Friday Squid Blogging: Robot Squid Propulsion

Interesting research:

The squid robot is powered primarily by compressed air, which it stores in a cylinder in its nose (do squids have noses?). The fins and arms are controlled by pneumatic actuators. When the robot wants to move through the water, it opens a value to release a modest amount of compressed air; releasing the air all at once generates enough thrust to fire the robot squid completely out of the water.

The jumping that you see at the end of the video is preliminary work; we’re told that the robot squid can travel between 10 and 20 meters by jumping, whereas using its jet underwater will take it just 10 meters. At the moment, the squid can only fire its jet once, but the researchers plan to replace the compressed air with something a bit denser, like liquid CO2, which will allow for extended operation and multiple jumps. There’s also plenty of work to do with using the fins for dynamic control, which the researchers say will “reveal the superiority of the natural flying squid movement.”

I can’t find the paper online.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Posted on August 16, 2019 at 4:05 PM118 Comments


Tatütata August 16, 2019 8:06 PM

I can’t find the paper online.

Have you tried ieeexplore? The record was added 12 August 2019.

Taogang Hou ET AL : “Design and Experiments of a Squid-like Aquatic-aerial Vehicle With Soft Morphing Fins and Arms,”, 2019 International Conference on Robotics and Automation (ICRA), Montréal, 20-24 May 2019, DOI 10.1109/ICRA.2019.8793702.

I’m not currently an IEEE member, but I suppose that with appropriate credentials (or in the worst case, a wad of $€¥£) you should be able to access the paper.

There is also Chinese utility patent CN107554736A filed 13 September 2017 for a Bionic flying cuttlefish craft capable of working underwater or overhead and realizing soft-body variable structure.


The invention discloses a bionic flying cuttlefish craft capable of working underwater or overhead and realizing a soft-body variable structure. The bionic flying cuttlefish craft capable of working underwater or overhead and realizing the soft-body variable structure comprises an outer shell body, a fin control system, a gas source and a propulsion system, wherein the outer shell body is hollow;one end of the outer shell body is provided with a paired-fin assembly and the other end of the same is provided with a wrist-fin assembly; the outer shell body is provided with an air inflation hole,a water injection hole and a propulsion water outlet hole; the fin control system is arranged at the inside of the outer shell body; the fin control system is respectively connected with the paired-fin assembly and the wrist-fin assembly; the gas source is connected with the fin control system; the propulsion system is arranged inside the outer shell body and connected with the gas source; and the propulsion system is provided with a drainage pipe and a speed adjusting valve. The bionic flying cuttlefish craft capable of working underwater or overhead and realizing the soft-body variable structure utilizes the scheme of water jet propulsion by virtue of high-pressure gas to enable a robot to make a transition from working underwater at a high speed to flying overhead. The paired-fin assembly and the wrist-fin assembly can be folded and unfolded according to the fluid environment and the movement state so as to achieve extremely high propulsion efficiency.

You can also get a semi-decent machine English translation by navigating the menus.

Hopefully they won’t get their “avionics” from Boeing. 🙂

The second paper from the EPFL mentioned in Spectrum article can be similarly located.

… (do squids have noses?)

Good question. If squids are mollusc, I would expect something like the siphon of bivalves.

From this source:

The pattern in which squid move, pumping water through the mantle, is also how squid breathe. Most sea animals have visible gills, but squids do not possess gills like most fish do, instead they obtain oxygen through a pair of long ‘gills’ covered in leaflets called lamellae. When fresh water is pumped in, the squid’s gills are also refilled with oxygen.

Tatütata August 16, 2019 9:06 PM

From the same team at the Beihang University, in Beijing, there is also this paper from 2018. The state of the art is reviewed, with several US references (MIT, DARPA, etc.). The motivation would be military. 🙁

gordo August 16, 2019 10:15 PM

How Data Privacy Laws Can Fight Fake News
by Alex Campbell, August 15, 2019

[N]one of the above techniques fundamentally alter the most pernicious aspect of online disinformation, which is the ability to micro-target messaging at the exact audience where it will have the greatest impact. Content control and punishment are reactive—no matter their success in the moment, the bigger picture is a never-ending game of whack-a-mole as new tactics and operations crop up. Transparency doesn’t actively impede online disinformation but just lessens the blow, betting that more aware audiences will engage less with false or inflammatory content.

Data privacy may offer a more precise solution. Data privacy laws like the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are not intended to address harmful speech. Their main goal is giving users greater control over their personal data, allowing people to check what data has been stored, opt out of data sharing, or erase their data entirely. Personal data generally includes information directly or indirectly linking accounts to real-life individuals, like demographic characteristics, political beliefs, or biometric data.

By limiting access to the information that enables personalized ad targeting and polarization loops, data privacy laws can render disinformation a weapon without a target. Absent the detailed data on users’ political beliefs, age, location, and gender that currently guide ads and suggested content, disinformation has a higher chance of being lost in the noise.

User data on the Internet: Manipulation as a business model
By Florence Schulz | | translated by Daniel Eck | May 14, 2019

European election campaigns are well underway and online votes are also being sought. In such situations, the temptation to misuse data is great, as the Cambridge Analytica scandal in the US elections showed. In the EU, parties have also long relied on advanced data analysis, but is this still legal?
EURACTIV Germany talked to a communication expert.

Ingo Dachwitz is a communication and media scientist. As editor at, he writes about the public digital sphere, data capitalism and data protection.

What tools do you think are needed to prevent data abuse during the election campaign?

Platforms need to ensure greater transparency regarding the criteria by which their targeting works. Citizens need to know the basis for the criteria upon which information they are being presented on online platforms. Only in such circumstances, can journalists and researchers collectively verify information. In any case, there is a need for micro-targeting to be better researched and parties also need to be more proactive in explaining how they carry out their campaign online.

But the bigger issue is that politics online almost exclusively takes place on platforms that are controlled by two or three companies. And all of them function on the same principle. Their business model consists of manipulation. That is why they possess targeting tools or buy additional data from external data brokers. Their aim is to refine their targeting tools.

It seems quite ironic that these platforms are now taking action against manipulation.

I doubt we will even get rid of the problem if the business model of online services is not changed.

Clive Robinson August 16, 2019 11:54 PM

@ gordo,

With regards,

    data privacy laws can render disinformation a weapon without a target.

From the first article,

It’s by no means a new thought but certainly one that is more rapidly coming of age (to late for many).

Whilst some have been doing the likes of turning off cookies and javascript in their browsers, or others who have run filters that do similar, both of which has helped reduced the leakage of PII, other things such as “source address” still leave many individuals trackable.

Those that track people can and will argue that “source address” are not “private” as they do about many things they can use to track people. My concern is even more invasive service provider tagging will become a norm. As the service provider “would own the tag” not the user it provides the data collectors with alternative methods to track users.

That is you have no control on your communications when it has gone into the first router upstream of you that you do not control. The person who does control that router can “tag” your communications in a number of ways. In the case of service providers they know at their “first router” exactly who you are from their business records etc. Thus any “business relationship” between a service provider and one of the big Silicon Valley Corps should be treated with suspicion at the very least.

But as you probably know with the likes of Google getting into supplying backbone and key infrastructure of the internet a whole load of things become not just possible but probable.

For instance DNS and other infrastructure services for resolving destination information of a users communications.

If Google become the hidden partner of African Service Providers the service provider can direct all DNS requests to Googles servers along with an identification tag. That would then enable them to build a profile almost as good as they currently do from other methods. And there is nothing personally that the average user would be able to do.

As has been shown with “Anonymized Medical” and similar records, they can almost always be de-anonymized with a second or third set of data. Service provider tagging would provide such a second set of data…

Therefor any network architecture that facilitates tagging or similar has a high chance of de-anonymizing users outside the control of current legislation.

Thus we also need to reconsider how the Internet currently works as well, and redesign infrastructure services to reduce the ability of such tagging to take over from other PII as and when it gets blocked by the use of the EU GDPR etc.

Thus I also echo the thought from the second article of,

    I doubt we will even get rid of the problem if the business model of online services is not changed.

Which I suspect will only happen with infrastructure changes to prevent tagging type tracking and de-anonymizing wia second and third data sources.

cilo August 17, 2019 12:51 AM

Huge Survey of Firmware Finds No Security Gains in 15 Years

A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, Netgear and other major vendors.

. . .

“Nobody is trying,” said Sarah Zatko, the Chief Scientist at the Cyber Independent Testing Lab (CITL), a non-profit organization that conducts independent tests of software security. “We found no consistency in a vendor or product line doing better or showing improvement. There was no evidence that anybody is making a concerted effort to address the safety hygiene of their products,” she said.

Clive Robinson August 17, 2019 4:02 AM

@ cilo,

With regards Firmware security and the quote,

    “Nobody is trying,” said Sarah Zatko… “We found no consistency in a vendor or product line doing better or showing improvement. There was no evidence that anybody is making a concerted effort to address the safety hygiene of their products,”

I would argue that not only is it not just Firmware in consumer / SoHo products from the likes of “Linksys, Netgear” etc but it covers most if not all of atleast two other sectors,

1, Telecoms from the current 5G future back into the 1980’s software driven POTS exchanges.

2, Almost anything and everything you would call “IoT” or all but a few “Smart Devices”

But it’s not just what most would call “Firmware” it goes deep very deep below the CPU level of the computing stack in SoC’s down to the state control logic in hardware.

It’s all evidence of the “Free Market” issue of “Tail spin” where the only way to make profit is to cut back on every cost possible and speed up entry into the market. And Software from logic control state machines upwards through to the highest of high level languages are all targets for “reduced cost” because “testing” has real cost and time penalties. Thus we see lots of heredity code issues from the likes of “code reuse” of previously not fully/correctly tested code.

You can not build strong walls on weak foundations, no matter how much rubble you use from previous walls that have broken.

As for IoT most of the people developing that code have got other highly insecure ideas in mind… That is move the bulk of the functionality off device to some remote computer hardware a few thousand miles away. That is they gather all your PII and process it on their computers which obviously conferrs significant advantage that Amazon[1] amongst others are apparently not frightened to exploit into other more lucrative income streams. Hence US Law Enforcment can now see out of your front door across your garden and see your opposite neighbours…


Hatriot August 17, 2019 4:12 AM

Interesting- is that all it took you to leave Kaspersky- what product of theirs were you using?

VinnyG August 17, 2019 7:49 AM

@gordo @Clive Robinson re: data privacy laws as a disinformation remedy – such proposals seem to rest on the assumption that the vast majority of users will not choose to voluntarily put their PII up for grabs without significant concern for the consequences. I offer Fecebook (& Snapchat, Instagram, etc.) users as a counterargument…

JG4 August 17, 2019 8:02 AM

@Clive – Thanks for the kind words. Doing surprisingly well. Hope that you continue to navigate the health challenges nimbly.

Did we talk about piles of broken glass as an entropy generator? I’m thinking of the 5 mm cubes that you get from broken automobile windows. I’d shine a laser beam through a (freshly scattered) pile and take pictures of the distribution of light. You’d need a way to discard the mean and low-order modes to get to the entropy. Not as compact as the USB dongle with a radioisotope entropy generator. But available to anyone with a camera and computer. You might want to energy gap the camera and the computer.

Big Brother is Watching You Watch

Huge Survey of Firmware Finds No Security Gains In 15 Years Security Ledger. My assumption would be it has gotten worse. Complexity and additions to older codebase would tend to do that.

Facial recognition becoming ‘epidemic’ in British public spaces Yahoo (Kevin W)

Trump Administration Asks Congress to Reauthorize N.S.A.’s Deactivated Call Records Program New York Times (furzy)

Alarm as Trump Requests Permanent Reauthorization of NSA Mass Spying Program Exposed by Snowden Common Dreams (furzy)

VinnyG August 17, 2019 8:05 AM

@patriot re: Kaspersky AV flaw – If you were otherwise satisfied with Kaspersky, since the vuln has been patched, why not just uncheck the option that facilitates script injection and continue with it? I use it, and I just made that change. TY for the link, btw. I don’t particularly like Kaspersky (tends to be a resource hog, among other annoying issues) but I use it as the “least bad” free AV that I have found. For the way I browse the net, I have decided that a stand-alone AV offers marginal value anyway, and I’m not about to pay for a subscription to one, OTOH I’m not quite comfortable entirely doing without one. I moved to Kaspersky from Avast after I became tired of Avast’s insultingly brain-dead notifications that claimed to have found vulnerabilities that needed to be addressed by adding one of their paid-for products, i.e. “Anyone can see everything you do on the internet,” and recommending Avast’s (not free) VPN. Really? When I’m already running a consensus high quality non-Avast VPN? NTM, if their product cannot detect that I’m already running a competitor’s VPN, what else are they failing to detect? Kaspersky has yet to descend to that level of annoyance for me. If and when it does, I will kick it to the curb, as well…

Ismar August 17, 2019 2:38 PM

@VinnyG and @Patriot
I have been using Kaspersky for a number of years as they constantly come on top of any relevant antivirus reviews.
Yes they can be a source of computer hogging but that is the price I am willing to pay for extra security.
They have also been targets of a smear campaign by their competitors and have had to respond by allowing for reviews of their code base by their (potential) customers as detailed here
This gives me a level of confidence which I cannot get from other AV makers and, at the same time, highlights the importance of having quality security products made in different geopolitical regions.

