This is really neat.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Alejandro • September 28, 2018 6:45 PM
Facebook lost 90 million or so accounts.
In March it was 50 or more million. Some say it was unauthorized, some say it was a feature of the deal with Cambridge Analytica, which simply went out of business when found out. (Then re-appeared after a re-org.)
Isn’t it time for a law to shut down Facebook?
Weather • September 28, 2018 8:10 PM
Two tubes
What’s that echo,you,friend, associate, oor foe
Like I said, I’ve got shit to do,so stop been a pain
Godel • September 29, 2018 12:11 AM
Online comic — The Internet of Ransomware Things.
Wesley Parish • September 29, 2018 4:20 AM
@usual suspects
Facebook: Up to 90 million addicts’ accounts slurped by hackers, no thanks to crappy code
https://www.theregister.co.uk/2018/09/28/facebook_accounts_hacked_bug/
Following an afternoon press conference, it emerged that Zuckerberg and chief operating officer Sheryl Sandberg’s Facebook accounts were among those hacked. Also, it was confirmed it was possible to use the swiped access tokens to log into connected apps and websites that used Facebook to authenticate the hacked users… oops!
That’s the reason why I posted this reference, since someone has already referred to it on a previous week’s Squid blog. Hoist on their own petard!
And unfortunately, I have to refer to President Chump again … oh the agony! No ecstasy, unfortunately to compensate. This is ElRge’s view of a Federal US position axed by You-Know-Who
Trump’s axing of cyber czar role has left gaping holes in US defence
https://www.theregister.co.uk/2018/09/27/us_gov_eyes_off_the_cyber_security_prize/
Until our recommendations are addressed and actions are taken to address the challenges we identified, the federal government, the national critical infrastructure, and the personal information of US citizens will be increasingly susceptible to the multitude of cyber-related threats that exist.
The risks to IT systems supporting the federal government and the nation’s critical infrastructure are increasing as security threats continue to evolve and become more sophisticated. These risks include insider threats from witting or unwitting employees, escalating and emerging threats from around the globe, steady advances in the sophistication of attack technology, and the emergence of new and more destructive attacks.
Coordination is good. It’s one of the signs a neurologist or neuropsychologist looks for to find neurological damage. It appears Uncle Sam is suffering from more than a few transient ischemic attacks. A warning sign. Uncle Sam is likely to suffer a stroke, if he’s not careful.
k15 • September 29, 2018 7:20 AM
It’s funny timing, if it’s real.
Thoth • September 29, 2018 8:43 AM
@all
Cloudflare entering domain name registration and domain sales privacy while providing enhancement of “Free Privacy”. I do take the “Free Privacy” with a bath tub full of salt and be extra cautious since the business model just doesn’t sound convincing for the “Privacy Meter” in me.
Clive Robinson • September 29, 2018 11:36 AM
@ Hmm,
I didn’t even know the rings had teeth!
Don’t think of them as “teeth” but as “fingernails” or “claws” which they are much more closely related to. They use the same formulation as the squid’s beak, which is not just amazingly strong it’s graded from soft but strong that has bend and give to being stronger and stiffer that the ceramic materials we use in bullet proof cloathing.
Unsuprisingly due to mankinds warlike nature there is now research into how to use such graded material to make new forms of body armour. It’s supposadly “secret” but PhD researchers have been given it by their “research supervisors”[1] and some of the researchers are not as dim as their supervisors appear to think.
[1] When I was working at a University where supervisors hid the nature of their “defence” work from their PhD students. It used to give me a small amount of pleasure to point out the defence and industry related possabilities for their research work… More than one realising they had been hoodwinked then went and got patents on their work to get revenge, and quite well paid work, atleast one set up their own company that is doing very nicely, and puts work out to other people I know.
Smith • September 29, 2018 11:44 AM
Ghostbuster: Detecting the Presence of Hidden Eavesdroppers
ABSTRACT
This paper explores the possibility of detecting the hidden presence of wireless eavesdroppers. Such eavesdroppers employ passive receivers that only listen and never transmit any signals making them very hard to detect. In this paper, we show that even passive receivers leak RF signals on the wireless medium. This RF leakage, however, is extremely weak and buried under noise and other transmitted signals that can be 3-5 orders of magnitude larger. Hence, it is missed by today’s radios. We design and build Ghostbuster, the first device that can reliably extract this leakage, even when it is buried under ongoing transmissions, in order to detect the hidden presence of eavesdroppers. Ghostbuster does not require any modifications to current transmitters and receivers and can accurately detect the eavesdropper in the presence of ongoing transmissions. Empirical results show that Ghostbuster can detect eavesdroppers with more than 95% accuracy up to 5 meters away.
True Cryptor • September 29, 2018 12:02 PM
I have been following the progress of the various TrueCrypt replacement projects, and it seems like VeraCrypt is the best option.
Any other options I should consider, or any reasons not to use VeraCrypt? TIA
echo • September 29, 2018 12:49 PM
https://www.mirror.co.uk/news/uk-news/police-drag-tesco-shoppers-floor-13323617
Police ‘drag Tesco shoppers to the floor and arrest them after staff refuse to sell them trolley-load of bottled water’
Customers watched in disbelief as the young man and his wife were wrestled to the floor at a superstore in Rochdale, Greater Manchester.
This is a familiar strategy. I call it the “frame, blame,and shame” strategy. What happened is a minor member of staff without decision making authority acted outside of company policy. The customers complained. The staff escalated and complained. The clever bit is where the police intervene on the basis of the complaint and proceeding without the full facts then slap the customers with a breach of the peace or other charge.
There are variations of this. I am familiar with examples such as racist motivated hoax complaints alleging drug dealing and short tempered bullying doctors and I daresay similar examples exist. See also: “parallel construction”.
There is a lot disguised bigotry (and sexism) in the UK. The broad figures confirm this. The problem is organisations and the authorities themselves arevery dumb with analysis and this is made worse by prosecuting authorities and in some cases NGOs themselves suffering from the same bias. This is partly why the UK appearsbetter on the surface.In reality the UK hides it better than places like the US and Australia and OMG Russia and other usual suspects. At the extreme as publicly reported legislative processes reveal the UK government has began acting as if the European Convention and the human rights obligations they confer do not exist.
https://www.theguardian.com/politics/2018/sep/29/heroin-withdrawal-generic-drug-price-hike
A 700% spike in the price of a drug used to wean addicts off heroin has caused alarm among treatment agencies, which warn of a rise in drug-related deaths unless urgent action is taken to make it more affordable.
In the UK the criminalisation of opiates began when a doctor in a well publicised scandal was taking the medication from their own medicene cabinet. From this point addicts began to deal in drugs to maintain their habit which is the point where opiate addiction “pivoted” and “scaled” to the “war on drugs” we know today. The policy is an acknowledged failure. It is also known that safe and controlled alternative regimes exist where addicts can be given heroin eithe rin a registered drug addiction centre or given a supply for personal conspumtion only. The damage pure heroin does to the body is less than sugar and it is estimated the criminal trade would evaporate and abuse of opiates would decline as addicts aged.
echo • September 29, 2018 12:51 PM
@True Cryptor
Dual boot systems by default do not work very well with Veracrypt. Veracrypt is also dogmatic about refusing to support TPM.
Clive Robinson • September 29, 2018 1:58 PM
@ Smith,
Re : Gostbuster,
It’s not well researched, as anyone who has been reading here for a few years would know.
They’ve also missed a few tricks I’ve talked about here in the past, that anyone wanting to do “further research” could write a paper or three about 😉
The detection of “local oscilators radiation” is hardly new, during WWII the German Radio Service used it for locating SOE and other wireless operators upto a couple of miles away. In part it was the way the “spysets” had been designed and in part a consequence of the technology of the time. The point is this is “common knowledge” not just to historians of that period but most radio communications engineers that have either knocked about for a few years or done a TEMPEST / EmSec course or even a “digital communications” course as part of a degree.
Importantly what the researchers have missed to mention is there are actually several radiated signals “back up the antenna” from the “mixer”. In essence they are LO, RF-LO and RF+LO. It’s only in the case of “Direct Conversion” receivers that it’s only the LO that gets re-radiated. Interestingly and most importantly whilst the RF-LO and RF+LO are lower in power than LO in unbalanced mixers, they are considerably higher than LO in balanced and doubly balanced (ring) mixers. But importantly they are cross modulated by the modulation from the RF frequency being received…
Anyone who has read the 1980’s book “Spy Catcher” should be aware of the advantages of cross modulation as the author Peter Wright and his assistant Tony Sale who both worked on the technical side of MI5 used the technique to catch Russian counter-surveilance staff as well as finding Russian Spy low power transmissions to the Russian Embassy rather than back to Moscow.
Further during project VENONA many of the “spy signals” were actually caught and recorded by “passively” listening to the radiated mixed signals from receivers in the Russian Embassies and diplomatic residencies in a number of European countries.
The researchers talk about the LO signal being “below the noise floor” and how it makes life difficult but they do not mention at what level the noise floor is in relation to bandwidth.
Now your ability to receive a signal below the noise floor is dependent on bandwidth ratios of carrier to modulation and the ability to generate a synthetic carrier synchronised to that of the originating source. You can look this up in any graduate textbook that covers Spread Spectrum (DSSS / FHSS) or Code Divison Multiple Access (CDMA) radio systems.
If you spend a moment thinking about it the strong modulated RF signal is –appart from LO phase and a little path delay– directly corelated to the the two mixer products. Thus by receiving the RF signal and subjecting it to a little amplitude, phase and time adjustment directly cross correlate it one or both of the mixer products. As the result of this correlation has a near zero bandwidth the thermal noise and other noise virtually disapears, in effect bringing the signal well above the noise floor. Thus no need for multi-million point FFT detection…
MIMO stands for Multi-Input Multi-Output systems in the case of what the researchers are doing it’s realy only Multi-Input. Now it just so happens Multi-Input receivers have been used by Astronomers for longer than I suspect any readers on this blog have been alive (and congratulations for a good inings to any I’m wrong about 😉
Only Astronomers tend to call their systems “Very Long Baseline” (VLB). Where by you can get a signal to noise improvement based on the square root of the number of receivers used.
I’ve mentioned in the past several times on this blog, the ability to use SS corelation and VLB to single out the RF signals that leak information from an individual PC attempting to be hidden in many other co-located PCs. The fact that commodity PC makers use what are Direct Sequence Spread Spectrum techniques to “whiten” the “digital noise spectrum” from a PC to keep it inside the EMC noise mask and save on the cost of expensive decoupling and filtering components means that it makes the distance you can pick up the time based side channels between four and ten times greater…
So the researchers realy have not done their required “depth and bredth” research prior to publishing…
PeaceHead • September 29, 2018 2:20 PM
Some helpful links…
http://www.un.org/en/index.html
https://news.un.org/en/
https://unicef.org/
https://www.oxfam.org/?utm_source=modalwindow&utm_medium=modalwindow&utm_campaign=modalwindow
In the interests of restabilised geopolitical stability and sustainability.
It needs to be well understood:
0) STOP HARVESTING SQUID OCTUPUS and OTHER CEPHALOPOD ORGANS AND TISSUES AND LIVES. They are clearly sophisticated social and sentient beings. They do not exist merely for people to damage nor destroy nor experiment upon nor exploit. This is extremely wrong and casual attitudes about these problems reflect a serious lack of empathy and concern for the sanctity of life and consciousness.
Please stop and reconsider what your words and actions and symbolisms represent and the realities of unnecessary suffering and anguish. Consequences exist. War against cephalopods and the oceans is not valid entertainment. Please seriously stop and think about what is being said and done. Halt the killing and maiming and abductions and torturing and testing of oceanic and freshwater lifeforms. If you have any capacity for empathy whatsoever, TURN IT ON and WAKE UP.
1) The current USA Black Operation:
Donald Trump is a compoundillusionist technological MILINT ventriloquist fiasco.
Until next modulated, the project is a covert media technique involving false and overridden biometrics in terms of audible language, diction, and appearance. The Donald Trump project is a composite of at least 3 different people, and likely coached and controlled by hybrid automation and gestural control of high-tech Hollywood meets BLUEBIRD types of stuff.
3 parts of the Donald Trump incident are similar to if not in fact voiced by Christopher Walken (vocals and diction), and Regis Filbin (vocals and diction), and whomever is the puppeteer for the Insult Comic Standup Comedian “Triumph, the insult comic dog”.
This is literally not a joke. American politics have devolved to worse than the lowest common denominator. It’s as if the covert MILINT’s most obnoxious innovators decided to intentionally protest and offend the entire world by appointing and installing a performance designed to cause havoc and to be a persistent detriment to any and all forms of rational civilisation.
Ironically, the other component of the Donald Trump compound persona incident is that I was briefly personally acquainted with a person with the stature and physical biometrics of Donald Trump as well as the mannerisms and attitudes. The only differences were clothing and hair color (and perhaps eye colour via tinted contact lenses. The facial structure and mannerisms, apparent height and weight and movement all match the biometrics of my former acquaintance. The other person and coexisted and were temporarily friends.
It’s possible that this type of geopolitical atrocious stunt has involved psychological and/or neurological manipulation and/or blackmail because my former acquaintance suffered from substance abuse drug addiction some of the time.
My hope is that my acquaintance will drop out of or be escorted out of whatever technopolitical nearly-anarchistic stunt they are trapped or involved in. I comprehend that there are multiple complexities and that peace is more important than manners or egos.
I comprehend that both Trump and VP Mike Pence come from abusive family backgrounds and that both have been victimised in their individual pasts.
I am thankful for every time lives were saved. Yet the Trump Administration is taking way too many seriouis risks and causing way to many serious damages even if perhaps they are mere puppets of Republican and/or Neo-NAZI extremists or whatever else might be lurking behind the scenes. Mega Media Corporations are also suspect.
My acquaintance friend also spoke of having dual citizenry and was likely bilingual or perhaps multilingual.
