Friday Squid Blogging: Japanese Squid-Fishing Towns in Decline

It's a problem:

But now, fluctuations in ocean temperatures, years of overfishing and lax regulatory oversight have drastically depleted populations of the translucent squid in waters around Japan.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on November 30, 2018 at 4:20 PM • 172 Comments

Comments

ToebsNovember 30, 2018 5:59 PM

Fishing everywhere where the fish in the sea are "common property" has led to the failure of fishing stocks through overfishing, as you would expect. Tragedy of the commons.

Regulation is not effective at solving this problem.

Iceland is the only country I know of where (as I understand it - corrections welcomed!) the fish in the sea *belong* to and are the property of specific fishermen. Iceland is the only country I know of with healthy fishing stocks, in much the same way as all of the major on-land farmed species, such as cows and sheep, also have healthy stocks.

echoNovember 30, 2018 7:36 PM

https://www.theregister.co.uk/2018/11/29/gchq_vuln_disclosures_judge_hacking_warrants/

On the same day that certain types of British state-backed hacking now need a judge-issued warrant to carry out, GCHQ has lifted the veil and given the infosec world a glimpse inside its vuln-hoarding policies.

This is typical UK statesector secrecy and walls of policy and opaque commitees. The whole exercise is a tyical slide as you read through from headline "this is a really nice policy" to shrugging shoulders and unknown people making unknown decisions about nothing. It's the old tried and tested UK state sector way for business as usual and head muddling waste of time to distract people from having a proper public discussion and bringing a judicial review.

https://www.theregister.co.uk/2018/11/29/gchq_encrypted_apps/

GCHQ pushes for 'virtual crocodile clips' on chat apps – the ability to silently slip into private encrypted comms Sliding into your DMs unnoticed, literally

Ditto.

https://www.theguardian.com/uk-news/2018/nov/30/sadiq-khan-under-pressure-to-stop-met-polices-gun-patrols-plan

Sadiq Khan, the mayor of London, has come under pressure to order Cressida Dick, the Metropolitan police commissioner, to stop plans for officers to patrol residential areas of the city with their guns on show.

No! No! No! The police (and government) have been trying to renegotiate "policing by consent" by stealth. This is not lawful and there is no consent for this like austerity policies are unlawfully breaching human rights obligations and Brexit has no mandate. While a woman in such a senior role is welcome Cressinda's fence sitting is making everything worse. You can't people please/triangulate with issues like this. It wouldn't surprise me if senior men in the police force like male Brexiters are taking advantage. Sexism in the UK police is bad and sexism in parliament is appalling. This issue needs the support of other women to put these men in their place.

https://www.independent.co.uk/news/uk/home-news/john-stevenson-us-visa-ban-terrorist-esta-form-mistake-a8660441.html

When policy drift is viewed as a whole UK police seem to be escalating while simultaneously disarming the population. This is very worrying when considering other public policy areas and the tone of politics. Grandfather banned from US holiday after accidentally ticking 'terrorist' box on visa form. 'I don’t know why that question is on the form in the first place'.

More evidence of the harm unresponsive bureaucracy causes.

https://www.independent.co.uk/news/health/flu-vaccine-deaths-nhs-ineffective-crisis-bad-weather-illness-2017-a8660496.html

Ineffective flu vaccine added to 50,000 extra deaths last winter, ONS says. Human suffering and lost lives over winter 'predictable, preventable and shameful', fuel poverty campaigners say.

More evidence UK government is killing more citizens every year than every terrorists attack in the world over a decade combined.

https://www.independent.co.uk/news/uk/home-news/lgbt-asylum-seekers-home-office-uk-applications-2018-a8658951.html

The proportion asylum claims from members of the LGBT+ community that have been rejected by the Home Office has surged in recent years, according to government data. In total, 78 per cent of asylum claims that included a reference to sexual orientation were refused last year, or a total of 1,464 people. This was a 52 per cent rise on 2015's figures when 61 per cent or 964 similar claims were rejected. Campaigners said the figures were “deeply worrying” and claimed the Home Office had “set the bar too high” for people seeking protection.

This is typical of the UK state sector who create unecessarily high bars often without scientific or legal justification for access to justice and public services, and now asylum seekers.

https://www.independent.co.uk/news/uk/home-news/yarls-wood-women-hunger-strike-detention-centre-home-office-flight-a8653111.html

‘It's like hell’: Yarl’s Wood women launch hunger strike against their indefinite detention and imminent charter flight. 'We haven’t got any human rights at all. It’s like prison. We're treated like we are nothing'.

UK state sector punishing people with "the cure is worse than the disease" type of policy.

https://www.theguardian.com/commentisfree/2018/nov/28/julia-banks-and-jacinda-ardern-show-its-womens-fate-to-be-diminished-and-objectified

“Often, when good women call out or are subject to bad behaviour, the reprisals, backlash and commentary portrays them as the bad ones – the liar, the troublemaker, the emotionally unstable or weak, or someone who should be silenced,” Banks said of the limited characters available for outspoken political women to play. […] But as recent weeks have shown, it is yet the ongoing fate of women to be diminished, stereotyped and objectified in the shared public discourse of politics.

Tell me about it!

https://www.independent.co.uk/voices/trump-supporters-women-christian-white-cult-brett-kavanaugh-straight-inc-mel-sembler-a8653881.html
As a former member of an American cult, I know why so many white Christian women fervently support Trump. For traditional Christian housewives, the fear might be basic: contradict your husband’s opinion and you’ll be out of food and shelter. But for much of Trump’s base, the fear is all gross ego.

How lack of education and socialy instititionalising behaviours cause "cult like reasoning".

https://www.theatlantic.com/ideas/archive/2018/11/white-women-gop/576586/

We are a country that is built around a white patriarchy, in which white men from the founding have been afforded economic, political, public, social, and sexual power and other people have been barred from it. White women, via their associations with white men, have enjoyed that proximal power and are thus incentivized to defend it, to uphold it. They benefit from white supremacy, and many are dependent on patriarchy, which they are then moved to support, politically and socially.

When slavery as a practice was abolished in the UK two things are notable. Rich slave owners were very profitably compensated by the government for their "loss". (Former Prime Minister David Cameron's ancestors were compensated slave owners.) The second uncomfortable fact is that women tended to live longer than their husbands. By not giving up their comforts of the status quo on abolition of slavery there were more women slave owners than men.

https://www.theguardian.com/world/2018/nov/30/metoo-has-been-misrepresented-as-plot-against-men-says-founder

The founder of the #MeToo movement has said the campaign she started against sexual violence has become unrecognisable and misrepresented as a vindictive plot against men. […] Burke said she felt the campaign was neglecting victims of sexual violence, adding: “This movement has been called a watershed moment, but some days I wake up feeling that all the evidence points to the contrary. “We have to re-educate ourselves and our children to understand that power and privilege doesn’t always have to destroy and take. It can be used to serve and build.”

This is a very good message. I'm really pleased Tarana was able to assert her message before the #metoo message was taken over my powerful abusive people who were both misogynistic and selfish. How did the discussion change from #occupy into alt-right extremism? This must not be allowed to happen to #metoo. When decent women make a stand our voice can and must be heard. #metoo proves this is possible. Once women have freedom there is no going back!

echoNovember 30, 2018 8:25 PM

@Bruce

Emptying homes in Japan have been a problem for some time. There are also entire towns and villages which are empty. The fact Japan overlooks the contribution women can make to the workforce doesn't help either!

I wasn't best pleased with the Fukushima disaster. It was on the stretch of Japanese coastline I was daydreaming of moving to if miracles every happened. Now I'm stuck we have Brexit. I must be a jinx.

https://www.cnbc.com/2018/11/22/japan-free-homes-empty-houses-given-away-and-sold-cheap.html

Japan has an increasing number of vacant homes — a problem that's set to persist because of an aging and shrinking population that has left many towns and villages empty.

http://jpninfo.com/22498

On the surface, Japan seems like a country with highly populated metropolises of high technology and sky-high accommodation prices. Tokyo is the most populated city in the whole world with over 13 million people residing there. However, Japan is entering a population crisis. The overall population of Japan fell by over 300,000 last year and so did the rate of childbirth. This means that Japan is in a unique position of heading towards a population that is 1/3 retired. More and more people from rural areas of Japan are moving to the larger cities for job opportunities. This is leaving ghost towns in the more rural areas, as the younger generation leaves and the older generations pass.

http://www.michaeljohngrist.com/ruins-gallery/ghost-towns/

Ghost Towns are the ultimate haikyo experience. If you long to be Indiana Jones, this is where you need to go. This is where the mystery is, whole towns that died.

http://jpninfo.com/19441

Men and women are both necessary in companies to provide a diversity of ideas as both genders think differently. Also, there are certain occupational fields in which men are more desirable for one reason or another, and the same goes for women. Of course, there are exceptions that are just waiting to be overturned.

If I had a decent relocationa and resettlement package I would move.

echoDecember 1, 2018 12:11 AM

https://www.theatlantic.com/entertainment/archive/2018/11/shoplifters-review-cannes-winner-hirokazu-koreeda/577063/

Shoplifters Is a Brilliant Dickensian Tale for a Modern Age. A triumph at Cannes earlier this year, Hirokazu Kore-eda’s film is a quietly devastating drama about a family living on the edges of Japanese society.

'Shoplifters' is a moral drama exploring different aspects of society and relationships and economics. I cannot find anything in this review on the very narrow topic of shoplifting and only a little in the trailer and review so this will be a meagre meal for desk bound pen testers daydreaming about badge flashing duck and roll action. In spite of the difficult and sometimes uncomfortable subjects this movie explores them in a lighter way than Ken Loach's wrist slitting dramas. On another note it provides a different emotional angle and may help inspire security orientated people whose sometimes mundane jobs don't often reflect the role they may have doing their bit in protecting society. Another perhaps political point is that our ideas of security may not be the best of all worlds.

Review here:

https://www.theguardian.com/film/2018/nov/21/shoplifters-review-hirokazu-kore-eda

https://www.theguardian.com/film/2018/may/14/shoplifters-review-family-of-thieves-steals-moral-high-ground-and-hearts

It is a movie made up of delicate brushstrokes: details, moments, looks and smiles. Shoplifters is the story of a group of frightened, damaged people who have made common cause with each other, banded together under the convenience flag of family, under the radar of the law, making the best of things from day to day, until they realise they have been making the worst of things. A rich, satisfying and deeply intelligent film.

Accommodation Of Your DataDecember 1, 2018 8:15 AM

Phishing you say...
may I recommend a stay at a hotel?

McMarriots: "Served over 500 million records"

I'm sure it's obvious here, but WHY WHY WHY store data for longer than it's reasonably needed? At least there will not be any legal repercussions for this, as normal.

Limitless data hoarding is done for consumer convenience, data-mining, profit, data sales, and "national security purposes".

For the general punter, what are your options?
Staying the night on the street is looking really attractive, if your destination climate currently supports it. (No offense to the homeless).

Until there are real sanctions with shark's teeth and cheetah backup we can only say "Have an enjoyable stay and sleep tight". Oh and next time it will likely be a different business sector... just to make it interesting.

Even when there is evidence of data "misuse" it doesn't seem to register with the public who are adequately distracted. Facebook for one is going well with impunity too large and influential to fail.

Hopefully we are closer to the threshold of public panic for people to demand legislation for such blatant culpability.

Business data security falls broadly within national security, so why isn't this a priority for everyone? Education is key and @Bruce tries to reach the receptive mainstream wherever possible, so that is commendable.

Whilst I'm not fully sold on @Bruce's regulation of the Internet, there is definitely something to be said for legal ramifications commensurate with damages to the affected regardless of business or consumer location.

Businesses and governments must quickly learn that data has a cost as a liability. Maybe they'll get lucky this year, maybe safe for another five years. But there is certainty that a nice data stash will one day be re-purposed.

JustWonderinDecember 1, 2018 8:48 AM

@echo "Ghost Towns are the ultimate haikyo experience. If you long to be Indiana Jones, this is where you need to go. This is where the mystery is, whole towns that died."

Japan is such a beautiful country ... mountains to sea. It's a lot bigger than some people suppose, with 1200 miles tip to tip, albeit it's in 6000 fragmented islands. You can explore for the rest of your life!

I wonder if the depopulation is due to diet? Soy, etc.

Martin FruehaufDecember 1, 2018 9:14 AM

Warning / Happening: Tutanota is possibly compromised!


An insider from the German Bundesnachrichtendienst (BND / Vopo) / Secret Service just has released a message stating that Tutanota was compromised.

The message as reported by the BND insider just has been picked up by the British Guardian online edition (30th Nov. 2018, 7:30pm GMT).

Here the message:

Tutanota recently released a new recovery code feature that allows a user to recover their account if they forget their password. This recovery code adds a second method to decrypt your private key and thus your emails. This feature was never asked for by the user base, and they refuse to let users opt out of creating a recovery code. Each time you log in to Tutanota you will see a pop-up requesting that you create a recovery code.

Now I will explain why this is happening:

I work within the German government, and I know for a fact that Tutanota was served an order by the intelligence services to create a database that can be used to decrypt any user's email address upon request. Tutanota is currently under a gag order and cannot speak about this request publicly. This is basically Hushmail/Lavabit 2.0. The recovery code is essentially a government recovery code / backdoor used to read your email if requested by the government.

I'm posting via a public WiFi with a disposable device in a location with no CCTV cameras. This was very hard to do, and I won't be posting again so please do not delete this thread. Users please screencap or archive the thread. I felt I must warn people, especially journalists who rely on the security of Tutanota and may reside in countries with oppressive regimes or human rights abuses.

Comment: Tutanota, as well as all German e-mail providers must provide data as requested to the German Secret Service / (BND / Vopo). This also applies to all German encryption software; it is mandatory for them to incorporate a back door. This, however, is not new. It is a practice that informally has been in place since the mid-nineties.

That happening follows the recently leaked information indicating that ProtonMail also was compromised and that its servers, contrary to what the company stated, were located in former USSR territories.

JG4December 1, 2018 10:15 AM


I'm doing a bit better cognitively. I think that I'm going to be able to start writing code again. I really like the idea for a filter of the archives that can pull out all of the brilliant book recommendations. I read some of the classics in the 1970's and 1980's, including The Ultra Secret. But I haven't even gotten around to ordering the ones about the real life James Bond characters, including the one who warned the US about the impending attack.

https://www.nakedcapitalism.com/2018/12/links-12-1-18.html
...

Big Brother is Watching You Watch

Amazon May Be Hiding Its Plans to Test New Wireless Tech by Masquerading as a Massage Spa IEEESpectrum (Chuck L)

Automakers give the Chinese government access to location data of electric cars The Verge and In China, your car could be talking to the government Associated Press. Coming to the US soon!

500 million Marriott customers have had their data hacked after staying at hotels including W, Sheraton, and Westin Business Insider (Kevin W). If you didn’t join their loyalty program, you got charged for Internet service.
...

[can't guess how this failed to be filed under Big Brother]

Facebook Discussed Using People’s Data As a Bargaining Chip, Emails and Court Filings Suggest Washington Post
...

Toad GuyDecember 1, 2018 10:29 AM

Just got a Amazon/Chase credit card good for Whole Foods.
Brother received one as well.
No notice from Amazon.
The bank said they got other reports of these accounts which have already been closed as fraud.
Went across the street to Whole Foods to see what they were like and asked for the loan department.

TatütataDecember 1, 2018 1:04 PM

Seen in the German press (WiWo, 22.11.2018): Kaspersky to be saved by moving to Switzerland.

As the content is mostly behind a paywall, I tried finding an alternate source, and came across a communiqué dated 15.05.2018.

Dunno whether this will do much good... Wasn't Boris Hagelin "bought" by NSA envoy and friend William F. Friedman after he moved his assets from Sweden to Switzerland?

A Nonny BunnyDecember 1, 2018 1:45 PM

@echo

When slavery as a practice was abolished in the UK two things are notable. [..] The second uncomfortable fact is that women tended to live longer than their husbands. By not giving up their comforts of the status quo on abolition of slavery there were more women slave owners than men.
Is that based on speculation or documentation?
Because I though a lot of women in those days tended to die relatively young as result of childbirth, among other things. (Though I guess in such cases the men might very well have remarried, and be outlived even longer by their younger second or third wives.)

@JustWonderin

I wonder if the depopulation is due to diet? Soy, etc.
Considering their past diet and population growth, I'd give that a resounding no.
I can only speculate abotu what the real cause is, but I think it's more a matter of reproductive choice/control and that there's a lot more disincentives than incentives for reproducing in Japan for modern women.
And not just in Japan. (Just more so, maybe.)

RichardDecember 1, 2018 3:19 PM

"Kaspersky to be saved by moving to Switzerland." Seems to me /pol/ tier news. Kaspersky Labs GmbH (not even an Aktiengesellschaft...!) was incorporated in Steinhausen (Canton of Zug) on 22nd Dec. 2008 (sorry, not a typo), and the MD was a German (with single signatory power!!) from Kaspersky Labs GmbH, Ingolstadt. Read all about it (in English) on the website of the Canton of Zug Companies House. The trade registry no. of the company is CHE-114.644.463. The address given is the showroom of a car dealer (not Lada, btw). There is no other Kaspersky incorporated in Switzerland. Check it on www.zefix.ch.