Sherman Jay August 17, 2019 3:26 PM

To all those of us with Anti-virus security concerns,

First, we must admit to ourselves that there is no computer or operating system that is truly impervious to malware and privacy issues.

Just for reference: Micro$oft has a real-time AntiVirus built into window$ 7 through 10. It is not great, but better than nothing. And, Consumer Reports has many flaws (often tunnel vision in the scope of their research), but just published an issue declaring Bitdefender as the best A/V for window$. I wouldn’t know how private/secure it is because I don’t allow any window$ based computer I have touch the internet.

However, I would like to suggest that anyone that wants to surf the internet safely might want to look into Linux distro’s that you can ‘run from RAM’ using a CD/DVD which is read only and can’t be compromised/infected. Most of them can be run ‘live’ without touching your window$ installation on the hard drive. If you want to save something from the internet, just plug in a USB thumb drive dedicated for that purpose only.

Linux is quite secure and fast without a real-time A/V (however, all will admit that Linux is not completely immune to malware) and there are free Anti-virus programs available for Linux.

There are a number of alternate browsers which can be installed in many of those Linux Distributions and then that Linux Distro can be easily remastered to a CD/DVD incorporating only the items/browsers you desire.

And, it is easy to get a cheap or free PC or laptop where you can install something like BackBox Linux which has TOR and BleachBit and other security measures. Air-gap this computer and you have a whole computer which is a safe ‘sandbox’ like device.

As usual, any other thoughts are welcome.

Tux for all and all for Tux

SpaceLifeForm August 17, 2019 4:37 PM


Sorry for using the F-word.

But who really decided that DNS was a good idea?

Who really decided that Certificate Authorities was such a great concept?

And who decided that BGP should remain an insecure backdoor?

Asking for a friend.

VinnyG August 17, 2019 4:37 PM

@Sherman Jay re: AV & Linux – I’m currently on a very locked down (thanks, Black Adder) copy of Win 7 Pro. I had long planned to migrate to a Linux distro when maintaining this OS became too much of a burden. However, thanks to the likely success of MS’ embrace and destroy strategy regarding Linux:
I will probably go straight to OpenBSD in spite of some issues I have with the (perceived) arrogance of that community…

Anders August 17, 2019 4:58 PM

@Sherman Jay

While live Linux distro itself is designed in the way
that it won’t touch your Windows installation, we can’t
say the same thing about the malware – it can incorporate
NTFS driver or write bootkit part directly to HDD LBA’s,
so next time you boot your Windows, “nice” code from MBR/GPT
gets executed in the background.

But AV is nowadays dead anyway. It’s trivial to bypass AV,
child play.

Already back in 2008 there was competition at Defcon – Race to Zero.

Clive Robinson August 17, 2019 5:33 PM

@ Sherman Jay,

Tux for all and all for Tux

Hey what about the “box/blow fish” or “The little devil”?

The reality is all OS’s and most applications have vulnerabilities regardless of if they are closed / open source mainstream / niche. Thus it’s asking for trouble connecting them to the Internet in the first place… Hence a CD/DVD in an old computer without “Flash ROM” is the way to go where you can. Buying old desktops with CD/DVD drives can be done for less than 50USD and pulling the hard drive out a sensible thing to do anyway.

The hard reality though is all these vulnerabilities are in reality the price we pay for “convenience”… Which usually means hugh mostly pointless UI’s that drag around more complexity that the ghost of christmass past has chains. Or put more correctly “Is a disaster that has already started” and the AV suppliers are at best in a “Red Queens Race” at worst falling behind attack developers.

Thus you are actually doing yourself a favour by ditching the complexity where you can. Back even a few years ago personal computers were “resource limited” thus complexity then had to be less to have any chance of working. Whilst going back in time as it were by just having the command line and basic utilities may appear daunting to many, generally it’s not that bad.

My only real beef is “editors” vi and emacs I never could get on with. I cut my teeth on WordStar in the early 80’s and I still use version 4 of it off of two floppy drives today. On old hardware where the clock speed is measured in thousandths of a GHz but still cuts the mustard performance wise. Heck even the editor in Microsoft Basic works OK for me, and whilst I don’t crack out text documents in debug any more I’m still a “line editor” type of person.

The advantage of that old kit, is that you can also use it as a serial terminal and put your own “mandated check point” or data diode in that you can build yourself using cheap microcontroler development boards.

Whilst I’m not a ludite I also don’t have any realy problems using the user interface on modern Office applications. WYSIWYG is not realy my thing and it all just gets in the way or gives umpteen “time wasters”…

Which is why I still use an ordinary text editor then use the Word-Pro like we once used to use desktop publishing apps. There is a time and a place for everytging and DTPing every sentance you write as you write it is not productive.

I’ve actually noticed that other people should work that way as well. Because they fall into the make the sentence / paragraph look pretty trap as well… What you should do is “brain dump” in as much in the way of written words as you can, say five to ten pages or so in a day. Only when you have a chapter or section in and saved away go back and chop it about to make it read more coherently and to form basic paragraphs etc. Then go on and do the next ten pages or so untill you’ve got the next section / chapter done, wash, rinse and repeate untill the manuscript is done. Then and only then waste time if you have any on “beautifying it”. Better still get other people to read / sanity check the manuscript as a draft first. Because they are going to be happier criticising what looks and feels like a rough draft than a finished work.

Alyer Babtu August 17, 2019 6:24 PM

@Clive Robinson and others all

having the command line … I’m still a “line editor” type of person.

The most inspiring, minimalist elegant, cortex canalizing thing in computing I have ever seen (so far) was the most senior developer (an industry legend) continuing past the onset of the glass era to use a wide-ish line printer style terminal, often with the offwhite and green striped paper, for all his coding/programming/machine communications, sitting in calm concentration in a room full of natural light. The thing had a pleasant quiet sound too.

Everything that needs to be written can be done on a hardcopy writer with extra specialist characters e.g. for mathematics and science, Greek letters etc. If the glass screen goes much beyond this, that way lies eventual madness.

tds August 17, 2019 6:50 PM

@cilo, Clive Robinson

I have found Zatko’s Cyber Independent Testing Lab (CITL) website interesting:

In addition, Consumer Reports may test routers in the future:

“A new $6 million gift from Craig Newmark Philanthropies will help Consumer Reports boost its research into the ways technology products can threaten the privacy of consumers.

The contribution will fund a new program called Digital Lab. It will add to the planned fundraising goal of about $25 million through 2020.

Consumer Reports CEO Marta Tellado said the lab will focus on testing new smart products, apps, and services, including printers, routers, cars, and password managers.”

Sherman Jay August 17, 2019 7:15 PM

@Clive Robinson, @VinnyG, @Anders, and anyone I unintentionally forgot.
Wow. Thanks for always adding so much substance to our comments here. Living requires Learning: and I always learn a lot here.

I agree with you about Micro$oft buying up and or stealing everything they find useful. I use independently developed Linux Distro’s, and as I understand it the GNU and Share copyrights will help limit the damage Micro$oft can do to us small fry and our already extant ISOs. You may have already researched it but on Distrowatch, they have OS models other than Linux and BSD (I even have a version of FREEDOS that runs on an old PC that Clive might approve of since it is virtually all Command Line Interface)

I need to learn more, but (I believe) if I run Linux on a pc from DVD most allow me to NOT mount the HDD which prevents most malware from even seeing the HDD. In about 8 years of doing this I’ve never had anything nasty get onto a Win os in HDD when using that technique (maybe I’ve just not surfed were the nasty stuff lurks).

I rebuild 2003-2012 computers for low income and disadvantaged people at our clinics and make the Linux on them ‘beginner simple’. I always provide a CD/DVD so if they are compromised just format the HDD and reload a clean Linux in about 20 min., tops.

And, I use ‘leafpad’ in linux which is a text only editor. I agree, and have always found it more mentally productive to get the ideas down first and make them ‘pretty’ with DTP later.

Anders August 17, 2019 7:38 PM

@Sherman Jay

You don’t need to mount filesystem to get bad things
on the HDD, right malware can write directly to device,

Typically first cylinder is reserved for compability
reason and partition starts at LBA 63 (check fdisk -lu)
so there’s plenty of fee room too for nastiness after MBR.

Using older HW is good, but not for web. Browser’s developers
gradually ditch older OS support and newer OS don’t run on older OS,
so this is dead end. For example:

Then there’s sites where you can’t see a thing without javascript 🙁

Like this one

I hate where this web thing is moving. I can still do most of
thing with the 500 MHz PIII, but not the web. So i’m glad that
out host runs this site so that it can be accessed even y2k era
computer without javascript. Thanks!

gordo August 17, 2019 8:21 PM

@Clive Robinson, @VinnyG,

I think that we’re seeing a slow glide from Huxley to Orwell and vice-versa or from convenience to control and from infrastructure to indifference. The two are intertwined, bi-directional, a Möbius strip or dna chain of sorts—self-assembling, no less.

In any case, I found an observation from David Carroll in “The Great Hack” documentary, regarding the Cambridge Analytica scandal, particularly apt, given the circumstances:

Carroll: Throughout history you have examples of grossly unethical experiments.

Narrator: Is that what this was?

Carroll: I think that, yes, it was a grossly unethical experiment. You are playing with the psychology of an entire country without their consent or awareness. And not only are you, like, playing with the psychology of an entire nation, you’re playing with the psychology of the entire nation in the context of the democratic process.

That is not a stretch; just larger and more refined. Thus, concerns about Social Science One. From the Social Science One RFP page:

The initial research scope includes observational (i.e, for now, non-experimental) research studying the effect of social media and related digital technologies on democracy and elections. This may include disinformation, polarization, election integrity, civic engagement, political advertising, or other related areas. The goal of such research should be to better understand the effect of social media and other digital technologies, and to investigate fundamental scientific questions concerning political communication in the digital age. The focus for this initial RFP should not be investigating internal corporate policies, decisions, or product development, and it should be for scientific purposes, not for purposes of advocacy, journalism, investigation of individuals, or research for competitors. Proposals must engage with questions of real-world, practical importance.

Which is to say that experimental research or “research creep” is on the table.

Sherman Jerrold August 17, 2019 10:36 PM

Thanks for the warning about the HDD master boot record. I thought that since the file manager in many versions of Linux couldn’t even see sda1 in /dev until it was mounted, that the malware might not see it either. Most of those distro’s show all the mounted drives as icons on the desktop. I wonder if seeing an SDA1 icon appear would be a clue that malware had found it? And, when I create a dual boot Win/Linux machine it installs GRUB (Grand Unified Bootloader) in the MBR. I wonder if that still leaves it vulnerable to malware?

I have a circa 2003 Dell Dimension (P4 1.8GHz processor) that has WinXP. but I won’t even try to install a current browser that. But, when running Linux on the same computer with recent Palemoon or firefox 45 browsers it doesn’t seem to have any trouble dealing with javascript reliant content.

I, too appreciate older hardware. I have a Dell 750MHz PIII with 256MB of RAM that runs Connochaet Linux. And there are a few other distro’s that still work with PIII’s

Ismar August 18, 2019 3:00 AM

Claiming that bypassing a professional AV system is a child play is quite a big claim. If it is so easy for you maybe you can share some insight/ resources with the rest of us , or if you feel less altruistic you can try for a bounty from an AV maker of your choice ????. All you need to do is supply them with a well documented and proven way of an exploit/ bypass and they may even give you an interesting and well paid job if that’s what you want.

Clive Robinson August 18, 2019 5:54 AM

@ Bruce and the usual suspects,

You might want to read this paper from KAIST about spoofing GPS to not just stop a drone but actuall move it to a new “safer place”.

Most consumer drones have a limited degree of anti-spoofing in them which switches the drone into “safe mode” on loss of GPS or sudden changes in GPS signals.

This system gets around safe mode issues and alows the drone to be navigated away from sensitive “protected area” locations.

As noted in their introduction there is an increasing use of drones by “terrorists”. But as we know also by criminals to deliver drugs across borders of countries and prisons.

Oh and for those that don’t want to read the paper but a tech news slot instead,

In the paper is a link to a website with more information and videos of their experiments.

Ismar August 18, 2019 6:52 AM

This might show my level of understanding of RF and GPS (or the lack there of) but would not this technology be dangerous to use in an airport environments as it may interfere with the legitimate GPS signals used by other systems in the area?

Tatütata August 18, 2019 8:58 AM

I cut my teeth on WordStar in the early 80’s and I still use version 4 of it off of two floppy drives today.