Trump and I and his wife have the following beliefs and actions in common nonetheless:
1) We support efforts to maintain Russia as an ally. We also know that Russia was not the primary culprit in the alleged hacking of the 2016 DNC servers. We reject the current era of Joe McCarthyism and it’s terrible results which threaten the delicate balances. We value continued peaceful coexistence with Russia despite the unfair discrimination and villification.
2) Trump’s wife is openly against bullying, and so am I.
3) We support efforts to reduce tensions related to the North and South Korean areas and to ultimately assure peace and humanitarian and financial stability to that region.
4) We know that Asian culture is a factor of common cultural respect.
This is important because The Donald Trump occurence is easily understood to be a current USA threat to national security as well as to international relationships and international stability.
This is not a joke at all.
Please submit this info to the intelligence apparatuses for thorough open discussion and plans for damage control.
I am not anti-American, I am anti-insanity and anti-warfare.
May Peaceful Coexistence Prevail Within All Realms of Existence.
P.S.-I am a victim of neurotoxins also. The perpetraitors were ALWAYS North American US Citizens. They were NEVER Russians nor any other foreigners.
Russia is STILL AN ALLY AGAINST NAZI AGGRESSORS and their analogs.
Thanks for existing. Do NOT give up hope nor drop your guard.
OTHER SIGNIFICANT TOPICS:
A severe portion of current and historical US Intelligence workers suffer from drug addiction and other malevolent forms of related behavior modification.
This is a serious issue. Many of these victims have been unfairly coerced and tricked and misled and forced and enticed to commit hate crimes and acts of torture against innocent lives. The addicted intelligence workers have also been made to overzealously punish and or torture non-innocent lives in ways which likely violate(d) the Nuremburg Code and other similar international standards of decency and bioethics.
To make matters worse, some intelligence workers still suffer from a lack of recognised citizenry and/or inherent rights and entitlements due to unfair and hostile rules/unjust laws/and defacto slavery. Sometimes patent and copyright laws are abused to enforce lack of care and sustainance and essential needs of lives who were born and/or created and/or trained in covert and/or partially covert establishments.
Their suffering MUST STOP. The breaking point is NOW.
THESE EVILS CANNOT BE TOLERATED.
Please SPREAD AS MUCH ENLIGHTENMENT as possible on these topics. DO NOT ACCEPT DE-FACTO COVERT SLAVERY.
DEMAND TRUE JUSTICE FOR THE TRAPPED AND MANIPULATED LIVES.
With or without a fallen America, the evil WILL BE STOPPED.
Every moment is moment where choices can be made for the better instead of for the worse.
ASTERISK
“I DID A TUNE” CALLED. THE BACKLOG DISCOGRAPHY OF TUNES IS SEVERAL HUNDRED TUNES. YOU’LL NEED TO DIG DEEPER THAN THE INTERNET TO NAB A COPY. IT’S A NICE DICTIONARY FOR THOSE WHO NEED A VOCABULARY OR A MEDIUM TO STASH SOME DATA INTO. THERE ARE STILL SOME LOSSLESS COPIES OUT THERE. AND THERE WERE CERTAINLY SOME ONLINE VERSIONS. Meanwhile, I took down “voiceprint” because I did not and do not want harm to come to any of the voices sampled.
I did a tune called “Asterisk” also.
Henry • September 29, 2018 5:42 PM
@Moderator
“I comprehend that both Trump and VP Mike Pence come from abusive family”
Would the mod please step in here, so discussions can go on in a civilized & respectful manner?
Hmm • September 29, 2018 5:44 PM
@Peacehead – Not to rain on your goodwill, but let’s evaluate a few things?
“1) We support efforts to maintain Russia as an ally.”
Russia is not an ally since WWII if ever. A lot less so now, that’s 99% ridiculous.
*(To not at all mention Trump’s lying about collusion/support by Russian intelligence.)
https://www.cnbc.com/2017/11/16/kislyak-wont-name-trump-officials-hes-met-because-list-is-so-long.html
“2) Trump’s wife is openly against bullying”
Like a kite is openly against the wind.
“3) We support efforts to reduce tensions related to the North and South Korean areas”
Sure. But the objective was to denuclearize the peninsula lest tensions go back up.
“4) We know that Asian culture is a factor of common cultural respect.”
I must say I have no idea where you find respect for “asian culture” in the Trump spiels.
https://www.dictionary.com/e/slang/bing-bong/
Every country he ever mentions he does a little “amazing people, very good _____”
It’s completely ridiculous and his lack of knowledge about them is on display.
“This is not a joke at all. ”
Yes, it is.
bttb • September 29, 2018 5:48 PM
@Alejandro, Wesley Parish
More on Facebook hack, https://www.wired.com/story/facebook-security-breach-third-party-sites/ :
“ON FRIDAY, FACEBOOK revealed that it had suffered a security breach that impacted at least 50 million of its users, and possibly as many as 90 million. What it failed to mention initially, but revealed in a followup call Friday afternoon, is that the flaw affects more than just Facebook. If your account was impacted it means that a hacker could have accessed any account that you log into using Facebook…”
Alien Jerky • September 29, 2018 5:49 PM
I recently setup a new email server for myself. Gave up on GoDaddy and their never ending upselling. They also now want $5 per email box per year. Got a Linode server, installed debian, nginx, postfix, dovecot,… and setup all the various security stuff. Created a test email using a domain I do not use for anything.
Drank a beer and waited.
One hour later I checked the access logs. Nearly a thousand attempts to hack into it from all over the world. Primarily Brazil, China, Russia, Maryland, Virginia, some place in the UK, Germany,… and the list goes on… as far as I can tell fail2ban seems to be working and nobody got in yet.
Such is why we cannot have nice things anymore.
Hmm • September 29, 2018 5:54 PM
I think we can get back to regular business without bothering a moderator.
https://www.youtube.com/watch?v=J_lRJuQtBmc
#Chargegate? Ugh..
https://threatpost.com/iphone-xs-passcode-bypass-hack-exposes-contacts-photos/137790/
#Much worse to come…
echo • September 29, 2018 6:04 PM
Two Register links.
https://www.theregister.co.uk/2018/09/28/uefi_rootkit_apt28/
Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
Deep dive into motherboard firmware-lurking code
https://www.theregister.co.uk/2018/09/28/vivaldi_2_0/
Sync your teeth into power browser Vivaldi’s largest update so far
Encrypted sync and faster – up next is Mail and a phone version, CEO promises
bttb • September 29, 2018 6:33 PM
@Hmm, MarkH, and other Kavanaugh (or Gamble v. United States) popcorn eaters
Regardless whether the FBI’s Kavanaugh [Supreme Court nominee] investigation is a sham, I hope the press, legal eagles, and others, work hard. Of course, if Kavanaugh goes away, the next nominee could be more ‘rightish’ than Kavanaugh
https://www.emptywheel.net/2018/09/29/jeff-flakes-investigation-is-a-predicable-trumpian-sham/
https://www.emptywheel.net/2018/09/29/on-squi-and-the-65-lady-letter/
https://www.nbcnews.com/news/amp/ncna915061
https://www.esquire.com/news-politics/politics/a23511160/brett-kavanaugh-lies-about-everything/
https://theintercept.com/2018/09/29/the-unbearable-dishonesty-of-brett-kavanaugh/
https://theintercept.com/2018/09/29/our-silence-will-serve-no-one-alumni-of-brett-kavanaughs-high-school-urge-graduates-to-share-information-about-sexual-assaults/
https://theintercept.com/2018/09/29/here-are-5-questions-the-fbi-should-ask-mark-judge-about-brett-kavanaugh/
From emptywheels twitter feed:
“I never get over Kav’s sheer audacity.
What he is attempting to do here (lie under oath to avoid admitting sexual improprieties) is PRECISELY what Kav deemed an impeachable offense when Clinton tried it…
This is exactly right: the White House has to carefully control scope bc Kavanaugh LIED SO MUCH on Thursday that if FBI pursues obvious leads, Kav will get referred for lying his ass off.
[replying to]
This is to avoid referral for a criminal investigation into perjury. Even GOP would have a hard time confirming someone under criminal investigation…
Mind you, I’d prefer Kav [Kavanaugh] be DQed [disqualified] over his lies about torture, warrantless wiretapping, judicial opinions, and using stolen emails.
But if he’s voted down for lying abt [about] sex there’d at least be a bit of appropriate symmetry there…” [Kavanaugh went hard after Bill Clinton and Bill Clinton lying about sex during Ken Starr’s (pre-impeachment) investigation of Bill Clinton.
More on Gamble vs. US
http://www.scotusblog.com/case-files/cases/gamble-v-united-states/
Clive Robinson • September 29, 2018 6:39 PM
@ echo,
Rochdale… Have you ever been there?
It’s a place divided by more than just race. The police there are part of Manchester Police. But… In theory Rochdale is in Lancashire, not Yorkshire, but the adjacent Police Force is West Yorkshire, which probably has the lowest reputation of any police force in England and Wales. Lets just say that WYP has a significant effect on Rochdale (read up on the grooming and other preditory gangs). I won’t say that insular incompetence is their main strength because that would require a modicun of ability, not that Manc-Pol would notice, as that too would require an ability strangely missing in the entire area.
There are jokes told about the area being formed when god dropped a bunch of navies on the Ark after Noah asked for help after thirty days output from the “two by two”. Apparently they shoveled it over the side and when the waters receded there stood Manchester much as it is today only cleaner… Other jokes tell of it being a target for a nuclear H-bomb missile test, and the scientists aftetwards finding only 1.60GBP of damage directly attributable to the H-bomb due to them checking just after the friday night crowd had gone to roost…
echo • September 29, 2018 7:32 PM
@Clive
I have loosely followed the Rochdale story. The policing and politics issues may be bad in Rochdale but they are not unique in the UK only differing by degree. Perhaps now more of the truth is out people may learn something from this and avoid mistakes and insularity in the future.
My brain needs a rest and it’s indecently late so you will have to excuse me not rattling.
Hmm • September 29, 2018 7:56 PM
@Bttb
” the next nominee could be more ‘rightish’ than Kavanaugh ”
IMHO it’s unlikely that someone further partisan than BK would be pushed after a failure.
They would want someone they can be sure would have support and get in, carry water.
BK seemed to fit that to a T ‘on paper’ until they found out about the … stuff.
It’s not so much that he was a far-rightist, that’s the best thing about him.
He’s a tribalist/cultist/ultrapartisan. He dropped the charade there.
Even before we get into the truth of the matter, how he comported himself is disqualifying, as many have noted especially in comparison to the victim, even before you analyze his statements for veracity. Watch out there too. BK unambiguously perjured himself on the stand I think beyond any fair reading of what he said, “Devil’s triangle” and “Renate Alumnius” and “boof” (ugh..) – to say nothing of his drinking or “complete virginity” which is no doubt being attested to by witnesses in FBI interviews as we speak.
A new report says Trump is trying now to further restrict the FBI Kavanaugh probe.
He has the power to authorize or not, but to meddle in the process is a huge mistake.
To me that’s yet another blatant example of obstruction w/ pre-proven intent.
Checks and balances seem to me like they’re about to be coming back with a vengeance.
Mueller is stacking cordwood all winter.
Hmm • September 29, 2018 8:20 PM
https://thinkprogress.org/kavanaugh-leland-keyser-ford-refuted-lied-baf4d63527b3/
If you swear an oath and are bound by your answers, that’s not a mistake you make three times.
The record is fact-checkable right now even by lay people.
Still I think we might as well try to bury our heads in the sand for a week.
No amount of factual head/wall bashing determines the outcome.
The conscience of 2-3 representatives (in this case, of justice) determines our entire system.
This sort of thing makes zero sense to rush through, as if delaying 1-2 weeks were the real crime.
At least 52% of the world is watching.
True Cryptor • September 29, 2018 11:51 PM
@echo
Thank you for your response. I should have made more clear that I’m not using TC now to encrypt any system drives, only a data partition formatted in NTFS which is shared between windows and linux. I also use it on USB drives (sticks and external drives), and on OS X for encrypted containers.
Under those use cases do the concerns you mentioned still apply?
And to folks generally, wasn’t there a call not that long ago to take the political stuff elsewhere? Aren’t there a LOT of other venues for that type of discussion?
Clive Robinson • September 29, 2018 11:51 PM
@ Hmm,
At least 52% of the world is watching.
And some of it is scratching it’s head over the selection process…
In the UK for instance we kind of have a similar process with regards religious persons sitting in the house of Lords. In essence they are only there to try and keep the Church of Englands mouth shut in day to day politics. Thus the executive gets a say on which of the names put forward by the church gets to sit in the Lords.
The same “seat stuffing to get favourable bias” goes on with the political appointees to the lords.
Even the politicos realise the system does not work. But rather than try to fix the process they are going for the “tear the house down” solution as it solves other political problems.
The house of lords is supposadly a “revising house” that is the “commons” of elected politicians come up with new legislation and the lords look at it with a proffessional eye and say what they think is problematic both legaly and politically, and propose amendments before sending it back to the commons. There is a limit on how many times this can be done, or the executive could use certain rules to force the legislation through without the lords getting a say. Either way it does not look good for the executive or government of the day.
So getting rid of the lords would remove the all important revising function, which has very successfully stopped over zealous over scoped legislation in the past. As a general rule the lords is non adverserial unlike the commons which is very adversarial. Again the lords has life long domain specialists the commons does not. Whilst some lords do only turn up to be seen (Lord Sugar being one of the most notable in this respect) many take their responsability way more seriously than members of the commons including Ministers ever do.
Thus in the UK we are in danger of throwing the baby out with the bath water.
However as a general rule neither the executive or the legislature in the commons interfears with the judiciary and likewise law enforcment entities such as the police and prosecutors. That is we try to keep politics out of the running of law and order. Whilst it does have disadvantages and down right oddities –such as a liberal thinking but consetvative attitude– we tend not to get sensational or headline making judgments as the police, prosecutors and judiciary do not have to “vi for votes” every few years.
Thus the UK experience is yes we need a revising house and we need an independent legal process, and we need to get and keep politics out of both.