Still, I also have red the Kaspersky story some months ago. It seems they wanted to move some of their antivirus operations to a city near Kloten airport to give them an air of credibility. That story can be found everywhere on the internet. Yet, I doubt whether that has materialized. Maybe, they still are trying getting work permits for their code monkeys.

I remember that a few other "special" companies set up "operations", or let's call them ghost operations, in Switzerland, believing the banking secret still would exist (ask your German dentist all about it), forgetting the new mass surveillance law BUEPF and the Hacking Team blunder. Two of the most prominent names are.

(1) Blackphone (somewhere in Geneva, address with a business centre); hardware designed in Spain (?), manufactured in... no idea.
(2) Protonmail, a bunch of zoomers who worked with CERN and want people to believe Protonmail was in any way associated with CERN. (Though apparently, in the meantime Protonmail has received funding [for what?] from the Swiss government).

The Crypto AG story again is /pol/ tier BS. First, their machines were ok (have operated some of them myself) and second, the company closed shop about two years ago. It did not go bankrupt but was wound up by the foundation that owned Crypto AG. That's probably because of the shift from hardware-based encryption to software-based encryption. The fact that the Crypto AG was located in Steinhausen, just as Kaspersky Labs GmbH is a coincidence. Crypto AG had a large bricks and mortar plant rather than a mailbox only. (In the Canton of Zug, corporate tax is very low & can be negotiated, which is why many foreign companies are incorporated there.)

I remember a "study" conducted by Bruce Schneier (with the help of website visitors) claiming that Switzerland was the country where most encryption software and hardware came from, which of course is ... you know what.

Switzerland never had encryption software companies. The encryption hardware manufacturers (Hasler, Autophon) went out of business decades ago. What remains is a tiny but cutting edge Kudelski spin-off (that originally came from Autophon [via a Zurich polytec / ETH spin off]).

I'd rather people would focus on the German encryption company owned by our blue boxer friend WH (the Internet never forgets!) and why, in the early 90s, the best German encryption firm (probably one of the world's best) was forced to close shop.

"Friday Squid Blogging: Japanese Squid-Fishing Towns in Decline". I would not worry too much about any "decline" happening in Japan. As I see it, the country is in stellar condition, even population growth wise. In fact, I would not worry about Japan at all.

I guess, the Japanese (and their modern women) just prefer to be left alone, if you know what I mean...

Also, I would not worry too much about Japanese women. Yes, they are Asian, but not to be confused with other Asians. Japanese women are very self-confident and contribute quite a lot to the country (economy). But - again - they, too, probably just want to be left alone.

As they say: Tokyo, much larger than London, but zero terror attacks. Tell that Sadiq. He should worry.

SimonDecember 1, 2018 6:52 PM

@Richard

Which German encryption company closed in the 1990s? I can't find any reference online.

Clive RobinsonDecember 1, 2018 7:00 PM

@ A Nonny Bunny, JustWonderin,

I can only speculate abotu what the real cause is, but I think it's more a matter of reproductive choice/control and that there's a lot more disincentives than incentives for reproducing in Japan for modern women.

High birth rates tend to be found in agrarian cultures, where there is no pension etc, thus you have to have sufficient children to ensure you can be looked after in old age.

As agrarian cultures become industrialized, not just do new oportunities open for women, economic changes mean that men marry later. Further to preserve life style the number of children a couple will have drops in a generation from around five to just two or one. Within a couple of generations life expectancy can go up from just fourty years to late sixties and if health care improves a further couple of generations will see many making it not just to their eighties but into a century.

The real problem as China has found, if you decrease your population by limiting the birth rate the following generations with increasing life expectance quickly predominate and can not be supported by the "economicaly productive" citizens. Either the country will have to drag in "non domiciled" persons in an ecomonically prodictive age range, or the citizens will have to work into their eghties. That or the older citizens will have to have their life expectancy reduced in various ways (health care rationing being just one).

Japan though being a wealthy nation has a significantly falling population and many people not marrying and having even one child let alone the three or four needed to get Japan back to a stable population. Worse they are aging and are not economically productive in what is still one of the most expensive places in the world to live.

The situation is thus untenable...

There is however another issue in Japan there is a cultural stigma about moving into a house where there has not been life in it. Thus when older people living on their own die there homes become effectively worthless as people will not buy them. A secondary effect is that new generations will not move into an area thus the area dies rather more quickly than other information might indicate.

Thus humanity has a problem we know that reducing the world population by atleast 10% is highly desirable. The problem is the increasing numbers of elderly people who could have more years in retirment than they have actually worked...

In the UK for instance to get a better job means you need an advanced degree, which means you will be twenty-five or more when finally entering the job market with the equivalent of $70,000-90,000 student debt. If you want to retire at 65 then you will only work fourty years. But people are living beyond 105years old in increasing numbers... By the time those bourn in the 1980's die the chances are they will effectively still be in debt from student loans / mortgage, and they will not have been able to aford more than one child who will not have been born untill the parents were in the 35-45 age range... In short there will not be the resources to look after the parents in their 70's who might well live for another quater century... Which is why some people are talking about moving the age of retirment up to beyond 70...

WaelDecember 1, 2018 7:15 PM

@Clive Robinson, @A Nonny Bunny, @JustWonderin,

Which is why some people are talking about moving the age of retirment up to beyond 70...

Be happy you weren't born In the year 2274! Nobody will make it past 30 then (with a handful of exceptions.)

RG-2December 1, 2018 7:29 PM

Cyber War Surviveability and Security
"For the risk-averse USA intelligence community, the decision to go with a commercial cloud vendor is a radical departure from business as usual.
“What we were really looking at was time to mission and innovation,” the former intelligence official said."
Forget war-time operational security? Try eliminating single points of failure. In a time of conflict the disabling your adversaries entire Internet would be a primary goal.

Who to Target
To gather who to target, remotely redirect the cloud services and gather email and IP address recording all traffic for an hour. Then match to stolen OPM dossiers.
https://www.theatlantic.com/technology/archive/2014/07/the-details-about-the-cias-deal-with-amazon/374632/

Data Centers, Satellites, Command and Control
Consider EMP weapons as discussed in this sobering report:
https://www.washingtonexaminer.com/washington-secrets/military-warns-emp-attack-could-wipe-out-america-democracy-world-order

The Safest Place
Its quite apparent that Silicon Valley’s awesome surveillance capabilities are best preserved lock, stock and barrel. They may be temporarily disabled but are rather obviously deemed too valuable to destroy. The high percentage of highly-skilled foreign nationals is another positive.


On a high note at least The West is restricting 5g vendors.

echoDecember 1, 2018 8:52 PM

Speigel is carrying an article examining the far right. The article covers billiaire backed deep money funding far right parties. One interesting element is their racist political views of jewish Wall Street bankers. The far right hate the Euro and since the financial crash have used gold trading as a way to peddle their corrosive political message and a way of raising money for far right parties. With this piece of journalism Spiegel are unravelling the anti corrupt establishment line and grassroots funding lies of the far right parties.

What is worrying about this pattern is people who were previously publicly respectable have been revealed as having far right affiliations when opportunity arises.This fits in with the current security services view that the far right operates as a movement which works within established legitimate structures.

Continuing investigation and slowing down the process of populist political change is having the effect that the far right are slowly being exposed as legitimate authorities uncover and begin to develop a counter narrative.

http://www.spiegel.de/international/germany/billionaire-backing-may-have-helped-launch-afd-a-1241029.html

jdgaltDecember 1, 2018 9:20 PM

Poker pro Doug Polk posted this wonderful guide on how to protect yourself from scams and cheating, both in-person and in online games.

ThothDecember 1, 2018 11:31 PM

@Martin Fruehauf

If you trust a service running off Node.JS for security (i.e. Tutanota), you have a very low bar of security.

Tutanota uses Node.JS as a web application server and just looking up on Node.JS and it's NPM repository issues and vulnerabilities would have immediately given the chills.

If you want private conversations, use lemon juice for invisible ink and the usual One-Time-Pad setup for message encryption as a stream cipher we usually discuss here via the Search Bar on the top left side. Use a flammable cigarette paper for writing your message on with the blended ink and carry a lighter.

If you do not have the time to burn the encrypted message on the cigarette paper, find a body or water (i.e. river or lake) or even toilet bowl to discard and flush it down.

Men in BlackDecember 1, 2018 11:42 PM

@echo

Continuing investigation

Ahem. Sir Robert Swan Mueller III is responsible for that.

and slowing down the process of populist political change

Elitist political obstructionism on Mueller's part.

is having the effect that the "far right" are slowly being exposed...

The Screwtape Letters. A Clockwork Orange. This is what I was told.

AlbertDecember 1, 2018 11:56 PM

I thought, the Spiegel article was about Soros rather than Finck. Taking the Spiegel as a reference. How pathetic.

ThothDecember 2, 2018 12:08 AM

@all

GCHQ Wants Virtual Crocodile Clips

It is simply just posturing.

Backdoors are everywhere from your recent ARM Cortext M series now releasing a Secure Element + ARM TZ combo in every ARM chipset with the implication of enabling tamper resistant pervasive backdooring in every ARM Chip.

Not to forget Qualcomm was a few steps ahead proposing Secure Element in a chipset technique by having the new generation of Qualcomm chipsets rolling off the production lines with not only ARM TZ but also an embedded SE with the public announcement claiming that the use case is for SIM-less phones and for hardware Root-of-Trust but we all know that is just half truths.

Apple, if anybody remembered the FIPS 140 document I seemingly randomly published earlier, embedded a 'Secure Processor' but from the FIPS document, it is only rated as FIPS 140-2 Level 1 which means it has no Secure Element components and thus is not tamper-resistant physically and thus not considered to be true hardware security. It is in the same league with INtel SGX and AMD PSP by using a separate low power RISC core/s (usually ARM based) as "Management and Security Engine" but they lack the tamper resistant of Secure Elements thus they are easily considered as predecessors of the ARM's latest Cortex M security enhanced chipsets that may start to spot Secure Element based security and also Qualcomm's attempts to push out Secure Element backed phone chips.

These chips are very powerful physical and logical crocodile clips in every way and form and it would not be surprised that GCHQ, NSA, et. al. are already working on it or already using it to the fullest advantage with the continuing push on the news for "Golden Key" and other means of Exceptional Access simply a posturing as well as a legal show.

It is only a matter of time when one of these Exceptional Access mechanisms find their way into GOTS and Military appliances and then bite them back real hard as most Military and Govt hardware contractors these days use a lot of Off-the-Shelf chipsets (i.e. ARM cores from NXP, Ateml ... etc ...) and these possibly already compromised components begin to (un)knowingly find their way into Govt and Military/Intel applications (o.e. Fire Control System, Secure Comms & Radios ... etc ...) with disastrous consequences.

Who else to blame but themselves ???!!!!

Link: https://www.theregister.co.uk/2018/11/29/gchq_encrypted_apps/

Martin FruehaufDecember 2, 2018 12:32 AM

@Thoth

German sarcasm always is appreciated even if it borders on the stupid.

Goebbels did better btw.

echoDecember 2, 2018 12:39 AM

https://www.theguardian.com/commentisfree/2018/dec/01/sheryl-sandberg-lean-out-corporate-feminism

If this sordid story is good for anything, I hope it serves as a reminder that we need to push back against corporate feminism. Capitalism has coopted feminism and turned it into a way for privileged women to advance their careers and sell books. Ivanka Trump has written a “feminist” book, for God’s sake! Obviously, being a rich and successful woman does not make you a feminist. Fighting for all the equality of all women does. Having more women in powerful positions means nothing if all they’re doing is leaning into exploitative capitalist conventions. Sandberg is a very clear example of that.

Arwa Mahdawi expands on the idea that power structures co-opting and corrupting positive change must be fought back against.

https://www.theguardian.com/uk-news/2018/dec/02/russian-journalist-seen-behaving-suspiciously-at-uk-military-base

The 77th Brigade is a regular and reserve unit that aims to “challenge the difficulties of modern warfare using non-lethal engagement and legitimate non-military levers as a means to adapt behaviours of the opposing forces and adversaries”, according to the British army website.

We all know what this means behind lawyered technocratic language.

https://www.thedailybeast.com/nigel-farage-boris-johnson-jacob-rees-mogg-the-three-clowns-of-brexit-are-no-joke?ref=home

Clowns can be dangerous, in some cases very dangerous.

This article traces the history of British Neo-Nazis from WWII through to the present day. Highlights are how elements of the British establishment hold far right views and how they manipulate their voter base. The article also exposes how the British far right have rehabilitated themselves with clever marketing.

echoDecember 2, 2018 12:55 AM

@albert

I needed to reread my comment before seeing the connection. I guess this goes to show how deep farright "advertising" effects emotional stereotyping mechanisms. I was personally hoping for dirt on the likes of Peter Theil. The closest so far is the Templeton Foundation sponsoring Brexit. The ERG (European Reform Group) remains murky as does who is funding Bannon.

Earlier news was the former head of the German security services has been sacked. After some questionable decisions it became very obvious he held far right sympathies and had to be sacked.

PrivateDecember 2, 2018 6:30 AM

@Martin Fruehauf : I heard this about a year ago, from a German friend, who in turn had it from what seemed to be a reliable and credible source.

In general, the assumption has to be that all major web-based email services are compromised.

RichardDecember 2, 2018 8:30 AM

@Simon


>Which German encryption company closed in the 1990s? I can't find any reference online.

I won't tell you the name other than that the company was based in Berlin. Just checked on google and address does not exist anymore. By now, the gent must be in his 90s. So, no name from me.

All I can say is that her was forced to stop selling his encryption product by the BND. I know it, since I was a user and we discussed his encryption software over the phone.

You can ask anyone in Germany who has used encryption software around 1988 - 2001. They will know the name for sure. His package (it included a safe erase tool [now, I already told you too much]) just was the best you could get.

And there is not much on the internet either since, in 1989 that did not exist or at least was not mainstream.

Let me know you you found out the name!

Yabba Dabba Don'tDecember 2, 2018 11:17 AM

@echo

I don't want to stray too far from the mine run of this blog so I will keep my reply brief. Feminism has always been taken up by elite women trying to impose an ideology on others. Anthony and Aadams were both scions of well-to-do families. Same for Lucy Stoner. The "sisterhood" disappears rather quickly once class gets involved. So the co-option has been there from the beginning, it is not new danger.

WaelDecember 2, 2018 11:24 AM

A few links to cheer you up on the remainder of your weekend, before you get the usual rude awakening

@Bruce, Surely you can do a song like this next time you speak before US House Committee of Energy and Commerce! I say, one of us can even help with the words and lyrics ;) Now that would be a Pay-Per-View event ...


PS: The last YouTube link has this c2UFckR1Qzg string. No comments, but the string has a meaningful pattern, if you look close enough... That's a Yellow-Card topic, @Clive Robinson -- your specialty, that is ;)

SimonDecember 2, 2018 1:29 PM

@Richard

My best guess thus far is Brokat, but some aspects of that company's history don't fit your description, so I'll keep digging.

TatütataDecember 2, 2018 4:39 PM

@Wael:

Amazon actually sells a lot of services to the CIA, so they are in contact, and such a contract could provide a perfect cover for continued discussions on
a variety of subjects:

The Details About the CIA's Deal With Amazon

And who can say that the server farm within the moat has no contact whatsoever to the one outside, e.g., for anonymously gathering data?

WaelDecember 2, 2018 5:09 PM

@Tatütata

so they are in contact...

Totally expected. I would have done the same. The industry has more resources and it's sensible to utilize the capabilities within, one would think. What I find interesting is the legal battle that took place over a mere $600M amortized over a period of upto 10 years. ;)

Clive RobinsonDecember 2, 2018 5:09 PM

@ Wael,

Alright... Logan's Run.

Another film that is not the same as it was on first release, due to various people interfering in their PC etc way...

WaelDecember 2, 2018 5:25 PM

@Clive Robinson,

Another film that is not the same as it was on first release

I never watched the movie. I watched the series, and I liked it. These were the days! Space 1999, The Six Million Dollar man, The lost Islands, Planet of the Apes, Star-trek, the original X-Files ...

Some new ones are good, too: Prison break, The Shawshank Redemption, Tombstone, ...

... interfering in their PC etc way...

Happens all the time. Take for example Huckleberry Finn...oh, well.

WaelDecember 2, 2018 5:37 PM

@Ismar,

I don't think it would be too difficult to write a small browser extension (or a mobile application) that filters the content. It could include an ignore button, or a follow button... Nice project to work on, but I never had the bandwidth.

Clive RobinsonDecember 2, 2018 6:58 PM

@ Anders,

The 77th Brigade activities are not exactly new...

Look up white / grey / black propaganda,

https://www.psywar.org/content/undergroundPropaganda

And also the British journalist Sefton Delmer, who used the "Aspidistra Transmitter"[] near Crowborough in southeast England, to fake a break away German Millitary Transmitter as part of a "Black Propaganda" campaign during WWII.

