Friday Squid Blogging: Why Mexican Jumbo Squid Populations Have Declined

A group of scientists conclude that it's shifting weather patterns and ocean conditions.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on August 30, 2019 at 4:09 PM • 82 Comments

Comments

Ismar August 30, 2019 4:24 PM

Importance of having multiple feudal lords is that they keep others in check in part by pointing out the other’s shortcomings in hope to attract more servants to their land 😀. It is all we - the slaves - have left as our countries have no will to impose any sort of incentives towards introduction of real security into digital world.

Google says hackers have put ‘monitoring implants’ in iPhones for years

https://www.theguardian.com/technology/2019/aug/30/hackers-monitoring-implants-iphones-google-says


Sherman JayAugust 30, 2019 5:05 PM

If I remember correctly, a few weeks ago Bruce posted a Squid Blog about how the Mexican Squid are also getting smaller. This all seems to correlate. Mini-Squid appetizers, anyone?

Seriously, where in the world are we seeing plants and animals getting bigger and thriving (except for hormone pumped cattle in the united states) File under: Food Insecurity.

More importantly, a guy I know wanted to speed up his computer so he bought an SSD. Right after he installed it in his Window$ 10 computer, it nagged him to go on-line and 'update' it. WTF? Having never heard of having to 'update' a fresh, beautifully functioning drive on-line, he ignored the nag screen. I have to suppose the SSD is 'phoning home' and I am curious to see if this nagging continues.

Anyone have more/better info on this?

lurkerAugust 30, 2019 5:20 PM

@ Sherman
I was looking for info on unclean shutdown in a Linux distro, and found in my ramblings a recommendation to check if there is a firmware update for your SSD, and apply it: the maker will have done it for good reason (!)
https://easylinuxtipsproject.blogspot.com/p/ssd.html
Redmond may have just been giving your friend a helping hand...

JonAugust 30, 2019 5:42 PM

@Sherman, lurker

Of course, this is a brilliant sample of the "It's not done!" "Ship it anyhow! We'll fix it with an online update" model of 'Rapid Software Development'.

And keep in mind if you permit any online update, the next one can do anything it wants...

Jon

SpellucciAugust 30, 2019 6:29 PM

@Sherman, Jon

If the SSD was manufactured in March, had a quarterly firmware update in June, and was purchased in July, it is entirely reasonable to suggest the that user update the firmware.

Sherman JayAugust 30, 2019 7:13 PM

To all of you, seriously, thanks for taking time to research and make your suggestions. But, I do have some concerns:

@lurker,
Thanks, that indeed might cause a fouled-up shutdown. But, why didn't they make it fully functional in the first place? SEE next paragraph for likely answer.

However @jon's comment is important, too. We are facing ever more flawed systems in the name of ship and get paid now and fix later or never. Also, it is an invitation for invasion of and stripping of privacy.

@Spellucci, logical and resonable. However, I don't want to have to spin my wheels on updates, on a daily basis, for: an operating system, dozens of software packeges, anti-virus, and now my hardware. It's counterproductive.

I have had XP machines and Linux machines that I've never connected to the internet and they just function perfectly allowing me to concentrate on my writing/creating tasks instead of baby-sitting all the components.

The guy's experiences with constant troublesome Win 10 updates and now this SSD reinforce my conviction that my funky old spinning platters and Linux O/S's are the most reliable and productive way to go.

"Please provide us with all your private info and wait for your computer to update and reboot in the next 10 minutes so we can enhance your computing experience" /sarcasm!

SomoneAugust 30, 2019 7:18 PM

Hi i dont normally post here since i dont think i have any real value to say

However i have thought about the inverted ways to identify a person that you dont know if he or she is to be trusted.

I have tried many ways but one that seems to work is the following procedure

I tell the person in doubt a story that that is easy to remember that has some details
that cant be from other source than this particular conversation that i am having with suspect bumber-1, i have used this method more than once and i can tell you that the realtime experience shows that it works!

thats all i hafe to say for today
I like to read this site, however what i lack is the solutions to the issues presented
/Nadja

VinnyGAugust 31, 2019 8:50 AM

@ Jon re: SSD online update - Exactly. My misgivings are about equally divided between suspected spyware in the update, and the evident lack of Q/C before the device was released for sale...