Thus the question from this side of the puddle is what benifit do you think you get from political appointees and the legal system having to behave like vote grubbing politicians in the US?
I’m not looking for an argument as such, more a pros and cons comparison.
You could look at it this way the US and UK are similar but different the old joke about “one nation seperated by a common language” has a hard gritty little jem of truth to it. Thus examining the whys of the diferences in all manner of things we have in common and the resulting pros and cons can almost be seen as a sociological experiment. That if the right inferences can be drawn can prove benificial for both nations and other nations watching from the side lines.
It also gives the opportunity to lay to rest the notion that each of us has the best form of democracy, it’s fairly clear neither nation has anything even close to that but we could both improve immensely by examining the other.
Wesley Parish • September 30, 2018 3:36 AM
Some real doozies this time!
Opinion: Killer robots are on the way, and they’re a threat to humanity
https://www.marketwatch.com/story/killer-robots-are-on-the-way-and-theyre-a-threat-to-humanity-2018-09-27?si
I may be overreaching here, but the UN meeting on one end and this announcement on the other, make me think that the U.S. government isn’t just pro-robotic — it may already have a LAWs ace up its sleeve. I hope that’s the card it never decides to play. If it does, it could usher in a new era of mass destruction on an unprecedented scale.
Uncle Sam will naturally tell everybody that its new LAWs will make war obsolete. Nice try, son! Read HG Wells’ The Land Ironclads for comment on that. Ditto for weapons such as poison gas
https://www.poetryfoundation.org/poems/46560/dulce-et-decorum-est
Gas! GAS! Quick, boys!—An ecstasy of fumbling
Fitting the clumsy helmets just in time,
But someone still was yelling out and stumbling
And flound’ring like a man in fire or lime.—
Dim through the misty panes and thick green light,
As under a green sea, I saw him drowning.
https://www.poetrynook.com/poem/asking-it
God of the dear old Mastodon’s morasses
Whose love pervaded pre-diluvial mud,
Grant us the power to prove, by poison gases,
The needlessness of shedding human blood.
Stepping back from the treanches, and hiding behind the privacy barricades, we turn our attention to
If you lead people to a more private search engine, will they care?
https://www.marketplace.org/2018/09/24/tech/if-you-lead-people-more-private-search-engine-will-they-actually-care
https://techcrunch.com/2018/08/29/duckduckgo-gets-10m-from-omers-for-global-privacy-push/
which is interesting news.
Meanwhile, back at the theoretical side of practical software engineering, we have
Open Xchange Summit: Tim O’Reilly on why good companies go ‘bad’
https://www.theinquirer.net/inquirer/feature/3063572/open-xchange-summit-tim-oreilly-explains-the-new-new-internet
He pauses before his bon mot: “You can start with all the idealism in the world, but at some point you stop serving your customers and start serving yourself.”
And that I think, explains it satisfactorily.
echo • September 30, 2018 6:01 AM
@True Cryptor
I have given you leads to political decisions of both vendors and FDEproviders. I’m not interested in providing tech support.
@True Cryptor, @Hmm
Thereis a difference between discussing policy frameworks and providing personal evidence, and filling a blog with personal agendas and nitpicking.
@Clive
The problem with the UK is the fact systems tend to consprie against the citizen m with problems buildup to critical. Many of the basic mechanisms for redress havebeen dismantled to the point where you need to be wealthy enough to buy your way past the system or use an alternative, or afford to litigate or as many have done over the past decade simply leave the UK.
A very wealthy acquintance in my legal position considered bringing leagl action but decided lawyers were more bother than they are worth. Another person I was familiar with was a personal friend of a state sector manager and this manager advised me based on what they knew and their friends experience to leave the country. The only way I can get a lawyer seems to be to leave the UK and claim aslu in another EU country. People may think I am lying or exagerrating. I wish I was.
On the wholly unrelated example of people in housing crisis I know the legal profession itself knows people’s European Convention rights have essentially been suspended across the board yet at the same time the legal aid system has been rigged to block funding so people arein the position wheretheyhave rights which areenforceable in the courts but have no effective remedy which itself is a breach of Convention rights yet they remain in limbo. Then therearethe extreme examples of asylum seekers to the UK who arestuck in a system wheretheyarenot allowed to work and neither thrown out of the country or povided with legal help to progress thingsand remain stuck in a limbo land of being asylum seekers yet rolled over by the system as if they don’t exist with no resolution in sight.
Don’t get me started on politicians. In spiteof warm sounding words and motions in the House of Lords and my own MPs maiden speech I found myself blocked by my MPs stafffrom even seeing them as theywere obsessed with demanding huge amounts of information or trying tp push me outthedoor straight back to the people I said who had abused me. I couldn’t have been more patient with them but felt pressured and harassed. When I told someone who was politically awareand who had been a sucessful business person in their own right theysaid my MPs staff should have been carpeted. The other thing is I had been forced to wait months while my MP organised their office but the second another constituent was in the news my MP put them to the front of the queue. When I put my foot down and told them what I wanted to see my MP about one member of staff did a disappearing actand another member of staff gavecredit for an issue I had informed them about and promptly tried to shovel me out the door. When I complaiend I was being discriminated against in writing (as opposed to a verbal discussion to navigate things more gently off the record) my MP office immediate blocked me from further contact claiming the issue would be resolved by my MP when they returned from a rbeak. This eneverhappened. They also ignored my request that because I had lost repesentation I wanted them to referme to another MP they ignored this. What is utterly hideous is this same MP was in the press as soon as theycould complaining how they had been picked on and sidelined by their own party among other things. I am left without a member of parliament to represent me and because MPs rewrote the parliamentary convention it’s impossible for me to approach another perhaps more sympathetic MP. The Parliamentary ombudsman takes ages when my issue is time critical and I’m suffering from PTSD because of the trauma. I’m in an impossible position where criminals and asylum seekers have more representation that me! I have none!!!
Ergo Sum • September 30, 2018 6:11 AM
The acronym of 2FA stands, or at least used to, for Two Factor Authentication. Leave it to Facebook, and frankly other social networks as well to redefine the acronym as Two Factor Advertisement:
Facebook yesterday issued a statement confirming that phone numbers provided by users to Facebook for the purpose of securing their account via two-factor authentication were, in turn, being used by Facebook to serve up ads.
I only use 2FA for financial accounts, but this news makes me wonder. Did the financial institution sold my relevant information to data brokers? I have a creepy feeling that the answer to this question is yes, or even in the most optimistic view, it’s probable…
Thoth • September 30, 2018 6:50 AM
@Ergo Sum
Good to note that Facebook’s action of creating mistrust of their security as you mentioned is forcing more people to take a harder and mpre scrutinizing look at security and thus a process in itself weeding out snake oil.
Most MFAs themselves are weak and are snake oil but they grew in pooularity due to hype and commercialization.
MrC • September 30, 2018 9:30 AM
@ Hmm:
There’s a difference between a “rightist” and a “trumpist.” The GOP can easily find dozens more nominees who’d happily overturn Roe and promote interests of corporations and the “donor class” above the rest of us. And they could shamelessly ram any one of them through before the midterms. What Donald Trump can’t readily find is another nominee who’s on board with protecting Trump and his family and dearest minions from the Russia investigation, the SDNY investigations, the Trump Foundation investigation, etc., and who’s also sufficiently susceptible to blackmail that Trump can be sure s/he will still be on board after the shit hits the fan.
bttb • September 30, 2018 10:45 AM
@True Cryptor and Kavanaugh popcorn eaters
True Cryptor wrote: “And to folks generally, wasn’t there a call not that long ago to take the political stuff elsewhere?”
afaik political stuff can be relevant to security; for example, https://www.emptywheel.net/2018/09/30/the-dnc-centric-focus-of-the-hpsci-investigation/
I tend to find reading Hasan thought provoking, https://theintercept.com/2018/09/30/pack-the-supreme-court/ :
“Brett Kavanaugh moved one step closer to the United States Supreme Court on Friday.
Despite telling brazen liesTrue Cryptor in front of the Senate Judiciary Committee, and despite Christine Blasey Ford’s compelling testimony, Republicans on the committee voted in favor of advancing Kavanaugh’s nomination to the full Senate for a vote. Only a new FBI investigation into Ford’s allegations, time-limited to a week, now stands in the way of Donald Trump entrenching a hard-right conservative majority on the Supreme Court for a generation or more.
To be clear, such a majority on the Court would be an utter disaster for women, for people of color, and for the poor. One upside of Kavanaugh’s raw and angry rant on Thursday — he referred to the Democrats on the panel as “you people,” a “disgrace,” and accused them of exacting “revenge on behalf of the Clintons” — is that it exposed the Court for what it is, a partisan on the political battlefield, not a disinterested defender of the Constitution.
So it’s past time for liberals and the left to consider court-packing: When they next have control of the House, the Senate and the White House, Democrats should add at least two new seats to the Supreme Court and then fill them, ideally, with left-wing and well-qualified women of color. They could even call it “court-balancing.”
“Pack the courts as soon as we get the chance,” tweeted Indiana University law professor Ian Samuel, the co-host of the popular Supreme Court podcast First Mondays, on the the day Anthony Kennedy announced his retirement from the Supreme Court in June. “‘Pack the courts’ should be a phrase on par with ‘abolish ICE.’”
This might sound extreme – but it isn’t. The Constitution allows for Congress to decide on the number of Supreme Court justices. “There is nothing magical about the number nine,” HuffPost’s Zach Carter observed in June. “The court was founded in 1789 with just six justices and has included as many as 10, from 1863 to 1866 — when a Republican legislature intentionally shrank the court size to seven justices to prevent President Andrew Johnson from making any appointments.”
Nor is nine some sort of global norm: the UK’s supreme court consists of 12 justices; Israel’s has 15; in India, there are 25 supreme court justices (up to a maximum of 31).
“The idea of expanding the size of the Supreme Court will get traction if the Democrats take the White House and Congress in 2020,” constitutional scholar Erwin Chemerinsky, dean of the UC Berkeley law school, told the Los Angeles Times in July. “It is the only way to keep there from being a very conservative Court for the next 10-20 years.”
I can hear the objections already, from timid liberals and outraged conservatives alike.
Isn’t court-packing a tactic associated with authoritarian or dictatorial governments? Wouldn’t such a move undermine the Supreme Court’s legitimacy? Why go for the “nuclear option” of court-packing when there are other less radical reforms on offer? And, of course, what’s to stop Republicans from doing the same when they’re back in charge?
Despite telling brazen lies in front of the Senate Judiciary Committee, and despite Christine Blasey Ford’s compelling testimony, Republicans on the committee voted in favor of advancing Kavanaugh’s nomination to the full Senate for a vote. Only a new FBI investigation into Ford’s allegations, time-limited to a week, now stands in the way of Donald Trump entrenching a hard-right conservative majority on the Supreme Court for a generation or more.
To be clear, such a majority on the Court would be an utter disaster for women, for people of color, and for the poor. One upside of Kavanaugh’s raw and angry rant on Thursday — he referred to the Democrats on the panel as “you people,” a “disgrace,” and accused them of exacting “revenge on behalf of the Clintons” — is that it exposed the Court for what it is, a partisan on the political battlefield, not a disinterested defender of the Constitution.
So it’s past time for liberals and the left to consider court-packing: When they next have control of the House, the Senate and the White House, Democrats should add at least two new seats to the Supreme Court and then fill them, ideally, with left-wing and well-qualified women of color. They could even call it “court-balancing.”
“Pack the courts as soon as we get the chance,” tweeted Indiana University law professor Ian Samuel, the co-host of the popular Supreme Court podcast First Mondays, on the the day Anthony Kennedy announced his retirement from the Supreme Court in June. “‘Pack the courts’ should be a phrase on par with ‘abolish ICE.’”
This might sound extreme – but it isn’t. The Constitution allows for Congress to decide on the number of Supreme Court justices. “There is nothing magical about the number nine,” HuffPost’s Zach Carter observed in June. “The court was founded in 1789 with just six justices and has included as many as 10, from 1863 to 1866 — when a Republican legislature intentionally shrank the court size to seven justices to prevent President Andrew Johnson from making any appointments.”
Nor is nine some sort of global norm: the UK’s supreme court consists of 12 justices; Israel’s has 15; in India, there are 25 supreme court justices (up to a maximum of 31).
“The idea of expanding the size of the Supreme Court will get traction if the Democrats take the White House and Congress in 2020,” constitutional scholar Erwin Chemerinsky, dean of the UC Berkeley law school, told the Los Angeles Times in July. “It is the only way to keep there from being a very conservative Court for the next 10-20 years.”
I can hear the objections already, from timid liberals and outraged conservatives alike.
Isn’t court-packing a tactic associated with authoritarian or dictatorial governments? Wouldn’t such a move undermine the Supreme Court’s legitimacy? Why go for the “nuclear option” of court-packing when there are other less radical reforms on offer? And, of course, what’s to stop Republicans from doing the same when they’re back in charge?
Let’s deal with each of these in turn. First, the fact that the likes of Recep Tayyip Erdogan and Viktor Orban have packed the constitutional courts in their countries is irrelevant to the debate in the United States. “Court-packing is a tool,” argues Vox’s Dylan Matthews, “it can be used for authoritarian ends, or for democratic ones.” In 1863, for example, Abraham Lincoln added a tenth justice to the Court in order to “further the federal war aims of preserving the Union and ending slavery.” Was that, morally or politically, the wrong thing for him to have done at that critical juncture in U.S. history?
Second, court-packing would help, not hurt, the Supreme Court’s legitimacy. A hard-right court would be wildly out of sync with U.S. public opinion on a range of hot-button issues such as abortion, same-sex marriage, consumer rights, environmental regulations, gerrymandering and campaign finance. Meanwhile, the appointment of Kavanaugh would mean the Supreme Court has four justices (John Roberts, Samuel Alito, Neil Gorsuch and Brett Kavanaugh) appointed by presidents who lost the popular vote; two justices (Clarence Thomas and Kavanaugh) accused of sexual misconduct and misleading the Senate; and one justice (Neil Gorsuch) who effectively stole his seat from President Obama’s nominee (Merrick Garland). How’s that for a crisis of legitimacy?