Where do you get diskettes?

I ran WordStar on an Apple II clone with a Z80 CP/M board in the 80s. What was nice about it is that it provided an area with routine hooks for inserting your own I/O code. I wrote a bit-banging serial interface (a few dozen lines), cross-assembled it on a mainframe, and used LM324 op-amps as RS232 drivers. (A lousy idea, with the slew rate, the signal was a saw-tooth at 1200 baud, but it still worked). My preferred printer was a government surplus Diablo Xerox (beautiful printing, especially with a film cartridge), which I had to hack to get access to the acute accent on the daisy wheel, allowing me to write in French.


tds August 18, 2019 10:07 AM

Regarding malware and hard disk drive (hdd) malware persistence, would lack of installed drivers for hard drives work against hackers seeking hdd persistence? For example, using Trusted End Node Security (TENS), formerly Lightweight Portable Security (LPS)? (USG DoD)

“High Security, Tightly Focused Solution

TENS was designed for maximum security, focusing specifically on providing temporary remote access only. The operating system boots from a Live CD and resides in RAM; the local disk is not touched. It intentionally lacks drivers for hard drives and most USB devices. Its firewall can be customized to allow only outbound connections to authorized addresses.”

Wael August 18, 2019 10:10 AM

@Tatütata, @Clive Robinson,

,I cut my teeth on WordStar in the early 80’s

I, on the other hand, cut my teeth on edlin. What a pain in the neck[1] that was! Actually I used the commands “+scredit”, “sarl” on another operating system that I don’t remember.


That was then; this is now!

[1] Some have a lower opinion if it.

RealFakeNews August 18, 2019 10:32 AM

Does the browser/OS restriction actually prevent certain attacks? Surely before the OS is compromised, the exploit needs to jump out of the browser?

I’ve always been very skeptical of browsers (or AV vendors) forcing me to update my OS.

While it would seem there are no obvious cases of AV software making virus infections more likely, given the incident of the NSA contractor being compromised via his AV installation it does make me wonder if “no smoke without fire” might be true?

Given the failure rate of AV to detect certain infections (I think many miss >20% of the stuff out there) their utility is questionable anyway.

Is it a case of correlation != causation, and those running AV are more just more likely to visit shady sites and download questionable things?


I think the spoofing of GPS position is how Iran hijacked the US surveillance drone.

Tatütata August 18, 2019 11:07 AM


Yes, it was Diablo 630-based, with a keyboard and a serial terminal interface (it looked like none of the pictures on Wikipedia). The second generation printer module with the high quality metal daisy wheel was from Xerox, but the terminal thing was of an uncertain provenance. It was designed around a low power Fairchild F8, but inexplicably employed bipolar PROMs which were hot to the touch.

You wouldn’t want to leave your fingers to linger in there anyway, though. It was very powerful, and the occasional power glitch could get the carriage to SLAM into the left side (I had to replace the H-bridge transistors once). You could probably adapt it to slice salami.

I did a lot of nice things with that printer. I even built a primitive image scanner by mounting a light source and a phototransistor on an empty inked ribbon cartridge using a copper wire truss. My optics were rather crude (and so was the printer’s achievable resolution of 48LPI vertical, 120DPI horizontal, IIRC) but I nevertheless had convincing results to show.

In retrospect, with bit banging, I couldn’t have run the printer at 1200 baud with WordStar+CP/M, but more at 300 baud. The 630 peaked at about 45 characters per second, and even though it had a flow control protocol (it wasn’t CTRL-S+CTRL-Q, but something else involving CTRL-E, IIRC), it wouldn’t have worked on my intrinsically unidirectional interface. (I did manage to use it with half-duplex IBM mainframes, though).

I’m now unsure whether the hooks were provided by CP/M or WordStar. A majority of neurons vote for the latter.

I also had a couple of first-generation Diablos with plastic print-wheels that had been previously been used in air traffic control centres for printing flight progress strips. They were disposed of apparently because of their poor reliability, and I wasn’t as good at fixing them than with the much better designed 630.

In the late 1980s Hewlett-Packard came out with the beautifully engineered original Deskjet, which instantly made all my previous efforts obsolete. There was initially still plenty of opportunity for rolling your own code, I created a vector to bitmap converter for emulating plotters, which was both fast and memory efficient even at 300DPI on a 286 with DOS, and I also wrote 630 and FX80 translators. I remained faithful to that brand for the next 20 years, until my mind came to indelibly associate the letters “HP” with “crap”, which is a shame.


I hardly used edlin, IBM’s Personal Editor 2 (which I had actually bought and used for the very last time some years after Y2K), was much better, and the UI had something of a strong 3270-feel to it.

@Clive, re GPS jamming

It’s an arms race. Someone will eventually come up with a unjammable semi-decent inertial platform plugin for your Arduino. Or, if it is aircraft one is after, one could use the secondary radar replies as a homing beacons (with λ=30cm you have enough room on a drone to fit some sort of interferometer, and the transponder message uniquely identifies the aircraft).


I think the spoofing of GPS position is how Iran hijacked the US surveillance drone.

Nope. There is a LOT more to GPS than the “limited” accuracy L1 signals at 1575.42 MHz destined for civilian use.

Several other encrypted signals at different frequencies providing improved and unspoofable navigation to US military users. These would still be vulnerable to a powerful enough jammer, but I sincerely expect that a 130M$ Global Hawk would be equipped with the necessary military GPS and a backup INS for good measure. This is not Gulf War I anymore of 30 years ago, where Selective Availability had to be turned off just to get enough receivers in the field. (Which Gulf War are we at anyway? I lost count.)

Sherman Jerrold August 18, 2019 11:54 AM

While TENS has a lot of good features, I am quite skeptical when the u.s. gov’t says “here is a neat secure o/s for you to use”
I must suspect that it has a gov’t controlled ‘backdoor’ and many hidden features that will allow ‘surveillance’ of the user

Searching for security oriented distros, this came up as number 14.
Trusted End Node Security (155th among 200+distro’s)
Trusted End Node Security (TENS), previously called Lightweight Portable Security (LPS), is a Linux-based live CD with a goal of allowing users to work on a computer without the risk of exposing their credentials and private data to malware, key loggers and other Internet-era ills. It includes a minimal set of applications and utilities, such as the Firefox web browser or an encryption wizard for encrypting and decrypting personal files. >>>>> The live CD is a product produced by the United States of America’s Department of Defence and is part of that organization’s Software Protection Initiative. <<<<<<

other more highly rated distro’s:
1. Kali Linux (21)

  1. Tails (31)
  2. BackBox Linux (72) (which I have used live and installed and like very much)
  3. OpenBSD (79)
  4. Whonix (94)
  5. Qubes OS (96)

  6. HardenedBSD (97)

I think most here agree: Trust must be Earned

Sherman Jerrold August 18, 2019 12:03 PM


OK, then you had something like this.

That trivia there is interesting…Prince Of Darkness.

A good friend of mine in the late-1970s had a variant of one of those which had a modem and he used it to communicate from home to a university main-frame where he was a professor. In the evening, we used to phone-in and play ‘adventure-colossal cave’ on the mainframe, running through reams of green-bar pin-fed paper. He also used it as his printer hooked up to his DEC PDP11 running from dual 8″ floppy disks.

AHHH, the good old days that (rarely) were. Oh, no, I just disclosed what a digital dinosaur I am!

Bruce Schneier August 18, 2019 12:30 PM

I wrote the first edition of Applied Cryptography in WordStar. By the second edition, I was using WordPerfect. Soon after that, I switched to Microsoft Word — where I still write books today.

I want to use Scrivener, but I find I am always in one of two states. Either I am actively writing a book, in which case I do not want to learn a new tool. Or I am not writing a book, in which case I do not need to learn a new tool. I have MS Word configured just the way I like it….

Clive Robinson August 18, 2019 1:48 PM

@ tds,

Regarding malware and hard disk drive (hdd) malware persistence, would lack of installed drivers for hard drives work against hackers seeking hdd persistence?

How would you remove the HD drivers?

For most systems the actual boot device is the HD, for this to work the HD drivers have to be either in the BIOS, or read from a ROM on the hardware into a “protected area” of RAM which the likes of Commercial OS’s respect and have done for four decades.

It was because of this BIOS issue that Lenovo were able to persistently install malware from which they profited on their consumer grade laptops.

One of the things I go on about from time to time is the use of Flash ROM and other “semi-mutable storage” which “Can be got at by malware”. Most people stop at “pulling the HD” when developing an “Internet browser” using a CD/DVD based “Live OS”.

Back a few years ago @Nick P and myself had discussions on this blog about secure hardware and I noted that I only used hardware from the last century as it only had nonmutable ROM. Nick was a bit more forgiving and said pre-2005. From what I remember his reasoning was based on the apperance of the Intel Managment Engine at ring -3 and IO involving deliberate EM radiation components such as on board GSM, Bluetooth and WiFi.

Unfortunately modern hardware is full of “hidden Flash ROM” with the use of SoC’s for control of I/O with as many as three seperate ARM or MIPS processors half meg or more of Flash Rom and RAM being used to build standard PC I/O hardware (you will find them in all modern optical and hard drives including those new Solid State Drives, network cards, USB controlers and more).

Appart from knowing this as a “design engineer” with well over a third of a century experience, we also should know it thanks to Ed Snowden. Back a half decade or so ago the UK newspaper “The Guardian” had a spat with a senior UK civil servant over the trove. Basically the Editor and the Civil Servant started a “P1ssing Contest” with neither side backing down. Eventually after it became painfully public knowledge political preasure was brought to bare and a compromise was agreed.

The result of which was GCHQ sent “Tweedle Dee and Tweedle Dummer” down to London on a shoping trip, and to also pop into The Guardian’s basment. Where they instructed Guardian “tech and journalist” personnel which chips and other devices had to be destroyed because they could due to being “semimutable” have parts of the ED Snowden Trove on them.

Perhaps what the senior civil servant did not realise was what would happen next, though “it should have been bleeding obvious”… Unsurprisingly The Guardian published full colour photograps in “double spread” format of the laptop motherboards. Which technically was a breach of National Security possibly even sufficient to cause a prosecution under DORA or OSA legislation (though politically it’s unwise to take on newspapers in court).

However for those with similar computers it enabled them to compare their motherboards with The Guardian motherboards and come up with a list of chip numbers that the UK SigInt agency GCHQ had reasons to consider suspect…

As I’ve said I’ve known about the semimutable memory issue for quite a long time (most suitably qualified electronic engineers have, we kind of accept theres not much we can do to change it). Which is why for a very long time I’ve talked about using two computers that are suitably “gapped”, which is not as easy as some think because of “old” almost myth type information.

Back last century “air gapping” was considered sufficient by many who had not realy “thought hinky” on the subject (which was clasified by the US Government back then). However I had noted from my high school physics that as we all should know, that energy of most forms used actively for work can be radiated, conducted and even convected out of active systems. Further that no process that does “work” is 100% efficient, so energy gets out of a system into it’s surrounding environment where it can be observed and utilized by an attacker.

What a higher education in engineering gets you is knowledge about how all types of energy being used for work will be “modulated” by that work. Thus information gets impressed on the energy, and carried out by radiation, conduction into the environment thus observed. Even
conduction through ducting, pipes and vents has bandwidth even if very low, thus information even escapes by convection into the surounding environment. Further as energy can not be destroyed you can not stop the energy going out… Which means all you can do is throttle down the effective bandwidth, ultimately by dumping the energy as heat into a largish mass where the -3dB bandwidth would be 1/10,000Hz or less. Hence it’s better to talk about “Energy Gapping” which covers mechanical, electromagnetic and to a certain extent energy available from gravitational effects.

Keeping things realy “Private” against a well resourced adversary is not easy but is possible if you understand the laws of physics both theoretically and practically. The first thing to remember is,

    F = K(OaOb)/(r^2)

It’s the basic formular for a field magnitude F between two Objects (Oa,Ob) at a distance (r) squared. The thing to take away is that the field strength falls of at a minimum of 1/(r^2). As “noise” is an ever present part of our universe you can work out the distance at which any signal arising from the field goes below the noise floor in any given bandwidth. This is the basic idea behind TEMPEST and some EmSec rules[1].

There are several other rules that you need to be mindful of, however you can work out the bandwidth limits etc from the laws of physics. A good book on Electromagnetic Compatability (EMC) will give you at a minimum a “Technician Level” understanding of the practicalities of shielding and how to measure implementations.

[1] Electrical “work” or power in a circuit is calculated from Pw = V^2/R where Pw is power, V voltage and R resistance (not inpedence which is usually denoted with Z). Thermal noise power Pn is given from Pn = 4KTB thus replacing Pn with V^2/R gives Vn = sqrt(4KTBR). By using a few other tricks you end up with a resistance independent value of -174dBm for thermal noise power in a one Hertz bandwidth for radiated EM signals (conducted signals fall of at a rate dependent on the conduction material but it’s generly less than Att/r where Att is the antenuation per unit distance at a given frequency).