@Bruce has put up a thread about Aspidistra it in the past, almost exactly a decade ago,

https://www.schneier.com/blog/archives/2008/11/aspidistra.htm

Sadly the link to the photos is nolonger valid.

echoDecember 2, 2018 7:12 PM

@Clive

77th Brigade are a new organisation but as you say nothing new in itself. The reason I focused on the legal bit and discription of its purpose is it needs unpacking much like GCHQs lawyered technical explainations. The bit missing in discussion is what these words say, what they mean in practice, and the history and context.

I don't have a link offhand but during WWII the policy was to broadcast the truth even when the allies were losing. The idea behind this is if propoganda was broadcastthen when the allies needed the broadcasts to be effective nobody would be listening. When the war began to turn the broadcasts were effective. I forget what the article went on to explain but I believe it gave specific examples and suggested this led to a shortening of the end of the war.

Today? The US position is a legal slight of hand. In theory they have to tell the truth to the American people (which indirectly means allies too) while in practice can tell any fib they like abroad. This whole subject area is a discussion in itself. While theremay be a case for misleading the forces of evil on another level this can feedinto a culture fueled by lies and suspicion which isn't good either. The last gotcha is that I believe the US courts have ruled that a lie told abroad is okay even if it filters back to the US and corrupts democratic discussion.

Given this modern context I think it is fair to question what 77 Signal Brigade are up to and what the legal position is and what the consequences are.

If you will excuse a gripe instead of earlier contributers leaping down my throat and unfounded allegations of paranoid conspiracy theories and mansplaining wounded hurt being thrown in my face discussion was sensible and informed like this we might make progress? Not just with this narrow topic either but with others too? Hands up who else caught Ethan Seigel out when discussing paradoxes? Nobody. Exacxtly. Who else bothered to follow up and give him credit for deeping our understanding of "paradoxes"? Nobody.

Clive RobinsonDecember 2, 2018 7:51 PM

@ Angus, Ismar

Rather than complain, how about dig up and post on this thread something you think is suitably technical oh and new to talk about?

The simple fact is the field of endevor is maturing and much "news" is realy "reboiled cabbage" as the recent Marriot issue shows. I suspect I would not be the only person who would find "XXX loses YYmillion customer records" dull. However an analysis of what the methods are the suppused attackers use would be more interesting.

As for crypto that also appears to have stagnated news wise, with the bleating of various people about "Going Dark" poping up like demented moles in a WhackAmole board... Worse much "technical" these days appears to be "hat tipping" towards what ever the current US Cyber-existential-threat-nation happens to be.

The simple fact is there appears less and less "pure technical" or "technical without politics" around to be discussed than before. Thus broadening the scope of topics to avoid national politics may be away from what you view as technical, but is still valid in the broader meaning of Security.

As for the site going down hill it got hit massively in 2016 as did many other security sites, and many people got driven away. Contrary to what many Americans appear to think, US politics is not of much interest to non Americans, except where it causes security related issues outside of US soil.

As you may have noticed any one can post here at any time and as a matter of principle our host @Bruce does not ask people to give up their privacy etc by having to register. 2016 and the hit was just one of the prices of such principles.

echoDecember 2, 2018 9:53 PM

https://www.theatlantic.com/video/index/577087/neuroscience-perception/

Many people assume that they perceive the world as it actually is—as if eyes and ears were windows that allow us to access an objective reality. But perception is not an accurate reflection of an externally existing world.

Before I forget this is an interesting article. I sometimes joke of hacking peoples neuro-psycho-social stack. The reason for this as the article partially explains is our neural network is a data gathering machine which (semi-processes some data before it reaches the brain) and which then processes data in lots of different and sometimes competing ways whith one part of the brain overriding another before it reaches what we call our conciousness. As we know this "edited experience" can affect judgment and may itself begin to edit content into "false memories" as well as the other more positive experiences.

The whole subject is much more involved than this, obviously, and knowledge of this field and related areas can and has been applied in a security and counter-security context.

What's the difference between the Skipral affair and the movie "The Sting". Not a lot really. As the podcast says "perception and hallucination" have a lot in common.

Rach ElDecember 2, 2018 11:25 PM

Martin Fruehauf

how was Protonmail compromised? Given their setup it is extremely difficult to do bulk collection on Protomaail regardless of where the servers are located
individual users, state actor packet interception - okay. but what are you suggesting? And, why would they lie about their servers being in Switzerland?

Rach ElDecember 2, 2018 11:32 PM


JG4

This has been mentioned to you before. Manager for Muhammad Ali, whom features a fair bit in the book. So well placed the CIA insisted on recruiting him as an outsourced asset and wound up at the table of the Contras amongst other messes. A ripping read.

www.bookdepository.com/Overworld-Larry-J-Kolb/9780593053591

echoDecember 2, 2018 11:34 PM

This is an interesting "meta viewpoint" by George Soros.

https://qz.com/1480543/the-george-soros-speech-at-the-center-of-the-sheryl-sandberg-facebook-controversy/

The internet monopolies have neither the will nor the inclination to protect society against the consequences of their actions. That turns them into a menace and it falls to the regulatory authorities to protect society against them. In the US, the regulators are not strong enough to stand up against their political influence. The European Union is better situated because it doesn’t have any platform giants of its own.

The European Union uses a different definition of monopoly power from the United States. US law enforcement focuses primarily on monopolies created by acquisitions, whereas EU law prohibits the abuse of monopoly power irrespective of how it is achieved. Europe has much stronger privacy and data protection laws than America. Moreover, US law has adopted a strange doctrine: it measures harm as an increase in the price paid by customers for services received—and that is almost impossible to prove when most services are provided for free. This leaves out of consideration the valuable data platform companies collect from their users.

Commissioner Vestager is the champion of the European approach. It took the EU seven years to build a case against Google, but as a result of her success the process has been greatly accelerated. Due to her proselytizing, the European approach has begun to affect attitudes in the United States as well.

DeeDecember 2, 2018 11:36 PM

Martin

As they say: Tokyo, much larger than London, but zero terror attacks


and the Torys have asked their aides to send memos, emails etc asking for a respite, please, they have enough to deal with presently


Trans-Encryption ExpressDecember 2, 2018 11:49 PM

Of interest to readers might be the discussion of encryption bypass (a.k.a. special access arrangements) occurring during the final week of parliament sitting in Australia for 2018.

This is particularly interesting after the "My Health Record" debacle which included pushing back mandatory opt-in a couple of times now until about January 2019. Search "My Health Record" if you're interested in the background.

Furthermore the Census problems of a few years ago... well, it just seems that people are beginning to question over-reach of data. Unfortunately such a position is just inconvenient.

It seems that this is just another legalisation of what is already occurring - since at least 2013 - without supporting law. That the new bill does not include a warrant and oversight mechanism is not worth discussing as it is de rigueur.

My argument is that if these powers are truly necessary, that there will be no issue with citizen oversight and a solid right to privacy legislation with considerable financial and incarceration penalties. That this balance does not seem to be forthcoming can only signal devious intent.

Then again, silly me, we are still in the War On Terror(tm) and in a state of perpetual and increasing emergency*.

Merry Cryptmas... at least until it's outlawed.

---

(* France are declaring a state of emergency for the recent riots. That is commendable but I must say they seem to still be in that state since some cars decided to take a detour a few years ago. Oh how quickly we forget our current state of affairs and how we got here!)

ewwDecember 3, 2018 12:01 AM

I guess, the Japanese (and their modern women) just prefer to be left alone, if you know what I mean...

Also, I would not worry too much about Japanese women. Yes, they are Asian, but not to be confused with other Asians. Japanese women are very self-confident and contribute quite a lot to the country (economy). But - again - they, too, probably just want to be left alone.

echoDecember 3, 2018 1:35 AM

https://www.theatlantic.com/science/archive/2018/12/project-troy-science-cold-war-psychological-warfare/576847/

All this suggests that scientific programming had a place, if not necessarily a prominent one, in both overt and covert psychological-warfare programs in the early 1950s. Over time, the CIA and the State Department would find ways to incorporate messages about scientific progress more directly into their work. They did so particularly with programming aimed at a particular class of elite technocrats in developing nations—the very people that NS-68 proposed to win over in the first place.

This article by The Atlantic covers the broad history of US psychological warfare. Some notable points this article raises are the use of a broad range of sciences and an almost Star Trek like "Prime Directive" policy of none interference in foreign countries internal affairs (while in practice the oppositewas true. Another serious point is the policy thrust was that propoganda should be based on truth not lies.

From a UK perspective the UK is much more secretive. One thing which stands out to me is that the UK government used psychologists as part of the process of lawyering and "firming up" the now largely discredited and unethical and, I believe, unlawful assessment schemes of disabled welfare recipients. I haven't heard a single peep from the British Psychological Society as similar regulatory bodies.

I have heard people say (inlcuding ex military people) that the low level of civil service pay for GCHQ and MI6 et al forces out people with talent and energy who almost always end up working for the private sector.

I'm curious about the organisational priorities and organisation structure and training of 77th Signals Brigade. Nobody knows and nobody is saying because #secret.

If you collected ever scrap of UK public information on psychological warfare including from "Old Boy network" retirement fund memoirs and lectures it would total less than this single essay by The Atlantic.

Rach ElDecember 3, 2018 2:23 AM

Martin Fraehauf


https://www.bleepingcomputer.com/news/security/hacker-say-they-compromised-protonmail-protonmail-says-its-bs/

i appreciate Thoths comments about client-side javascript being used for encrypted email and yet, in a multiverse (thats a nod to Wesley Parish) comprised of dodgy free email providers Protonmail are doing a much better job than anyone. If you put together a crew of stalwart Schneier commentators and said 'here build a free email provider for the masses, in a way thats functional and practical and can be used by an idiot, with your ethical rule stick to direct you - what will you do?' it wouldn't look all that different from Protonmail.

I did a quick search to substantiate your claims.
The above link is a report from mid November about claims of extortion and Protonmail being hacked. it is clearly a joke


WeatherDecember 3, 2018 2:55 AM

Rachel El
Regarding protomail they did send a email to there clients saying they were under ddos attack,but were working with others to stop it.

I found there setup good,about client side attacks, yahoo suffered a sever breach that protomail would have had minimal or a lot more work to do as much damage.

WeatherDecember 3, 2018 3:08 AM

Echo
Regarding psi warfare, america had the Stargate program and Russia Yuri.
In the 70ty I think, now days I think there would be issues using or devolping it.

Got a idea off Stargate movie were they look into a device and it transferred knowledge, I though hearing should be abeal to encode 5000 chars a second, setup a program to display a letter then make a unique sound 3*6 bits, and made a program to read text and convert to audio file.

The sound was a chuckboard but I thing 5 years of age to 7 learning that might help.

But I doubt it is PC

Clive RobinsonDecember 3, 2018 6:30 AM

@ echo,

77th Brigade are a new organisation but as you say nothing new in itself.

What else is not new,

    We tend to meet any new situation by reorganizing, and a wonderful method it can be for creating the illusion of progress while producing confusion inefficiency, and demoralization.

Sound familiar? It's actually cited as being from Petronius Arbiter, a Roman from the time of Nero...

And what is it we all know about Nero ;-)

Now what is that song we teach little kids as a metaphor for life and history... Yup "The wheels on the bus go round and round, round and round, round and round".

    Plus ça change, plus c'est la même chose

Jean-Baptiste Alphonse Karr.

Clive RobinsonDecember 3, 2018 6:49 AM

@ Rach El, Martin Fraehauf, ALL

If you put together a crew of stalwart Schneier commentators and said 'here build a free email provider for the masses...

I'd start with "You need two computers and..." at which point I'd get told loudly "Not practical", "Not usable", "Not in the spec", etc, etc...

And that realy is the point, anything we make to run on a single instance of a modern user computing device can not be made secure no matter what software etc you use... That's the bottom line if you think anything else you are realy deluding yourself.

It's why the "Going Dark" we keep getting told about by the DoJ and all manner of other idiots/sociopaths since the FBI's Louis Freeh went on his "Gospel tour" is a compleate nonsense...

I'm sorry if it upsets peoples sensabilities, hopes or dreams but that's the cold hard reality of the techno-distopia we live in currently.

Trans-Encryption ExpressDecember 3, 2018 7:33 AM

Thanks @Ismar :-)

Unfortunately many in political circles cannot resist the lure of making the best of a crisis.

If you're Australian (or at least of British extraction), you'd understand that "we're rooted" - an obvious double-entendre for the Unix folk, and seemingly fit for the current task it would seem.

If legislation is required, politicians should try to put the politics aside, stop with the personal attacks, and start to debate the issues and even hear from the lowly citizens and technical professionals on these things. Less than one week... well... all you can expect is the pre-Christmas metadata legislation of a couple of years ago which passed.

"National Security" seems to be the best way to stifle debate and considered reasoning. Nothing is absolute. It's fine to have an opinion and debate it openly and honestly with the citizenry. But for years now, "National Security" has been a quick free pass to legislation and obfuscation.

Ideally, this legislation should not be required. But I understand that times have changed. How much change is required for now appears not to be commensurate to the requirements of oversight and proportionality. This needs considered minds - a rare thing in politics - to calm down, have a good Christmas drink and reconvene with cooler minds in the New Year, particularly after all the bollards and CCTV installations are completed.

Already it is possible to narrow down suspects by warrantless interception of metadata. This and all relevant legislation needs to be updated to reflect the realities of proportionality and human rights. Sniffing everything will lead to an overdose of data, much of which will be inevitably leaked.

On a personal note, for all these shenanigans, I have reconsidered my tenure in the tech industry. I sleep well knowing that I am not a potential accessory to warrantless surveillance, and that the code and services I have contributed to society does not contain backdoors, front doors, skylight or under house entrapments. Without being boastful, this overreach has cost professional talent, tax dollars and economic side-benefits. That's unfortunate.

echoDecember 3, 2018 8:21 AM

@Clive

And that realy is the point, anything we make to run on a single instance of a modern user computing device can not be made secure no matter what software etc you use... That's the bottom line if you think anything else you are realy deluding yourself.

I'm still interested in the challenge of a verifiable by eye mechanical computer capable of implementing AES level encryption. How small could this theoretically be after optimisations? What about electro-mechanical? I'm assuming the HCI is ignored as part of the size challenge.

The other challenge is how small can small get? I know physics does wierd things at small scales but not all are minuses. Some are pluses. I don't know enough about translating logic to mechanical logic to have much of a clue. I have discovered some Youtubes on mechanical gates but this is far as I got and my head is spinning.

I'm not sure whether assuming unlimited budget for the exercise is cheating or not.

FaustusDecember 3, 2018 9:45 AM

@ echo

I think it is possible to create a mechanical implementation of AES, especially using small scale nanotech components. You could create anything out of them. But they would be too small and complex to visually verify.

AES is pretty complex. Just one part of it needs to use a list of 256 specific bytes that would have to be mechanically represented. I have visually audited the golang source that I use for AES encryption, but only to the level of looking for obvious backdoors doing things like writing all the data that passes into the encryption to an outside web site or a file. I could check the 256 bytes, but what a pain. The good thing is that hobbling the encryption code would lead to ciphertext that couldn't be deciphered using other implementations of AES, which would be a major red flag.

The operation of an alternate encryption system made out of chained shift registers could be a visually inspected, but many such systems have been cracked so I think it would be hard to have confidence in one.

All secure encryption that can use the same key multiple times needs to be randomized. The place where encryption is usually sabotaged is the random number generator. I am not sure where your mechanical implementation would get its random numbers, since macro scale mechanical devices would be deterministic. Maybe a chaotic system of pendulums or turbulent liquid flow would work. A quantum process, such as atomic decay, would be a good source of randomness, but I don't think this would be called a mechanical implementation.

You have posted a lot of interesting links and summaries in this squid post. Thanks!

echoDecember 3, 2018 10:22 AM

@Faustus

At present it's only a rough desk exercise. I suppose mico-scale is verifiable under an optical microscope which itself can be assembled and verified by hand. Nanotech is intriguing too.

I have read Bruce's Twofish paper but haven't even glanced at the AES specification. Acutally, I like Bruce's paper especially where he says one of his design goals was a person being able to hold the entire scheme in their head which makes sense for a lot of reasons. I guess we can cheat a bit and choose to implement Twofish instead. I have no idea if implementation is easier or not.

I am stumped with a mechanical random number generator. I genuinely don't know if it's possible in theory or practice. I suspect likely not but I don't know enough to have a clue let alone proof. You prompted me to do a casual search. I only found two possibilities. Turbulent liquid flow sounds intriguing.

If the specification is upped to electromechanical atomic decay may work but likely unsafe and unlawful in some circumstances. Tghis made me wonder, alogn with your turbulent fluid flow idea, perhaps Brownian motion could be used as a random number generator?

https://www.quora.com/How-can-I-make-a-mechanical-random-number-generator
https://www.physlab.org/story/mechanical-random-number-generator/

https://nrich.maths.org/6127

Thanks. Some of them need reading through in a drop down way and any conclusions are best left to the reader. These things can be complicated and there is not always an obvious right or wrong.

P.S. I suspect anyone with half a clue about cryptology and randomness and mechanical engineering is laughing their socks off.