VinnyGAugust 31, 2019 8:55 AM

@ helloworld re: "Already folks won't hire you unless you have an extensive history on Social Media" - I look forward to seeing some company clean up by hiring capable people for less as a result of declining to mindlessly follow the ruminant herd on this trend...

RockLobsterAugust 31, 2019 11:29 AM

I have a question, I notice when I connect to platforms like reddit, my https connection is actually to a CDN like fastly or cloudfront. Does this mean the CDN is essentially a man in the middle as far as https traffic security is concerned?

MarkHAugust 31, 2019 1:03 PM

For those interested in the story, some updates on the "Skyfall" nuclear accident in the far north of Russia, which the government has been trying to obscure:

1. Maybe not new, but news to me ... more than one of dead from the explosion are reported to have died from radiation exposure, rather than blast-related injures.

2. Western intelligence sources reportedly concluded that the explosion did not coincide with a test of the nuclear propulsion system, but rather a salvage effort to retrieve wreckage from the sea, wreckage from a previous flight test.

That it was a salvage accident, makes more sense to me. The dead were reportedly technical workers on the project; I presume they would stay far away from any flight test, which is sure to be incredibly dangerous even if everything works as intended.

But if a boat was trying to recover wreckage from the sea, it would be logical to have some program technical personnel present to direct and monitor the process.

It's unknown whether the explosion originated within the nuclear propulsion system, or had another source on the salvage vessel with the unfortunate consequence of dispersing intense radiation.

Supposedly, this system has already had five tests, all of them failures. The loss of several key technical people might well further hamper the development program.

Now is an opportune time for the Russian Federation to cancel this insane project.

Clive RobinsonSeptember 1, 2019 6:10 AM

@ MarkH,

It's unknown whether the explosion originated within the nuclear propulsion system, or had another source on the salvage vessel with the unfortunate consequence of dispersing intense radiation.

Based on what we know from US research with Pluto and Tory it is probably safe to assume there are actually two propulsion systems. The first to get the second upto hypersonic speeds.

An compact high thrust to weight ratio propulsion system with a large enough specific impulse to get up to hypersonic speeds would in essence be a bomb in it's own right using highly volatile fuels etc.

I actually suspect that it is a three propulsion system, that is using what is in effect a three stage system. The first say solid fuel to do the basic lift and get the acceleration up to the point where a liquid fuel system can take over. Thus a bit like the space shuttle but smaller. When up to what would be hypersonic speeds it would then switch over to the nuclear based propulsion system.

Thus I would guess that the recovery process somehow triggered either a chemical explosion or somehow caused the nuclear propultion system to go critical for a short while before stopping catastrophicaly.

A spike followed by a return to low levels tends to suggest it went critical some how for a short while.

Who?September 1, 2019 7:54 AM

@ Sherman Jay, Jon, VinnyG

Sorry guys, I think you should improve your knowledge about how software development works and not be so paranoid about firmware ugprades.

The first IBM PCs had no an upgradeable BIOS on them; at that time BIOS was simple and easily auditable, designed to run only a flavour of DOS (call it MS-DOS, PC-DOS, DR-DOS...) or CPM/86. BIOS was stored on a ROM chip, so upgrading it required replacing the chip (hopefully mounted on a socket).

My first computer (after playing some time on a Univac 90/30 running OS/3) was a 16 KB Sinclair ZX Spectrum. The operating system on that computer had no upgrades, but it was far from being bug free.

Can you seriously suggest hardware manufacturers releasing bug-free products? It cannot be done in the same way vulnerabilities in our current software are usually a consequence of development mistakes or not carefully enough programming, not something introduced on purpose.

Should we return to simplicity? Of course! We need simple, maintenable, software again. We are in the time of simplification (look at the new desktops and window managers and compare them with the ones we had years ago, or our LED-less computers and appliances that do not provide visual feedback to the users). I call it the "new Apple style." Why not doing the same to software? We need simple, auditable, hardware and software with open specs. My choice would be removing any trace of speculative execution at least from a few "secure" series of microprocessors (no, I do not think we can fix current hardware without losing functionality), and simplify huge BIOSes that are really full-featured operating systems connected to Internet.

