thoth,

Another snake oil as usual. More snake oil incoming.

Would Sir like one bucket or five with his IoT device?.. ;-)

My son noticed yesterday a late 1990's vinatge graphics card in my "bits box" and asked me what use it was... I explained that it along with the Pentium motherboard SCSI card and mini tower of SCSI DVD Drives, was more likely to be secure than the crapamundus you get in laptops today... Oh and it would keep the house warm :-S

Which then developed into a longish discussion about how to stay marginally secure in the modern age. Eventually a "High Five" and "Retro G" was acceptance of my "Greybeard POV"[1]...

It highlighted why it's getting harder to explain to people just what a mess the newer AMD / ARM / Intel hardware issues are and why they can not be patched and none of the chip makers want to supply a "fixed chip" this side of the quater century... "Because the performance would be a half decade throwback at least" gets you that old fashioned look, the sort people give you when they think you might pretend to be a squirrel and dissapear up a tree, or start sticking colouring crayons up your nose...

[1] He's now way to big to "clip his ear" when he's been cheeky in part because I'd need a step ladder to get up there... He's now tall enough to look on my bald spot and I'm just under two metres...

CallMeLateForSupperSeptember 7, 2018 12:38 PM

I hadn't encountered a CAPTCHA for years ... until a few minutes ago, when I surfed to HaveIBeenPwned for my weekly look-see. "One more step Please complete the security check".

The short of it is yes, there is a security check, but no, there was no CAPTCHA (the box was blank). Can't get more secure than that.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.