TatütataDecember 3, 2018 10:53 AM

I am stumped with a mechanical random number generator.

I reflected about this in the context of Venona intercepts: how one-time pads could have been mass-produced at the threshold of the electronics age? The reuse of the pads was caused by a shortage or poor communications with the agents. But how good where the pads in the first place? Did the decoders only work in depths, or also used a detected weakness in the numbers?

My first idea:

Take a batch of dice rolling in a barrel. One die at a time is picked, read out mechanically using feelers and thrown back in the barrel.

Checking out patent, turns out I ain't original, cf. Slovenian patent SI23793, machine translation of the abstract:

The present invention relates to a device that allows gambling with a mechanical random run generator. The device consists of three parts: a funnel, a start/end plate, where the cubes and a reading/control unit are located. The cubes that drop to the hopper (1) due to the centrifugal force fall back on the plate (2) after the end of the rotation. The starting/end plate (2) and the funnel (1) are driven by two electric motors. The electric motor and the reading of the output value are operated by the reading/control unit (3).

The dice could be simplified by making them two-dimensional, i.e., flipping coins. The patterns on the surface would have to be carefully designed.

Another approach would be to shuffle punch cards. I remember seeing older patents relating to the automatic shuffling of playing card decks. This helps keep croupiers honest when they open a new packet of cards.

WeatherDecember 3, 2018 11:19 AM

For binary mechincal you could use a spinning disc connected to a xyz gimbal with six pins that get pushed into the disc if bin 1 ,should get 3 bit, or maybe 2 bit,

WeatherDecember 3, 2018 12:21 PM

In Holland the UN is meeting about global warming.

"There is global warming in city, but there is no global warming in rural areas"

Apart from the stance, it has security issue related to trust, the use of statistics and computer program with using answer even years down the track the programmers direct too.

Trust a scientist or a rambling option peace in the newspaper, we they both think they are right, a both at the same age, same intelligent.

If its correct, a lot of security issues, should we plan for the worst case @bruce

There is a lot the same with other system and communication, but...

Post will probably get deleted

WeskerTheLurkerDecember 3, 2018 12:36 PM

@Tatütata

If I remember correctly, Soviet OTPs from around World War 2 were made by having a bunch of typists type out pages and pages of whatever numbers they felt like, and then somehow interleaving the numbers from each typist together. This would (hopefully) break up any bias or subconscious pattern that a single typist alone would've had. As far as I can tell, this actually worked well and the only breaks were due to code reuse a la Venona.

Alyer Babtu December 3, 2018 12:48 PM

@Weather

security issue related to trust, the use of statistics and computer program

Can all the climate data sets be made open public access (aren’t they paid for by taxes anyway) ? Does anyone know what Andrew Majda, doubtlessly the première applied atmospheric modeler of all time, has to say ?

WeatherDecember 3, 2018 1:20 PM

Alter


Andrew Majda does study gas flow and with combustion (which will be leaning to gas flow and reaction), but would he use thermal conductivity and specific heat, with electromagnetic effects from the earth core and sun interaction, or is that out of the scope,

If the ground raised 0.1 degrees with more CO2 in the air, conduction to space will be less, but that isn't related to long IR reflections,

Does he use a high temperature transfers more energy in the same time period to a really bad low temperature radiator.

I worked out that if the CO2 increase by I think it was 250pm the sun would have to output twice the energy from the sun to match 0.2 C, but that was only based on 1 meter above ground.

What parts do they use in there program

ApokrifDecember 3, 2018 4:10 PM

"Will the [European Unione] anti-terrorist Regulation destroy Signal, Telegram and ProtonMail?

Two weeks ago, we gave an update on the proposition of the European Regulation on anti-terrorism censorship. As a reminder, this text will impose on all actors of the Internet unrealistic censorship obligations: removal within one hour of content reported by the police, surveillance of all content leading to automatic censorship…

Today, we focus on another danger of this text: as it targets not only content disseminated to the public, but also those which are exchanged privately (such as emails and instant messaging), this text could bring an end to the possibility of protecting our exchanges through end-to-end encryption."

https://www.laquadrature.net/en/2018/11/28/will-the-anti-terrorist-regulation-destroy-signal-telegram-and-protonmail/

* do Signal, Telegram and ProtonMail use actual end-to-end encryption? What about encryption managed independently by users (e.g., PGP-encrypted messages sent through Signal, Telegram or ProtonMail)?
* what about "automated censorship" of text written in a language for which the censorware is not designed?

Clive RobinsonDecember 3, 2018 5:16 PM

@ echo,

I'm still interested in the challenge of a verifiable by eye mechanical computer capable of implementing AES level encryption.

When I first glaced at that my brain did a double take... For some reason I thought you were talking about something like "biometrics by feeler guage" or something similar...

AES like most modern block ciphers is realy not suitable for mechanical implementation. You have two things to deal with the first is "bind" the second is "wear". Bind is one of those things that realy impress people when they see it for the first time. What you do is machine a taper hole and plug made of the same material. If you keep the plug cold and the hole warm a reasonably well machined plug will slide in and will stay with a minimal "interference fit" which with a little effort you can seperate. However allow the plug to warm up and the hole to cool down, there is now no way you can sepetate them even with your full body weight...

A not to similar issue gives you those jar lids that will not open no matter how hard you try. However put the jar in the fridge for a couple of hours to get cold then carefully run the metal lid under the hot tap and if you get the timing right the lid comes of with only moderate effort.

The solution to "bind" is to design "slop" into the system, that is you make the plug smaller than the hole so that it cannot bind due to expansion or contraction. Unfortunatly slop is also "wriggle room" and where you have that you have issues, which is why mortice and pin locks can be picked and combination locks "felt" to the correct combination. You also get not just increased wear but other issues due to lubricants getting contaminated by dust, grit, and similar making wear issues worse.

My feeling based on a little experience that making a mechanical block cipher is going to be problematical. A stream cipher however less so by quite a large margin, the problem being maintaining state with 4196 bits or more (though flip pin "pin wheels" can do this). Some mecanical cipher machines used a high reliability version in a modified "coin counting" mechanism to "add the plain and key texts). NATO had a nice little pocket cipher machine that could also use "One time tapes" (Sotherbys had a pair for sale in the same sale as the Enigma).

So yes reliable secure mechanical crypto machines you can put in your pocket have been made, but they are not "block ciphers".

With regards,

I am stumped with a mechanical random number generator. I genuinely don't know if it's possible in theory or practice.

It's actually more easily possible than for the cipher system.

Essentially all you need is a drum full of uniform shaped random bits and you just pull them out like a lotto machine. That is instead of balls with numbers on you have balls that are say "red" for one and "black" for zero, as long as the drum never empties and has N/N+-1 red balls to N black balls then you should get a fair TRNG. Another way is just to use steel balls and drop them into a "nail board" with two outputs on for zero one for one. They can then drop into cups on a conveyor belt or side of a horizontal wheel in a way that makes the balls act like teeth on a gear in a later process.

There are also "automated abacus" around I saw some in Japan many years ago but did not get the chance to play with them, so don't know what their capabilities are.

There are definitely "mechanical ciphers" out there that were considered both reliable and secure, the simplest were like the Enigma "rotor machines" but unlike Enigma's "odometer drive" they had independent wheel drive in each direction. One design used two punch paper tapes where one tape controled if there would be a step, and the other which direction a step would take. But... As with althings mechanical speed is quite limited for a number of reaons, with crypto kit to about the speed of a good typist which is glacialy slow in modern tech...

echoDecember 3, 2018 6:56 PM

@Clive

This makes things clearer. Yes, I wondered if there were engineering/computational reasons why mechanical cyphers were abandoned (apart from the obvious). My challenge really then is to make a block cypher device not just a stream device, and then make it small.

I don't know how small a mechanical random number generator can be. I know the physics changes as things shrink not to mention materials engineering. I don't know enough to have much of a clue about where to start with an implementation nor take advantage of the physics. My knowledge and skill is at the level of knowing which way is forward but that's about it. I'm fairly sure watchmakers are familiar with binding (and stiction) and other issues like temperature changes and lubrication. This has been their speciality for generations. While they lack the same craftsmanship and emotional connection of purely handmade many high bespoke watchmakers now use modern manufacturing techniques for components.

On the computational issues as a desk excerise what could be built in theory? Itdoesn't actually have to work outside of a simulation (and deliberately so) but is more proof of concept to gauge size and computional throughput and understand the challenges better. Then we take a closer look...

Biometrics by feeler gauge? Bawdy jokes aside skeletal structures are pretty unique and have many differentiating points. I don't know what the resolution and safety of the latest scanning devices is but a skeletal structure would be very hard to fake. Actually, it just crossed by mind... would a material penetrating radar be able to be used as a finger or hand scanner? There are loads and loads of unique bones in the hands not to mention variations in bone density.

RG-2December 3, 2018 7:09 PM


You’re Hardwired to Love Social Media
‘Every day, you might quietly, even subconsciously make hundreds of little decisions that teach these services exactly how you’d like your digital morphine drip.

Google Photos, like Facebook, Twitter, YouTube, or any other social platform, sucks up your personal data, sorts through it, and uses the information to hook you. None of them offer a realistic representation of your life: They’re constructing an idealized one.

Continuing to use these services makes them more powerful, which is why maintaining a Facebook account becomes so ethically tricky. Most users wouldn’t have made a connection between their fashion sense and Trump’s election, but the data was relevant to Cambridge Analytica.’
https://medium.com/s/love-hate/youre-hardwired-to-love-social-media-it-s-time-to-deprogram-c59cd1a7bc20


High-Road Feminist News
Virginia Marie "Ginni" Rometty is the current chair, president, and CEO of IBM
International Business Machines Corp. She joined a growing chorus of tech executives lambasting web platforms, like Google and Facebook [1], over their collection of user data and urged governments to target regulation at those companies.
https://www.bloomberg.com/news/articles/2018-11-26/ibm-ceo-joins-apple-in-blasting-data-use-by-silicon-valley-firms?srnd=technology-vp

Marillyn Adams Hewson is the chairman, president and chief executive officer of Lockheed Martin. She came in and cleaned up several huge messes.
https://en.wikipedia.org/wiki/Marillyn_Hewson

[1] obviously reading this blog for inspiration

gordoDecember 3, 2018 7:40 PM

03 DEC'18
Marcus Ranum: Systems administration is in the 'crosshairs'
After years of spirited debates and top-notch interviews, columnist Marcus Ranum is signing (sounding?) off with some final thoughts on the future of security.

I've been writing this column, originally as a debate with Bruce Schneier, since April 2006 -- so 12 years. In that time, I've enjoyed the opportunity to air some of my favorite themes in computer security -- sometimes subtly, other times less so. It's time to stop; I'm starting to repeat myself, and my view of the trajectory of security has been getting more jaundiced. So, I'd like to thank you all and move on to other things.

Continue Reading: https://searchsecurity.techtarget.com/opinion/Marcus-Ranum-Systems-administration-is-in-the-crosshairs

Clive RobinsonDecember 4, 2018 4:23 AM

@ Rach El,

thanks for email feedback

That's alright, but as it is now advent I can now use my newly given Xmas "middle name" of Grinch to steal not just Xmas but security dreams as well[1] :-)

My son grumpilly christend me in a voice like a frog at the bottom of a drain, when I pointed out he is now way to old for either a chocolate or lego advent calendar ;-)

[1] Though I'm going to have to practice the gravelly voice for "There be Dragons", "Give up hope all ye who enter this place" etc as I end up needing a bag of "Fisherman's Friend" cough sweets :-S

Bob PaddockDecember 4, 2018 9:08 AM

@Weather, Remote Viewing:

"Regarding psi warfare, america had the Stargate program and Russia Yuri."

Russia also had a Remote Viewing program, and I have reason to believe they still do.

Volume Two of the, now four (was originally to be an eight) volume set, 'Star Gate Archives' just started shipping.

https://www.lfr.org/book-store

When I asked Ed May if he had figured out how Remote Viewing worked, he pointed me to this document (you want the PDF):

https://journals.sagepub.com/doi/abs/10.1177/2158244015576056

CIA released 13 million pages of documents. From UFO sightings to Project Start Gate.

https://www.cia.gov/library/readingroom/collection/crest-25-year-program-archive

Star Gate here:

https://www.cia.gov/library/readingroom/search/site/Stargate

Most of the Remote Viewing documents are under "Stargate" (The proper project name is 'Star[space]Gate'), doing a search for project code names such as "Centerlane" and "Grillflame" also return hits.

https://www.cia.gov/library/readingroom/search/site/Stargate

UFO Files as well:

https://www.cia.gov/library/readingroom/search/site/ufo%20photo

Yes, there are security implications... Bruce even mentioned UFO Tech in relation to Random Dot Stereograms being used for encryption once...

Bob PaddockDecember 4, 2018 9:10 AM


@Echo, "I sometimes joke of hacking peoples neuro-psycho-social stack."

FYI: "The Mind has no Firewall" from the US Army War Collage: https://ssi.armywarcollege.edu/pubs/parameters/articles/98spring/thomas.htm

See also: https://earthpulse.com/mind_brain_effects/

"...semi-processes some data before it reaches the brain..."

Look up Forced Frequency Following and Ratio Encoding ie. the nervous system uses time ratios as major sources of intelligent information.

For example: "Ratio Detection Precisely characterizes signals' amplitude and frequency": http://www.edn.com/Pdf/ViewPdf?contentItemId=4352503

etc:

2. McEachern, R H, [book] "Human and Machine Intelligence—An Evolutionary View", R&E Publishers, Saratoga, CA, 1993.

3. McEachern, R H, "How the Ear Really Works," Proceedings of the IEEE International Symposium on Time-Frequency and Time-Scale Analysis, October 4-6, 1992, Victoria, BC, Canada, pg 437, IEEE, Piscataway, NJ, 1992.

5. McEachern, R H, "Speech Information Extractor," US Patent 5,214,708, May 25, 1993.

Also, somewhat dated:

[6] "Theories of Sonar Systems and Their Application to Biological Organisms", D.W.Batteau Department of Mechanical Engineering, Tufts University, Medfoard, Massachusetts, Sept. 1966.

[7] "The Neuro Physiology of Spcialy Oriented Behavior" edited by Samford J. Freedman. 1968 Dorcy Press IL. Chapter 7 "Listening with the Naked Ear" by Dwight Wayne Batteau.

[8] "New Approach to the Analysis of Electroencephalogram", by S. K. Lisitsyn Problems of Bionics (selected articles) pg 16- 25 NTIS order number: AD-730045

Does apply to eyes not just ears as well.

WeatherDecember 4, 2018 9:57 AM

Bob P
Thank you for that,read the wiki on random dot,magic eye book.

I'm not really surprised they are carrying on with it, the brain works at 40 hz and the body is a good antenna, the signal that low would travel far,

Other people probably pick up the signal, but the there brain would probable drop the information.

Just got to get some guts to click the links, thanks

RG-2December 4, 2018 10:19 AM

NYT: China’s Clear Lead in Quantum Encryption

Quantum Computing:
When some types of matter are extremely small or extremely cold, they behave differently. That difference allows a quantum bit, or qubit, to store a combination of 1 and 0. Two qubits can hold four values at once. As the number of qubits grows, a quantum computer becomes exponentially more powerful.

Quantum Encryption
quantum encryption relies on the nonintuitive behavior of very small objects. The codes that keep data secret are sent by photons, the tiniest particle of light. With the right equipment it is easy to tell if they have been tampered with, not unlike the seal on an aspirin bottle. If carried out properly, the technique could be unbreakable.

‘At places like the University of Chicago, researchers hope to go a step further, exploring what are called quantum repeaters — devices that could extend the range of quantum encryption.
“We’re not there yet,” said David Awschalom, a professor at the University of Chicago who oversees much of the university’s quantum research. “But I am confident this will happen in the next couple of years.”

Quantum communication techniques require new hardware. This includes vast networks of fiber lines — and perhaps satellites — as well as specialized devices capable of detecting individual photons of light.

As Qubitekk worked on quantum encryption networks, it could not obtain the special light detectors it needed to do the work. The start-up originally bought detectors from a small manufacturer in New Jersey, Princeton Lightwave. But in April, this lone American manufacturer handed the detector business over to a company in China[1], RMY, and Qubitekk’s supply line ran dry.

RMY has promised hardware to Qubitekk but recently told it that, because of production issues, additional detectors won’t be available until March 2019[2].’

The end result to put the American quantum encryption effort even further behind[3].
https://www.nytimes.com/2018/12/03/technology/quantum-encryption.html

[1] you can’t make this stuff up
[2] completely unexpected /s
[3] needless, predictable, self-inflicted harm to USA National Security

vas pupDecember 4, 2018 11:05 AM

@all:The use of massive computing power to conjure radical new designs automatically – a process known as generative design – is revolutionising the way human designers work, letting us build things we previously couldn’t have imagined:

http://www.bbc.com/future/story/20181129-the-ai-transforming-the-way-aircraft-are-built

Q: When generative design be finally used to generate the best smart phones, computers, IoT devices, etc. in such way that security and privacy will be incorporated into design by AI from the very beginning favoring interests of regular citizen, not Big Brothers of all sorts (governments domestic and foreign, hackers white or black hats, criminals, big businesses)?