Sherman Jerrold August 18, 2019 2:45 PM

@Clive Robinson
“Most people stop at “pulling the HD” when developing an “Internet browser” using a CD/DVD based “Live OS”.”

First, Thanks again, Clive, for all the helpful info.
In my earlier posts I talked about how I do just what you said above. On many I do actually remove any HDD and run from RAM only (many of the Linux Live o/s’s I use will comfortably run and browse with 0.4-1.0GB RAM).

Your more in-depth comments lead me to the question: if I go into setup (BIOS/UEFI) and turn-off the HDD controllers (IDEor SATA) before booting from the CD/DVD live o/s, will that keep the HDD unavailable for malware infestation?

Since you have shown us that there are a lot of ‘unlocked doors’ in any motherboard, how likely is it that most malware in the wild will go to the trouble to find and use such relatively obscure ‘unlocked doors’?

Also, my ‘air-gapping’ involves keeping the internet connected computer at least one or two rooms distant from any other computers. I have been hopeful that since my computers are always also acoustically/vibrationally isolated by that distance that would prevent a lot of mischief. Do you concur?

Clive Robinson August 18, 2019 3:26 PM

@ Bruce and the usuall suspects,

Early this morning (UK time) the town of Didcot in Oxfordshire suffered a major power cut that also affected other areas.

The reason is perhaps a little odd… Outside of Didcot is an old Drax B Coal fired power station that is very slowly being demolished. This morning they were blowing part of it up, and as always such things become a public spectacle.

The problem is that the adjacent power lines are still in use… Which is why the power cut happend.

Thus the question is where the short happend and how. When you think about possible “domestic terrorism” you realy need to know…

The two theories currently are,

1, Debris from the demolition caused the power lines to short together.

2, A drone flew into and shorted out a substation / power line feeder and got vaporised.

From talking to some eye witnesses that were there the second option appears to be more likely as they saw a low down flash below the hight of the power line.

It will be interesting to find out the actuall cause eventually.

MikeA August 18, 2019 3:27 PM

Reading the above stirred a memory of an unresolved issue I’d like to re-address. Some years ago I bought a small (10 inch) cheap (80USD, IIRC) Windows 7 laptop for a specific purpose: using an instrument that interfaced via USB, but in the makers case apparently the ‘U’ in “Universal” stood for “Universal for use with Windows XP thru 10”

My intent is to never connect this thing to the internet, but of course the conundrum. The wisdom of the Net says that the very first thing you do with a fresh Windows box is to download updates, including security-critical ones. How’s that work? To make sure you are “clean”, you must get filthy first?

Fortunately, word on the net also said you could connect to MSFT and download patches to a less naked machine (in my case a FreeBSD box”, and sneakernet it to the Windows box. Alas, none of the various recipes for doing this worked. Anybody have a known good (for sufficiently low value of good, I don;t expect miracles) recipe?

As an aside, those of you with PPC Macs might want to look into TenFourFox, which attempts to track functionality in Firefox, but built for PPC. Websites using the most bleeping edge video often fail, because the hardware acceleration for older GPUs is non-existent. And you can graze “not that hostile” websites on a 300MHz 32-bit processor, “adequately”. (512 MB RAM, 13 MB HDD). There is not physical requirement for the web to suck. Not for firmware to suck, picking up another thread. I suspect it is not entirely that nobody gives a damn anymore, but that companies actively dedicate far more resources toward capturing and exploiting their customers, than to helping them. See pretty much every Mac OS release since maybe 10.8 or 10.9.

Editor? Mostly use a version of Micro Emacs hacked to mimic DEC’s TPU (for VMS). Small and simple enough to be ported (so far) to CP/M, CP/M-68K, Xinu, *BSD, more Linuxes than I can recall…

Thank you for reading this far. 🙂

Anders August 18, 2019 3:28 PM

@Clive Robinson

Pre-2000 computers are also vulnerable to persistence
hiding…they don’t have flash rom but eeprom, which
is also rewritable. Remember CIH (chernobyl) virus?
AWARD bios is modular, you can remove and add modules
and rewrite the bios back with little “extra”, so
586 level computers can’t be trusted either.

Clive, we must go back to the roots.

Sherman Jerrold August 18, 2019 3:45 PM

I helped a neighbor buy a refurbished window$ 7 laptop a year ago for a specialized amateur radio USB device. It, too would never again connect to the internet. So, we didn’t even bother with updates. When we installed the drivers and the device it just worked fine. You might consider/research this if it will encounter no internet connection vulnerabilities.

Also, just FYI, I don’t know what your inexpensive laptop has in the way of HDD space. But, you might need to know how much free space you have before you try to install all those updates. Because recent ‘small’ laptops using 32GB Emmc solid state memory (instead of a larger HDD) have been unable to update window$ since the updates along with all the system files and apps overrun the space available.

If anyone has any better ideas on his topic, I’m sure we would all like to know them.

Ismar August 18, 2019 5:08 PM

Thanks for the link – I will (try) to test this exploit delivery framework against my windows machine with Kaspersky Total Security running.
As for working for any AV companies- alas – I am unemployed at the moment, but not sure if any of them would be interested in people asking why-questions, instead of just those following orders.
Maybe this is part of the problem when it comes to software development industry in general- sure Clive would like to add here as well ????.

Anders August 18, 2019 5:17 PM

@Sherman Jerrold

Everything depends on your threat model.
What’s your worst nightmare? First think on that.

But have you thought of Raspberry PI? Tape it to
back your monitor, put the reset switch in convenient
place and use it as your main web browsing machine.
PI has plenty of power for modern web.

SpaceLifeForm August 18, 2019 5:47 PM

The issues I see with Tin Foil Chat:

  1. Uses TOR
  2. 3rd computer
  3. No Faraday Cage

It appears to be a strong defense against the threat model it was designed for. I.E., attacks over wire.

Unfortunately, I really believe one needs the cage.

An embedded cell radio can leak.

Clive Robinson August 18, 2019 6:43 PM

@ Bruce and the usuall suspects,

Early this morning (UK time) the town of Didcot in Oxfordshire suffered a major power cut that also affected other areas.

The reason is perhaps a little odd… Outside of Didcot is an old Drax B Coal fired power station that is very slowly being demolished. This morning they were blowing part of it up, and as always such things become a public spectacle.

The problem is that the adjacent power lines are still in use… Which is why the power cut happend.

Thus the question is where the short happend and how. When you think about possible “domestic terrorism” you realy need to know…

The two theories currently are,

1, Debris from the demolition caused the power lines to short together.

2, A drone flew into and shorted out a substation / power line feeder and got vaporised.

Yes drones, apparently there were several there to record the demolition, including one guy “live streaming” from three of the larger professional drones…

From talking to a couple of eye witnesses that were there to watch the demolition, the second option appears to have some credability as they saw a low down flash below the hight of the power line where a drone had been just a short while before.

It will be interesting to find out the actuall cause eventually.

Either way, it appears it does not take much to bring the now fragile UK power infrastructure down. If you combine this and the two generator fail problem from the other week, then it looks like it would take very little to bring down a large part of the power capacity of the English main grid… Something that should be cause to make people think…

Wael August 18, 2019 11:17 PM

I want to use Scrivener

First time I hear of it. I’ll give it a try. $49 isn’t too bad! Pages (Mac) isn’t too useful for me.

RealFakeNews August 19, 2019 3:41 AM


Can you elaborate then? AFAIK there is nothing special about the military side of GPS beyond employing different signaling to make spoofing/jamming harder, and increased resolution for enhanced positioning.

I’m not aware it can be used for remote command-and-control, and unless they’ve somehow hacked into the drone (did it have remote satlink to enable a human pilot to fly it?) I can’t see how else they did it.

Anders August 19, 2019 3:41 AM

@Wael, @Bruce

As far as i know Scrivener is written in JAVA,
so you most probably don’t want this.

Wael August 19, 2019 4:29 AM


As far as i know Scrivener is written in JAVA,

Eeeeew. I don’t want it! Thanks for the warning.

Clive Robinson August 19, 2019 5:59 AM

@ Ismar,

… but would not this technology be dangerous to use in an airport environments as it may interfere with the legitimate GPS signals used by other systems in the area?

Yup it will interfere quite a bit.

How badly depends on the type of TX antenna they use, at 1.5GHz there are quite a few options.

High gain yagi’s are quite directional, thus reduce the needed output power required. Unfortunatly they have a couple of issues, firstly you need to have not just azimuth but elevation tracking to get on target with the drone. Secondly they also have side lobe issues, one way around this is to make a Log Periodic antenna then add yagi style directors to get increased gain and directivity.

However personally I’d use a backfire or corner reflector or curtain array on a large plane reflector. As these don’t have as many side lobe issues whilst still giving gain and directivity.

However as the authors point out in their paper (and Gatwick Airport indicated) once a drone is detected in the environs of an airport it shuts down outbound flights and holds or diverts inbound flights.

Thus the question arises of the “Command Control Loop” response time. That is how long from first detection before shutdown is achieved and secondly what other margines are required to reduce or eliminate false triggering.

But what is the difference between false triggering and Denial of Service type attacks? In theory the way some of these anti drone systems work all you would need is a bottle of helium gas, a bunch of mylar or other metalised ballons and a bunch of tiny transmitters that look like the link back on a drone system, such transmitters would use less than $10 of components… Experience tells me that a low end PIC microcontroler to generate fake data an overtone xtal oscilator and single transistor PA giving 10-100mW is all you realy need. But if you are technically challenged you could just get an ATmega Nano board knockoff and a si5351 clock generator hat link them together and push the squarewave output into a diode multiplier followed by a MAR2/4/6 or similar “ModAmp” to do the same thing. You can find plenty of articles on the web to tell you how to do most of this, the first one to come up on a “duckduck” search was,

The problem with all “counter measures” be you an attacker or defender is “How far down the rabbit hole do you go?”. Back in cold war times we had ECM, ECCM and ECCCM systems and I’m guessing one or two more “counters” in some systems. Though these days ECM for attackers is about as far as the Mil fraternity go.

The thing is with drones “the genie is out of the bottle” and they are exceptional cheap compared to any counter measure. Therefor from an attackers point of view launching a half dozen drones at an airport is way way less costly than a defenders counter measure system that can only deal with one drone at a time… Thus it’s fairly easy to see who is going to win if they put a little thought into it.

Clive Robinson August 19, 2019 6:18 AM

@ Tatütata,

To answer your “where do you get them from question” the short answer is “from stock”.

I purchased several thousand over the years for sending out code on a club style magazine and distributing a Unix OS. Thus I got them very very cheap and still have a few hundred hanging around which I do occasionaly sell to people at near the market rate (which even alowing for inflation is quite profitable).

As for,

I ran WordStar on an Apple II clone with a Z80 CP/M board in the 80s

As I’ve mentioned before I still use my Apple ][ and Microsoft Z80 card. Because I still support some Industrial Control Systems (ICS) I designed and built that are still running in a factory or two.

Yes I keep telling them “I’m getting pensionable” but the owner just laughs and says he’s long past drawing his pension and is still working so why shouldn’t I… His son who is older than me just nods in agreement… The grandson agrees with me that things need to be replaced as some of the hardware is nolonger even available from museums…

Clive Robinson August 19, 2019 7:25 AM

@ Wael, Tatütata,

I would like to say “I remember edlin” as in “the past tense”, but as it’s on all versions of Dave Cuttlers abominable “Better Unix than Unix” New Technology 32bit OS from Microsoft (including Win10) I still use it occasionally even though it’s a pain in other parts of the anatomy as well.

Remember you could always use one of the other early MS tools such as debug, that pre DOS 5 version could edit disk sectors as well as files. So you could create a file of private info, then change the flags then change the leading char so the dir etc commands would think it was deleted. Then move the disk block refrences such that it would not end up on the free block list and also you could not undeleate with the programs around at the time.

Speaking of “private files” on NT Microsoft also added the “Alternative Data Stream” feature to be a rival to an Apple file system feature, for enriching a file into a multiple file object. That is “colon files” most documents say colons are “illegal characters” in MS file names. They are not under NT where the ADS feature originated, they have some quite handy features if you know how to use them. But are a right royal pain if you do not, hence the most common question you see is “How do I remove filenames with colons in them?”[1] where someone has unzipped etc unix or other OS files where the colon is just another acceptable file name character.

It’s funny what creaky things exist in memories from much younger days…

[1] Unix has an inbuilt trap for the uninitiated. The shell has a series of “substitution” methods (see shell escaping) for chars so it’s possible to put control charecters etc in file names… Or worse pull them off of an NFS server etc from a different OS. However whilst the shell sees \ as a special charecter, \ is a valid file name char… The way to remove or change the file name is to do a long listing with the inode flag (ls -il). Note the file inode number which is in the first column of the file name list, and substitute that in the find command… Find is a bit of a comolex beast to use,

Importantly remember inodes are not file names so you may have problems if the file had multiple links to it.