The truth is that software is complex and bug-friendly these days, so we need firmware upgrades. I own a small workstation manufactured in 2013 that last May got its ninety-six firmware upgrade. I am glad firmware can be fixed.

I fail to see how a firmware upgrade will be an invasion of privacy. Do you want to not upgrade firmware because it means a loss of privacy? Ok then, but be consistent with your reasoning and do not apply software updates either.

The only risk I see on firmware upgrades is that, as currently implemented, it is a technology open to abuse by third parties. We need firmware ugprades, but a mechanism to physically block the upgrades until we authorize one from a trusted source (the manufacturer). It was much better before, when the motherboards had physical switches that blocked the ability to write on flash chips. Right now write protection depends on digital certificates and software-based mechanisms that can be abused by anyone that owns a copy of the private parts of these certificates (e.g. intelligence agencies) or knows a bug that helps avoiding the software-based write protection mechanism.

TatütataSeptember 1, 2019 9:39 AM

The first IBM PCs had no an upgradeable BIOS on them; at that time BIOS was simple and easily auditable, designed to run only a flavour of DOS (call it MS-DOS, PC-DOS, DR-DOS...) or CPM/86. BIOS was stored on a ROM chip, so upgrading it required replacing the chip (hopefully mounted on a socket).

Back in the day, circa 1984, students had access to a bulk purchase of IBM-compatible computers from a reputable OEM. A BIOS revision quickly proved necessary, and thanks to my Apple II EPROM programmer I became a purveyor of replacement parts (for free, except for the cost of the 27xx, that was still a lot less trouble than getting them from the Coop). I had replaced several BIOS messages with juvenile silliness in the first EPROMs destined for my friends, but quickly backtracked as the OEM's software (a DOS and a word processor) checked for the presence of certain strings in the ROM.

Why not doing the same to software?

There was this story about the hood (BSI: "bonnet") of Rolls-Royce automobiles being locked so that the owner couldn't muck with it. I'm sure it is apocryphal, but I did find this ridiculous feature.

Yet too many applications appear to follow this philosophy.

When I installed Signal I was annoyed by the absolute lack of a general presentation of how the system worked and what it could do, as if it was self-explanatory. On the home page you only get a bunch of testimonies, and the other pages aren't a lot better. The surface is a bit too smooth to my taste. Furthermore, the updates never tell you why they are necessary (I suspect that many are of the "new currency symbol for Georgia" type), and I suspect that their frequency could be reduced. (I update manually by downloading an APK as I don't want to register on the Android app store)

TatütataSeptember 1, 2019 10:08 AM

An compact high thrust to weight ratio propulsion system with a large enough specific impulse to get up to hypersonic speeds would in essence be a bomb in it's own right using highly volatile fuels etc.

The whole thing is absolute madness.

How do you make radiation hardened positioning (Glonass and/or INS), guidance (en route navigation, and also take-off and Cat IIIb landing), power electronics for actuators (control surfaces, reactor control, etc.), detonation control (firing a bunch of detonators with precise timing), and also communications (satellite or otherwise) that will operate reliably under a constant flux of neutrons (which can be reflected back onto the electronics by certain materials present) and gamma rays (which can only be shielded against by sheer screen weight and thickness)? So many things could go wrong...

And how would the chemical explosives for igniting the nuclear payload would stand up under prolonged neutron bombardment?

Does Russia have the industrial might to pull it off? Does even the US have it?

Clive RobinsonSeptember 1, 2019 11:35 AM

@ Tatütata,

The whole thing is absolute madness.

I cup my hand to my ear and listen carefully straining every sinew taught as I listen yet I can not here a voice that disagrees with you ;-)

The system by the way is not designed to land... The Pluto if it had ever got to the point of flight tests would have run for months if not longer before the fuel ran out. The resulting hulk nobody and I realy do mean nobody would want within several hundred miles of them as it would be "hot" for a thousand years or so at the very least.

The US stopped development after seven years, not because they had any concern about the nuclear waste, or killing everything for miles with neutron radiation. But believe it or not concern the then "rational actor" CCCP leaders might become as irational as the US and develop their own in a kind of "Space Race II"...