Bob PaddockDecember 4, 2018 12:25 PM

@Clive Robinson

"... you should get a fair TRNG. Another way is just to use steel balls and drop them into a "nail board" with two outputs on for zero one for one. ..."

'Operator-Related Anomalies in a Random Mechanical Cascade' :

https://www.scientificexploration.org/docs/2/jse_02_2_dunne.pdf

"Abstract-Experiments with a "Random Mechanical Cascade" (RMC)
apparatus have yielded anomalous results correlated with pre-stated intentions of human operators. Based upon a common statistical demonstration
device, this machine allows 9000 polystyrene balls to drop through a matrix
of 330 pegs, scattering them into 19 collecting bins with a population
distribution that is approximately Gaussian. As the balls enter the bins,
exact counts are accumulated photoelectrically, displayed as feedback for
the operator, and recorded on-line. Operators attempt to shift the mean of
the developing distributions to the right or left, relative to a concurrently
generated baseline distribution. Of the 25 operators who have completed
one or more experimental series with this device, four have achieved anomalous separations of their right and left efforts, and two others have displayed significant separations of either their right or left efforts from their
baselines. The overall mean difference of right versus left efforts concatenated across the total data base of 87 series (3393 runs), has a probability
against chance of

The concatenated results display a stark and curious asymmetry, in that
virtually all of the right vs. left separation is provided by the left vs. baseline
separation. This pattern also appears in the data of several individual operators, and is not attributable to any known physical asymmetry in the
experimental system. In addition to the systematic asymmetric deviation of
the distribution means, cumulative excesses in the variances of the left and
right distributions relative to baseline are also observed, progressing to
statistical probabilities of .003 in the left efforts, but only .2 in the right.
More detailed study of the individual bin population patterns reveals that
while most of the bins contribute to the overall mean shifts and variance
changes, those on the outer portions are more influential than those near
the center.

Operator achievements tend to compound marginally but systematically
in cumulative deviation patterns characteristic of the particular individuals
and, in several cases, similar to those produced by the same operators in
microelectronic Random Event Generator (REG) experiments. Within
these characteristic patterns of achievement, some operators also show
sensitivities to secondary experimental parameters, such as instructed vs.
volitional establishment of the intended directions, or the presence or absence of feedback displays. Other successful operators seem insensitive to
such options."

Clive RobinsonDecember 4, 2018 2:47 PM

@ RG-2,

NYT: China’s Clear Lead in Quantum Encryption

Every time I hear "XXX's lead in YYY technology", I'm reminded of "Japan's lead in monorail technology".

I look around me expecting to find monorails every where...

Oddly Quantum Encryption has the same issue as monorails, which failed because nobody could work out how to get points/switches to work...

In the quantum photonics game getting a relay to both work and still be secure is the first step in making switches do the same. Depending on who you ask it's a couple of years away, twenty years away or not likely unles our understanding of physics changes...

But the US is not the only politically short sighted country, the UK sold of ARM in effect to a front for China... So ARM CPU cores are now on the suspect list...

If you look back on this blog I was warning about China using rare earth metals to get foreign tech into China where it got misappropriated years ago. So nothing new there.

As for puting "home country" first, I can not think of many companies that do not do that in some way.

As for who is to blaim in the US take a walk back in time to the start of "Out sourcing" I was warning about what it would do to both the home (US/UK) economy and the foreign (BRIC et al) economies.

I posses no "crystal balls" in respect to any of this, but I do know how to stack bricks to make a pile, and piles of bricks usually mean trouble :-(

If we want to stop this nonsense then we need to stop thinking "short term" and ditch a few "company laws" whilst introducing a few others.

However there is another side to it, if we can lock the other super powers inside our shores by immovable investment then they are a lot less likely to start war, especially kinetic or nuclear war.

But as an old --sadly nolonger with us-- friend once observed "A peace dividend should not be a self sacrifice" and he taught and wrote books on economics and business accountancy etc.

Clive RobinsonDecember 4, 2018 3:20 PM

@ vas pup,

When [will] generative design be finally used to generate the best...

Simple answer is it never will.

Because design is the transfer of dreams into physical reality, thus there will always be material limitations, thus design compromises.

You only need look at the mess software design is to see what happens when "marketing" and "managment" dreams are substantiated and there are only incorrect design limitations in place... The short answer is it's been a disaster for all the things you want,

    [In] such [a] way that security and privacy will be incorporated into design by AI from the very beginning favoring interests of regular citizen, not Big Brothers of all sorts (governments domestic and foreign, hackers white or black hats, criminals, big businesses)

At the end of the day engineering is about compromise and finding sweet spots, I'm not sure A.I. is even remotely close to being able to do the first, let alone the second.

Clive RobinsonDecember 4, 2018 4:08 PM

@ Bob Paddock,

'Operator-Related Anomalies in a Random Mechanical Cascade'

I did not intend for a human operator to take the ball bearings from the barrel...

But now as well as adding to my suspicion of using any human in a "random process", you have given me so "food for thought" to mull over.

Thanks for that.

Any clanking and whiring off of stage left is entirely coincidental and not my brain trying to switch up a gear ;-)

echoDecember 4, 2018 4:27 PM

@Bob Paddock

When I mention "neuro-psycho-social stack" it's to introduce a more complete way of viewing the problem. I mostly mean it in a regular sense not the extremes the military or medical industry or advertising industry may take things to.

@Clive

I know you keep ducking the issue of mechanical encryption systems but it interests me both to explore concepts and as art. These things can be a "curiosity" or the design equivalent of an architects "folly" as a way of trivialising the problem to head off ego issues. We're obviously on a different wavelength with this.

echoDecember 4, 2018 5:57 PM

@Clive

Ouch. My head hurts. "Rod logic" is intriguing and more compact than the other mechanical logic system I found. I have some vague ideas about random number generation and number storage too. It's all a bit much so I will let it cogitate.

PeaceHeadDecember 4, 2018 7:39 PM

I'm not sure how else to say this (yes, security related)...

Concerning the human security and publicity about Khashoggi...
He's not dead. He's probably some kind of human asset.
I met him in person (or one of his lookalikes) while both he and I were in transit to different parts of the country/world. This was a few days after the alleged "fact" of his demise.

Propganda is nothing new whatsoever.

It just shocks me how sometimes the evidence to the contrary literally walks into the room and then walks out a while later and nobody flinches.

Of course, people will doubt me. But were you there? Probably not.
Both me and "the guy" were residing temporarily at a well-known nexus/hub of travelers.
I didn't have a very good time there; I recently left that place permanently.
They are good people there, but DON'T DO THERE!

Anyhow plenty of books have been written on the topic of hoaxes and frauds.
Our own cultures are ripe with them.

As for the guy, he was friendly and seemed somewhat stressed because of recently difficulties and some injuries, but he was not seemingly in full distress, and he was certainly capable of self-sustainance and self-discipline to accomplish further travels and whatever else. He seemed ambitious.

By his facial structure and hairstyle it was clearly him (or a lookalike).
I'm not trying to garner attention; hollywood celebrities have been known to dip into crowds unnoticed at times as well.

I'm just astounded by the audacity of whatever the intents of the hoaxers are.
So don't get too worried about Khashoggi; maybe he's been relocated to some kind of protection program.
But DO worry about those stirring the pot of internacional tensions in his name.

Take a look at the headlines on thehill.com , for example.

We are drowning in plenty of hoaxes. Does anybody else notice?

PeaceHeadDecember 4, 2018 7:46 PM

OK, this is getting really annoying and old: frequently somebody is editing my posts while in transit. I don't make very many typos very often at all. Spelling errors by me are rare; I'm aware of my own typing test results on this.

Please abstain from editing my posts. Post your own contents instead please. It only happens on this site and not on any other sites that I go to.

The phrase, "Don't do there" was supposed to say, "Don't go there".
Please stop attempting to alter the semantics or to discredit my style via your own sloppiness, whoever you are, wherever you are.

And to Mr B, please consider discontinuation of using "Googleadservices" for the web form. Google is really up to it's neck in technodifficulties and is so mainstream as to be a constant target by malware propagators.

In other security news topics, those survivalist books and magazines are doing us all a massive disservice by encouraging everyone to become lethally militant and reckless about environmental damages that hurt everyone in wide swaths. Survivalism is a downstream component of living security. I hope people will reconsider this carefully.

Peace be with you all.

WaelDecember 4, 2018 8:50 PM

OT,

So The Electric and Gas company has been annoying me with letters that have charts and statistics about my electricity usage... this is the correspondence the took place:
-------------------------

-----Original Message-----
From: Me
Sent: Sunday, December 2, 2018 8:25 AM
To: Energy Savings Center
Subject: [EXTERNAL] Stop receiving reports

To whom it may concern: Regarding the reports on me using more electricity than my neighbors:

Please help me reduce my electric usages by stopping sending your illuminating reports. I expend 50% of my electric bill shredding your mail. Save the electricity and the freaking trees.

From: Energy Savings Center
Sent: Yesterday at 1:56 PM
To: Me
Subject: RE: [EXTERNAL] Stop receiving reports

Thank you for taking the time to reach out to us regarding the Home Energy Report you received. Per your request, you have been opted out of receiving this report going forward.

Thank you,
Energy Savings Center
-------------------------

Urggggh... some people!

Clive RobinsonDecember 5, 2018 1:05 AM

@ echo,

"Rod logic" is intriguing and more compact than the other mechanical logic system I found.

It's also quite old in some respects... And gives "security" by "logic gates" with very high reliability from before the first electromechanical relay was used.

Eric Drexler is credited with the idea for using rod logic as a solution to Richard Feynman's 1959 lecture "There's room at the bottom"[1].

From what we can see rod logic is scalable from carbon nanotubes upto beyond human size...

It's not entirely certain who or where the idea originally came from but rods with mechanical lock outs to give logic function (interlocks) can be seen in Victorian Railway Signal boxes and one or two (Melton Mowbery[2]) were/are in active use this century.

If you look at such signal boxes they have an upper room where the levers are situated and you will see endless pictures of these. They sit over the "lever frame" which is in the room below where the interlock rod logic is situated. Sadly there are very very few photos of these, and where there are[3] it's dificult to see how the interlock rods work. In many respects they have become a "forgoton art" as they were built to last. In many cases they outlasted all around, as they were "put in and just worked" and were still working long after the tracks had been replaced, steam had given way to diesel or electric. Still working better than new when they were torn down for scrap in the 1960's (Dr Beaching cuts) finally getting mangled beyond recognition by the scrap man's bulldozer that knocked the signal boxes down. Those that survived that carnage just carried on out of sight and mostly out of mind just working and some in the UK still are, even on the "National Network".

I guess you will just have to take my word that they are both fantastic to study and watch as they are not just visually functional but artfull in nature. It's funny how the pundits for nanotech usually fail to mention such signalling systems especially as they are still being made and used in far flung places where anything other than human power is virtualy non existant... Oh and of course the ultimate security feature of all, there is no plug in the wall with a lead to trip over and accidently pull out ;-)

[1] I've mentioned Richard twice this week on this blog, his Nobel Prize was the star item at the auction @Bruce bloged about with the Enigma for sale.

[2] http://ukrailways1970tilltoday.me.uk/melton_mowbray_signal_box_2009.html

[3] https://en.m.wikipedia.org/wiki/Lever_frame

Clive RobinsonDecember 5, 2018 1:52 AM

@ Wael,

So The Electric and Gas company has been annoying me with letters that have charts and statistics about my electricity usage...

Consider just how much more annoying it is when you don't actually use a particular utility, thus don't have an "account". And... "the system" needs the account details to stop the unwanted useless paperwork...

A friend tells me the way to do it is to attach the unopened letter to a "small" roof tile, put it in a "jiffy bag" and write the return address for the letter as the delivery address. Importantly don't add a postage stamp, and just drop it in the "post box"...

Apparently the administrative cost due to confussion at the delivery address where the "postie" demands payment for the missing postage causes the organisation such stress you must be some kind of "fifth columnist" or worse some "satanist" or even "anarchist"... Which kind of tells you their mentality.

More fun can be had at their expense though. I know how to get a letter out of an envelop read it and put it back with no sign it's been opened. So you take that "unopened letter" and give it the same treatment... It's even more fun when they have not put a return address on it ;-)

I'm told some people instead of using a roof tile, put in other junk mail and send it back with a polite little letter saying "cease and desist".

The trouble is you never usually get to annoy the idiots who originate such plans... Well you can in the UK as Company Directors are required to give their home address to companies house who then put it in a publically accessable database. Google also has streetview which enables you to see a photo of their house. I'm told that if you turn up their on a pushbike dressed in an odd way and behave in a certain way you can cause them to consider the altetnatives... That is of you comming back with the next letter and frightening the neighbours, or screaming at some subordinate to make changes to their system.

As my friend noted "Every one has a fulcrum where you can stick a pole in and push..."

echoDecember 5, 2018 2:11 AM

@Clive

Yes they explained rod logic could go down to the nano scale. I was interested in human scales but this was still interesting.

When wondering about mechanical equivalents for computation even a simple video introduction about AES I discovered last night made my head span before the video even reached operations on sets.

There are videos on railway systems including signalling. I have watched a few but nothing in depth about mechanical signalling. I watched a video last night of a horologist disassembling watches. I didn't know you could buy brass tweezers! He explained they were softer than steel so didn't leave scratches. You can use my Swiss made Rubis tweezers as Ninja throwing knifes they're so sharp, not that I do. I also discovered a video of mechanical displays which displayed high resolution motion images.

echoDecember 5, 2018 2:15 AM

@Clive, @Wael

Unless the law has changed in the UK you can write a cheque on anything and it is lawful. This includes paving slabs.

Clive RobinsonDecember 5, 2018 2:21 AM

@ For those with an intrest in random.

Einstein famously claimed that God did not play dice and named an oddity spooky action at a distance.

The EPR experiment was supposed to provide the answer to randomness and free will... But, questions have always hung over "hidden variables" communicating information.

Well if you go far enough back in time you could maybe get rid of one of those floating question marks,

https://blogs.scientificamerican.com/observations/photons-quasars-and-the-possibility-of-free-will/

The answer will probably be as you predict ;-)

WaelDecember 5, 2018 2:42 AM

@Clive Robinson, cc:@Ratio,

[...] Importantly don't add a postage stamp, and just drop it in the "post box" [...]

I'll need to try some of these tricks some day, but not with the electric company; I don't have solar cells yet... well, not enough of them.

Unless the law has changed in the UK you can write a cheque on anything and it is lawful. This includes paving slabs.

I believe it's the same in the US. That reminds me of something related -- a poem... Putting English subtitles on this piece of poetry turned out to be a pain in the neck. First time I use iMovie (no Apple version of Sony Vegas, which I never used either.) Did like 1 minute of it and got tired. Syncing the spoken and translated words isn't easy. And translating some of the words is also not easy (to find the most appropriate word, without losing too much of the meaning or adding additional meanings.) One of these days...

Einstein famously claimed that God did not play dice and named an oddity spooky action at a distance.

Looks fascinating. I'll leave it for the weekend, if I have the time. Added to the queue.

Wesley ParishDecember 5, 2018 3:52 AM

@Rach El

Thanks for that. :) It's part of the Ridley Scott Alien franchise I haven't yet seen.

@usual suspects, courtesy of Slashdot

Researchers Discover SplitSpectre, a New Spectre-like CPU Attack
https://it.slashdot.org/story/18/12/04/2341224/researchers-discover-splitspectre-a-new-spectre-like-cpu-attack

Three academics from Northeastern University and three researchers from IBM Research have discovered a new variation of the Spectre CPU vulnerability that can be exploited via browser-based code.

Ouch!!!

The Secret Service Wants To Test Facial Recognition Around the White House
https://yro.slashdot.org/story/18/12/04/2243254/the-secret-service-wants-to-test-facial-recognition-around-the-white-house

The ACLU says that the current test seems appropriately narrow, but that it "crosses an important line by opening the door to the mass, suspicionless scrutiny of Americans on public sidewalks" -- like the road outside the White House. (The program's technology is supposed to analyze faces up to 20 yards from the camera.) "Face recognition is one of the most dangerous biometrics from a privacy standpoint because it can so easily be expanded and abused -- including by being deployed on a mass scale without people's knowledge or permission."

I thought they'd already tested faecal recognition software on Dubbya and it had come up positive.

Have the "Secret Services" ever considered testing their own selves using this sort of thing? You never know: the local Secret Service boss but be a dead ringer for a wanted terrorist and mass murder ... more than likely, once you factor in the role the CIA have played in destabilizing democracy in Latin America ...

Bob PaddockDecember 5, 2018 7:02 AM

@Clive Robinson

"'Operator-Related Anomalies in a Random Mechanical Cascade'

I did not intend for a human operator to take the ball bearings from the barrel..."

Clive, I believe you misunderstood the document. No one was touching the balls, other than to load the machine, if that is what you mean by that comment? There could be a long time between the balls being loaded and the experiment commencing.

The participants *Intention* was influencing the outcome, was the point of the experiment and document.

Clive RobinsonDecember 5, 2018 7:14 AM

@ echo,

I didn't know you could buy brass tweezers!