Let’s deal with each of these in turn. First, the fact that the likes of Recep Tayyip Erdogan and Viktor Orban have packed the constitutional courts in their countries is irrelevant to the debate in the United States. “Court-packing is a tool,” argues Vox’s Dylan Matthews, “it can be used for authoritarian ends, or for democratic ones.” In 1863, for example, Abraham Lincoln added a tenth justice to the Court in order to “further the federal war aims of preserving the Union and ending slavery.” Was that, morally or politically, the wrong thing for him to have done at that critical juncture in U.S. history?
Second, court-packing would help, not hurt, the Supreme Court’s legitimacy. A hard-right court would be wildly out of sync with U.S. public opinion on a range of hot-button issues such as abortion, same-sex marriage, consumer rights, environmental regulations, gerrymandering and campaign finance. Meanwhile, the appointment of Kavanaugh would mean the Supreme Court has four justices (John Roberts, Samuel Alito, Neil Gorsuch and Brett Kavanaugh) appointed by presidents who lost the popular vote; two justices (Clarence Thomas and Kavanaugh) accused of sexual misconduct and misleading the Senate; and one justice (Neil Gorsuch) who effectively stole his seat from President Obama’s nominee (Merrick Garland). How’s that for a crisis of legitimacy?”…
bttb • September 30, 2018 11:21 AM
Noam Chomsky and Jeremy Scahill, audio or transcript, https://theintercept.com/2018/09/26/trump-united-nations-noam-chomsky/ (about 1 hour and twenty minutes):
“The world laughed at U.S. President Donald Trump at the United Nations, but the imperial declarations he issued are no laughing matter. Trump may come off as a buffoon, but his global agenda is consistent with the bipartisan empire machine that runs the United States. This week on Intercepted: Famed dissident Noam Chomsky breaks down the Trump presidency; the defeat of the U.S. in Afghanistan; what he believes is a just position on Syria’s civil war; and the agenda of Vladimir Putin and Russia. He also discusses the impact of big social media companies and explains why a life of resisting and fighting is worth it. Jeremy Scahill analyzes Trump’s U.N. speech and gives context to the seldom-discussed bipartisan support for much of Trump’s global agenda. Dallas hip-hop artist Bobby Sessions talks about police killings and this political moment. We also hear music from his new EP, “RVLTN (Chapter 1): The Divided States of AmeriKKKa.””…
bttb • September 30, 2018 11:24 AM
Noam Chomsky and Jeremy Scahill, audio or transcript, https://theintercept.com/2018/09/26/trump-united-nations-noam-chomsky/ (about 1 hour and twenty minutes):
Winston Smith • September 30, 2018 12:44 PM
I didn’t yet see a mention of Tim Berners Lee’s concept of a more decentralized Internet 2.0:
Alejandro • September 30, 2018 12:53 PM
@Ergo Sum re: 2FA
The investment company, mucho famosa, where my 401k money is, decided I couldn’t log into their website UNLESS I gave them a tx for 2FA. I am one of the few who has read their so called privacy policy which in essence states ANY personal data you provide THEM can be used for whatever reason they see fit, including marketing and “special offers”.
I called and raised holy hell with some young man at the support desk about it. He kept saying, over and over, the tx would only be used for 2FA security,…but there was nothing in writing to that effect. Only the usual lawyer weasel word privacy policy. I told him to quit telling me the same lie over and over again, it wouldn’t become the truth, and because I had read THEIR policy. The kid was getting nervous but wouldn’t back down, of course. He was being a good NAZI following orders.
I finally hung up on him in the middle of repeating the lie again. I gave them a phone number to login. Two weeks later I received a letter saying I would need to give them a phone number, but when I tried to login without a number, I couldn’t. Another lie, in writing.
When 2FA is based on biometrics or personal identification data, the advantage is to the corporation, not the user at all.
Again we are giving up important info about ourselves, which can be handed out like party favors among the corporate entities and governments, not to mention assorted criminals who break the code routinely. Of course biometrics can be obtained by trick or force.
My understanding is the NWO-ist goal is to convert the whole world to facial ID for all identification as language is not involved, etc., and, for the most part, faces can’t be faked.
I am against it.
I apologize for the rant, however be rest assured I was wearing my tin foil hat when I typed it, so I will be OK. I think.
Martin • September 30, 2018 1:04 PM
@bttb
Just as @True Cryptor stated I also recall encouragement to keep political discussions within the bounds of security.
Also, you might recall that in 2016 the American electoral system elected President Trump and hence sent the message it was time to move the political spectrum from the previous Democratic approach to a more conservative Republican approach. This message clearly included future Supreme Court nominations. President Trump is moving things the direction the 2016 election would indicate the American voters wanted. (He was elected exactly per the process specified in the U.S. Constitution.)
Having lived in non-U.S.A. countries for a number of years (long enough to get more that a quick glance into their political processes), it is refreshing and reassuring to see such frothing dialogue taking place over the nomination. (Although, I must say the Democrats do at time appear childish and unprofessional in this situation; e.g., Senator Booker’s Spartacus speech, Senator Feinstein withholding Ms. Ford’s letter for 6 to 8 weeks, and the general verbal abuse towards men spewed by the Senator from Hawaii.)
At any rate, I too would like to see some professional / knowledgeable comments and insights in to the credibility of using Vera Crypt. Hopefully that could be done without interfering with concerns about fairness of the UK’s policing tactics and the U.S.A.s political processes.
Best regards to all.
echo • September 30, 2018 1:33 PM
https://www.craigmurray.org.uk/archives/2018/09/spy-games/
Which is not to say DIS are sure it is not Chepiga; rather they believe – as would anyone with half a brain – that the Bellingcat photo falls a long way short of proof. The British security services have been unable to stand up the ID with facial recognition technology. The experts are describing the Boshirov/Chepiga identification as “possible”.
I have this information from an impeccable Whitehall source, who told me there is a concern in the security services that runs like this. They genuinely believe Boshirov and Petrov are GRU agents and the would-be assassins. (I judge that my source themself believes the security services really do think this). Bellingcat, while they are sometimes fed security service material, did not in fact get fed the Chepiga material by the CIA or MI6, whether or not through a cutout. The security services are worried the Chepiga ID may be a blind alley fed to Bellingcat’s sources by the FSB. If the UK government endorses it, this could be followed by the Russians producing Chepiga and apparently discrediting the entire British narrative.
This is a good analysis by Craig Murray. My personal opinion was the photo match was only a “possible” and I was waiting on an authoritative expert opinion. I haven’t yet read of one from an auhoritative source prepared to stand behind it. In an earlier blog Craig said he was ask an acquinatance but I could udnerstand if she didn’t wish to involve herself to maintain her professional independence and availability as an expert witness if this was required.
I also wondered if therewas a red herring element to this lead. Craig’s voicing of suspicions by both himself and Defence Intelligence is interesting.
Craig also notes Russian media confirmation via Pravda includign uncertainities and possibilities of reinforcing a red herring.
Professor Dame Sue Black of the University of Dundee is the world’s leading expert in facial forensic reconstruction. I once spent a fascinating lunch sitting next to her, while I was Rector. I shall contact her for her view on whether the guy on the left is the same person, and if she is kind enough to give me an opinion, I shall pass it on to you unadulterated.
Hmm • September 30, 2018 2:15 PM
@MrC
“There’s a difference between a “rightist” and a “trumpist.” – Very true.
“And they could shamelessly ram any one of them through before the midterms.”
– That I’m less sure about at this point. We’re 1! month away.
If BK is rejected (still a week away if it happens) that’s going to have a denoument period of probably another ~week as they process what just occurred and begin to scramble for another candidate. Any new candidate is then likely to be heavily scrutinized given what we just saw. A full background check seems almost prescribed, BK was seemingly a choir boy not long ago. It’s possible to do it, they have just enough time. Would they however be able to regroup from this defeat and re-muster the calvary in ~2 weeks? Unclear I think. They just took a MAJOR PR hit trying to ram-rod someone through knowing there were issues, and if that failed I don’t see how they would attempt the same thing again in half the time. I think that could cause a major revolt.
Failing on this twice so close to the midterms, that would be a massive liability.
Trump said he really didn’t have any backup plan for BK, probably for the reasons you mentioned – BK’s the “made” guy who was going to save Trump from the Mueller firing squad. This whole crisis has underscored the unprecedented spot we’re in, where the sitting POTUS is under major investigations and is appointing the swing vote among jurists – something that is NEVER supposed to happen. The appointee would be expected to recuse themselves and someone displaying such partisan deference openly above our norms would be absolutely disqualifying all by itself not long ago.
But there’s just about no one left with the spine to enforce these long-heralded standard checks and balances among this craven majority, and that’s the sorry bottom line. Senator Flake insisted on the absolute minimum standard and he’s being praised for it. Extreme partisanship has become impetus for dismantling basic checks and balances and denying due process, and I don’t know if there’s a more predictable or pathetic threat than that which our founding fathers expressly tried to preclude in designing our system. What’s the further iteration of this ideology? Fascism.
If they tried it the same way I think you could expect protests America hasn’t seen in 100 years.
Women’s suffrage redux.
AtAStore • September 30, 2018 2:40 PM
“Russians and the American right started plotting in 1995. We have the notes from the first meeting.
New documents obtained by ThinkProgress show how Russian and American fundamentalists first began their collaboration.”
https://thinkprogress.org/history-of-christian-fundamentalists-in-russia-and-the-us-a6bdd326841d/
AtAStore • September 30, 2018 3:20 PM
@Martin, All
“Senator Booker’s Spartacus speech”
Yeah that was a little confusing and/or strange. You may know that he may have presidential ambitions. Regardless, he rambled on less than Trump does.
You could have mentioned ‘Clinton Revenge’ too. https://www.emptywheel.net/2018/09/30/kavanaughs-tell-revenge-on-behalf-of-the-clintons-plural/
All
Does anybody have the knowledge about, or the ability to know: the ‘pro Kavanaugh’ vs. ‘anti Kavanaugh’ ratio on Facebook, Twitter, mainstream media (MSM), or the like? Does hundreds to one sound right? It sounded like about four to one on c-span call-in this morning.
Alejandro • September 30, 2018 5:41 PM
Would you look at these links?
Is Berners-Lee onto something, or is it talking vaporware?
From what I gather, he wants to transform the internet into a distributed peer driven net, rather than the current system of centralized corporate control.
I don’t quite see how his concept protects privacy or is a pencil in the eye of Google, Facebook, et al data brokers.
Although, I do agree we can certainly write off the US government and most others from stepping in to save us from predatory internet corporations. The answer must come from wild eyed visionaries and inventors like Berners-Lee.
https://www.engadget.com/2018/09/30/tim-berners-lee-solid-data-control/
Weather • September 30, 2018 7:49 PM
Echo
Graigcurray link is interesting, but the inverse is Russia wouldn’t want to get played, by the level I’m guessing that the attacker’s would use more than news feeds for in till, and stay close but apart can form by CCTV camera’s. and they weren’t that far apart,maybe ten too twenty meters, I’m still leaning to a group of 10-12 from some antimuslim group that thinks they can get the British force to do the fighten
Clive Robinson • October 1, 2018 6:11 AM
@ Martin,
President Trump is moving things the direction the 2016 election would indicate the American voters wanted.
Err no not the American voters in general wanted, but a very limited set of voters in the electrol college system, which does not have to respect the wishes of the majority.
Yes President Trump was elected by the election process currently in placr, but No he was not elected by the simple majority of voters.
I tend to regard the US Presidential election process as “undemocratic” because that is exactly what it was designed to be, whilst not as bad as the old Irish voting system where every male of majority got a vote, but landholders got an extra vote for each person they employed… It was nether the less designed to “keep power” in a club or clique of political landholders and similar.
Oh and just to note, I’m not a US citizen, but even I can spot that even in undemocratic representational politics, in an even less democratic two party system it’s obvious that this process is even less democratic, and deliberatly designed to be that way.
Maratin • October 1, 2018 7:35 AM
@Clive
No, … “Err no not the American voters in general wanted, but a very limited set of voters in the electrol college system, which does not have to respect the wishes of the majority.”…is not correct. The electoral college DID, again in the 2016 election, reflect accurately and as prescribed the populace vote of each state. This is related to States rights as specified in the Constitution. Your comments about the Irish system is complete non-sense and in no way reflects the U.S.A. system. No the U.S.A. system in not perfect but to even reference the former Irish system in a discussion is total non-sense.
The election process in the U.S.A., as I stated, is clearly defined in the U.S. Constitution. This process, which has been utilized since the beginning of the country, was followed exactly as prescribed in 2016. All presidential candidates were fully aware of the process.
The process was uniquely designed to provide some equity amount the states. It helps insure states with small populations have some, not perfect, equity with states and geographic areas of the country with large (dense) populations. (BTW, the electoral college participant’s actions do NOT have to reflect the voting of the citizens they represent; however, they always have and did so again in the 2016 election. To understand what happened you have to look closely at the actual voting on a state by state basis (popular vote & resulting electoral college vote).
The ideology Present Trump presented in his 2016 campaign was not accepted by the traditionally Democrat states; but in was overwhelming embraced by the more conservative (Republican) states in the middle of the country. And in 2016, a number of typically Democratic states shifted their populace and electoral college votes to Republican candidates. (Republicans candidates won the Presidency, the US Senate, and the US House of Representatives. This political shift in both the presidency and in the congress tends to indicate the 2016 shift toward Republican ideology by the voters. BTW, congress [senate and house of representatives] is elected directly the the voters and not the electoral college.)
I respect your interest and comments on U.S.A. politics, but there is a lot more to the mechanics of the system/process than indicated in your summary. I’ve lived in the British Commonwealth for a number of years, and even after that first-hand experience I don’t the the insight to explain finite details of how it functions.