Well it looks like the current Russian leaders are not as rational as their forebears were. I could make some guesses as to why but although it's a valid security concern it's a "Human" on e rather than a "technical" one.

Who?September 1, 2019 12:31 PM

@ Tatütata

Back in the day, circa 1984, students had access to a bulk purchase of IBM-compatible computers from a reputable OEM. A BIOS revision quickly proved necessary, and thanks to my Apple II EPROM programmer I became a purveyor of replacement parts (for free, except for the cost of the 27xx, that was still a lot less trouble than getting them from the Coop). I had replaced several BIOS messages with juvenile silliness in the first EPROMs destined for my friends, but quickly backtracked as the OEM's software (a DOS and a word processor) checked for the presence of certain strings in the ROM.

Of course, anything more advanced than a "Hello world" program is a serious candidate to having bugs. It happened to the ZX Spectrum ROM and I have no doubts happened to the first PC BIOSes too. The ROM on the ZX Spectrum was a Sinclair BASIC interpreter. It had errors like considering 1/2 different to 0.5, or displaying -1 when executing "PRINT INT -65536". Additional errors appeared with new revisions of the computer (e.g. ZX Spectrum 128) or when attaching a ZX Interface One to the computer bus on the rear side.

This one is the very reason firmware upgrades are highly valuable. Of course, as firmware (not only BIOS) becomes more and more complex bugs become worse and more numerous. Same happens to hardware, with the difference that bugs cannot be really fixed but hidden under the carpet only, at least until a new hardware revision exists. This one is the reason I would like to see processors without speculative execution, even if manufacturers try to fix these performance-related technologies. A good example is Row Hammer—recently a bunch of supposedly fixed memory modules were shown vulnerable.

A decade ago I was used to change parts on the BIOS on the Soekris appliances and reflash it, fixing some bugs that were not recognised by Soekris Engineering but bugged me.

Who?September 1, 2019 12:47 PM

@ Tatütata

...but quickly backtracked as the OEM's software (a DOS and a word processor) checked for the presence of certain strings in the ROM.

Were you replacing the OEM name on the BIOS? You were a very bad guy! :-)

IBM does not stand for "I Blame Microsoft," and OS/2 does not mean "Obsolete Soon, Too."

Sherman JaySeptember 1, 2019 2:03 PM

Hoping it does not upset Bruce, in the 1970's, many of us thought that IBM stood for:

Industry's
Biggest
Mistake

I've been reading the comments about ancient BIOS and EEPROMS, etc. And I agree that 'speculative execution' is a problem. It is only one symptom of a popular but despised attitude. As I understand it, a lot of this 'stuff' is an attempt to make people think the system is faster than it really is. I, for one, would rather the hardware and O/S take a few additional milli-seconds to complete a process securely and cleanly, compared to all the 'push it out the door now and fix it later' crap.

Thus, I am convinced that almost all the patches and 'upgrades' to software, window$, and firmware are the result of incomplete testing during development. AND, as has been said above, ALL these probings into our computers to patch/upgrade leave the door open for malware. Also, the moving target of 'cool new trendy things' that make established file formats and protocols obsolete and unable to deal with them are not productive or helpful. Whatever happened to the 'back-wards compatibility' and standardization. Analogy, how would you react to: "I'm sorry, you can't drive your 2012 vehicle on our roads anymore because our roads require semi-autonomous technology. You must spend thousands to upgrade your vehicle or buy a new one (even though yours still runs beautifully)"

In all my work I have always been of the philosophy that if you don't provide a reliable, stable, fully tested and polished product, you are compromising your reputation as well as thwarting the ability of your clients to be creative/productive with the work you provide to them.

O.K. I'll climb down off my soap-box now and listen to everyone else's thoughts.

Also, I think many will want to peruse this:
ht tps://www.commondreams.org/news/2019/08/30/scariest-thing-youll-read-all-day-report-sounds-alarm-over-brain-reading-technology

"Scariest Thing You'll Read All Day": Report Sounds Alarm Over Brain-Reading Technology and Neurocapitalism
"Your brain, the final privacy frontier, may not be private much longer."