However some versions of “rm” have the -i for interactive mode where you are asked the yes or no question for every file.

VinnyG August 19, 2019 8:27 AM

@MikeA @Sherman Jerrold re: Win 7 updates – I generally agree with what Sherman wrote. IMO, you should also take reasonable precautions to ensure that no device or service on the LT can initiate an internet connection without the user’s express permission. I have not personally observed that behavior, but I have little doubt that it is possible under some circumstances. I would at minimum remove all NICS or other devices that can provide network connectivity that are not essential for the machine to function in unconnected mode. I would also recommend reviewing Black Viper’s (whom I referred to above as “Black Adder”, sorry) list of Windows services and dependencies and disable all services that your use will not require:

Clive Robinson August 19, 2019 8:38 AM

@ Sherman Jerrold,

Hmm lots of questions, I do have consulting rates 😉

Joking aside,

Your more in-depth comments lead me to the question: if I go into setup (BIOS/UEFI) and turn-off the HDD controllers (IDEor SATA) before booting from the CD/DVD live o/s, will that keep the HDD unavailable for malware infestation?

It depends on if they are built into the BIOS image or pulled in off of the IO device ROMs, or if the OS you are loading pulls them in. I assume that for any given hardware “I don’t know untill verified” thus in most cases pulling the HD is the way easier method to play safe. One way to do this if you can still find them is “HD Trays” which people used to use to lock their hard drives in fire proof safes at the end of the day.

Since you have shown us that there are a lot of ‘unlocked doors’ in any motherboard, how likely is it that most malware in the wild will go to the trouble to find and use such relatively obscure ‘unlocked doors’?

That depends on the attacker, if it’s your run of the mill coin miner or ransomware idiot it’s unlikely. However if you have become a “Person of Interest” because some idiot name on the No Fly list etc matches yours then it becomes more likely. If however you’ve become a “target” then the possability goes up yet again. However if your attacker is from a Western IC or SigInt organisation they may just stick to monitoring your traffic from an “upstream router” either your home router or the ISP router. Those attackers doing APT will go for what ever foot hold they can so would target the non BIOS Flash first then BIOS Flash then the hard drive. Because at the end of the day, reinstalling a hard drive is quite common, upgrading the BIOS happens, but upgrading other Flash only the paranoid do that 😉 So the other Flash if they can get into it gives them a much higher probability of going not just undetected but more importantly installed. However what they will put in there is just a “loader” so they can then put what looks like everyday malware on the hard drive to cover their tracks if it’s found.

Also, my ‘air-gapping’ involves keeping the internet connected computer at least one or two rooms distant from any other computers. I have been hopeful that since my computers are always also acoustically/vibrationally isolated by that distance that would prevent a lot of mischief. Do you concur?

The use of acoustics is limited by the sensitivity of the receiving transducer, noise in the used audio spectrum at the receiver and the power from the transmitting transducer. Whilst laptop to laptop will work in a twenty foot range without any specialised coding, a high power TX transducer put in some other part of the building may reach the laptop even though the laptop can not communicate back. Theoretically this alows the laptop to be triggered and then say turn on it’s EM communications such as Bluetooth, WiFi or even mobile phone. Practically I’m not aware of anybody doing it “yet” but now it’s been said someone will probably do some experiments. But whilst that 20ft is for “uncoded” communications you can trade bandwidth for distance thus halve the bandwidth double the distance and so on. In Amateur Radio it used to be the case that the minimum bandwidth was 30-50Hz with a good CW filter. Now however there are the “Whisper modes” that work some -30dB below the CW noise floor. Thus the software is out there for people to study and make work with audio…

Conducted vibration is always problematical, I don’t know where you live, but in Southern England railways are quite numerous including the trains that run on them. You can be in the “countryside” at night and if in a field close to the railway tracks hear the rails “twitching/singing” as they radiate out some of the conducted energy from a train still five miles away. Using an electronic stethoscope actually stuck to the side or underneath of the rail you can hear other things such as points changing and importantly “bolts breaking” from considerable distances.

Similar problems occure with EM signals. It’s been known that the low power MF signal from a cordless phone of just a few milliwatts that is supposed to have a range of no more than 50-100meters has been picked up more than 300 times that (~19miles) distance, because both the cordless base and the receiver that picked it up were close to a conductor such as an overhead power cable or even barbed wire fence. I’ve experienced similar issues when experimenting using barbed wire stranded fences as antennas for both transmitting and receiving when operating portable (look up Beverage antenna )

Thus whilst your “air gap” may be working, it might not depending on the building and surounding environs. Which is the reason TEMPEST kit is big bulky and heavy. The requirment is “To ensure Emmission Security” thus the use the “bolts and braces” method of metalic shielding and absorbing materials on shock mounts etc to “Ensure” rather than “Assume” communications security. It’s the same policy with SCIF’s.

Tatütata August 19, 2019 8:43 AM

@Clive, re Didcot

[gallows_humour]The Yellowhammer predictions are coming to pass one by one.[/gallows_humour]

If the cause was the demolition itself, that wouldn’t be the first time: Ohio, 2010. (That little girl who ran away first is manifestly the least daft of the lot.)

I watched news footage of the Didcot event, and tried to make sense of what I was seeing with Gurgl Mops and Bong. I would very much exclude a drone.

The outage was in a local distribution network, which barely touched the Didcot fenced premises at the periphery, but was not otherwise connected to any facility inside. This certainly dates back to CEGB days when power generation was one big happy family.

The pole that caught fire is in the Sutton Courtenay Lane. It is a junction between an aerial and underground line.

At this point, the closest cooling tower is 900m afar.

A number of 10-30kV lines converge on the Didcot perimeter fence, and go underground. Some lines in the back probably head due south 700m to a sub-station facility.

The pole that caught fire is connected to an underground line that cuts across the lower left corner of the Didcot premises, and as far as I can infer from the aerial pictures, reemerges back beyond the fenced area, to go around it. On the north side there are two lines visible. One is just beyond the perimeter fence and about 30m from the nearest tower, and the other one beyond the road at about 80m.

My belief is that 1’10” in the video, the gawkers stand on the northern side of the plant, and that it is the closer line which is wildly swinging up and down, all 2*3+2=8 wires of them. This doesn’t look like a 1kg drone collision.

My hypothesis is thus that the motion caused a fault further down the line. Upstream, the expensive smaller-gauge underground section melted to protect the cheap aerial line.

There is a whole lot more metal in that underground line than in a plastic-and-lithium drone. See how fast it melted? If I had flown a drown, it would certainly have been at more than at a 10-15m altitude with a power line, and farther away.

Filmmakers should take a cue here about electricity.

In Breaking Bad S03E13 “Full Measure” (2010), Mike Ehrmantraut creates a diversion by releasing coated mylar balloons onto a power line, to disable video surveillance cameras. Problem is, what is shown are balloons coming into contact with normally insulated two-phase 120-240V on the bottom side of the pole. Even if the wires had been bare, and the balloons were even actually moderately conductive, it would barely have gone “fzwrsht”. A gray squirrel on 14kV is already more impressive. Furthermore, the street lighting doesn’t even flicker in that scene. Go figure.

The 2018 film “Woman at War” is already more interesting. A woman sets out to sabotage Iceland’s aluminium smelting industry. I’m not spoiling any plot details here, it’s the very first scene in both the trailer and the film. She shoots a nylon leader over a high voltage line with a bow and arrow, and pulls a metal cable across all three phases. The line does not short out until the cable is pulled over all the way, and nicely goes “poof” without protesting any further. Not quite terrifying enough.

Clive Robinson August 19, 2019 9:56 AM

@ Anders,

Pre-2000 computers are also vulnerable to persistence
hiding… they don’t have flash rom but eeprom, which is also rewritable.

You wabt the long explanation rather than the short 😉

The late 90’s was a transition phase. The standard ROM be it rewritable or not came in a “Byte-wide” 0.6 DIL package.

The down side of the non rewritable ROMs was inventory costs even those that were not “mask programed” they were still usually “bulk programed” outside of the motherboard manufacturer.

EEPROM memory became available in byte-wide format and as indicated some but by no means all motherboard manufacturers moved over on their high end Pentium systems.

There were problems with EEPROMs in that whilst their “read” behaviour was standard their “programing” behaviour was quite different from one chip manufacturer to another. Also quite a few motherboard manufacturers did not “route in” on the PCB the electronics required to do on-board programing. There is a coralation between the rerouting and USB ports, if a motherboard does not have USB and as long as it’s not from Dell then the chances are you won’t have one that is vulnerable.

Whilst CIH was quite devastating to any hard drives it came across unless they were large FAT32, it was actually not very successfull at overwriting BIOS chips. Those it did were usually scrapped because the motherboard manufactures were then not set up to deal with the problem. So the effected boards mostly could not be repaired so were in landfill befor Y2K.

Whilst it did happen, comparatively it was only to a small number. The reason for this was the disparate nature of the then Byte-Wide EEPROMs program cycles made it quite difficult to trash let alone overwrite.

And that problem still exists, any malware getting onto such a motherboard can not determin which type of EEPROM is on there thus reprograming is going to be hit and miss at best. Which is not at all good if you are trying to do covert APT. Also as the motherboards effected were high end and had what is now a compleatly unsuported IO bus architecture, even seeing such a board would be quite a surprise.

Business desktops of the time tended not to use such motherboards or even EEPROM and it’s only those boards I see from that era in the past decade or so.

Basically back then when business machines got EOL’d staff used to get to take them home which is where they have lurked since then. But at the end of the 1990’s abother change was happening, organisations started outsourcing IT and this ment the desktops were nolonger owned by the companies but the outsorcers. The outsourcers had the bulk monoculture that they could actually get real value out of them and they used to run or use businesses that made money selling them on to places like Africa, India and Russia (where nobody looked at the software licenses etc).

It’s actually now quite difficult to find 486 and first generation Pentium motherboards or even ISA I/O cards, I have a stock of them just incase my own machines have a failure.

Which is why I mention the use of modern microcontrolers for making mandated data pumps etc (thing data diode on steriods doing protocol and data level inspection rejection). If you write the code yourself or modify somebody elses code the chances of an external attacker being able to hack it are very small. Which means if you are a “target” they will actually pay you a visit, so it’s physical security that then becomes an issue. If you look back a few years on this blog you will find a series of conversations with @Nick P and myself about putting computers into safes and how you would add thermite if you realy did want to maintain your privacy.

Wael August 19, 2019 10:04 AM


My hypothesis is thus that the motion caused a fault further down the line.

Impressive analysis. You could moonlight as an investigative journalist 😉

MarkH August 19, 2019 12:36 PM

Barbarians Playing with Nuclear Chain Reactions

Those Russians are too funny … in a rather depressing way. Reuters reports that of the worldwide network of sensors established to monitor the Comprehensive Test Ban Treaty, the two nearest to the “rocket test explosion” went offline two days afterward.

The two silent sensor stations are in Russian territory.

Of course, to a skeptic — especially one who reflexively defends Putin’s Russia — this doesn’t prove malfeasance beyond a reasonable doubt.

The two sensor stations might have gone offline on the same day, for some reason other than Russian tampering. Anybody want to estimate a probability for that?

I don’t see any way to infer from this, anything not already known about the radiation release. If indeed it was tampering, then surely somebody was afraid that the sensors would detect enough excess radiation to confirm the nuclear f*ck-up, and disclose its magnitude.

It’s of a piece with the reports of elevated radiation readings in the nearest town disappearing from the city website a few hours after they were published.

And it fits a pattern going back at least a century, of grotesquely clumsy efforts to conceal Russian scandals.

Eventually, the radionuclides will reach sensors in places where Russians can’t easily shut them down, and it will be feasible to infer the scope of the radiation release, and perhaps the nature of the nuclear reactor under test.

My reading is that the greatest significance of this event won’t be that Russia is developing an extremely foolish and irresponsible system, or the harm done by the radiation release.

I predict that the what this mess will be remembered for, is adding to the seething discontent already building up among the Russian population.

The eerie resemblance to the handling of the Chernobyl disaster will be noted by any Russian old enough to remember those days.

But even for younger Russians — those who are most dissatisfied with the Putin regime as it completes its 20th year — this fresh outrage underscores the grandiosity, recklessness, incompetence, incessant lying, censorship, and compulsive mistake-burying about which they are already furious.

The confidence of Russians in their dictator has developed not necessarily to the Kremlin’s advantage.

Tatütata August 19, 2019 12:42 PM


For the journalism suggestion, I have more confidence with paper and computers than with dealing with actual people. Typical nerd. But I do feed the odd tip to journos once in a while.

I had lingering doubts, and had another look.

At 1’14”, I found the “smocking gub” I was looking for. For half a dozen frames you can clearly see arcing just a few meters away from the cooling tower, just like I had suggested. Here is a capture of the frame with the most intense light. The vantage point of the drone was WNW relative to the towers.