Likely you’ll see a shift toward Democratic Party in this election. This would be typical of U.S.A. elections of the past; the party with majority typically loses some congressional seats to the minority party (which becomes the majority)…and so it goes.
And it would be best to get back on track with dialogue about security. That’s clearly more interesting.
Clive Robinson • October 1, 2018 8:09 AM
@ echo,
This is a good analysis by Craig Murray. My personal opinion was the photo match was only a “possible” and I was waiting on an authoritative expert opinion.
You are not the only one here to think they did not look alike (print out and check the underlying bone structure triangles). Which is why I suggested to @Ratio the other day that running the photos through Apple or Facebooks online facial recognition systems could prove interesting or fun,
https://www.schneier.com/blog/archives/2018/09/friday_squid_bl_643.html#c6782513
However he’s not posted a reply yet even though others have indicated he’s being a bit “premature” in his theories,
https://www.schneier.com/blog/archives/2018/09/friday_squid_bl_643.html#c6782530
However @Ratio has gone on to suggest to other people on the blog that some people are always comming up with excuses against his notions. So I’ll be interesting to see what his excuse is…
But there is one piece of evidence that nobody is talking about, and that is the Russian body from Clarance Ave, New Malden, Surrey. As I mentioned to @Ratio,
https://www.schneier.com/blog/archives/2018/09/friday_squid_bl_643.html#c6782569
It brings up the very awkward question of “how many hit teams” has Putin or his associates got running in the UK?
If the answer is “one” which is the most likely for security reasons then that is a very “inconvenient truth” with regards the two Russians the UK is currently pointing the finger at, hence my comment about Fingerprints and DNA on the bottle or wrapping etc being quite desirable.
It’s at this point that likely and unlikey senarios start to get equal weight due to the “intelligent agency”[1] issue.
To see what I mean think in terms of, “these two Russian’s actually were a decoy team” sent in “to be seen” and then later after a lot of false accusations etc shown to be innocent…
People should ask thrmselves “Of how much political advantage would that give Putin?” not just at home but also “Abroad with other nations?”.
It’s just another reason I urge some people to excercise a little caution and wait for the evidence and then where possible test it, instead of them going of half cocked on any old comment that takes their fancy, only later to have it blow up in their faces as well as discharging crap all over the place[2].
It’s why I was annoyed when our curent PM Mrs May, did what recent US Presidents have done which is make an evidenceless anouncment “I was Russia”… not just because it would set a direction for the investigation that might not be warranted, but it was in it’s self at the time “faux news”. Each time a Western leader does such a thing the more likely it is that somebody is going to take advantage of it and send in decous or run other “false / Red flag operations”.
[1] By “intelligent agency” I do not meany the pusdo-science nonsence ment to demonstrate the existence of a deity that their belief says breaks every basic law of science. No I simply mean those agents that manipulate the inputs to systems to achive –desired– outcomes that would be statistically improbable (think loading dice in such a way as to make sixes more likely if held in the right way for thirty seconds or so with a non Newtonian fluid etc).
[2] The expression “going off halfed cocked” goes back to the days of “mussle loading” guns. Where if you “discharged the weapon” before removing the “ram rod” there was a real danger the end of the barrel where the “touch hole” is could split or fragment blowing up in the gunners face and sending bits sideways and backwards at other gunners. Even if that did not happen the ram rod would not make an efficient projectile thus the wadding, shot and burning debris would rebound off of it again sideways and rearwards making a real mess of those in close proximity.
JG4 • October 1, 2018 8:15 AM
Thanks for the helpful discussion. @MarkH – I appreciate the expression of humility and recognition of human cognitive foibles. We all have some, of one type or another. On the rare chance that anyone didn’t have them, they will if they live long enough.
https://www.nakedcapitalism.com/2018/10/links-10-1-18.html
…
Tory Conference App Security Blunder Exposes Ministers’ Personal Details HuffPo
…
[…surveillance cuts both ways]
Will China’s new laser satellite become the ‘Death Star’ for submarines? South China Morning Post
…
The US Military-Industrial Complex’s Worst Nightmare: The S-300 May Destroy and Expose the F-35 Strategic Culture. Big if true.
…
Imperial Collapse Watch
Where Are The Most Viruses In An Airport? Hint: It’s Probably Not The Toilet NPR. Hilarity ensues, as security theatre provides the vector for the next pandemic…
…
Psychologists define the ‘dark core of personality’ Science Daily (original). n>2500. Readers?
…
Clive Robinson • October 1, 2018 10:02 AM
@ echo,
Having taken a little time to read and think over another of Craig Murray’s posts,
https://www.craigmurray.org.uk/archives/2018/09/the-incredible-case-of-boshirov-and-petrovs-visas/
It comes to similar conclusions that I have. Which is that the Met Police and UK Government are very probably at very best “cherry picking” what information they are making public but more likely actually lying about a number of things…
Further it also has comnent on what I was trying to get another frequent poster on this blog to understand,
https://www.schneier.com/blog/archives/2018/09/friday_squid_bl_643.html#c6782365
That close sequentially numbered passports etc are actually less likely an indicator they were spys than an indicator they were (that is the Russian security services would pick the passport numbers etc to not raise any suspicion, rather than give rise to one that would if required would have been extrodinarily easy to avoid).
Clive Robinson • October 1, 2018 10:36 AM
@ Alejandro,
Is Berners-Lee onto something, or is it talking vaporware?
Let’s assume for a moment that on Tim Berners-Lee’s side they are not talking vaporware.
It brings up a couple of questions.
First of which is “Will it be alowed to market?” the second predicated on the former “Will people actually switch over to it?”.
One of the reasons we have the big Silicon Valley Giants is that basic economic theory is wrong… That is, it is based on physical world assumptions, that rearly don’t apply to the information world.
The assumption is “distance costs” that is an organisation closer to you can provide a similar product to you for less than a distant supplier, hence a market would be formed in which new entrants can have an advantage thus gain a foothold and develop.
Therefor the incentives for users to switch suppliers are much much lower and other factors such as “familiarity” take president reinforcing “first to market” thus in effect locking out competition. It’s only when other factors at a national level change this like China’s “Great firewall” and various Russian legal initiatives.
Thus the reality is users will not move over to a new system unless there is real incentive to do so.
Which takes us back a question to “Will it be alowed to market?”. I think it’s a given that the Silicon Valley interests will be dead set against it and the FCC for instance noticeably jumped to their subservience after the current President changed both their head and direction… It’s also fairly certain that both the Law Enforcment and Intelligence Communities will be dead set against it.
Which makes me thing that even if it is not vapourware from Tim’s side, many attempts will be made to make it at best “stillborn” or emasculated…
bttb • October 1, 2018 10:46 AM
@True Cryptor
I apologize to you and others regarding the cut-and-paste challenges, presumably, including my pre-post editing challenges, with your name and the repeat (duplicate) paragraphs in the above post 30 Sep 2018, 10:45 am.
Alejandro • October 1, 2018 11:54 AM
@Clive Robinson
Thanks for the thoughtful response. I would think the big players have respect for Berners-Lee (I do) and will certainly want to bury his ideas or co-opt them if they begin to take hold.
Assuming it’s not vaporware again, if they cannot buy enough votes in Congress and elsewhere to outlaw his new thing (in the name of: security), they might simply buy him out and destroy it forthwith as has been done with several other good products.
I hope he wins, because if he does, WE win.
echo • October 1, 2018 1:05 PM
@Clive
I’m very careful with the Skipral topic. I have no expertise with these issues and there is a lot of vested interest and static to process.
As for abuse of power and the Freedom of Information Act?
https://www.theguardian.com/world/2018/oct/01/police-stun-guns-mentally-ill-patients-health-uk
Only 28 police forces, about half of the total in the UK, provided figures after a freedom of information request, with many – including the Met, West Midlands and Staffordshire – citing cost limits for why they could not respond.
[…]
Police forces are required to record the outcome of stun gun use, as well as the ethnicity, age and whether the individual is perceived to be suffering from mental ill-health.
A Home Office spokesperson said: “The government is clear that all police use of force must be lawful, necessary and reasonable in the circumstances. Use of force in mental health settings, including the use of Taser [electronic weapons], a form of conducted energy device, should only be used as a last resort. Where possible de-escalation techniques should always be the first response.”
albert • October 1, 2018 2:43 PM
@JG4,
Bad enough you got me hooked on nakedcapitalism.com, but now I have to check all the links as well:)
(“…The US Military-Industrial Complex’s Worst Nightmare: The S-300 May Destroy and Expose the F-35 Strategic Culture. Big if true….”
Thanks!
. .. . .. — ….
Clive Robinson • October 2, 2018 1:27 AM
@ Bruce and the usuall suspects,
If you goto NZ leave your phone at home
Legislation in NZ that says if you do not hand over,
1, Your digital device.
2, Your passwords.
Then,
A, 5000 dollar fine.
B, Device is confiscated.
Oh apparently they have to have “reasonable suspicion” but they will not tell you what it is, so you can not challenge it…
So either take no electronic devices or take something as dumb as an NZ politician (if something that usless can work ;-),
Weather • October 2, 2018 2:00 AM
I live in nz and have gone out of the country, when returning they didn’t ask for anything, maybe some background stuff then maybe might have, but if they haven’t got the profile of a person before they get to the desk, maybe head back
Weather • October 2, 2018 2:38 AM
Don’t worry about the Canada’s or Manning, see the conference, make it between you and kiwicon, not some political thing the media will try to levage
Thoth • October 2, 2018 9:02 AM
@Clive Robinson
Always bring a travel phone with a travel SIM card.
If you need to have a contact address book, use a small physical paper to write down important contact numbers and keep in wallet and another backup copy in a travel case.
echo • October 2, 2018 10:21 AM
Experiencing a fit of boredom I am watching Reilley Ace of Spies for the first time. It’s full of squinty eyed twitchy young rakes and grumpy plummy voiced blustering old men and ladies in hats.
From Wikipedia:
https://en.wikipedia.org/wiki/Sidney_Reilly
Sidney George Reilly MC (c. 1873[a] – 5 November 1925), commonly known as the “Ace of Spies,” was a Russian-born adventurer and secret agent employed by Scotland Yard’s Special Branch and later by the Foreign Section of the British Secret Service Bureau, the precursor to the modern British Secret Intelligence Service (MI6/SIS). During his lifetime, he is alleged to have spied for at least four different great powers. Documentary evidence indicates he was involved in espionage activities in 1890s London among Russian émigré circles, in 1900s Manchuria on the eve of the Russo-Japanese War, and in an abortive 1918 coup d’etat against Vladimir Lenin’s Bolshevik government in Moscow.
bttb • October 2, 2018 11:47 AM
emptywheel re-tweeted https://twitter.com/Joseph_Marks_/status/1047113449623474177 , regarding National Security Adviser John Bolton eliminating the cybersecurity coordinator position soon after taking office in May, 2018:
“Obama Homeland Adviser Lisa Monaco calls it “inexplicable…government and management malpractice” that Trump admin dropped role of White House cyber coordinator. At #PostLive cyber summit…
Monaco also praised the Trump team for continuing and accelerating indictments against foreign, nation state-linked hacking groups…
Monaco’s opinion about the White House cyber coordinator is broadly shared in the cyber and natsec community. Background:
bttb • October 2, 2018 12:06 PM
Two things:
1) What are the odds that Trump, and others (like Wikileaks did in 2016 to Trump Jr.), will talk about ‘rigged’ elections in 2018 or 2020? Regarding elections, election hacking, of one sort or another, of course, helps to undermine the electorate’s confidence in the election process. In addition, voter suppression, vote tampering (at the voters’ roll level, vote casting level, vote counting level, or independent auditing level or independent auditing ability level ), voter disenfranchisement (including past felony convictions, arbitrary voter ID requirements, short voting hours, or long drives), and the like, of course, can work in the GOP’s favor.
2) I hope that 2016 wasn’t the last time we had relatively free elections in the USA (and I certainly hope that the USA has no major terrorist incident, no major war escalation, or no new war (Iran, North Korea, other?) between now and the November election.)
bttb • October 2, 2018 2:40 PM
From emptywheel https://www.emptywheel.net/2018/10/02/in-the-most-cowardly-possible-decision-ninth-circuit-upholds-gartenlaub-conviction/ :
“The [relatively liberal] Ninth Circuit just released an unsigned opinion in Keith Gartenlaub’s case; in a non-precedental opinion, they upheld his conviction.
As a reminder, Gartenlaub was an engineer at Boeing. During a period when there were suspected Chinese breaches of Boeing at other locations, an FBI Agent in the LA area decided that there must be someone breaching Boeing at the local facility. He set out to find a suspect and focused on Gartenlaub (apparently) because he had access to relevant files and a Chinese-America wife. It appears that the FBI used back door searches on Section 702 material in their early investigation of Gartenlaub. They also moved back and forth from criminal warrants to FISA warrants. Using a FISA physical search warrant, the FBI searched his home and imaged his hard drives. Searches of those hard drives found no evidence he was a spy for China, as they had claimed; instead, they found child porn that had not been accessed in a decade. The government used that to obtain yet another warrant on Gartenlaub, parallel constructing the child porn for use at trial, all in an attempt to get him to agree to spy on his Chinese relatives. Instead, he went to trial and was found guilty of knowingly possessing child porn.
He appealed his conviction both because the government presented no evidence he had actually accessed this child porn since it had been loaded onto his computer, and because the government used a FISA order to find the porn that they then used to search him (and also used to legitimize the Tor exception, which permits the NSA to target location-obscured facilities known to be used by Americans, so long as they sift out the non-criminal US person content after the fact)…”
bttb • October 2, 2018 2:51 PM
@Kavanaugh popcorn eaters
I’m inclined to think that perhaps the likes of President Donald J. Trump (DJT), DJT Jr., Jared (Trump’s son-in-law) , McGahn (White House Counsel) , etc., are desperate for both the Mueller Conspiracy to Defraud the United States (ConFraudUSA) Investigation and the Double Jeopardy (Pardon Problems) stuff to go away.