SpaceLifeFormSeptember 1, 2019 3:12 PM

Silicon turtles, all the way down.

If Windows10 says you need to update the firmware on an SSD 'drive' *cough*, then you should suspect a backdoor that can leak.


Has anyone ever been nagged to update the firmware for a floppy or Thumbdrive?

I'll stick to floppy, spinning rust, and thumbdrive (if needed). Or PXE.

I'd use Hollerith or punched paper tape if I needed to (if it were still possible) before seriously using SSD on a Windows machine (I do not use Windows).

Recall in the old days, in order to update your mobo firmware, you needed to do the jumper stuff, and boot from floppy.

Later, with the 'silicon turtles', Windows could update the mobo firmware.

No jumper or floppy required.

Then came UEFI. Extensible. Yep.

It's silicon backdoors, all the way down.


SpaceLifeFormSeptember 1, 2019 4:44 PM

Note: Allegedly, the Drive-by/Watering Hole attack on iPhone also would attack Android or Windows.

Attribution is hard.

maqpSeptember 1, 2019 4:59 PM

Tails 4.0 beta has been available for some time now: https://tails.boum.org/news/test_4.0-beta1/

I've had to spend the weekend with flu so I figured what the heck, I'll do it now: So after two days of work, TFC finally supports Onion Services on Tails 4.0. There is however a problem: The version of OnionShare that is currently bundled with Tails is very old, and its dependencies are also outdated and some have known vulnerabilities. Pushing newer dependencies with TFC installer breaks OnionShare, even if I build a virtualenv for TFC.

So hopefully Tails 4.0 will include OnionShare 2.1 by October 22 when it's released. Otherwise I'll need to make a decision whether or not to have installation of TFC break OnionShare, or whether or not installing TFC on Tails will have known attack surface (note that even if that was the case, it won't affect confidentiality/integrity/authenticity thanks to TFC's TCB offload design).

The changes have been made into TFC's testing repository. Assuming the final version of Tails isn't too different, the Tails support will be merged into the official repository on week 44 or 45.

SpaceLifeFormSeptember 1, 2019 5:08 PM

@Somone

What you are talking about is verbal watermarking, a Canary Trap.

Your best defense is do not repeat rumour, and do not lie.

Be a good person, don't lay the trap yourself.

Honest communication is what this planet needs.

Sherman JaySeptember 1, 2019 5:13 PM

@SpaceLifeForm,
Yup. silicone turtles/backdoors all the way down. Of course, sooner or later you're going to run out of turtles/SSDs. (is that karma? OH, NO, my Karma ran over my Dogma)

What about programs/data stored on audio cassettes? I have one or two computers that still have the 'tape' interface connector.

As I've mentioned before, I only use Linux to touch the internet. And, if I'm going to visit any scary sites, I use a PC with no harddrive and boot from a Linux CD, limiting (but not eliminating) disasters.

And the link that @lurker provided is helpful:

https://easylinuxtipsproject.blogspot.com/p/ssd.html

it also has tips (complex) on using an SSD on Linux Mint and Ubuntu. It also mentions the caution that I know everyone has heard 'DO NOT DEFRAG AN SSD IN WINDOWS' it will read/write it literally to death.

I, too, think I'll stick to spinning platters and USB flash drives. I may be older and slower, but I'm also less likely to 'crash and burn' unexpectedly (I ALWAYS BACK-UP FREQUENTLY).

SpaceLifeFormSeptember 1, 2019 5:31 PM

@RockLobster

Yes. The padlock means nothing.

The CDN is the MITM.

The padlock only indicates TLS between you and the CDN. It proves absolutely zilch about the traffic between the CDN and the end host website.

Note: The CDN can see your plaintext.

Routers between CDN and end host can see your traffic.

DDOS attacks are a tool to make end hosts sign-up with a CDN.

AlejandroSeptember 2, 2019 6:55 AM

@Sherman

"...if you don't provide a reliable, stable, fully tested and polished product, you are compromising your reputation as well as thwarting the ability of your clients to be creative/productive with the work you provide to them."

True ...and if you are one of the biggest of the biggest it's worse and even more annoying.