I tried looking up historical aerial pictures of the Didcot plant. What I found was either from a unusable vantage, or inconveniently cropped, or of a too low resolution.

The Sutton Courtenay Lane junction actually seems to be a split. The aerial line brings power, which is divided into two underground branches.

The poles seem to be of different vintage, the ones carrying the underground head being less weathered than the aerial ones. My supposition is that there was originally an above-ground switching station, which was replaced by underground circuits as room became needed, or CEGB was split up.

Sherman Jay August 19, 2019 1:25 PM

@VinnyG @Clive Robinson, et. al.

Dear Clive, I’ll be glad to pay your consulting fee up to 200% of what I get for running our community computer clinics ($0usd X 200% = ROFL?!)

All of you that contribute and Bruce (who puts up with us) are great. Thanks again to all for all the helpful info. It is not only for my personal benefit, since it certainly helps me to build/refurbish and better serve the privacy and security needs of the people who attend our computer clinics and get our refurb’d computers (at cost or free, depending on their ability to pay) .

p.s. I just bought, assembled and tested a Raspberry Pi model 3 B+. It has a quad-core ARM processor at 1.4GHz and only 1GB of RAM, but has worked quite well with the lightweight debian based o/s (task manager reports about 400-500MB RAM used with two firefox browser windows open). The new model 4 comes in 3 options: 1, 2 and 4 GB RAM. I got all the RaspPi components (Motherboard,HDMI cable, microSDcard, free download of Raspbian, power supply, used keyboard, used mouse, used monitor) for about $90usd.

Also, regarding Window$ wordprocessing and DTP there is a site called portablefreewareDOTcom that I have used and it has many free and portable office suites and text editors as well as thousands of other categories of programs. It is supported and monitored by a great world-wide community.

Anders August 19, 2019 3:46 PM

@Sherman Jay

“p.s. I just bought, assembled and tested a Raspberry Pi model 3 B+”

Nice! Now you only have to install reset button there.

maqp August 19, 2019 7:32 PM


“The issues I see with Tin Foil Chat:

  1. Uses TOR
  2. 3rd computer
  3. No Faraday Cage”

There is no alternative to Tor. If the application is made centralized, there’s suddenly a server that has access to metadata of several users. That server is a juicy target and it being hacked is only a matter of time. This was a significant problem back in the day when TFC piggy backed on Pidgin. The solution there was to use Tor routing and Onion Service XMPP servers. Even then the problem was the server could see how much anonymous accounts were communicating, and if users were stupid enough to register alice.smith@cny7cnyfuier.onion, they’d have failed before they begun. It was also a huge security risk when user could misonfigure the client to not use Tor after all: One needs to deanonymize themselves only once.

If the application is made p2p using DHT like Tox, the application will leak IP address of the user to recipient. This is so disliked property many people opt-in to centralized servers to relay e.g. Signal calls. The common solution proposed to this problem has been to route Tox through surprise surprise, Tor.

I see no issues with TFC using Tor. It’s using Onion Services: there is no exit node “eavesdropping” on the data. There is no centralized server collecting your metadata. You don’t need to register, pay, or provide any information about yourself anywhere. You can’t shoot yourself in the foot by connecting without Tor. The service can not be taken down, although some nations block Tor. Luckily there are ways around it.

RE: “Third computer”

You should probably read the Security Design article if you think one or two computers are enough. The issue with networked TCB is obviously endpoint compromise, and for airgapped computers it’s bidirectional connectivity with networked computer that allows malware to get in, and get sensitive keys / plaintexts out.

RE: “No faraday cage”

There’s nothing in the design that prevents you from gluing more layers of security on top of the existing ones. The problem is when you need to worry about TEMPEST attacks, you need to worry about evil maid attacks, pin hole cameras, someone replacing your hardware, interdiction attacks etc. The cost of just detecting these attacks is way beyond that of an average enthusiast, let alone the time and cost of developing the skills and obtaining the instruments and raw materials necessary to actually protect oneself (even then there’s a huge gap between tamper evident stuff and tamper resistant stuff).

There is a cheaper way to gain protection from physical attacks. You hide your geolocation with Tor, and big brother won’t know which house they should park their van in front of.

“It appears to be a strong defense against the threat model it was designed for. I.E., attacks over wire.”

Yes, the concern has been the fact remote exploitation scales well. I think we all agree mass surveillance is bad.

Clive Robinson August 19, 2019 9:37 PM

@ maqp,

Hi I trust you are well.

Just a question about location of the TFC project files…

Bearing in mind what Microsoft did to Skype, and now appear to be poisoning Linux with FAT32 and similar patent encumbrances. Now Microsoft have taken over GitHub, and appear to some to be targeting personal private communications apps under the guise of “Export Regulations”.

Any thoughts on enlargening the number of places where the project files are stored and made available?

JonKnowsNothing August 20, 2019 1:36 AM

News report that Police in Oregon USA digitally altered a mug shot in order to secure a conviction. What they removed were visible facial tattoos which did not fit the police description of the criminal.

The forensic criminalist Mark Weber testified during Allen’s trial that he used Photoshop to paint over Allen’s tattoos, as he’s done with other mugshots.

alterations date back to April 2017

The lead investigator, Detective Brett Hawkinson, who is also part of the FBI’s taskforce on bank robberies, testified that he had ordered the tattoo removal and argued that the tattoos could distract witnesses.

So, inquiring minds would like to know:

  1. Wouldn’t Big Honking Tattoos get noticed anyway, especially if they were on the wrong person’s face?
  2. Wouldn’t a Jury have noticed that Big Honking Tattoos were not part of the evidence?
  3. Didn’t anyone notice that A didn’t look like B?

And then this part

Subtly altering mug shot photos is legal, but the US justice department, in a January 2017 memo, implored law enforcement to document the occasions and reasons behind any changes.
In Allen’s case, that didn’t happen. Weber testified he did not keep track of the changes he made..

Previous Squids about what happens when evidence is falsified digitally and there isn’t any traceable method to detect it sort of look like The Rear View Mirror …

ht tps://
(url fractured to prevent autorun)

Wesley Parish August 20, 2019 3:54 AM

@Clive Robinson, et alii

re: text editors

If you’re seriously addicted to edlin, you can get an open source clone of it
courtesy of FreeDOS

As regards text editors, I used emacs on an old copy of Slackware to write an entire novel, 130 000 words approx. I would’ve gone slowly mad trying to do it in edlin … 🙂 And I like Wordperfect – I wish whoever’s got the source code of the (now defunct) Unix version would release it under something like the MIT license.

Clive Robinson August 20, 2019 5:11 AM

@ Wesley Parish,

If you’re seriously addicted to edlin

No not edlin[1], as I said “I’d like to say I remember it past tense” as in something from my distant past like a a knife wound that has left a scar that now only twinges when attention is drawn to it. Not feel it go “stabity stabity” each tine I have to still turn to it, to get down and dirty to solve problems quickly[2] 😉

I guess there are two types of people who write largish tracts of text.

The first group just press the go button and dump in text from begining to end, like carving a statue from a single piece of wood, then go back and dust of the sawdust as it were, before applying a layer of polish.

The second group build little blocks of text almost like making machine parts that are almost interchangable in placing or order. The blocks may be used once or many times in a larger body of work[3].

The first group would be attracted to the likes of WordStar because it easily alows that mode of fluid working.

The second group would be more attracted to Wordperfect, MS Word and similar which tend to force the constrained stop-go working of text blocks as individual pages.

Now I suspect many could tell you which group I tend towards in my postings… In practice when I write I make a plan of what I need to cover and that becomes first the contents overview then the detailed contets listing then I just write from begining to end, then go back and “House style” it. It’s also how I tend to write software I make a sketch of the “beast”, turn that into the “skeleton” of stubs and contracts on which I hang the “flesh” of functions (usually built on a library of non language specific function parts I’ve built over the years).

[1] Runs off stage left pulling hair and shrieking in a manner that would put a demented banshee to shame 😉

[2] For all it’s horrors it’s been a constant in MS OS’s after installation thus boot up much like Unix CLI tools. So for dashing off quick scripts etc to sort out various things when they get broken it’s usefull especially when you have to boot from CD when things have gone pear shapped with the HD and all you have is a floppy (old days) or small USB thumb drive as scratch space.

[3] An extream example being “consultant writing” or “report making”. That is the final report is already written from previous work all that gets changed is times / dates / names / places oh and the intro and conclusion say 1-5% of the final document at most. It’s also how many “business / managment books” are written for managers to read on aircraft or in hotel rooms when jet lag stops sleep etc. Where the reality is only 10% of the book is needed to convey every thing it has in it, the rest being fluff or space filler to fill a vacuum.

maqp August 20, 2019 6:50 AM

@ Clive Robinson

I’m very well, thank you. I hope you’re too!

“Bearing in mind what Microsoft did to Skype, and now appear to be poisoning Linux with FAT32 and similar patent encumbrances. Now Microsoft have taken over GitHub, and appear to some to be targeting personal private communications apps under the guise of “Export Regulations”.”

In a way, having TFC on a bigger site is useful because of the sheer number of users, and the incredible variety between the projects. Censorship of GitHub in China/India/Russia/Turkey has been difficult when companies using it have made a big deal out of the censorship, and just visiting isn’t a red flag.

I get that GitHub is now owned by Microsoft, which is part of the PRISM, and that it’s only a matter of time when they add “features” that hurt users. At some point I’ll probably switch hosting platform to someplace else, perhaps GitLab. The problem is the overhead of maintaining the repositories. GitHub helps with the discoverability of the project and it also lets me know about security issues in the upstream projects.

But it’s a big problem GitHub has blocked Iran, Syria and Crimea. If these countries/regions block Tor and VPNs, TFC becomes very hard to obtain.

For users who are concerned about their privacy wrt GitHub the hope is they’re on Tor Browser when they learn of this project, and they will visit the GitHub page over Tor. I’ve put some effort on the installer side one can find under the Installation article. TFC is installed with a big one-liner that first downloads Tor, and the installer, signature, and signature verification key from GitHub over Tor. If the SHA256 hash of the public key matches the pinned hash of the one-liner, the key is imported, and the signature is verified. If the installer file is authentic, it will be executed with device specific argument “tcb” or “relay”.

It’s a bit ugly but it works, and hacks around the problems of SHA-1 fingerprints, and the fundamental problems of PGP key servers. The installer also downloads everything over Tor using the Torsocks utility. All installer configurations clone the entire repository and delete what they don’t need, so Microsoft doesn’t learn too much about the users’ intent. In fact, the user should copy the one-liner the first time they visit the page (TOFU) and run it days or months later, or whenever they need to reinstall. At that point they no longer have to visit and the access to code happens over Tor.

So, the user can in most scenarios bypass the censorship by GitHub with Tor, and once they have the one-liner, Torsocks is used to bypass censorship, and install TFC anonymously.

If it’s Tor that’s getting blocked by the country, it’s a bigger problem. TFC doesn’t support Tor bridges like obfsproxy or pluggable transports, so even if you can configure Tor Browser to bypass censorship, to obtain the one-liner, TFC won’t be able to do that. Implementing the feature is not trivial AFAIK, so it’ll take time. I’ll probably look into it once stealth authentication (that allows the user to control which of the contacts that know their TFC account sees them online) is added to v3 Onion Services.

Sherman Jay August 20, 2019 2:23 PM

In trying to catch up to the leaders in these discussions, and being a Linux fan, I came across the following as one of many articles supporting the fact the Micro$oft is trying to take over Linux by any means (that implies incorporating all of the Micro$oft flaws, too) —


Naturally I felt the same as if I had found a rat in my pantry, eating all the good stuff.

Also, @Clive’s regarding two writing method idea: I agree. And, though I am not proficient in the method, there are some ‘project organization’ programs out there that are supposed to let you create a conceptual outline or structure of a work and then help you ‘flesh it out’.

tds August 20, 2019 5:00 PM

@Sherman Jerrold, Clive Robinson

Thank you for your detailed responses.

Knoppix 8.6 is out and is available to download:

“Version 8.6 of the popular Debian-derived Linux distribution Knoppix was released on Sunday, rebasing the distribution on Debian 10 (Buster)—released on July 9—with select packages from Debian’s testing and unstable branches to enable support for newer graphics hardware. Knoppix is among the first Linux distributions that can be run live from a DVD, and continues to enjoy a great deal of popularity among Linux enthusiasts.


Klaus Knopper wrote briefly about the decision to remove systemd in that edition [8.5] (translated from German, links added for context):

'The still controversial startup systemd, which has been a little outrageous due to security vulnerabilities just recently, has been integrated in Debian since Jessie [8.0], and has been removed since Knoppix 8.5. I bypass hard dependencies on the boot system with my own packages.