10 why questions about ‘why Kavanaugh?’
https://www.emptywheel.net/2018/10/01/one-question-why-kavanaugh/
bttb • October 2, 2018 4:46 PM
A two hour Frontline documentary, tonite, https://twitter.com/frontlinepbs/status/1046828850695614464 :
“Trump’s Showdown” goes inside President Trump’s unprecedented confrontation with the special counsel, the FBI, and the Justice Department.
Watch FRONTLINE’s season premiere tomorrow [tonite], at a special time — 9pm (et;pt)/8pm (ct) https://to.pbs.org/2xQpKqf [ https://www.pbs.org/wgbh/frontline/film/trumps-showdown/ ] “; trailer (about 2 minutes) on pbs TV or perhaps streaming near you…
Ratio • October 2, 2018 11:11 PM
Anatoliy Chepiga Is a Hero of Russia: The Writing Is on the Wall:
At the same time, media outlets sought additional ways to obtain objective, open-source evidence that Chepiga is indeed “Boshirov,” and the recipient of the Hero of the Russian Federation award. This search for evidence ran against a parallel process of destruction of open-source evidence: several articles that previously mentioned Chepiga in Russian publications were deleted shortly after Belingcat’s report was published.
One of the most promising open-source leads was proposed by reporters from Prague-based Radio Svoboda, who trawled through hundreds of photo and video galleries of visitors to, or students at, the Far-Eastern Military Academy (abbreviated as DVOKU in Russian), to find a high-quality photograph of the school’s Wall of Heroes. From various photographs it could be seen that the wall is decorated with portraits of alumni who have received the Hero of the Russian Federation award. Many photographs discovered by Radio Svoboda showed a portrait at the far end of the wall that resembled Chepiga. This extra portrait appeared at some point between 29 July 2014 – the last time the wall is pictured without Chepiga – and 18 March 2016, when a photo gallery shows the extra portrait.
However, no photograph found until today showed the last column of photos in sufficiently high resolution to be able to identify the face of the colonel.
Today, Bellingcat obtained a photograph, posted on the Russian social network Odnoklassniki (OK) by a visitor to the school in June 2017, which displays the face and name of Col. Chepiga with sufficient quality to make identification possible: [new photo here]
This new photo, seen against the backdrop of a mountain of additional evidence, will present a fresh challenge to Russian authorities who can no longer credibly deny — or even equivocate — that it was Colonel Chepiga who, in his own words, travelled to and back from Salisbury, and that he was furthermore the recipient of the Hero of the Russian Federation award, traditionally presented by the Russian president himself.
Over to you, Craig.
Wesley Parish • October 3, 2018 3:52 AM
News from the Frozen North:
How the Government of Canada Is Improving Cyber-Security
http://www.eweek.com/security/how-the-government-of-canada-is-improving-cyber-security
A primary activity that the CSE is engaged in is to make it more difficult for attackers to scan Canadian government networks, according to Jones. By making it more difficult to scan, he said attackers don’t get visibility into what software and services are running on government networks. Without knowing what is on a network, he said it’s more difficult for an attacker to exploit that network.
Nice to know somebody’s doing their job, for once!
Jones suggests that organizations harden their operating systems and applications. He also said that not every application or service needs to be on all the time or publicly facing the internet. In his view, most cyber-adversaries are lazy and will move on to easier targets if they hit an obstacle.
Same principle most predators follow. Go for the easier prey, not the harder one …
echo • October 3, 2018 3:54 AM
@Ratio
I’m still waiting on formal verification of evidence. Each image needs to be expertly assessed. It’s not just verification but to exclude falsified evidence. Akmost all high profile cases attract hoaxes.
One thing which is unhelpful is if an issue is turned into an ego war. This really doesn’t help.
You also need to make sure you get your science right.
I am very circumspect about what Craig Murray publishes and held off posting anything of his for weeks until I felt he had something reasonably certain. I am equally circumspect of Belligingcat.
Like Craig I have been abused by the UK state. I know people lie and abuse their positions and obstruct the course of justice and all manner of things. It really can alter your worldview in life altering ways. This is a large part of what Craig is trying to convey with his blog.
Clive Robinson • October 3, 2018 4:16 AM
@ Ratio,
Over to you, Craig.
Belingcat is getting investigated, and those people giving quotes will nodoubt be getting investigated. Presumably some semblance of acceptable evidence will come forward.
But my point still stands about DNA and fingerprint evidence. The UK has both mens fingerprints on file from their visa application as it is part of the application process. Which means they might also have DNA as well, which is why I mentioned it.
Unless of course you might want to argue that the “fingerprints of record” are false. Which they could be, I know several ways that could be done but the fun one is what have been called “gummy bear fingetprints” they realy are quite easy to make even at your kitchen sink, as I’ve said before I was making them when I was a kid getting on for half a century ago with the red wax of edam cheese to make the 3D mould. But then I also worked out ways of “fritzing DNA testing” years ago as well and that gets cheaper and more available as time goes on. The thing about “outsourcing” crime labs is they take short cuts, which means there are exploitable holes in what they do…
But remember that for longer than both of us have been alive the Russian’s have employed teams of experts to doctor photographs and other images so that the “Pure History” of the CCCP could be maintained and impure elements removed from the official record. Heck even a well known Jewish newspaper disappeared Angela Merkel[1]. So it’s not that difficult to doctor photos one way or another which whilst they might be detectable in the originals often are not when reproduced…
But my point about the photos which is the same one Craig Murray blogged about still stands, the basic triangle measurments in facial recognition were not giving anything close to a match.
Now the UK has some of the most sophisticated facial recognition algorothm developers in the world. If there was a match on the photos Belingcat gave, then it’s likely they would have said something.
But my other point you have ignored is “Who killed the Russian in New Malden?” it does after all have a major bearing on the case. As do the other twenty or so other unexpected deaths of Russian’s in the UK…
So I’m going to keep waiting on what evidence becomes public as time goes on, and likewise test it as it arises and point out holes in what is presented as evidence to the public as and when it’s found or there is reasonable suspicion the supposed evidence is not ehat it purports to be.
JG4 • October 3, 2018 6:53 AM
@Clive and other fans of radio – I don’t like tin foil because it is too thin to create a perception of value. Not that aluminum screen is much better, but I like the price. I probably commented before that a thorough wrap of the Comcast modem didn’t do what is needed. Maybe the screen wires are separated by an oxide layer, the one that proved fatal to dozens in the 1970s. A radio receiver could be soldered inside a 1/2″ to 2″ diamter copper water pipe, which is thick enough to do what is needed. If the filter Q’s between the antenna and the mixer stage were sufficiently high, then leakage of the LO/IF/etc could be managed very well. Getting to high enough Q implies superconducting components, particularly at high frequencies. There are some new ways to skin that cat. The GaN and other wide bandgap transistors have outrun dramatically the passive components, which probably is why switching power supplies are stuck in the MHz range instead of the 100 MHz range. Each section of the radio receiver could be isolated with a copper disk that engages the ID of the pipe with metal contacts. I still like my idea for optical conversion of RF and energy-gapping via fiber, for which the copper pipe also is a good start.
an excellent companion to the article I linked a long time ago showing that the Swiss had the most elaborate urine collection system in all of Europe and that the British empire used privateers to notify people that all your nitrogen are belong to us. Empire is a machine…
https://www.nakedcapitalism.com/2018/10/death-by-fertilizer.html
https://www.nakedcapitalism.com/2018/10/links-10-3-18.html
…
Big Brother is Watching You Watch
Proposed Toronto development from Google’s Sidewalk Labs sparks concerns over data Associated Press
Chelsea Manning: Life in US is like being in a prison The Hill
Irish privacy watchdog to investigate Facebook data breach Politico. This could be fun.
Travelers arriving in New Zealand could now face a fine of up to $3,200 (5,000 NZD) if they refuse to allow border officials access to their phones or electronic devices
…
[…trigger alert: this reeks of conspiracy]
My sinister battle with Brett Kavanaugh over the truth Ambrose Evans-Pritchard, Telegraph. Today’s must read.
…
Clive Robinson • October 3, 2018 11:23 AM
@ JG4,
A radio receiver could be soldered inside a 1/2″ to 2″ diamter copper water pipe, which is thick enough to do what is needed. If the filter Q’s between the antenna and the mixer stage were sufficiently high, then leakage of the LO/IF/etc could be managed very well.
It’s already been done several ways as variations on the idea.
Instead of connecting the plate to the ID of the pipe, what is often done is it is turned into a “feed through” capacitor. Where the rim is flared into what is in effect a smaller pipe with an OD slightly smaller than the ID of the outer pipe. In between the two the dielectric which these days would probably be PTFE foil or tape.
The most common example of such a construction most people would see is inside the street cabinate foe cable television where antenuators and channle filters are built this way.
Ratio • October 3, 2018 10:30 PM
Bellingcat’s Very Obviously Fake Chepiga Photo:
[…] Chepiga’s “picture” has been photoshopped onto this wall. The [Russian] military do not suddenly insert photos out of order and at random on an honours board. Bellingcat, however, have a track record of image manipulation.
This is Craig Murray saying Bellingcat photoshopped Chepiga’s photo onto the wall.
From Bellingcat’s post Anatoliy Chepiga Is a Hero of Russia: The Writing Is on the Wall, to which Craig is a responding:
Today, Bellingcat obtained a photograph,posted on the Russian social network Odnoklassniki (OK) by a visitor to the school in June 2017, which displays the face and name of Col. Chepiga with sufficient quality to make identification possible: [the photo]
Another brilliant analysis by Craig Murray, whose intellectual prowess is right up there with the finer pieces of navel lint. Well done, sir.
Ratio • October 3, 2018 11:11 PM
Estonia says over $1 trillion flowed through the country in 2008-2017:
Banks doing business in Estonia, which has been at the centre of a money-laundering scandal involving Danske Bank, handled more than $1 trillion in cross-border flows between 2008 and 2017, according to the country’s central bank.
The European Union member country of just 1.3 million people has been rocked by revelations that banks there laundered money from Russia, Moldova and Azerbaijan via non-resident bank accounts. The scandal has forced lenders in Estonia and neighbouring Latvia to shut down.
The data on cross-border flows, first reported by Bloomberg, suggests that the scale of the money laundering through the small Baltic country may have been larger then previously thought. The news sent Nordic banking shares sharply lower.
The central bank said that between 2008 and 2017, cross-border transactions totalled 1.1 trillion euros ($1.27 trillion). The number includes all flows, including resident and non-resident transactions, a spokesman said.
Estonia’s entire economic output came to about $25 billion last year – roughly the same as that of Uganda or Nepal – suggesting that much of the money flow was not directly linked to economic activity in the country.
[…]
Estonia’s imports and exports totalled 232 billion euros between 2008 and 2017, official data showed.
[…]
“This is a surprising figure,” said Copenhagen-based expert on money laundering Jakob Dedenroth Bernhoft. “This indicates that the Danske case is not a one-off affair and that the problem related to other banks as well.”
[…]
Figures reflecting the possible scale of money-laundering through Estonia have been emerging gradually over the last few months.
(Earlier)
echo • October 4, 2018 12:48 AM
@Ratio
Bellingcats original information was a muddle. Their view seems to be driven by mixing up photographs of an alleged Chepiga in the field who doesn’t resemble Boshirov at all. They also published not two but three photographs of Boshirov? Bellingcat did the data collation phase and failed the basic validation phase. There is also the issue of one passport application is of uncertain provenance so it is not yet certain of it is fake or genuine. The photographs are still waiting on public verification by authoritative expert opinion.
Further to Craig’s latest blog another glaring issue is why is Boshirov wearing a lounge suit when every other “Hero of the Soveit Union” photograph is of a uniformed person? Like Craig says suggestions this is a fake is not “authoritative but another query of Bellingcat who have a history of publishing faked photos.
Bellingcat have not made sifting fact from rumour very easy. I am beginning to wonder if this is Bellingcat’s “Hitler Diaries”.
Clive Robinson • October 4, 2018 4:32 AM
@ Ratio,
Another brilliant analysis by Craig Murray, whose intellectual prowess is right up there with the finer pieces of navel lint. Well done, sir.
There are other oddities to be noted as @echo noted the “non uniform” photo in not just odd it’s very unlikely in Russian military honours lists.
Secondly somebody has noticed that the medal appears to hang wrong on the jacket which again is odd.
But the one that made me smile is the “it’s been done in a $10 home laminator” comment.
If you look it is a warped image in almost exactly the way home and office heat laminators work. The other photos appear not to have been that is they appear to have been properly mounted…
As I mentioned to you the Russian Government and Military are very very good with photo manipulation and presentation, they need to be to “keep the purity”. Thus it is unlikely they just stuck a “home quicky” in the line up of a few of the few heroes…
So oddities yes, but oddities that need to be explained, in light of what is known publically.
Speaking of which there is now a sufficient body of evidence to show that both the UK’s Mrs May PM and Mr Johnson MP were either very badly misinformed by parts of the security services (possibly MI6[1]) or they were lying in several respects. The claim that it could only be Russia has been debunked as the two precursor chemicals are actually quite commonly available and you can buy them through the likes of atleast four Alibaba suppliers for use in making pesticides[2]. As for the “only state…” as a well respected proffessor at a Scottish university has pointed out his research students routienly carry out more complex and dangerous chemical synthesis, and the quantities required could have been made in any number of small private or academic laboratories throughout large parts of the world.
So whilst not “kitchin sink” you could fit out a largish garage to make modest quantities if you knew what you are doing, and there are plenty of people who do…
So the one thing the publicly available evidence does say is that “going off half cocked” is the primary mode of opperation on the Salisbury nerve agent attack.
But as I keep noting everyone appears to be ignoring the Russian killed in New Malden… The longer that goes on the less likely we are to get other Salisbury attack evidence of any worth or the reinvestigation of around twenty other unexpected and untimely Russia deaths in the UK under Mrs May’s watch at the Home Office and Number 10.