MS pushed update build 18632 for W10 to me this week. First, it broke RDP on the desktop totally. Basically, if you tried to RDP in, NOTHING would happen at all. Then on the laptop it freakily required the user to log in TWICE in a row to open. (Once for me, once for "them"?) Never got to RDP from there.

From what I understand they are tweaking authentication due to some perceived weaknesses, but the tweaks either break authentication altogether or just make it weird. In short, it's another BETA update. Ugh!

I uninstalled both.

(No lectures about Linux please. Been there done that. Too many dead ends leading to a helpful suggestion to "just go ahead and wipe the drive and start all over". I am seriously saving up my nickels and dimes for a nice Apple system of some kind, however. But, they aren't cheap. I sort of believe what they say about making their money on selling devices not user data.)

TatütataSeptember 2, 2019 9:38 AM

I, for one, would rather the hardware and O/S take a few additional milli-seconds to complete a process securely and cleanly, compared to all the 'push it out the door now and fix it later' crap.

Those "additional milli-seconds" eventually add-up to something like "100 times slower".

I don't quite see how you could effectively supplant the paradigm of data processing for the last 50-60 years: build something that will be fast for most of the time, but not necessarily all of the time. The entire hierarchy of memory and instruction processing beginning with registers, trickling down several levels of cache, and then to TLBs, virtual memory, and suchlike, and eventually all the way to off-site tape storage, depends on it.

If you were actually able to make a reasoned choice for purchasing one of two models, one "safe", and the other one "fast", I'm not sure you would go for the "safe" one.

1&1~=UmmSeptember 2, 2019 11:43 AM

@Alejandro: "Too many dead ends leading to a helpful suggestion to "just go ahead and wipe the drive and start all over""

That is known as 'Universal Computer Advice' and is given for every and all consumer OS's this century sofar, irrespective of who developed them. As many know it's a given, even if it's the same OS you are going to reinstall...

Which means that trying this,

"I am seriously saving up my nickels and dimes for a nice Apple system of some kind"

Is hardly going to make any difference at the end of the day. Because I've heard the same advice given for Apple tech.

Worse all that money you will spend on one of their computer products will probably get you three year old technology --thus obsolete-- in a new slightly modified case (see Apple's more recent history of 'All style over any substance')...

Such is the world of Fast Moving Consumer Electronics (FMCE). Which thanks to some US Politicians and their "cost saving mantra" gave rise to "Consumer Of The Shelf" (COTS) pricing becoming a universal excuse for pulling it up high at ever incrrasing price for ever decreasing quality.

I guess you could switch to an aerospace approved OS... Which is what Boeing decided to do and used COTS operating systems by Green Hills Software and Wind River Systems and other certified OKL4 microkernel OS's in core avionics systems etc for the 787 Dreamliner...

Which you might remember from a few weeks back has a big question mark over it's computer systems...

I guess an inflight "just go ahead and wipe the drive and start all over" is not what passengers want to know about ;-)

tdsSeptember 2, 2019 11:46 AM

https://www.newyorker.com/magazine/2019/09/02/are-spies-more-trouble-than-theyre-worth

"Are Spies More Trouble Than They’re Worth?

The law of unintended consequences rules with a special ferocity in the realm of intelligence gathering and covert action.

Is intelligence intelligent? This is the question that runs or, rather, leaps through the mind of the reader struggling with Christopher Andrew’s encyclopedic work “The Secret World: A History of Intelligence”

[...]

There’s a “Red Queen” phenomenon in spying. The “Spy vs. Spy” comedy of perpetually frustrated equilibrium is actually the safest possible state. Andrew makes this case in a Cold War context: the moment of greatest risk in the Cold War occurred in the early fifties, when the United States didn’t have sufficient intelligence, and filled the shortfall with wild conjectures about nonexistent missile gaps. When the intelligence expanded, mostly through aerial and satellite surveillance, sanity returned.