Yes, they were quite popular with bomb disposal officers when dealing with magnetic mines and such like...

Model railway enthusiasts use them as well when rebuilding motors and gears. I'm told that people who make fishing "flys" use them as well.

I use them in adjusting transmitters along with others made of aluminium, PTFE and ceramic that is unmetalised.

The downside of brass is it's soft as butter and loves to bind to solder, unlike stainless steel.

Clive RobinsonDecember 5, 2018 7:40 AM

@ Wesley Parish,

courtesy of Slashdot

There is nothing worse than last Xmas's present re-wrapped...

But as predicted it's still "giving and giving" apparently without end in sight.

Mind you,

    Three academics from Northeastern University and three researchers from IBM Research

Sounds just like the start of a "walk into a bar" joke, but will it have the punch line of "Oh and plus a constant"?

More seriously the hardware problems are realy only going to go away when we've peeled off the "go faster stripe" specmanship bits of hardware, and that's going to be a very long time coming...

RG-2December 5, 2018 8:13 AM

China Maneuvers to Snag Advanced Top-Secret Boeing Satellite Technology

‘Boeing’s latest digital satellite payload – the most advanced design in the industry – offers greater flexibility for Global IP's customers,” said Mark Spiwak, president of Boeing Satellite Systems International.

The Boeing destined Africa satellite is being funded by Chinese state money, according to corporate records, court documents and people close to the project[1].

Bahram Pourmand, Global IP's chief executive, said the company isn't controlled by China. He said strict firewalls[1] will prevent any sensitive U.S. technology from leaking. Yet for days, the visiting Chinese directors holed up in Global IP's conference room and in an airport Hilton studying the deal.The visitors made repeated requests to be shown Boeing's (top-secret) designs.

Only after the Wall Street Journal began looking into the project this past summer, U.S. officials referred the transaction to CFIUS, according to people familiar with the matter. A spokesman for the Treasury Department, which leads the interagency CFIUS panel, declined to comment.’

Recommendations
The Justice Department/FBI/Inspector General/Congress should immediately open National Security investigations into possible corruption/spying/violations of export control laws[2]. Is it just gross incompetence or criminal behavior[3]?

http://news.morningstar.com/all/dow-jones/industrials/201812047556/china-maneuvers-to-snag-top-secret-boeing-satellite-technology.aspx
https://boeing.mediaroom.com/2016-09-12-Boeing-Communications-Satellite-to-Expand-Broadband-Services-in-Africa

[1] govt contractors are trained to act in the highest ethical manner and avoid potential conflicts of interests
[2] these second example in two days shows a chronic systemic issues with the current government departments
[3] under China’s new harsh technology protection laws those helping a foreigner will disappear, be imprisoned or summarily executed

vas pupDecember 5, 2018 9:30 AM

@Bob Paddock: Thank you for the links provided.
I guess the best way to affect human behavior is through smell.
Please take a look at related recent exchange between Clive and myself on this blog on new technology developed by MIT (Essence).
Reasonably, is always to have two teams on any new weapon development: one developed the weapon and another simultaneously developed counter-measures. Why? Because in informational age all new development would be rather sooner than later (as before)leaked to the potential adversaries, and if you are not Chinese who will immediately start improving stolen prototype/design, you should be ready at least to taste your own offensive 'dish'.

echoDecember 5, 2018 9:33 AM

https://www.theguardian.com/world/2018/dec/05/eu-disinformation-war-russia-fake-news

The EU has launched a “war against disinformation” spread by the Kremlin in an attempt to protect next year’s European parliament elections. As new funding and measures were announced in Brussels, the Russian president, Vladimir Putin, was accused of spending over £1bn a year to “spread lies” as part of a military strategy to cause division in Europe. “There is strong evidence pointing to Russia as the primary source of disinformation in Europe,” said Andrus Ansip, vice-president of the European commission.

I am in favour of the EU strengthening against attacks. This doesn't mean I would slack on EU states especially the UK given the UKs constant breaches of human rights.

From a UK perspective I'm unsure what the Russian propoganda threat is. It would be difficult for even the most determined Russian operation to break through the wall of nonsense in parliament or the British media. It would also be a stroke of genius for Russia to undermine the British economy or society more than the past few UK governments.

I have read some comments on a selection of below the radar blogs which are a bit off. I have also heard comments from some people I have been chatting with which were too much Alt-Right for my ears. On balance I personally would say this is coming more from the American right than Russia.

I'd like to see a clearer explanation of exactly what disinformation is swirling and what evnironments this disinformation appears before forming an opinion.

JG4December 5, 2018 9:42 AM


@Rach El - Thanks for the book tip. If it weren't for dysfunction, I'd have no function. I'm happy to have Bruce share my email with you and/or Clive. I've made some progress with educational toys.

https://www.nakedcapitalism.com/2018/12/links-12-5-18.html
...

[signal integrity - hacking the neurosocial stack, but it isn't a conspiracy. Or is it?]

Syraqistan

Reuters Creates Fakenews About Iran – Intentionally Conflates Two Different Missiles – Misquotes Official Moon of Alabama (pretzelattack, Kevin W)

Big Brother is Watching You Watch

A cybersecurity expert quit Apple and joined the ACLU to help fight government efforts to put ‘back doors’ in smartphones Business Insider (David L)

The Secret Service Wants To Test Facial Recognition Around the White House The Verge

Quora Data Breach Exposes 100 Million Users’ Personal Info CBS

Google Personalizes Search Results Even When You’re Logged Out, a DuckDuckGo Study Finds The Verge
...

Iraqis Remember George H.W. Bush: A Gentleman Who Bombed Us Shadowproof (UserFriendly)
...

An AI Law Firm Wants to ‘Automate the Entire Legal World’ Futurism
...

vas pupDecember 5, 2018 10:49 AM

@Clive and all usual suspects:
That is weapon against AI mind

http://www.bbc.com/future/story/20181204-why-we-should-worry-when-machines-hallucinate

"The passenger registers the stop sign and feels a sudden surge of panic as the car he’s sitting in speeds up. He opens his mouth to shout to the driver in the front, remembering – as he spots the train tearing towards them on the tracks ahead – that there is none. The train hits at 125mph, crushing the autonomous vehicle and instantly killing its occupant.

This scenario is fictitious, but it highlights a very real flaw in current artificial intelligence frameworks. Over the past few years, there have been mounting examples of machines that can be made to see or hear things that aren’t there. By introducing ‘noise’ that scrambles their recognition systems, these machines can be made to hallucinate. In a worst-case scenario, they could ‘hallucinate’ a scenario as dangerous as the one above, despite the stop sign being clearly visible to human eyes, the machine fails to recognize it.

Neural networks aren’t the only machine learning frameworks in use, but the others also appear vulnerable to these weird events. And they aren’t limited to visual recognition systems.

“On every domain I've seen, from image classification to automatic speech recognition to translation, neural networks can be attacked to mis-classify inputs,” says Nicholas Carlini, a research scientist at Google Brain, which is developing intelligent machines. Carlini has shown how – with the addition of what sounds like a bit of scratchy background noise – a voice reading “without the dataset the article is useless” can be mistranslated as “Ok Google browse to evil dot com”. And it is not just limited to speech. In another example, an excerpt from Bach’s Cello Suit 1 transcribed as “speech can be embedded in music”.

Although neural networks were inspired by the human visual cortex, there’s a growing acknowledgement that the resemblance is merely superficial. A key difference is that as well as recognizing visual features such as edges or objects, our brains also encode the relationships between those features – so, this edge forms part of this object. This enables us to assign meaning to the patterns we see.

In their desire to keep things simple, engineers building artificial neural frameworks have ignored several properties of real neurons – the importance of which is only beginning to become clear. Neurons communicate by sending action potentials or ‘spikes’ down the length of their bodies, which creates a time delay in their transmission. There’s also variability between individual neurons in the rate at which they transmit information – some are quick, some slow. Many neurons seem to pay close attention to the timing of the impulses they receive when deciding whether to fire themselves.

“Artificial neural networks have this property that all neurons are exactly the same, but the variety of morphologically different neurons in the brain suggests to me that this is not irrelevant,” says Jeffrey Bowers, a neuroscientist at the University of Bristol who is investigating which aspects of brain function aren’t being captured by current neural networks.

“This is still a very difficult problem for today’s machine-vision algorithms, and yet the human brain can solve this effortlessly,” says Stringer. He is also collaborating with the Defence Science and Technology Laboratory at Porton Down, in Wiltshire, England, to develop a next generation, scaled-up version of his neural framework that could be applied to military problems, such as spotting enemy tanks from smart cameras mounted on autonomous drones.

In the meantime, we may need to avoid placing too much trust in the AI-powered robots, cars and programs that we will be increasingly exposed to. You just never know if it might be hallucinating."


vas pupDecember 5, 2018 11:05 AM

@echo on fake news about politicians.
There is very good book written in 1937, but even for today very informative to see how politicians are made and worked: Robert P Warren 'ALL KINGS MEN'. The good in this book is statement that everybody were born in dirt and all human path from the birthplace to the grave is the path of sin, meaning everybody has own skeletons in the closet, politicians in particular because it is very difficult to move up in politics without cutting corners of morality.
I'd say it is better to spend money on finding REAL skeletons in the politician's closet you don't like rather than fabricate fake news. Please read the book. Willie Stark in that book said (not exact quote): There is only one way to make goodness in this world - it is out of badness we all surrounded with". Cynical- yes? But unfortunately very close to reality.

Clive RobinsonDecember 5, 2018 11:28 AM

@ echo,

From the article,

    ... the Russian president, Vladimir Putin, was accused of spending over £1bn a year to “spread lies” as part of a military strategy to cause division in Europe.

Firstly we know it's not actually Putin spending the money, but ot comes from those "alleged" to be around him.

One of the things the Cambridge Analytica investigation in the UK had started to find was US money sent to the "alleged" Putin confidents from US Hedge Funds and Silicon Valley entities.

Just as it started getting interesting it is "alledged" in the UK Parliment that the current PM had the plug pulled to protect certain US sensitivities.

Thus we have an interesting dilemma, it would appear that some US 1%ers are working with or through Russian entities including Politicians against the interests of the US and her "alledged" allies.

It's one of the Reasons the French are getting excessively twitchy at the moment... Because some there think the US far right purchased Brexit and might have Franco-German relations in their cross hairs.

Personally I wish the UK Police investigation had been alowed to continue as we might have got some real facts out of it, as currently we don't realy have anything.

FaustusDecember 5, 2018 11:33 AM

@ Bob Paddock

Classic psi experiments have shown extremely improbable results in experiments involving mental control of cascades and atomic decay as well. Effects have been shown even if the direction of influence is not given to the experimental subject until after the run (but before analysis), suggesting an ability to influence backwards in time.

I have read, and tend to believe, that such results are an indication, not of supernatural abilities, but our insufficient understanding of the statistics of highly unlikely events.

WeatherDecember 5, 2018 12:02 PM

%spot the leading question

A research paper has discovered that the earth oceans don't rise like a bath tub, Alaska at A had fallen 1mm compared to Florida at B,while Holland at C rises 2mm
It was caused by things like oceancurrents and gravity of ice sheets.
When ice in Greenland melt the sea could possabile rise 10 meters.

Being a hypercritical and splittener

There are four
1)could be anything, but probably 1&2 mm
2)ice and Greenland, must be hot
3)Holland has dams and ducks
4)Alaska is cold

Bob PaddockDecember 5, 2018 1:15 PM

@Faustus

"...suggesting an ability to influence backwards in time."

Yes. There are experiments and theories such as Decision Augmentation Theory that cover that. The people doing the Remote Viewing work had no idea that it would work across time, backwards or forwards until they accidently did a viewing of a location that would have been accurate in 1938 (a farm), when they were trying to view a contemporary location (a swimming pool).

"I have read, and tend to believe, that such results are an indication, not of supernatural abilities, but our insufficient understanding of the statistics of highly unlikely events."

Exactly. It is our understanding of 'Reality' that we are still working on...
Linear Time is part of our Human Conscious and not a requirement of physics, as many experiments in parapsychology have shown. As well as those Quantom Physics have started to show (parapsychology is much older than QP).

Sadly last time I posted extensive references the moderator deleted the post. :-(
To many links I guess.

Clive RobinsonDecember 5, 2018 3:16 PM

@ vas pup,

From the article,

    Over the past few years, there have been mounting examples of machines that can be made to see or hear things that aren’t there. By introducing ‘noise’ that scrambles their recognition systems, these machines can be made to hallucinate.

Just as humans can be made to hallucinate with various modifications to their sensory input.

The question I guess that we will need to get to the bottom of is,

    Is this effect inherent in all systems beyond a certain level of complexity?

And the answer may very probably be yes...

Also there are large parts of the human brain that appear to have limited or very little observable independent function. What if they don't have indepedent function but are part of a feedback system to limit the effects that certain inputs have, thus reducing the potential triggering of hallucinations?

If so this is going to have a similar knock on effect to AI? That is as complexity rises dors an AI system become inherently unstable? Thus need increasingly large systems to not just prefilter inputs but provide varying degrees of negative feedback when certain input types are detected.

The Universe appears full of little tricks involving "thresholds" most we have only directly experienced from the quantum crossing level. We assume as with black holes there are thresholds at the other end of the spectrum, but does that rule out stages inbetween?

All sorts of fun questions we have yet to investigate, mind you it would be funny if there was a complexity threshold you could not go beyond as a single entity. It might in part explain why we are social creatures.

Which gives rise to a question that has been asked in SiFi "Do AI's need love?" or atleast companionship. Imagine the ire of certain individuals if their autonomous self driving vehicles formed a union?

Clive RobinsonDecember 5, 2018 4:26 PM

@ echo,

This is all we need! AI's snorting lines of white noise...

+1,

For some reason I find myself thinking of George "white lines" Osborne once Chancellor of the UK also known less affectionately as "Gidiot", and those terrible jokes about "shopping trolley's having a mind of their own" unlike the operator, and wondering if the two could be reworked. That is Gidiot getting out smarted by a hallucinating AI, then I realised it would not be funny after all a dead AI could out think...

Clive RobinsonDecember 5, 2018 6:00 PM

@ RG-2,

China Maneuvers to Snag Advanced Top-Secret Boeing Satellite Technology

In all honesty I would not be surprised at the goings on.

Firstly though it's quite likely that China already has most of the technology anyway "if what the US Gov has previously claimed" is true[1].

On the assumption that has a degree of truth to it, there is another issue to consider. China is putting one heck of a lot of money into the project, thus feel they have certain "rights pertaining to ownership" as you might feel --incorrectly-- about your car or mobile phone you've bought.

With the state of things between the current USG Executive policy and China you must admit that China should be cautious. Afterall they don't want to find they have been sold the worlds most expensive cell phone. Where the reality is they in effect own nothing because the USG like Apple/Google realy "own the phone" and dictate what can or can not be done with it including alowing it to function at all...

Thus it maybe that the Chinese Directors were pushing to ensure what they think they are paying for is what they get, and at multiple tens of millions of dollars, you can not blaim them for doing that.

However if they were pushing for other details, again I can not blaim them, ask what the US would do if the rolls were reversed.

As for the Chinese policy on "industrial espionage" they are not the first to codify what appears at draconian legislation on the matter (even though the tariffs seem harsh). In effect making it a National Security issue with all that entails, has already been done, have a look at South Korea's legislation for instance.

The real problem we have today is other industrialising nations are doing pretty much what the US did for a century or more starting over a century and a half ago when it comes to other peoples "intellectual property", which is steal it, and many think they still do, possibly for good reason. Many nations see the US SigInt and IC in their computer systems doing heaven alone knows what. Thus they are not interested in faux morality lessons from what they see as a thief with hair splitting moral pretensions. After all the US SigInt entities have been shown to have lied repeatedly to every one so a number of nations see such pretensions as something all together different.

Which ever way you look at it though, it is most definitely a mess of the US's own making...

[1] Due to the long running issues with the F35 and that China is alledged to have stolen the designs via "China APT" etc, and importantly made their own version "that works" there are being comments made. One of which indicates that maybe "The USG should have outsourced the whole F35 project to China and saved a lot of time and money"...

echoDecember 5, 2018 10:21 PM

@Clive

Firstly we know it's not actually Putin spending the money, but ot comes from those "alleged" to be around him.

One of the things the Cambridge Analytica investigation in the UK had started to find was US money sent to the "alleged" Putin confidents from US Hedge Funds and Silicon Valley entities.

Just as it started getting interesting it is "alledged" in the UK Parliment that the current PM had the plug pulled to protect certain US sensitivities.

Thus we have an interesting dilemma, it would appear that some US 1%ers are working with or through Russian entities including Politicians against the interests of the US and her "alledged" allies.

It's one of the Reasons the French are getting excessively twitchy at the moment... Because some there think the US far right purchased Brexit and might have Franco-German relations in their cross hairs.

I tend to agree.

Personally I wish the UK Police investigation had been alowed to continue as we might have got some real facts out of it, as currently we don't realy have anything.

Because of UK agendas or fiscal tightening there has been a rise in private criminal prosecutions.