[1] MI6 / SiS has a bit of an issues, technicaly part of The Foreign and Commonwealth Office (F&CO) which Mr Johnson MP was Minister of before he fell on his sword unexpectedly, it has earned it’s self a bad reputation in the UK IC since Mr –later Sir– Scarlet and the phoney Iraq Dossier oh and Mr Steel[3] and his dossier. It’s got so bad even ordinary MPs make jokes about them ranging from the mild but sarcastic “Sissy said so so, so it must be true…” through “In the tradition of Scarlet letters” to things that would make @Moderator blush, thus get me not just a Red Card but a Scarlet one 😉
[2] This is hardly supprising according to one of those who actually designed some of these nerve agents. The precursor chemicals were deliberatly chosen because of their agro industry use, thus would be available with out question (which they still are currently).
[3] Mr Christopher Steele author of the “Trump Dossier” of ill repute, was apparently a former SiS/MI6 analyst and one time head of the Russia Desk for British intelligence. Various things have been said about him and his alleged mental status, but irregardless of their varacity it has yet again thrown another bad light on the SiS/MI6 and it’s far from just the UK IC and MP’s that have noticed. Apparently there has been talk about extending Civil Service Rules about what employment you can take up after leaving Governmental Employment to try and stop such future embarrassments (not that I realy expect much to happen due to the quantities of private sector cash sloshing around just waiting to be scooped up).
Ratio • October 4, 2018 4:44 AM
Bellingcat photoshopped Chepiga’s photo into a gallery on DVOKU’s mil.ru site.
(Captured December 4, 2017.)
Ratio • October 4, 2018 4:46 AM
mill.ru ⇒ mil.ru
Wesley Parish • October 4, 2018 5:41 AM
Apropos of nothing, and quite possibly OT, but I’ve just watched Django Unchained by Tarantino et alii, and the thought struck me – you know, there’s a concept in economics and finance loosely termed “sweat equity”, meaning that you own something to the extent you’ve put in the hard work to make it work.
It’s probably the overflow from some rather sharp words by ianf towards me some time ago, but this movie got me thinking – the African Americans put in about six magnitudes more work to make the likes of Mississippi and Georgia work than the European Americans.
You see, “sweat equity” is a concept I’ve also come across in relation to indigenous peoples and subsequent colonizers. The argument being that the colonizers have put so much more work into the lands they have taken that they own them now.
If such is true, then what are we to say about the Southern States of the United States, that were only economically viable due to slave labour and later, to labour conditions that differed from slave labour only in that the African Americans were no longer owned as such.
If the concept of “sweat equity” has any relation to reality, one is driven to the conclusion that the likes of Mississippi are rightfully owned by the descendants of those who put in the hardest labour, the ones who put in the most work, the descendants of the former African/African American slave labourers.
Now I’ll bet that that idea was very, very far from the people who mentioned “sweat equity” in the books on entrepreneurship that I read in the nineties. Or who discussed it in various books on European colonization and colonizers that I also read.
But I can’t find any flaw in it. If there’s any economist or financial guy or whatever reading this blog, I’d be interested in getting you comments on it.
echo • October 4, 2018 5:57 AM
@Clive @Ratio
British politicians sometimes have a tendency to open their mouths for political and self-promotion reasons. Some more than others. Recent less prominent comments include Jacob Rees-Mog disowning Trump but not his quasi-Nazi agenda when his affiliation with Trump and Bannon via the right wing “dark money” funded thinktank European Reform Group became to noticeably hot. The unmade bed of a man, Boris Johnson, a favourite of the Barclay Brothers own Telegraph has an appalling and shameful record too long to list. Jeremy Hunt has also shamed himself by playing to the bottom of the barrel “base” by comparing the EU to the USSRwhich I read as a man playing with fire and attempting to give legitimacy too and unleash forces he cannot control for trivial short-term gain.
http://markasftw.com/jeremy-hunt-eu-soviet-union/
Open letter to The Rt Hon Jeremy Hunt MP regarding his speech comparing the EU to the Soviet Union
Greetings also from myself, Mark Adam Harold, a British immigrant democratically elected to the City Council of the beautiful capital city Vilnius, a city which, thanks to EU freedom of movement and to those who fought to free Lithuania from the Soviet Union, I have been proud and able to call my home since 2005.
The UK foreign office was caught red handed “in denial” of its lack of effectiveness and being staff by too many personnel from the “Old Boy Network”. When even UK government ministers became fed up with the Foreign office change was mooted and this was reported in the media.
I believe a formula for “Novichock” is available in a book published by a defector who moved to the US. Iran created “Novichock” then as per treaty requirements promptly informed the Organisation for the Prohibition of Chemical Weapons.
The New Malden murder following all the others does whiff! I have no idea about the intricacies of Russian politics and intelligence services and how these work out in practice. Japan is similarly opaque to many Westerners.
Ratio • October 4, 2018 6:00 AM
Netherlands ‘halted Russian cyber-attack on chemical weapons body’
Indictment by US DOJ to be announced later.
Ratio • October 4, 2018 6:59 AM
On second thought, they were probably regular Russian tourists in search of a 123m tall structure. A windmill, perhaps.
Ratio • October 4, 2018 7:30 AM
GRU close access cyber operation against OPCW (press conference slides)
Clive Robinson • October 4, 2018 7:33 AM
@ Wesley Parish,
If the concept of “sweat equity” has any relation to reality, one is driven to the conclusion that the likes of Mississippi are rightfully owned by the descendants of those who put in the hardest labour…
When it comes to invaders such ad Europeans, they rarely if ever sweated to “take let alone make” the lands. They either brought the equivalent of slave labour with them, or they turned the local existing populous into slaves at the point of a blade or gun.
Even most of Europe infact does not belong to who claims it not just under “sweat rules” but under signed treaty rules (England for instance should own around 2/3rds of France, a big chunk of Germany/Austria oh and as for Spain…).
It’s all part of the King Game and has been since before written records were kept.
Clive Robinson • October 4, 2018 8:17 AM
@ Ratio,
I just love these political statments,
They are so pompous and self serving I keep seeing a “Sir Humphrey” gesticulating and emmitting much indignant spittle at the meer thought somebody might question the load of bovine excreater they had just pontificated out to try to justify the unjustifiable…
All nations are at this game all the time heck even civilians have better equipment and do better way better, including bunches of teenagers. It’s “boys toys” so “The boys can play” at earning their peck of corn…
I could loan you equipment that I’ve had for half a decade that’s better than the old dross in the boot of that car. The guys were either “amature hour” or trying to look that way[1]. In fact some of those phones on display would draw attention to them because they are so old, the electronic serial number transmitted by them would be a big red flag for many mobile operators who flag such things up these days.
Oh and the person who labled the stuff up in the boot of the car be they a national security person, journalist or sub-ed has not got a clue what they are talking about, either…
The thing is though they were supposadly “caught before the act” so we do not know what they were actually going to do.
Why is that relevant?
Well you can be sure that either or both the NSA and GCHQ are in on that network already “doing surveillance”…
Which raises the question of why is it OK for them and not for anybody else… Oh I forgot “They are the good guys, so everbody else must be the bad guys”… Silly me I forgot how stupid they think we are out in MSM spoon fed land…
All so much drum banging and flag waving with a little side order of saber rattling… Not to mention the puffing out of chests and oaths to a flag and all the other bull of faux patriotism brain washed in before they can tell the difference between right and wrong.
To be honest I would rather they were doing “Spy versus Spy” and cracking into each others systems. Not only does it give us a little ammusment from time to time, their bull-meister bosses are less likely to be going kinetic. Which would then with all that uniformed bull sweating weapons grade testosterone get to be escalated into civilian casualties.
But it does raise a valid point though, after two decades of such behaviour being well documented, why the heck are these important NGO sites using WiFi, the Internet and a whole host more very very insecure systems and doing little or nothing to secure them?..
Possibly because they want to be hacked, save money, or just don’t care…
Ratio • October 4, 2018 8:30 AM
Oooh, passport numbers…
HUMINT support:
- 120017582 Minin
- 120018866 Sotnikov
Cyber operators:
- 100135555 Serebriakov
- 100135556 Morenets
Hahahahaha!
JG4 • October 4, 2018 9:24 AM
Explosive report details Chinese infiltration Apple Amazon and CIA
Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple says no way
https://www.cnbc.com/2018/10/04/chinese-spy-chips-are-said-to-be-found-in-hardware-used-by-apple-amazon-apple-denies-the-bloomberg-businessweek-report.html
…
•But that’s just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.
The inconspicuous-looking chips were disguised to look like regular components but they helped China open doors that “other hackers could go through” meaning China could potentially manipulate the systems being infiltrated (as a reminder, these chips were found in servers used in the US drone program).
…
Seven Five Five • October 4, 2018 9:26 AM
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
I know people have been discussing here how you could or actually couldn’t build a CPU you can fully trust. But if the chip shown is the one actually used and the story is true the situations becomes rapidly worse and the question to be asked becomes: Can you trust discrete your discreet elements? At least the chip shown has still three terminals.
Clive Robinson • October 4, 2018 9:29 AM
@ Ratio,
According to one of your links,
Due to the way Diplomatic Passports are issued I wpuld expect two “new diplomats” to carry sequential or consecutive numbered passports, as I’ve explained before. It’s neither supprising nor noteworthy.
Which is why I’m supprised to seeing people making the mistake of thinking it signifies anything of any importance.
It’s kind of the same as going and buying two identical pieces of home electical equipment at the same place. Like say two mobile phones, there is a high probability of having sequential serial numbers.
It could mean something or nothing, in this case effectively nothing, because they were “new diplomats” thus would have had their Dip passports issued at the same time.
Ratio • October 4, 2018 9:30 AM
Conspirators Included a Russian Intelligence “Close Access” Hacking Team that Traveled Abroad to Compromise Computer Networks Used by Anti-Doping and Sporting Officials and Organizations Investigating Russia’s Use of Chemical Weapons
A grand jury in the Western District of Pennsylvania has indicted seven defendants, all officers in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation, for computer hacking, wire fraud, aggravated identity theft, and money laundering.
According to the indictment, beginning in or around December 2014 and continuing until at least May 2018, the conspiracy conducted persistent and sophisticated computer intrusions affecting U.S. persons, corporate entities, international organizations, and their respective employees located around the world, based on their strategic interest to the Russian government.
Among the goals of the conspiracy was to publicize stolen information as part of an influence and disinformation campaign designed to undermine, retaliate against, and otherwise delegitimize the efforts of international anti-doping organizations and officials who had publicly exposed a Russian state-sponsored athlete doping program and to damage the reputations of athletes around the world by falsely claiming that such athletes were using banned or performance-enhancing drugs.
[…]
The defendants, all Russian nationals and residents, are Aleksei Sergeyevich Morenets, 41, Evgenii Mikhaylovich, Serebriakov, 37, Ivan Sergeyevich Yermakov, 32, Artem Andreyevich Malyshev, 30, and Dmitriy Sergeyevich Badin, 27, who were each assigned to Military Unit 26165, and Oleg Mikhaylovich Sotnikov, 46, and Alexey Valerevich Minin, 46, who were also GRU officers.
Targets: sports-related, OPCW, Spiez laboratory, Westinghouse, Malaysia-related (MH17), …
echo • October 4, 2018 4:59 PM
He began working with Kubrick in 1969 on his unrealised film Napoleon. It has become known as the greatest movie never made, but Harlan said an HBO TV series based on Kubrick’s research for the film, masterminded by Steven Spielberg, directed by the recently appointed Bond 25 director Cary Fukunaga, and written by playwright David Auburn, was close.
“What fascinated Kubrick about Napoleon is that he is a modern character. Hugely charismatic, colossally successful, utterly vain and foolish. He ruined himself and there was nobody to blame but himself. Intelligence, talent, charisma is no guarantee of success. For Kubrick, it was a current affairs programme, not a history lesson.”
I read Kubrick’s leaked draft script and the history of this project some years ago. It was fascinating and not unfair to call it the greatest film never made. I don’t know if any attempt to make the film or this Spielberg series will ever be as good as the movie which played in my imagination but I would like to believe it is a worthy project.
@Wesley Parish
I have heard of “sweat equity”. There is also its opposite parallel in behavorial psychology. I forget the exact terms and don’t have a citation ready to hand but essentially financial wealth or perceived value or equivalent is used by our wetware to gauage the value of a potential investment in an entity whether it’s collaboration, friendship, or financial investment in an enterprise. This has some truth to it but is otherwise nonsense and something which con artists exploit. In current times “rent seeking behaviour” and “minimum versus living wage” are perhaps equivalent political issues.
Clive Robinson • October 4, 2018 5:56 PM
@ JG4,
Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple says no way.
If you click through to the Bloomberg article and read it all it does not quite say what CNN implies it does, though it is a mess of innuendo.
In essence they argue that the supply chain is “open to attack” well gee whizz we’ve been discussing this for most of this century so far, so that’s not news. In fact Apple have been hit by supply chain poisoning in the past on their consumer products. It was back when iPods were the new shaky hand all a flutter Fanboi thing… Some one put PC malware on them that got activated when you pluged your device into a PC. Such supply chain poisoning has since bern a regular getting more sophisticated feature on the likes of main brand name USB memory dongles slipped in not at the manufacturing end but in the “grey market” end of the consumer supply.
Which is an important point. Bloomberge imply it’s the manufacturing end without offering any evidence that it is so.
You only find a vague refrence to Ed Snowden document trove detailing “interdiction” by the NSA at the very other end of the supply chain that is the delivery system to the customer. Which apparently the NSA favour for various reasons.
Not least because it keeps the chance of discovery down, well down.
A point the Bloomberge article does not mention or consider. But it does talk about “Unicorns jumping rainbows” and sticks thrown in the head waters of a famous Chinese river getting washed up on the shores of Seattle, as the level of dificulty involved for the Chinese.