Where we may go wrong is in valuing stealthily obtained information over unglamorous, commonly shared knowledge. And so the disappointment that liberals, newly sympathetic to our intelligence services, found in the Mueller report lay simply in the fact that what was most shocking in it was already well known. The Russian conspiracy went on largely in the open, with most of the clandestine bits hidden under a diaphanous cover. Donald Trump’s genius was, as it so often is, his inability to dissemble: no one can quite believe what he gets away with because we assume that a public act is unlikely to be incriminating. We interpret as strut and boasting what is actually a confession. Richard Nixon, a genuinely Shakespearean villain, had full knowledge of his wrongdoing and a bad conscience about it, if not enough of one. Trump is a figure right out of the Theatre of Cruelty; he just acts out, without any mental inner workings, aside from narcissist necessity. Had his “Russia, if you’re listening . . .” been encrypted in a text, it would have had the force of a revelation. Made openly, it seemed merely braggadocio.

If there is a lesson to be taken from the literature of espionage, it is that the surfaces we see generally have the greatest significance, and the most obvious-seeming truths about other countries’ plans and motives are usually more predictive than the sharpest guesses at hidden ones. A corollary of this truth is that the best way to project power is not to do wrong secretly but to do good openly. How intelligent is national intelligence? Why, exactly as smart as we are. It’s a terrifying thought. ♦

This article appears in the print edition of the September 2, 2019, issue, with the headline “Spy vs. Spy vs. Spy.”"

Sherman JaySeptember 2, 2019 11:46 AM

@Alejandro, I will try to not be heavy handed in my comments about Linux. But, I've been using a number of distro's for ~10 years now often from a USB flash drive (without disturbing window$) and it just works beautifully for me and all those at our community computer clinics.

@Tatütata, I am 'underfunded' and build computers using 10 year old components (CPU, RAM, etc.) so I am already likely '100 times slower' than bleeding edge computers. But they work fine for me and my clinic attendees.

I admit, it is impossible to get hardware and O/S developers to go back to clean straightforward designs.

And, I would like to go for a model that is more safe than we have now. Maybe because I'm not excited about engaging in risk: I've had too many 3rd parties (stores credit card processing) compromise my privacy over the years.

@Alejandro, WARNING Linux info below --
From an intellectual standpoint I think many might want to read of these further intrusions and confusions of micro$oft into Linux. The link below is a Distrowatch Weekly Newsletter:

ht tp://distrowatch.org/weekly.php?issue=20190902

misc news:
"For over a decade people using Microsoft Windows have been able to use a minimal filesystem called exFAT, which is usually used on SD cards and other portable storage media. While it has been possible to access exFAT filesystems on other platforms, doing so usually involves third-party tools and/or userspace filesystem (FUSE) utilities. Linux users should soon be able to use the once-proprietary filesystem as Microsoft has published specifications for exFAT and agreed to not use its patents against Linux if the exFAT code is adopted. TechCrunch reports: "In addition to wanting it to become part of the Linux kernel, Microsoft also says that it hopes that the exFAT specs will become part of the Open Invention Network's Linux definition. Once accepted, the code would benefit 'from the defensive patent commitments of OIN's 3040+ members and licensees,' the company notes." While this is good news for Linux users who may wish to access exFAT storage, it is unclear whether Microsoft will be cooperative with other open source operating systems that also wish to support reading and writing to exFAT-formatted devices. "

Also below that is an article on APP ARMOR that is interesting,

VinnyGSeptember 2, 2019 1:41 PM

@ Tatütata re: Rolls hood lock - That particular story may be apocryphal, but it nevertheless has an element of plausibility. When I was young and (more) foolish, I bought a well-used late-1960s Rover 2000 TC sports sedan at a bargain price. I quickly found out the reason for the bargain when both the transmission and the rear differential were found to be failing. Worse, I discovered that both units were welded shut by Rover (nearly all such mechanisms can be disassembled with wrenches) to prevent anyone but factory personnel from attempting repair. My choice was to buy complete units from a junkyard at a cost equal to what I had paid for the car, with no assurance that those units were in acceptable condition, or send my parts to Rover UK for rebuilding, which would have cost over twice what I paid, and would take at least 3 months (I sold the car for parts.) Rover might have had a bit of justification with the differential - Rover used a De Dion sliding tube system in conjunction with the independent rear suspension, which maintained the same wheel-to-wheel distance (track) as the axles pivoted (most independent rears reduce track as the vehicle rises and the wheels pivot downward.) This could easily have made maintenance significantly more complex (I don't know for certain.) The transmission, however, had no such complexity - Rover simply wanted to receive all of the repair revenue...