There is nothing stopping a private investigation under the auspices of the "Police and Criminal Evidence Act". Case law (The Sunday Times) is that an employee can be compelled to give testimony against an organisation or an employee where criminal behaviour has occured. There is also the caveat that not telling the truth may run foul of the Fraud Act and perjury or perverting the course of justice.

It's possible UK police could also be investigated for standards of conduct and subject to judicial review for their decision to not investigate.

echoDecember 5, 2018 10:46 PM

@vas pup

There is very good book written in 1937, but even for today very informative to see how politicians are made and worked: Robert P Warren 'ALL KINGS MEN'. The good in this book is statement that everybody were born in dirt and all human path from the birthplace to the grave is the path of sin, meaning everybody has own skeletons in the closet, politicians in particular because it is very difficult to move up in politics without cutting corners of morality. I'd say it is better to spend money on finding REAL skeletons in the politician's closet you don't like rather than fabricate fake news. Please read the book. Willie Stark in that book said (not exact quote): There is only one way to make goodness in this world - it is out of badness we all surrounded with". Cynical- yes? But unfortunately very close to reality.

I suspect your suggestion has a lot of truth in it. By chance I caught a Jonathon Meades documentary on jargon. I only skimmed through it but one point I caught was how politicians make a big deal of the proper form of words they use but are rarely so upset at actions in the real world which cause misery. He also articulated how the language of politics and politicians becomes inseperable.

I do tend to agree investigation real issues is better.

echoDecember 5, 2018 11:09 PM

https://www.ft.com/content/85bec300-f7de-11e8-af46-2022a0b02a6c

By February next year, Britain may be heading out of the EU, trying to stay in, or lost somewhere in between. In Munich at that time, defence and security leaders from across the world will gather for their yearly conference. They are planning a Brexit party, whatever the circumstances. Their intent is not to gloat if Britain is about to exit. It is to ease any British pain.

[...]

On its own, the UK is undoubtedly a weaker power. Brexiters’ claims of a return of “global Britain” are a figment of their imagination. Without Britain, however, the EU is also diminished.

[...]


There is, to be sure, a flip side to the double blow of Mr Trump and Brexit. American pressure has forced a long-overdue re-evaluation of European dependence on the US, a debate that Germany had sought to avoid. And without the resistance of Britain, the idea of closer European defence integration can be more easily pursued as a long-term project.

This article doesn't say a lot people dosn't already know and is fairly go through the motions paint by numbers.

Rach ElDecember 6, 2018 1:34 AM

Wael


it appears Arabic has inherent, complex capacity for code. Quoting from my book - by no means comprehensive or complete:

"if we take the standard method of decoding by the Abjad system, known to almost every person literate in Arabic and Persian, the letters can be substituted for the following figures...The letters must be arranged in accordance with conventional Semitic orthography"

an aspect of this is a hidden three letter root value able to derived from every Arabic word, which can be spun again

Familiar to these secrets?

Wesley ParishDecember 6, 2018 3:04 AM

@vas pup

One thing that got me worried about (computer) neural nets a few years ago was that the ones seen in the wild - so to speak - were primarily excitatory networks. AIWeirdness.com has some brilliant examples - the current one being

By Epoch 3 it has settled on the strategy of using “baby” in pretty much every song.

There are other examples.

The brain uses inhibitory neural circuits as well as excitatory. That is to say, there are circuits in the brain whose function is to inhibit unrestrained firing of other neural circuits.

FWIW, paranoia - the medical condition - is an example of neural circuits that are not inhibited nearly enough. As is epilepsy.

WaelDecember 6, 2018 3:07 AM

@Rach El,

Arabic programming language Qalb, which means 'heart'

Not familiar with it. Already struggling with getting a cross-compiler / Framework and a C++ extension to another language going. What an atrocious task! I won't look at the heart :)

WaelDecember 6, 2018 3:23 AM

@Rach El,

it appears Arabic has inherent, complex capacity for code.

I'm not sure about 'complex'. I'd say it's elaborate and complete as opposed to some other languages.

if we take the standard method of decoding by the Abjad system

The Abjad system is very old. Older than Wikipedia claims.

known to almost every person literate in Arabic and Persian

That's definitely not true. Perhaps it was true 70 or 80 years ago, when the average vocabulary of a 6-year old child was 50,000 words. Now it's much lower.

an aspect of this is a hidden three letter root value able to derived from every Arabic word, which can be spun again

Not sure I understand, so I must say I am not familiar with these secrets. Although I am aware of some fascinating things way out of scope of this blog. They may have to do with encoding and cryptography, but I am not sure yet.

Quoting from my book

What book would that be?

WeatherDecember 6, 2018 5:03 AM

Probability vs chance

In Nz we have lotto that is in a range of 0-40 with 6 balls chosen.

Probability 1:32000000
Chance of 123456 1:32000000
Chance of 2,4,26,32,34,38 1:15000000
Chance of 1,2,13,14,25,26 1:3300000

Mixed probability of two or more lines or goes
Probability one 1:32000000
Two 1:32000000
Chance two I think 1:15000000, but should be a exponential lowering

Opinion

Clive RobinsonDecember 6, 2018 5:35 AM

@ Wesley Parish, vas pup,

The brain uses inhibitory neural circuits as well as excitatory.

It also uses what might be considered "inhibitory circuits" to "shape" the output of the "excitatory circuits".

We see this most easily "outside the brain" with the vocal tract. The vocal cords are "unvoiced" and various parts of the vocal tract impose different effects that together give us not just voiced words but song or incoherent noises.

Thus a major part of the problem is deciding what purpose an "inhibitory circuit" serves.

Often as we see with genes in DNA it has more than one purpose. All of which makes life even more complicated.

This "multipurpose" functionality may well be to do with "optomisation". We see more genes in older species than we do in younger species, yet we see more complex behaviours in the younger species.

Thus at first thought the younger species must be doing more with less genes. But are they? It may be the genes being lost are actually inhibitory thus removing them is like taking the lid of a closed box...

We realy do not have the answers yet so as the old saying has it "Your guess is as good as the next mans".

WeatherDecember 6, 2018 5:39 AM

Part two,sorry mod

A coin has a probability of 1:2 ,number of tries to be successful
Probability 1-20 tries
Chance 1-2 tries

If you take 12 number from 40 with low number chance and make all combination for 6 numbers ruling out dulipcation not by place but by whole.
1,2,3,4,5,6,7,8
1,2,3,4,5,6
1,2,3,4,5,8
1,2,3,4,6,7
1,2,3,4,6,8
1,2,3,4,7,8
1,2,3,5,6,7
....


At 70 cents per line about $500 a week between 1-6 months you should have close to 100% chance of first division

RG-2December 6, 2018 6:16 AM

@clive
China is putting one heck of a lot of money into the project, thus feel they have certain "rights pertaining to ownership"

I’d rephrase
The repressive, aggressive Communist Red Chinese Government is directly putting one heck of a lot of money[1] into the project to demand Intellectual Property secrets they did not pay for.

The reality is this company is a front for the Chinese Communist Party because
Quantum Encryption and satellite technology are identified critical in China’s 2025 plan for world domination.

With no limits, the Communist Party’s surveillance and AI technology is already ‘superior’ to Silicon Valley. Hence they don’t need Google or Facebook wannabes[2].

Sitting Ducks
Traditionally China espionage was based upon subtle, long-term efforts and goals. But now they must meet Premiere Xi’s hard 2025 date. These spies have no choice but to be aggressive worldwide, while exponentially increasing the risk of being exposed. They’ve become easy to identify, arrest and prosecute[3].

Public Relations Disaster
However imperfect, the USA is coming up to speed and responding to the worldwide Chinese national security threats. Premier Xi aggressive character and goals are changing perceptions. The USA leadership is simply and publicly laying out the naked truth.
China weakness is they gave one imperfect human being way to much absolute power. His extreme, unquestioned, unchallenged and dictatorial aggressiveness will be China’s downfall.

Europe, under an intense, sustained Chinese technology pilfering siege, is beginning to respond.
How China Is Buying Its Way Into Europe
https://www.bloomberg.com/graphics/2018-china-business-in-europe/

[1] the directors careers are probably over if they don’t acquire the American satellite technology
[2] maybe a window dressing bone but nothing more
[3] https://www.bloomberg.com/news/articles/2018-12-05/huawei-cfo-arrested-in-canada-as-u-s-seeks-her-extradition?srnd=businessweek-v2

WaelDecember 6, 2018 6:24 AM

@Weather,

A coin has a probability of 1:2

Fair coin toss on a solid surface is a Bernoulli trial

If you take 12 number from 40

Not sure I understand. Do you mean 'Choose 12 out of 40'? In that case, Example 1:5 video might help.

At 70 cents per line about $500...

You need to deliver a more convincing pitch, if you're looking for investors ;)

Probability vs chance

Interesting title... What's the difference? What's the probability that a needle will fall at a given point of a surface? It's zero! But that does not mean the needle will not fall there! Take a needle and stick it in a surface. It pieced one point of that surface (it happened) but the probability of it hitting an exact pint is zero. We had a similar discussion a while back here, but the skull is running on fumes now to find the link.

WeatherDecember 6, 2018 6:53 AM

Weal

A coin has a probability of 1:2

Yes but the 1-20 was two to three different probability mixed

Probability is all the possible outcomes
Chance is ones that have more weight of happening.

Zero because you painted a target, if you create more than one target you get probability, if its near the centre or right at the edges its chance.

That's why i mentioned opinion its my defantion ,not correct

WeatherDecember 6, 2018 7:04 AM

A coin has a probability of 1:2

With multiple tries its head or tails plus number of tries plus ...
But after the first coin flip if unsuccessful the second is still 1:2 probability ..,but chance is 1:2 for the first 90% 1:1.9 for the second if the target doesn't change from heads or tails

PeaceHeadDecember 6, 2018 7:16 AM

Dept. of Defense Hotline (for reporting abuse, misuse of classified data, fraud, waste, issues, etc):

http://www.dodig.mil/Components/Administrative-Investigations/DoD-Hotline/

Limits and Specifics of the Hotline listed above:

http://www.dodig.mil/Components/Administrative-Investigations/DoD-Hotline/Matters-appropriate-for-the-DoD-Hotline/

I am putting these up here because as time has progressed, it's seemed like more and more people are using these webforms for anything from gossip to whistleblowing to muckracking to regular communication. It's not for me to judge anybody's intentions. However, if somebody really needs to get help on a DoD related cryptostego topic or similar, those links might help. They are just normal links from within https://darpa.mil

Also, if you could just write a postal letter. In many ways that's much more secure although with it's own risks too.

Peaceful Coexistence Is Not A Slogan; It's the Only Future For the Living

vas pupDecember 6, 2018 9:19 AM

@Clive Robinson • December 5, 2018 3:16 PM
What I love about you, Clive, you always see forest behind the trees (that is not kind of American type of thinking).
Your suggestion should be taking in consideration when doing xref of human and AI hallucinations to do research on similarities of both and differences in the future design/application of AI.
Regarding hallucinations is humans sometimes they are results of low sensory input (in isolation in particular) which is required to provide particular level of brain activation. I am talking about healthy brain. Sick brain could have hallucinations as result of particular part of brain damage(tumor) - olfactory type or wrong functioning of particular part of the brain caused by digested chemical agent - vodka, LSD - visual type, or bad wiring on particular regions casing wrong processing of existing sensory input or just self-firing of particular constellation on neurons - auditory.

vas pupDecember 6, 2018 10:51 AM

@Wesley Parish: "By Epoch 3 it has settled on the strategy of using “baby” in pretty much every song."
Yeah, and you see now dog in every commercial on TV even not related to animal kingdom and dogs at all because they (dog's images)trigger subliminal trust to the message itself, but that manipulation is done by humans. Just be aware!

Rach ElDecember 6, 2018 3:54 PM

Wael

thankyou for response. Book is about Sufism, author Idries Shah
I don't know anything about Arabic. One aspect of the capacity for code within Arabic according to the author is that words are grouped according to a three letter root. Dictionaries usually list words with a reference to this root.
Abjad is one way of creating a new 'hidden' three letter root.
Further, it's possible to write a piece of prose or poetry specifically choosing words that belong to a certain three letter word group that has inherent meaning, as opposed to another group, thus conveying additional context, and then some for those with eyes to see.
Simply choosing a name, or a symbol (like a lion) with proper application of Arabic alone the descriptive can be unpacked within given context, to reveal multifaceted meaning lost to the uninformed observer
this is probably all common knowledge to you as one fluent

WaelDecember 6, 2018 4:21 PM

@Rach El,

Book is about Sufism, author Idries Shah

I should have guessed, you mentioned that some time ago.

grouped according to a three letter root. Dictionaries usually list words with a reference to this root.

Yes, there are roughly 16000 three-letter roots, there are fewer two-letter, four-letter, and five-letter roots.

Further, it's possible to write a piece of prose or poetry

Yes, although I am not a poet... not yet :( There are people who memorize 200,000 poems, each ranging from 10 to 200 verses. And there are people who memorize the equivalent of 21 - 30+ volumes of books and can recite them without making a single mistake in a letter or an accent mark. They know it inside and out. Some of them are as young as 9 years old. Can you believe that?

JG4December 6, 2018 6:10 PM


@Rach El - It's me. I was cranky because there are so many idiots, psychotics, criminals and psychopaths loose on your planet. Worse, many of them are at the controls. Between the mineral supplements, which I've open-sourced, the running, a little more fish and carbs, I've been a mind on fire.

The main reason that I've been quiet, other than extensive windshield therapy, is that I got a Chromebook from Spookwerks West. That was in the January/February timeframe, so not exactly new. It's got a tiny screen, a bunch of ads, and the sessions come back with all of the open tabs. I like the TOR machine better for writing long and tedious rants. The Chromebook boots and connects a lot quicker. Hat tip Clive for pointing me to a secure platform available cheap. How much does it cost? $169 and all of your privacy.

https://www.nakedcapitalism.com/2018/12/links-12-6-18.html
...

[shades of the road to Niniveh]

These ants decorate their homes with the heads of their enemies National Geographic
...

Facebook’s Very Bad Month Just Got Worse The New Yorker. “The documents also reveal that, in 2015, a permissions update for Android devices, which users were required to accept, included a feature that continuously uploaded text messages and call logs to Facebook.” Holy moley. That’s some feature.

Wells Fargo computer glitch blamed as hundreds lose their homes CBS
...

[system evolution, conspiracy trigger alert]

Italian Police Make Major Arrests Linked to Sicilian Mob Courthouse News
...

[gain medium with spontaneous emergence of order in non-equilibrium thermodynamic system]

New study explains creation of deadly California ‘firenado’ AP (DL). Original.
...

[some fascinating history, conspiracy trigger alert]

Imperial Collapse Watch

The Dirty Secrets of George Bush Rolling Stone. From 1988, still germane.
...

Clive RobinsonDecember 6, 2018 7:29 PM

No data for O2 Mobile Network

The O2 mobile phone network provides data connectivity for over 32Million UK users (around half UK Population).

The underlying network technology comes from Eriksson, who have indicated it is probbably down to a certificate issue, what ever that might mean in reality.

Supposadly 3G data has been restored, and 4G might be back overnight...

Apparently it's not just the UK effected by the problem.

https://www.bbc.co.uk/news/business-46464730

As the old joke has it,

    To err is human, to realy f**k up requires a computer...

There have been a few people interviewed and their comments transmitted as part of the news.

In almost all cases those effected had made poor choices. One could not get contact details for an important business deal. Another failed to get to an interview because they could not get access to Google, another...

It was a veritable litany of ill preparedness and over reliance on technology that has just proved --yet again-- it's lack of reliability.

I was completely underwhelmed by these peoples mentality. I don't know about others but I asume my phone is unreliable and it's battery will die or signal will be lost at the most inconvenient time. Thus I prepare for such things by printing out or photocopying maps, time tables, itineraries, alternative routes and ensure I have contact details on me, not just for who I might be meeting but services etc as well. One copy in my briefcase and another in my jacket pocket. If I'm to navigate for others I have a proper geographical map and compass as well as a street map, it's just habit and has served me well oh once or twice a year atleast...

Rach ElDecember 6, 2018 8:31 PM

Wael


quite astsounding as to the memorisation abilities you refer to. I know you will have verified it so I suspend my disbelief. That beats any known records I have read about, obviously Western-centric. Although verse would be easier than digits of Pi. Sounds like those poor kids have disciplinarian parents / un happy childhoods? Any of the wunderkind live to see the age of 10?

I also mentioned to you quite some time ago about Japanese students trained in the use of an abacus from an early age. This lends some the ability to do mental calculations of basically any kind, by visualising the abacus and twirling their finger in the air manically [ moving the beads in their mind ]

Vedic Mathematics uses 3D objects for example a dodecahedron and when visualised extremely complex matheatical calculations can be performed by mentally tracing the lines that comprise the particular 3D object


Rach ElDecember 6, 2018 8:38 PM

I was completely underwhelmed by these peoples mentality. I don't know about others but I asume my phone is unreliable and it's battery will die or signal will be lost at the most inconvenient time. Thus I prepare for such things by printing out or photocopying maps, time tables, itineraries, alternative routes and ensure I have contact details on me, not just for who I might be meeting but services etc as well. One copy in my briefcase and another in my jacket pocket. If I'm to navigate for others I have a proper geographical map and compass as well as a street map, it's just habit and has served me well oh once or twice a year atleast...