Well it’s not quite true. There are two ways to do it the “fire and forget” or “industrial” method where you put the chip in every device thus guaranty all your current and future targets get one, unless it’s discovered in which case “game over”. The second which is difficult but not as impossible as it’s made to sound is the “targeted entity” method, which whilst less likely to be discovered is less likely to be “game over”.
However whilst the “fire and forget” method is best suited to the manufacturing end, “targeted entity” is best suited to the NSA speciality of “interdiction” in the last link of the supply chain.
In fact if you read the whole Bloomberg article you find the last words are,
Which leaves it open as to if Bloomberg actually asked “did you do it?” or anything else at all…
The fact that so few of these chips have been discovered realy does favour the NSA prefered US end method, which lets be honest China would have most trouble with…
It would not be difficult to thus conclude it was more likely done by the NSA prefered US end of the supply chain method…
Which begs the question “Why has Bloomberg not talked about it as a possability?”… Which makes me suspicious as to where the story is comming from and why…
A question an investagative journalist of any caliber would ask almost by default, especially in these times of “Fake News”. It’s certainly not what CNN did though…
echo • October 4, 2018 6:17 PM
@Clive
Quite. The treatment of the manufacturing end seemed a bit odd. I would have thought the Chinese government would have just tapped the appropriate managers shoulder instead of trying bribery and threats. Just to muddy the waters further China and the Far East are also no stranger to fake companies. Japan is also famous for its aribi companies. If you want to create a legend to fill blanks or mistakes in a CV or hire pretend parents for a weekend or pretend friends to accompany you to a party all you need is enough cash.
echo • October 4, 2018 6:26 PM
Insects could be turned into “a new class of biological weapon” using new US military plans, experts have warned. Bugs could be used to disperse genetically modified (GM) viruses to crops under the Insect Allies programme, according to a team that includes specialist scientists and lawyers. Such action will have profound consequences and could pose a major threat to global biosecurity, they said.
[…]
“Given that Darpa is a military agency, we find it surprising that the obvious and concerning dual-use aspects of this research have received so little attention,
Stop meddling! Can we not fix the mess we created first before creating another one?
Clive Robinson • October 4, 2018 6:51 PM
@ Seven Five Five,
Can you trust your discreet elements? At least the chip shown has still three terminals.
The answer is no, you can not in any way trust discreet elements/components.
I went through this just the other day here, but rather than go link hunting I will go through it briefly again.
To get security requires a degree of complexity single componets do not possess, you need a certain minimum of components to get sufficient complexity.
As a simple example a screened compartment is often made of –as a minimum– a screening material like tin plate or u-metal folded up into two or more components that then get either welded or soldered to ensure continuity thus no slots or holes that can act like antennas[1]. But that does not stop magnetic fields so you would need other ferrite or similar screening material on the inside or outside of the metal box.
However a closed box is of no use to anyone as nothing can get in and nothing can get out. So you have as a minimum to make a hole to get power in and a signal out to the components inside.
Let us assume it is a very simple tuned circuit JFET oscillator made of just four components. A circuit that simple would have little or no rejection of power supply noise being modulated onto the wanted output signal. Worse the wanted signal will also be distorted thus have harmonic content in the signal out also modulated by power supply noise.
Thus you would need extra components to filter not just the power comming in but signal going out, as well as components to stabilize the energy in the tuned circuit thus cutting down harmonic content.
But there is another issue a JFET is a three terminal device that can be in exactly the same surface mount case as the computer chip. Without going into the ins and outs of it the chip could be programed to act in a way that it would make the tuned circuit resonate, and a version of that signal appear on the other pins, such that to ordinary test equipment it would appear to function as the JFET would once in circuit…
It could thus look for certain information in the noise on the power supply line “signal process” it recover say crypto key information from it and then modulate that using spread spectrum techniques onto the signal, thus getting it “out of the system”.
Stoping that kind of attack is just one of the nightmares secure equipment designers have to go through, when designing high security equipment.
Further it’s a game the secure system designers know they can at best only get a draw at, whilst the supply chain attacker usially gets the win or a draw, and only loses by some small chance.
The point is if an attacker can control a lower part of the sysyem stack than you can then they can almost always win with the types of system mostly designed these days… Thus a “bubbling up” attack comes built in below the designers grasp, and they have two choices, just turn a blind eye and keep their fingers crossed or work out a way to mitigate the issue.
For some years now I’ve been working on ways to mittigate bubbling up attacks, and there are ways you can do trusted things on untrusted hardware, which I have talked about with @Nick P, @RobertT, @Thoth, @Wael and others on this blog if you want to go look them up.
[1] My favoured methods for high end microwave are firstly mill it from a solid block of copper or for lower frequencies folded up brass that had been “silver soldered”. In either case then silver plate all surfaces to a suitable thickness[2], then use silver based solder to close it up.
[2] The depth of silver plating is based on “skin effect” requirments the electrical conductivity of the supporting structure is not important provided the required thickness is met. However the same is not always true of thermal effects, otherwise you could use plastic or ceramic as the carrier medium which I tend to do with prototyping.
Clive Robinson • October 4, 2018 7:03 PM
@ Ratio,
With regards,
How many times do you need to be told that this sort of thing is a “nothingburger granfstanding stunt” carried out by people who regard the majority of people as “idiots at best”.
It’s neither evidence or more importantly “testable”, and those pulling these idiot stunts are doing it simply because they know it’s never going to get to court where it will be tested. Thus they can and do make up any shit they want for the grand jury and pretend it’s “National Security” / “Methods and Sources” so can not be put into the public domain in a way it can be tested and their deceitful little lies revealed as what they are…
I guess there is a reason you use a semi anonymous handle, and each day you reveal it a little bit more, for the whole world to see…
echo • October 4, 2018 7:19 PM
This is another nothingburger? The article indicates GRU officers (I know it’s GU but old habits die hard and Pluto IS a planet, ok) would normally have been monitored but otherwise ignored. In other words it was business as usual but for soeone wanting to createa public political storm. Russia has an issue with OPCW potentilly being politically biased by turning it from simply a verification body to an attribition body. This doesn’t seem unreasoable. I don’t believe anyone has clean hands in Syria.
Rach El • October 4, 2018 7:49 PM
Wesley Parish
Sweat equity, perhaps different context from yours regarding slavery.
Sweat equity is something of substance. It’s ones labour. It is tangible.
Financial institutions exert a form of slavery by performing ursury.
with fractional reserve lending, and interest, they create a fiction – no substance – and require one to uses ones sweat equity to pay for it
echo • October 4, 2018 8:28 PM
@Clive
I have noticed articles explaining issues with translating Putin’s comments in Russian to an English audience. Some words don’t port across very well and have multiple emphasis and meanings depending on context. None of this nuance is ever explained by mainstream media.
I do remember some of the graphic and hair raising comments made against Snowden by US politicans not to mention inflamatory language and accusations by a certain Reich sympathising newspaper which were borderline agitating violence simply because views went against the dogma of their EU hating editor.
I used to read the Gaurdian more enthusiastically than the others as it seemed more interesting. At some point around the time Rusbridger had lunch with Cameron in Davos and let him off the hook it was clear the Gaurdian had changed. I only read the Guardian and other newspapers simply to obtain what news there is that they see fit to publish. This is not an endorsement. The Gaurdian got lucky with Snowden. They have continued to milk this from time to time to “prove” they are “on our side” but have otherwise forgotten what the issues were about. They still publish some decent material but the absense of investigative journalism in preference for cheaper comment like most of the media seems like a decline in standards. I read a few years ago the mainland European papers are better.
Clive Robinson • October 4, 2018 10:26 PM
@ echo,
With regards,
Think of them more as “bio-drones”.
When you look at the pantheon of WMD of Nuclear, Radioactive, Chemical and Biological weapons, the only one with an effective delivery mechanism is the nuclear weapons due to the fact they are mainly kinetic weapons at heart.
The others have realy been a bit of a bust because of the lack of delivery mechanisms that were effective.
However nature kills a million or so a year children every year with just one biological weapon malaria. The delivery mechanism of which is the mosquito…
Mosquitoes and other blood sucking insects such as tetsy fly etc are a very very successfull delivery mechanism. Thus people who realy should know better think about co-opting them into a WMD delivery mechanism.
The reason they should know better is the evidence of “alien species” and how once established they are virtually impossible to eradicate.
But species also travel as can be seen by both history with “Marsh Aque” in London actually being malaria and in current times the spread of “blue tongue”…
Not exactly wise thinking using an established biological vector, as even unestablished biological vectors soon become established…
Imagine if you could some idiot developing the deadly form of “avian flu” and working out how to make it transmissable by mosquitoes… It would almost be the perfect “doomesday event”.
Then I guess we get to see if man does go out with a whimper and a cough as in Nevil Shute’s “On the Beach”.
Ratio • October 5, 2018 12:00 AM
305 Car Registrations May Point to Massive GRU Security Breach:
Database records for one of the four suspects indicated that he was registered as residing at Ulitsa Narodnogo Opolcheniya 50, an address in Moscow where the Military Academy of the Ministry of Defence is situated. This Academy is popularly known as the GRU Conservatory.
In the course of researching the authenticity of the personal data of the four individuals, Bellingcat was able to locate one of the four GRU officers identified by the MIVD in a Russian automobile ownership database. As of 2011, Alexey Morenets was the registered user and/or owner of a Lada (VAZ 21093) car.
The address to which the car was registered, Komsomolsky Prospekt 20, coincides with the address of military unit 26165, described by Dutch and U.S. law enforcement as GRU’s cyber warfare department. The database entry contained Morenets’s passport number.
By searching for other vehicles registered to the same address, Bellingcat was able to produce a list of 305 individuals who operated cars registered to the same address. The individuals range in age from 27 to 53 years of age.
The database contains their full names and passport numbers, as well as — in most cases — mobile telephone numbers. Besides the physical street address, the address entry points out the specific Military Unit: 26165. This is the same unit as the one identified in the U.S. Department of Justice indictments that were also announced on October 4, 2018.
Whoops.
Clive Robinson • October 5, 2018 4:21 AM
@ Ratio,
Yup that sort of thing goes on all the time when people live in stident accomadation, barracks, section houses, or similar shared accomadation.
You can do the same thing in the UK with the “electoral register” the “register of births marriages and deaths”. There are other sources of information like “promotions and transfer listings” in the likes of military magazines such as that of “Signal” for the Royal Corp of Signals.
It’s been going on in intelligence circles for ages. Why do you think that the English Secret Service as was used “Passport Officers” as their original cover.
The only real difference today is such lists are computerized and often made available to the public and interested parties such as Debt Collectors.
Back a long time ago when British Telecom was the major supplier of land line phones you could get a hold of the entire UK phone directory in printed form. Although it was listed by name in alphabetical order the address and phone number were given.
It did not take long for a few enterprising types to rebuild the phone books into a searchable form by address or number as well as name. It sold realy well to debt collectors and the like, a friend got quite wealthy doing it and cross refrencing with the electoral register…
There are plrnty of “credit checking” databases you can get access to which give the same sort of information.
The UK unlike much of Europe and other countries does not require it’s citizens to register their address with the Police and such like, but there is usually multiple records available.
This is not the first time thos has been done. Several years ago an investagative journalist/author did it with the New Zealand part of the “Five Eyes”… Similar could be done with GCHQ if you could be bothered.
The intersection of public records and GO and NGO entities is usually a fruitful search area.
In fact the UK is in the process of putting many of these databases together to form questions lists at interview to ask people applying for passports and similar for “background checks”.
All rather dull all rather routine and quite pedestrian.
The problem of course which credit checking and other agencies do not talk about is the “input error” or “transcribing error” rate, it’s been found that as much as 4/5ths of records in some databases containe errors… Quite a bit of it gets “sold around” so cleaning up such errors can be near impossible, because there is no legislation in place to enforce sorting it out.
Oh and it’s not gone unnoticed that you are ignoring requests to check the stuff you are posting. It’s something you have a bad habit of doing. Shame realy brcause it does a lot of damage to your credibility, infact sustained in thr way you have done it makes you look quite trollish, but then that is your choice after all.
JG4 • October 5, 2018 8:22 AM
@Clive – Thanks for asking the right question “Cui bono?”
@me – There are at least five classes of hardware backdoors.
@moderator – Is Zerohedge doom-porn officially off limits? My first news report yesterday on the purported Chinese hack was blocked. Even when I took the link out, preventing our loyal friends from seeing this gem:
“If, as it seems, we are in the process of becoming a totalitarian society in which the state apparatus is all-powerful, the ethics most important for the survival of the true, free, human individual would be: cheat, lie, evade, fake it, be elsewhere, forge documents, build improved electronic gadgets in your garage that’ll outwit the gadgets used by the authorities.”—Philip K. Dick
This is worth a chuckle.
Don’t Vote: A Knock the Vote PSA
https://www.youtube.com/watch?v=iphKlXj-kyE
I’ve probably quoted George Carlin, who said something close to, “If voting could make a difference, it would be illegal.” Trust has limited scalability. And I am paranoid enough.
echo • October 5, 2018 12:43 PM
@clive
Think of them more as “bio-drones”.
My thoughts exactly. What could go wrong?
@bttb
Repeating a pithy “subtweet” from Marcy [Wheeler]:
“That Kavanaugh was not credible about Dr. Ford should make folks realize that he was not credible on warrantless wiretapping, torture, judicial philosophy [e.g., about a judge being a neutral umpire or that Roe is settled law], using stolen emails, and Kozinski.”
You be the judge.
imo, It is good to vote your own interests rather than vote for the .1 (or .01 or .001) of the 1%’s interests.
I have meta few patriarchal and patronising goons in my life. Some are decent people and others need to be sent off for corrective therapy. The evidence trail on Kavenaugh is long enough and his mask has slipped far enough, speaking for myself, I do not perceive an alignment of interests.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Hmm • September 28, 2018 5:50 PM
https://www.mnn.com/green-tech/research-innovations/blogs/how-squid-teeth-will-one-day-fix-torn-clothing
I didn’t even know the rings had teeth!