To still get a systemd-like session management, and thus retain the ability to shut down and restart the system as a normal user, I run the session manager "elogind" instead. This bypasses systemd's interference with many system components and reduces the complexity of the overall system. If you want to start your own services at startup, you do not need to create any systemd units, but simply enter them in the text file /etc/rc.local, which contains explanatory examples.'"

Sherman Jay August 20, 2019 5:01 PM

Thank you for the encouraging article.

I didn’t mean to sound as if the Linux Foundation fiasco was the end of the world. It is just that it has become difficult for us to keep the corporations from ruining great people focused endeavors by swallowing them up. Or, as in the case with most systems today, as pointed out by so many knowledgeable people here, we must resort to dramatic work-arounds to keep some semblance of privacy and security.

Sherman Jay August 20, 2019 5:10 PM


While I haven’t tried the latest release, Knoppix offers a lot of variety. Their main version is quite large, but offers a wonderful, polished, feature packed, ready to run O/S. They have abbreviated versions that run in RAM, etc. I think anyone might find trying it a unique and enjoyable experience.

Clive Robinson August 20, 2019 5:13 PM

@ Petter,

The randomness which creates larger patterns and the ultimate quantum randomness.

I do wish people would stop talking about “Quantum Randomness” as though it’s something special, it’s most probably not (think about the implications of Arthur C Clarke’s comments about “magic” and “elderly scientists”).

The reason is few understand what “Truely Random” is compared to “Random”. In both cases the random means “non determanistic to the observer”. The catch is we are on the outside observing, not the inside pushing out, and that makes a huge difference.

To see why, a little thought experiment,

It’s actually possible to find mathmatical formulars for supposadly infinite non repeating number sequences such as Pi. Pi is irrational, but is it random? Well no, if you look up the 1914 work of Indian mathmetitian Ramanujan who developed a formular that led in 1987 to a new formula by the Chudnovsky brothers you will find that there is structure there, all be it not comprehendable to most. However there is the much simpler “Gregory-Leibniz Series” which most people can remember if asked to,

So there is considerable structure to Pi, and determanistic ways to generate it.

But what if we take the output of such generator functions and feed them into a cryptographic function that is not just “Crypto secure” but used in a crypto secure feedback mode with both a secret IV and Key?

As an insider we know how the output is generated as we “push” it out and thus that it is fully determanistic which means it is in no way random in any sense. But what of an outsider observing?

Well if what mathmaticians, physicists and cryptographers believe is true the answer is,

    There is neither enough time or enouch matter/energy in the Universe to find by determanistic process that the observed output is not only not “Truly Random” nor “Random” at all.

However, knowing that currently there is not a determanistic process known to us, in no way precludes two things changing that,

1, Random Guessing.
2, Improvments in knowledge.

Where that knowledge is improvments in maths, cryptography or physics.

Which brings us to your question,

If there is such a thing.

The answer is probably “not” for “Truly Random”, it is most probably a “Holy Grail Quest” and will remain that for as long as humans are around.

Which means in effect “Quantum Randomness” is an “outsider observation” not an “insider pushed” output.

A little over a hundred years ago “quantum” did not exist in man’s knowledge and some still argue quite convincingly at times that “Quantum does not exist”, that instead there is in fact a sofar “hidden determanism” behind it. One such is the notion of “hidden variables” that is just like the IV and Key in the above example of “Insider-v-Outsider”. That is if we should somehow get to peek inside and see these variables all would become Known thus determanistic…

It’s actially a fairly pointless argument unless it gives rise to some theory thus method by which it can be tested and become just another law of nature.

What most tend to forget is that physics is actually a funny old game. It was once described as,

    A succession of lies each more acurate than those preceding.

One example is, Newtons law of universal gravitation, it will get you around our solar system as well as you would like. However Einstein’s law’s of relativity are needed to get GPS calculations to work, but they won’t give you stable orbital predictions that Newton’s law will… So which is the answer to the way all the parts of the Universe move? Well neither explains all that we have observed… So the answer currently is neither.

But as with finding patterns in “random” each year we learn a little more from the old observe, think, test and reiterate loop.

But the real question is not if “Truly Random” exists or not that’s a matter for philosophers and gods if they exist. But from a practical view point,

    Does it matter it there is no “Truly Random”, as long as we can never find a way to predict each and every bit?

To which the cryptography answer would be “No”. Likewise the answer would still be “No” even if we could predict each and every bit, as long as it will always take more time/energy/matter than we have. We know that RSA can be broken and has been. The problem for those seeking to break it is each extra bit doubles the length of time with the methods we currently have. Even QC if it ever works at the scale required is not realy going to improve things on that score in our life times. With the algorithms we have so far, we can always make the key longer at a rate faster. Untill we have some new realy fundementaly knowledge then the coin is going to keep comming up heads for the defenders not the attackers.

maqp August 20, 2019 9:10 PM

@ SpaceLifeForm

Ah, so you mean decentralized architecture.

That’s basically just a bunch of centralized servers that talk to one another. You shouldn’t be trusting e.g. a third party XMPP server because it’s again a juicy target. Also if you try to make it local, the architecture means one of your peers is going to be the guy with access to all of the metadata about the group communicating via the server: Who’s talking to who, how often etc. And that peer has a lot more interest to look at the metadata than some larger service provider. But the larger it gets, the more likely it is it’s going to get hacked.

Also, with decentralized architecture you lose the security agility. You need to make sure every client and server can talk to one another, and with eventual protocol updates along come the the backwards compatibility issues that mess up the code base, and as soon as that touches on security, you get downgrade attacks.

Sure, the p2p model of TFC loses some nice features like asynchronous/offline-messages, but there are already many projects that already offer the convenience. I’m not sure if it’s clear but TFC is about security first. If you dislike the balance of the project, feel free to fork it or use something that better suits your less risky threat model.

Alyer Babtu August 20, 2019 9:44 PM

@Clive Robinson @ Petter

the random

A caricature of Ramsey Theory [1], [2] is “complete disorder is impossible”, i.e. in any large enough structure however chaotic there will always be (interesting) highly ordered substructures. So randomness is perhaps also impossible, or at least tricky. Not sure what implications this has for encryption. What happens if one starts removing the ordered substructures from the large “chaotic” structure ? Does one converge to a moderately large completely disordered structure ? Or to nothing?

[2] Graham, R. et al., Ramsey Theory, 2nd Edition, (1990), Wiley-Interscience

David Australia August 21, 2019 1:39 AM

Australia related

Pay ID credentials breach

For those across the ponds that have not heard of it. It’s a way to instantly transfer money between financial institutions, once both parties privy to the transaction have registered either an email address or a phone number as their Pay ID. When these are exchanged, as authentication has already occurred, payment can be processed immediately

Reddit thread

David Australia August 21, 2019 2:22 AM

To Knoppix

It is worth commenting on the excellent accessibility suppport offered by Knoppix, for the blind and hearing impaired. The dedicated version is called Adriane Knoppix

This page is comprehensive. I note the most recent version claims mitigations for Spectre and Meltdown vulns

every possible program you may need comes with Knoppix. And VLC Media Player !

MarkH August 21, 2019 3:33 AM

More on the Russian weapons testing accident …

In addition to the two CTBT sensor stations which went dark on 10 August (two days after the explosion), two more in other locations stopped reporting data on 13 August. By now, two of these four stations are back online.

The Russian government commented that the transmission of data from these monitoring stations is voluntary.

Presumably somebody in the Russian government prefers that the geography and intensity of radiation release not be public.

Members of the public living in the vicinity of the explosion were advised not to bring home any object found on the beach.

Clive Robinson August 21, 2019 7:43 AM

@ MarkH,

A little more on the Russian missile,

An article[1] on comment from the current US President about IRBM / IRCM INF treaty demise and note the comment about China,

As I noted some time ago on this blog, a root part of the problem is China is not in the INF, only the US and Russia.

Neither for that matter are India or Pakistan. All of whom are building stocks of Intermediate range nuclear delivery systems be they basic missile or cruise missile, and they are all in effect threatening each others territory as a look on a globe will tell you. Oh and don’t forget US plans for South Korea, where US led war games cause significant tension and regional instability.

Which effectively means when you cut all the hype, the INF treaty is a dead duck anyway despite all the rhetoric posturing and bombast from both of the two signatories.

To see why the US does not care either, it’s been working on this cruise missile system for quite some time as well,

Appart from showing there is some truth to the old saw of “No honour amongst thieves” you need to consider where the US is going to deploy them. Because they are of effectively no use on Continental America, unless you think Canada and South America are those the US want it for…

Essentialy three places come to mind,

1, South Korea / South China seas nations such as Japan and Taiwan. To act as a threat/deterance to China.

2, Eastern and South Eastern Europe including Turkey. To act as a threat/deterance to Russia.

3, Likewise not just Russia but the Middle East as well.

You also need to remember why cruise missiles especially land launched are such a threat. Put simply a conventional balistic missile follows a fairly predictable orbital arc as physics dictates (Keppler and Newton). Which are easily seen and calculated within seconds of launch. Which in turn means that there is now after fourty or so years of development anti “balistic” missile systems that have a reasonable chance of working (especially if they are tipped with small nuclear devices[2]. Hence the joke about London being “Ash City” being renewed. Cruise missiles on the other hand do not follow balistic orbits, or any orbit. Depending on their type they can as a minimum deliver a 1000Kg payload over a 1000Km whilst “flying below the radar”. This is now fairly easily achieved and a lot less expensive than balistic missiles, and has been for well over a third of a century… Newer devices will have significantly greater range and velocity if not acceleration capability and maneuverability. They also might have limited avoidence capabilities as well. All of which makes them not just very difficult to detect with sufficient time to respond but in effect impossible to shot down with current capabilities.

Which is why the lack of appropriate treaties on Intermediate-range Nukes and especially cruise missile delivery systems effects global security significantly and needs to be resolved fairly quickly.

But it gets worse… one of the things we know from the US projects Pluto and Tory is that using an unshielded nuclear pile/reactor will keep a cruise missile in the air for not minutes, hours or even days but potentialy many weeks when perfected. In essence the pile provides a source of heat for a very simple jet engine that does not have either a turbine or compressor, it uses hypersonic speed to perform those functions. Oh and it also kicks out an increadable amount of neutron radiation which kills organics fairly easily whilst leaving infrastructure intact…

[1] There is a graph of estimated numbers of nuclear devices by nation towards the bottom of the article. I’d advise treating it with considerable caution, because the only constant in such “estimates” historically is how easily even very experienced analysts get it wrong.

[2] Those in military planning are becoming less and less worried about using nuclear devices especially tactical rather than stratigic. Three quaters of a century of man made nuclear fall out has shown that the “dire predictions” of scientists can mainly be ignored. Which has emboldened many into making tactical nukes part of base planing in battle fields more than a few hundred Km from their own territory (depending on prevailing wind direction etc). Thus detonating tactical nukes in the eastern edges of East Europe and the northern parts of Southern Europe that surround Russia will mainly drop the fallout etc on Russia not Europe…

name.withheld.for.obvious.reasons August 21, 2019 7:49 AM


It’s all evidence of the “Free Market” issue of “Tail spin” where the only way to make profit is to cut back on every cost possible and speed up entry into the market. And Software from logic control state machines upwards through to the highest of high level languages are all targets for “reduced cost” because “testing” has real cost and time penalties. Thus we see lots of heredity code issues from the likes of “code reuse” of previously not fully/correctly tested code.


I would argue that there is a major QC problem in the technology sector. Consumers don’t understand the products well enough to demand (i.e. Not going to purchase your pile of fecal matter) more than mediocrity from vendors and manufacturers.

Who considers Qua!comms Snapdragon 855 an overrated specimen of bloatware that could benefit from some paired down and efficient design approach. No, just put the kitchen sink in along with the dirty water and hope nobody will notice. It’s pervasive across all sectors. How about ARM dies resembling Intel’s third, fourth, and now fifth generation CISC devices.

Forty years ago when MS was shipping DOS and realized that future hardware vendors would fo!low suit. Uh, don’t worry about it. We will fix it in the next release/update! PAL’s were showing the beginning signs of the future, remember the Tandy 2000?

tds August 21, 2019 11:02 AM

Attn: iOS

“Apple users are being warned to exercise particular caution over their cybersecurity for the next few days, after the company mistakenly reopened a security flaw in the latest version of iOS.

In iOS 12.4, released last month, Apple fixed a number of security bugs, as well as enabling support for the Apple Card in the US. But in doing so, the company accidentally reversed a security fix it had previously patched in iOS 12.3 at the end of April.

That vulnerability, discovered by Google’s bug-hunting team Project Zero, theoretically allows “a malicious application … to execute arbitrary code with system privileges”. In other words, if exploited, a malicious application can gain complete control over an iPhone – a dream for hackers and spies the world over.”

MarkH August 21, 2019 11:26 AM


Russia’s “Skyfall” project — a name which seems ironic after the fact — would be, for reasons you amply explained above, presumably be able to reach any point on the planet, and for that reason falls far outside the intermediate range category of the (now meaningless) treaty.