Clive

Must be all the free radicals from the pure oxygen (O2)
i concur, it's very disappointing to encounter a native resident of a city who
can't discuss routes and alternative routes with me when I show them google maps, because they just drive where the funny voice on the phone tells them. they literally don't know where they are or where they are going.

'Legendary' Robinson strikes again

Now Where Oh Where is my Legendary Praet?

WaelDecember 7, 2018 2:11 AM

@Clive Robinson,

To err is human, to realy f**k up requires a computer...

Behind every computer f**k-up there's at least one scumbag code-cutter. ©

WaelDecember 7, 2018 3:07 AM

@Rach El.

I know you will have verified it so I suspend my disbelief.

The poetry one, I read about from multiple sources and the same for the volumes of books, which is on YouTube as well.

Although verse would be easier than digits of Pi.

I read about the world record of Pi memorization. It took some time to achieve that feat. The astounding thing about people who are good at memorizing poetry is they commit it to memory verbatim the first time they hear it.

Sounds like those poor kids have disciplinarian parents / un happy childhoods?

Not necessarily, but true sometimes.

Any of the wunderkind live to see the age of 10?

Yes, way beyond 10.

Vedic Mathematics uses 3D...

I looked at that a while back, read a couple of articles about it. Not sure of its validity these days, though. I do know some tricks for quick multiplications by 5...5 or 9....9. Good for a parlor trick, no more.

Now Where Oh Where is my Legendary Praet?

He's with us in spirit, um... I guess. Studying law and doing things he enjoys, I hope.

echoDecember 7, 2018 6:19 AM

https://www.theguardian.com/commentisfree/2018/dec/07/us-billionaires-hard-right-britain-spiked-magazine-charles-david-koch-foundation

How US billionaires are fuelling the hard-right cause in Britain

This is a scorcher of an article by George Monbiot. He also gives due credit to Carole Cadwalladr for uncovering a lot of the murky finances and connections behind the Brexit leave campaign.

Until now, there has been no evidence that Charles and David Koch have funded organisations based in the UK. But a few weeks ago, a reader pointed me to one line he found in a form submitted to the US government by the Charles Koch Foundation, which showed money transferred to a company that appears to be the US funding arm of a UK organisation. Once I had grasped its significance, I set up a collaboration with the investigative group DeSmog UK. We could scarcely believe what we were seeing.

[...]

Is this the extent of the Koch brothers’ involvement with groups based in the UK? Who knows? I have not yet had a response from the Charles Koch Foundation. But I see these payments as part of a wider pattern of undisclosed funding. Democracy without transparency is not democracy.

The article contains much more detail on the depth and breadth of the Koch brothers evil.

echoDecember 7, 2018 6:35 AM

https://www.independent.co.uk/news/world/americas/tyler-perry-walmart-pays-off-layaway-debt-customer-atlanta-twitter-video-christmas-a8671776.html

Actor and producer Tyler Perry has announced on Instagram that he has paid off layaway accounts at two Walmart stores in the Atlanta region totalling $432,635 (£338,999).

Days earlier, Gayle Benson, a billionaire philanthropist and owner of the New Orleans Saints, donated $93,502 (£73.265) to pay off accounts for 408 customers.

[...]

Layaway programmes started during the Great Depression in the 1930s, when some families didn’t have enough money to pay for needed items.

They fell out of favour in the 1980s, with the rise of easy credit, and became popular again in the 2010s when Americans suffered job losses and saw their home values plummet after the recession. Unlike credit cards, most layaway plans don’t charge interest on purchases.

It isn't right that poor people are in need of support from billionaire's benefiting froma rigged system but nonethless this is nice of him.

echoDecember 7, 2018 6:59 AM

https://www.theregister.co.uk/2018/12/07/privacy_international_government_hacking_supreme_court/

Privacy International's argument in the Supreme Court is that specialist tribunals, such as those for employment, are generally subject to judicial reviews in the regular courts. Without this oversight, a tribunal can effectively set the limits of its own powers, and interpret the law without oversight from other courts.

How silent "glimlet eyed badge flashing duck and roll" types are about justice "going dark" when it suits them...

PeaceHeadDecember 7, 2018 11:27 AM

JG4: Thanks for the nakedcapitalism recent pagelink.
The article(s) you cited were significantly useful to know and somewhat emotionally significant as well.

The article about the communication conflict dovetails with my theory that this nation is HEAVILY STEEPED WITHIN SEVERAL (PARTIALLY-) COVERT CIVIL WARS.

Peace be with you.

FaustusDecember 7, 2018 12:31 PM

@ Clive

"At the end of the day engineering is about compromise and finding sweet spots, I'm not sure A.I. is even remotely close to being able to do the first, let alone the second."

Compromise and finding sweet spots sounds like an optimization problem in an n-dimensional parameter space. That is the basis of most AI technology, including my favorite, evolutionary approaches.

"code-cutters, code-cutters, code-cutters" ad nauseum. What is your problem with programmers? That they are generally not engineers? Such assurance of judgement about every member of a large varied population is simply doomed to be a delusion. I'm sure that you couldn't do your engineering if you applied such generalizations anywhere except an internet forum where you can say offensive things with little repercussion.

An occasional wisecrack is one thing, but this intense campaign of empty insult drags your otherwise exemplary contributions down.

Captain CadaverDecember 7, 2018 2:30 PM

Echo

The Walmart layaway accounts. If anyone needed insight into true ethics and guiding principles of Silicon Valley best mate/angel investor etc Tim Ferris, beyond him being best mates with General Stanley McChrystal and Special Operations folks, it's Tim Ferriss podcast of him recently interviewing Walmart CEO for advice on how to succeed in buisness, get ahead, maximise value etc. Security related in so far as true colours need to be made plain and most people don't realise where he's at

Clive RobinsonDecember 7, 2018 4:58 PM

@ Faustus,

code-cutters, code-cutters, code-cutters" ad nauseum. What is your problem with programmers?

Programmers and/or their managers.

Such assurance of judgement about every member of a large varied population is simply doomed to be a delusion.

Is it realy?

Tell me how many pieces of software have you used that don't require frequent patching?

Patching is "bolt another bit on to cover up a crack or broken part" it's what you would expect of pre Victorian artisans, not scientists or engineers.

Tell me would you fly in a modern pasenger aircraft that had to have structural "patches" made every month just to stop it crashing to earth? I suspect not, so why should you be happy to do it with software?

I've written safety critical code in assembler that has not had a software fault ever reported and is still in use in an extreamly hazardous environment and has run continuously for a quater of a century.

I've also wrtitten assembler code for consumer devices that was "" into the CPU again no reported software defects and the code still in operation in a few places geting on for two decades later.

I've also designed computer hardware for body scanners and designed what you would call the "CPU" oit of bit slice chips written the Register Transfer Logic (RTL) and microcode to go ontop of that to give what you would call the ISA.

I've also got an interest in writting code for satellite payloads where reliability is quite important.

There are quite a few areas of industry that have similar coding requirments, and mainly hardware engineers using engineering principles and testing produce the code with near zero defect the norm.

So please do not tell me that those who produce bug ridden code libraries that get used by people that have no clue what is inside the libraries thus cut-n-paste from "StackExchange" and the like, who fail to check inputs properly do not check returns or exceptions and think code crashing out is an exceptable way to handle their errors are "engineers" or for that matter competent software practicioners. Because it's self bl@@dy evident by the crap they churn out they are not.

I think most on reflection would not sit in a chair made by people with that production methodology, let alone cross a bridge made that way. As for fly in an aircraft made that way, it would probobly not get down the run way let alone take off.

echoDecember 7, 2018 9:21 PM

@Faustus

Compromise and finding sweet spots sounds like an optimization problem in an n-dimensional parameter space. That is the basis of most AI technology, including my favorite, evolutionary approaches.

This isn't unlike intersectional issues. Unfortunately most organisations tend not to get this because of often differing perspectives and priorities about what the actual problem is. Historical policies and training and appropriate resoruces to manage change often aren't there, and office bullying and bad management tend to push these issues off the table or trivialise them.

@Clive

I think most on reflection would not sit in a chair made by people with that production methodology, let alone cross a bridge made that way. As for fly in an aircraft made that way, it would probobly not get down the run way let alone take off.

Unfortunately I have to agree with @Faustus. You need to knock off insulting "code cutters". Not only is it gaslighting but personally insulting. We have discussed the issues through before so there is no excuse. You really have no idea what the issues are and are comparing apples to oranges. I can easily pick from any number of real world scenarious where an "engineer" would fall flat on their face. In this respect you are acting beyond your competence which is, actually, legally actionable. Thereis enough harassing dogmatism in the world so could you please BACK OFF!!!!!!!

WaelDecember 7, 2018 11:13 PM

@Clive Robinson,

Looks fascinating. I'll leave it for the weekend, if I have the time. Added to the queue.

Dequeued it.

Do we binge watch our favorite show on Netflix or go to bed at a reasonable time?

That's an easy one for me. Go to bed at a very unreasonable time. Sometimes it's my choice, and sometimes I just can't.

So, there is absolutely no way for it to be entangled with the experiment.

Nonsense! Once upon a time, earth and that quasar were one unit. So "stuff" was entangled long time ago.

you can take pride in the fact that maybe, just maybe, the choice was yours after all.

The experiment has nothing to do with free will or lack thereof. I am at a loss why the sentiment should be "pride"?

The answer will probably be as you predict ;-)

I predicted nothing. Went in with a clean mind.

Clive RobinsonDecember 8, 2018 5:22 AM

@ echo,

Thereis enough harassing dogmatism in the world so could you please BACK OFF!!!!!!!

Please follow your own suggestion, oh and do a little fact checking.

I did not mention "code cutters" at all untill personaly attacked by @Faustus.

I responded to his uninformed personal attack telling him why he was wrong.

As for the legality of my comments why don't you check the UK legislation for merchantability and fitness for purpose, you could start with the "Supply of Goods and Services Act" and work backwards from there as it has quite a canon of case law behind it which is still evolving at a healty pace.

If people want to argue the point about "practitioner conduct" then we can pull out the specifications for the writting of software in what are considered primarily engineering environments you could start with the Space Industry, then the aviation industry, then those of various petro chem and similar hazardous environments, maratime industry, automotive and vehicle industries, safety critical and High Rel/Avail industries and many more including recognised engineering institutions like the IEE&IEEE oh and even the British Computer Society. Even organisations that represent what many consider "hobby interests" have standards for the way software should be written for certain tasks.

Therefor it's an argument you would on balance loose and probably loose badly if you crossed the threshold of a court. As I'm currently involved in the preperation of a court case involving these issues, as you should appreciate I've recently had a few conversations with our legal brethren on the subject including a QC.

Which after your admission of being a "code cutter", would make your comment of,

You really have no idea what the issues are and are comparing apples to oranges.

Somewhat ironic at best.

It would also help if you did not just leap on with,

Not only is it gaslighting but personally insulting.

WaelDecember 8, 2018 8:55 AM

code-cutter:

Someone who copies code from the web without understanding what it does. Does not mean or imply all programmers / developers are code cutters.

echoDecember 8, 2018 6:08 PM

@Clive, @Faustus

I'm not interested in getting sucked into a spat with either of you. Just knock it off with being superior and insulting "code cutters". You of all people should know appeals to authority are nonsense and smearing whole groups of people because of poor practice in some areas is not on.

You may have a big stack of "specifications" but I have a big stack of other material too.

As for QC's? Oh, do behave. I know the litigation areas a dozen times better than they do. I can and have floored a QC with knowledge of this area in one sentence and this is on primary material they should know.

"Old white man" havign "nod along" conversation with "old boy network"? What a surprise. You really have no clue.

SkizzoDecember 9, 2018 1:18 PM

@Clive "Tell me how many pieces of software have you used that don't require frequent patching?

Patching is "bolt another bit on to cover up a crack or broken part" it's what you would expect of pre Victorian artisans, not scientists or engineers."

Sounds like you are trying to suggest engineers don't screw up. We 'patch' software because we can. Engineers' can't 'patch' their screw ups, so they are forced to recall them or let the customers live with their forever screwed up product, or buy the next, newest 'engineered' piece of hardware with the faults 'patched'. Why else do PCB's need revision numbers on them? LOL

Alyer Babtu December 9, 2018 4:53 PM

@ all desiring to perfect their programming

May I recommend again “Principles of Program Design”, M. A. Jackson, 1975, Academic Press.

From thd preface, section 2:

“The purpose of this book is to present a coherent method and procedure for designing systems, programs and components which are transparently simple and self-evidently correct. The main emphasis is on structure—on the dissection of a problem into parts and the arrangement of those parts
to form a solution.”

My experience is that the principles Jsckson presents do help significantly.

Clive RobinsonDecember 9, 2018 5:05 PM

@ Skizzo,

Sounds like you are trying to suggest engineers don't screw up.

No not at all, it's why hardware production cycles are longer, they used to test them as thoroughly as they could and try not to release defective product due to the recal costs (which I've talked about in the past if you care to go looking).

The exception these days is unfortunatly short lifetime products many out of China or other "no name production" such as the low cost end of mobile phones and IoT devices. But nearly all of those in reality are "Software Products" with what appears the primary aim of stealing user data to create another income stream (you do listen to your Government warnings about such products don't you?).

Oh then there are those Amazon hardware products, which again are realy software backend products designed to make either a fast profit or to collect user data. Which Amazon have had a habit of just dropping leaving people with a pile of scrap electronics giving other parts of the industry a bad name, but what else would you expect from Amazon any way?

Why else do PCB's need revision numbers on them? LOL

For the same reason upgraded software has increased revision numbers. You appear to be of the oppinion that hardware products don't get improved and upgraded. Are you realy claiming that only software gets upgraded?

If you are that would be odd indeed... Any way it's fairly easy to see you have little or no clue as to how the FMCE business works otherwise you would not claim,

We 'patch' software because we can.

It also kind of makes my point for me realy, as what you are realy saying is "We ship broken software because we can"... In fact you appear to take pride in so doing... I'm sure the customers who might consider buying your product would like to know you take such pride...

Clive RobinsonDecember 9, 2018 5:24 PM

@ Alyer Babtu,

My experience is that the principles Jsckson presents do help significantly.

It's also the experience of those who wrote the guides etc for the industries I listed. As you will find all either say --in an expanded form-- or present a methodology that is described by

    [A] coherent method and procedure for designing systems, programs and components which are transparently simple and self-evidently correct. The main emphasis is on structure on the dissection of a problem into parts and the arrangement of those parts to form a solution[1].

Which might account for why those industries have significantly lower defect rates than many commercial commodity products for PCs with their "Patch Tusedays" etc.

[1] Some might add "provably correct" before the word "solution" where they also suggest the use of the more usable "formal methods" that came later than 1975.

Clive RobinsonDecember 9, 2018 6:41 PM

@ echo,

"Old white man" havign "nod along" conversation with "old boy network"? What a surprise. You really have no clue.

Despite what you say else where you appear to want to be exceptionaly rude in a personal way.

It is not very becoming behaviour in anybody, especially when you have been asked using your own words to stop.

As I've noted, I did not start this and I was attacked by @Faustus without cause, you then decided for reasons unknown to pile in on top full steam with guns ablazing, acusing me of trying to mentally torture you.

I suggest that either you do not engage in this unwaranted behaviour or you actually stick to what is factual, and non personal.

Oh and stop saying such things as,

you are acting beyond your competence which is, actually, legally actionable.

With your unfound assumption you have actually crossed not just a proffessional line --if you are a member of a profession--, but you have moved into the area of defamation, which is not a wise area to cross into even after the DA-2013 changes.

I can understand that you might find some things in life frustrating, we all do, but just vexatiously and vilifyingly venting at an identified individual who has caused you no harm does not help your credibility, or I suspect help you achive your other objectives in life that you have mentioned.

echoDecember 9, 2018 7:23 PM

@Clive

Oh, do behave. We've had this discussion before and you carried on without missing a beat. I also don't buy the "thud" strategy or stepping outside areas of expertise when it is very questionable to cover up your broad insulting a class of people. I also find it personally insulting as I have very clearly explained before. There are lots of other ways you can put this beginning with some tact.

You also have absolutely no idea what issues I'm managing or the rubbish I have to deal with. I can assure you that "professional" and "media friendly" people in a similar position have a huge number of problems managing these things. It's also not as if I haven't sought professional help but I've also had to put up with a "rigged game" in the process and a lot of very very unprofessional behaviour and breaches of the law in the process including some which was very blatant. Not all but a significant part of this also boils down to "money" which itself leads to very unpleasant discussions about professional misconduct and abuse.

If you could do your job while putting up with random third parties "editing" your work and sexual harassment and indirect and sometimes direct requests for "bribes" please feel free. Until then you have no idea what the difficulties are.

echoDecember 9, 2018 7:26 PM

@Clive

P.S.

I will also note that experienced barristers have had a very very hard time dealing with the people I have to deal with and one of the issues affect them personally.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.