If it’s ever fielded (I’m dubious, but who knows) it will greatly exceed the range capacity of any previous missile.

What many have failed to realize about the INF treaty, is that Russia started complaining years ago about wanting to be let out of the treaty.

The U.S. declaration that Russian non-compliance voided the treaty, gave Russia a legal out.

Yet another gift to Putin from his ar$e-licking fan-boy in the Oval Office.

Clive Robinson August 21, 2019 4:17 PM

@ Anders,

Hmm the Silence Cyber criminals presumed based in Russia.

That’s the problem, in that we don’t know where exactly they are, their money mules are based all over the place and as of yet, there has been no statment made as to what route the money then takes and to where.

As I occasionaly point out it’s the HumInt trail that we realy need pretty much every thing else is too easily subject to deception.

For instance I’m not in Russia or any ex CCCP / USSR satellite / buffer zone coubtries. However a friend up in Hammersmith West London chucks me network/comms code with Russian comments in it every so often. She has three or four coders that not just write code with Russian comments, they fluently speak Russian even though they were born in the UK as does she though she came over at the end of the cold war married and set up a business with her husband. Her programmers are third generaton descent from Russian WWII refugees that wisely did not go back.

Let’s put it this way you could take chunks of their comms code and drop it in other code… Then could you say where it had come from? Not realy and that’s the problem of non HumInt intelligence.

As any old well seasond police detective will tell you, it’s what people say and do that gives them away and starts a crime being solved, not the forensics that’s just confirmation. Such listening and watching means there can be a lot of shoe leather in it, but when that has produced a suspect you can start testing the forensics against them… Generally it’s best to have the horse infront of the cart pulling, not the other way, that tends to push things into going wild way to easily.

SpaceLifeForm August 21, 2019 4:27 PM


I’m not trying to denigrate TFC, at all!

I’m just thinking outside the box.

Thinking about embedded hidden radios.

That I want inside a box (Faraday Cage).

Got a cell phone with a removable battery?

If so, and you can do without for some time, pull the battery. Maybe in 12 to 24 hours, upon re-insert of battery, and reboot, maybe the clock will be wrong.

Maybe. My tests indicate at least 10 hours depending upon device.

Yeah, yeah, just a capacitor.

But maybe enough charge to leak keys via a hidden embedded radio.

Anders August 21, 2019 5:55 PM

@Clive Robinson,

Silence used some Fancy Bear (APT 28) tools previously.
They don’t share them with just anyone 🙂
Of course there’s a chance that Silence steal
them, but i doubt that 🙂

Clive Robinson August 21, 2019 7:46 PM

@ Anders,

They don’t share them with just anyone 🙂
Of course there’s a chance that Silence steal them, but i doubt that 🙂

If you think about it APT28 shared with many people not least their targets.

In turn their targets shared with others like the AV vendors repositories.

As we know various states, keep a very carefull eye on what goes by on it’s way into those repositories, keeping what you might call “Personal copies” of such traffic is very much part of various agencies missions.

You realy would be surprised just how far and wide such code gets sent around the world, and just how many people get copies of it.

It was the thing about Stuxnet, Flame(r) and Duqu, the US agency responsible got quite shocked on where their code ended up. Hence their post Stuxnet development of a double payload system which involved strong encryption and an interesting key generation method.

    Once a thing is in the wild,

    you know not where it goes,

    hither and thiver like erant child,

    where err the wind a ballon blows.

    Copied by none and everyone,
    where it appears my surely stun,
    their secret out under every sun,
    back to bite them in the b…

Rachel August 21, 2019 11:46 PM


But maybe enough charge to leak keys via a hidden embedded radio.

Thanks for your dicussion. This has long been a query of mine and I am led to believe many wondered if Snowden disclosures docemented what is, effectively, supply chain poisoning, with any reliability.

Clive Robinson had previously discussed the ease with which a GSM radio could sit upon a IC on a motherboard for airgapped covert cellular comms of keys, and impossible to detect with a Robinson Mach 1 Eyeball(tm) (visual inspection)

The French television series appreciated by Tatütata and myself Le Bureau des Légendes aka ‘The Bureau’ in English, has instances of cellular devices being monitored when powered down or battery removed. In other words, overt references to GSM tracking without official power supply.

[It’s about French external intelligence, supposedly influenced by real events. Nice subtle nods to Stuxnet, L.Ron Musks take on AI, multiple others. for those with time to actually watch something it’s amongst the least intelligence insulting offerings out there)

cliff August 21, 2019 11:54 PM

How Flat Earthers Nearly Derailed a Space Photo Book

About 24 hours after the ads were approved, he got a notification telling him the ad had been removed. He resubmitted it… The explanation given: He had run “misleading ads that resulted in high negative feedback.”

He understood that it was Facebook’s algorithm… The best clues he could find came in the comments under the ads… There were phrases such as “The original moon landing was faking” and “It’s all a show,” along with memes mocking space technology.

Anders August 22, 2019 8:58 AM


You could be right, but then someone would be trying to really
really hard to incriminate them:

The commands of Silence’s Trojan are Russian words typed using an English

htrjyytrn > реконнект (reconnect)
htcnfhn > рестарт (restart)
ytnpflfybq > нетзадач (notasks)

Tatütata August 22, 2019 10:28 AM

Here’s Every Major Service That Uses Humans to Eavesdrop on Your Voice Commands — From Siri to the Xbox, this is what you need to be aware of in tech’s latest privacy scandal., The Daily Beast, 22 August 2019

Telephone operators of yore were able to listen to the calls they were switching, to insure quality. It took a minor miracle to get thousands of kilometre of open wire lines, lead sheathed cable, undersea coaxial, HF or microwave radio, and analog FDM systems, all running on firebottles, working together to get a call through between subscriber loops of questionable quality. So there was an added value in manual call setup, but hopefully Ma Bell didn’t take notes. (The introduction of customer dialled long distance calls required tightening tolerances on the equipment.)

maqp August 22, 2019 6:23 PM

@ Clive Robinson, @ Nick P, @Thoth, @Figureitout, @All

TFC 1.19.08 is out.

Anticipating the Tails 4.0 release, I finally added support for Debian 10 that comes with Wayland by default and adds GUI isolation. This is especially useful since we assume Destination Computer can be remotely infected. Malware that makes it in might observe sensitive inputs to Receiver Program. With GUI isolation, it now makes sense to start protecting against side channel attacks, so Argon2d was swapped to Argon2id, which is the current best practice.

Viewing or exporting logfiles now requires the user to enter the master password. This prevents someone who gets momentary access from compromising secrecy of logfiles by typing “/export”.

The type annotations no longer complain even with “–strict –ignore-missing-imports”, which is great. Now it’s just the matter of getting rid of the “Any”s and upstream repositories using typeshed and it’s done.

The update fixes a bug in the binary search for Argon2’s optimal memory parameter.

The maximum wait time before checking when contact is online was cut from 16 to 8 seconds which really improves usability.

I significantly refactored the src.common.crypto module and its tests. I improved the rationale for algorithm choices and made test vectors easier to compare. I also added many tests during run time and unit tests for everything.

I would have probably waited until Christmas when Tails 4.0 is released, but considering the awkward binary search bug and bug in file transfer when traffic masking was enabled, I figured it was time for another release. Another reason was CVE-2019-14806 that forced me to update Werkzeug.

The meticulous approach for going through the security-critical code until I find nothing to improve really shows in src.common.crypto (and its tests). What I ended up focusing on the most was I think the Linux RNG’s internals. Something that I’ve wanted to understand for the longest time. Myths about /dev/urandom doesn’t get too technical, so I ended up reading most of Müller’s paper from 2018, the 200-page BSI report, and with the help of the latter I even deciphered most of random.c. The stuff relevant to TFC is now “summarised” in the Security Design article.

So if you’ve ever wanted to understand how the entropy sources, input pool and ChaCha20 DRNG used by /dev/urandom and getrandom() relate to one another, it might be worth reading.

Chris August 22, 2019 6:34 PM

I have been thinking about this TOR issue where you can correlate users using DNS requests using a fingerprint of what i understand would be ?
– Clicking on a URL it spews out a lot of different DNS requests depending on the sites html code…

Anyhow correlation of the DNS requests for a seldom hit target would make it easier to target a TOR user to anonymize that person.

Been little bit tired and not slept for awhile, would that not meen that it would be not mitigated but made more hard by using
– Blocking DNS on local network
– On local network using a DNS other than port 53 such as DNSCrypt
or a separate TOR Dns chain only for DNS
– And make sure that the browser is NOT using DNS over the Socks as in
torbrowsers default setting.
Or should i go back to sleep again

Also why are the DNS cache settings set to 60 in torbrowser
personaly i hardly use that browser but would it not be more
secure to use eather white list hostfiles alltogether, dnsmasq caching
and very very long cache times ?

And when we are at it, why is it that DNS in most linuxes gets more and more fucked up ? seriously…


Thoth August 22, 2019 9:40 PM


Responsible disclosures of bugs are becoming a pain when HackerOne and other bug bounty programs are highly flawed and when corporations refuse to listen (but issue vulnerability patches quietly behind the scene).

Researchers are not getting the payment they have signed up for by following the due process of responsible disclosures and the bugs they discovered are not recognized by the responsible parties and correctly paid their dues and given the respect for their work.

The next step would simply be “Zero-Day Disclosure” and that’s exactly what most of the researchers are doing these days.

Some of them are simply going straight to weaponizing bugs and selling them on the market to make a buck out of the effort they have spent.


Thoth August 22, 2019 9:46 PM


Any thoughts of implementing a Fortuna RNG as the main CSPRNG for the random key generator ? An auditable and verifiable Fortuna CSRNG would be much more secure. Fortuna have been in the public domain (thanks to our host) for many years.

Might also be interesting if a Hash based Quantum Crypto resistant key signing algorithm be included in future roadmaps ?

name.withheld.for.obvious.reasons August 23, 2019 12:46 AM

The United States should only award military contracts to non-profit organizations.

maqp August 23, 2019 2:26 AM

“Any thoughts of implementing a Fortuna RNG as the main CSPRNG for the random key generator ?”

I don’t think a user space CSPRNG would be more secure. Fortuna would need to be reseeded from somewhere constantly, and since the LRNG already uses pretty much every entropy source available in the system (things that are not even accessible from user space) from HIDs to disks, interrupts, HWRNGs, CPU HWRNG, the original HWRNG used in TFC (just redirect output to /dev/urandom), it would make most sense to reseed from LRNG. At that point Fortuna would be just added complexity as the security of the CSPRNG would depend on the security of LRNG seeding it.

Replacing the LRNG completely with Fortuna would also most likely be error prone if not dangerous. Not because there’s anything wrong with Fortuna, but because the implementation might be bad.

A less risky approach would be to just port TFC to FreeBSD that uses Fortuna. But I don’t see it’s necessary just for the sake of the algorithm. There would need to be something wrong with LRNG before it was worth the trouble.

The ChaCha20 DRNG already has the same internal entropy as TFC algorithms (256 bits), and the DRNG is reliably seeded before it’s made available.

The DRNG has backtracking protection and automatic reseeding. The heuristics for awarded entropy are very conservative (I was surprised it was along the lines of 1000:1 of Shannon entropy to awarded entropy in input_pool), and the entropy sources have been validated by people smarter than me. LRNG even has the FIPS mode you can enable that adds additional health checks.

My only concern with LRNG was the silent failure to reseed the ChaCha20 DRNG at early calls of the getrandom() if the input_pool has less than 128-bit state. That’s a problem only if you trust CPU HWRNG, if the CPU HWRNG is backdoored, the input_pool content used to initialize the ChaCha DRNG was weak, if for some reason input_pool isn’t being fed more entropy (this would be a catastrophic bug), and if TFC generated keys within the first five minutes of use. Now that’s a lot of ifs.

“An auditable and verifiable Fortuna CSRNG would be much more secure.”

My conjecture is there’s less review available for existing Fortuna implementations, and creating one is not a task for mere mortals like me. I’m also not able to fund even a single audit. Do you have any sources that show Fortuna is inherently better? The only difference I’m aware of is Fortuna has larger internal state, but that doesn’t matter because LRNG is already at 256 bits. It’s not just the same as the key size, it’s the same algorithm as the one used by TFC. Also, assuming flawless implememtatiom of Fortuna, how would one get around the fact seeding Fortuna mostly depends on LRNG?

“Might also be interesting if a Hash based Quantum Crypto resistant key signing algorithm be included in future roadmaps ?”

The problem here is the root of trust needs to use it as well. TFC installer signature needs to be verified with something that ships with the OS (hence no minisign) or that fits in the one-liner used to install TFC. If it’s the latter, the GitHub page used to obtain the one-liner (that authenticates the one-liner) would need to use PQ-stuff. Sure, every part of the chain need to be strong and someone has to start. I’m not opposed to it, I just don’t see there are any robust tools to do that with, yet.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.