SpaceLifeFormSeptember 2, 2019 2:04 PM

In re: the drive-by/water-hole attack on iPhone (plus Android and Windows)

One of the common factors may very well be that the attack, while a browser based attack, the browsers impacted are Safari, Firefox, Chrome, and likely even new Edge based on Chromium.

Likely, MacOS has been attacked also.


What they all have in common:

All use c++ code.

All use Clang/LLVM to build.


https://www.schneier.com/blog/archives/2006/01/countering_trus.html

I think there is an exploit hidden in the Clang/LLVM to binutils toolchain.


Clive RobinsonSeptember 2, 2019 3:48 PM

@ VinnyG, Tatütata,

re: Rolls hood lock - That particular story may be apocryphal, but it nevertheless has an element of plausibility.

I heard about this nearly half a century ago from my dad as one of my relatives had had the problem, and it was not "being locked" that was the actual problem.

Quite a few years before that when both R's were red and vital, you did not by a Rolls Royce, but a Bently - Rolls Royce or similar. That is Rolls Royce built the engine and hard chassis and Bently or some other coach maker built the body work for you either directly onto the hard chassis or onto a floating chassis that was bolted to the hard chassis.

For the most part the body works were a standard design with some custom finishes etc. But some were almost entirely "custom" and some owners had more than one set (my great uncle had a set of bodywork with special tubes running down the length of the body work to take several fly fishing rods that were 18ft long). So some coach makers of highly custom body work couldn't / didn't provide regular or even easy access to the engine or transmision due to customisations. Thus repairs nescescitated removing the body work, which was in effect on a floating chassis on top of the Rolls Royce chassis. So not a particularly difficult job to do if you had an inspection pit and gantry hoist etc to do it, not just safely but without scratching the body work. But back pre-WWII few driver/mechanics --which is what a chauffeur was expected to be back then-- or village garages --which were little more than a single petrol pump and a part time attendant who was also a blacksmith or other hot work tractor mechanic-- had them.

Post WWII this had compleatly changed due to not just surplus military vehicals, but surplus military personnel who were fully trained mechanics used to working with standard parts on larger vehicles where pits and gantries were a requirment to get them bacj to the line very quickly.

The "Haulage Trade" had become a nescesity as during the war the British Government took over the railways and effectively knocked the stuffing out of them and left the serverly delapidated, run down and in many ways unusable by the public. Worse due to certain Ministers having significant interests in Haulage and road construction, the railways were starved with prefrence being given to road construction. This however was still not enough for one self interested Minister who actively attacked the railways and culminated in the "Dr Beeching Report" which was an organised stitch up for which Beeching was very significantly rewarded for (with a salary two and a half times that of equivalent civil cetvents and significantly above that of the Prime Minister and later a Baronessey[1]). This carried on later woth Margaret Thatcher doing even more significant damage, which we are still stuck woth today along with some of the most expensive regular fares in the world (and because it's so screwed up also some of the cheapest special advanced fares...).

[1] There is still argument half a century later as to the effect Beeching had, some say it was inspired but badly implemented by their successors[2]. The reality was it was political not financial or sound. Beeching quite deliberatly ignored the social asspects or the increasing passenger numbers where the rolling stock was not compleatly delapitated. The simple fact was the country was still in the late 1950's still in a very unsettled post war state due to the starvation of investment. Thus the figures Beeching used did not reflect the changes that the lead into the 60's was bringing. In fact some claimed fairly realistically that Beechings cuts actually reduced mobility of the work force causing significant labour problems that lasted well into the 80's that actually significantly hampered economic development, whilst those in Europe that had made other choices had outstripped not just Britain but the entire UK in economic prosperity.

https://en.m.wikipedia.org/wiki/Richard_Beeching

[2] A point I've made before is that you start a grandiose project and about a third of the way in you jump ship. Because if against all common sense it succeeds then you can claim it's success as beingvto your vison and laying of solid foundations. If however it does what most gradious projects do whichvis fail to even reach the most basic of objectives, you can claim the failure was due to the timidity / incompetence / etc of those who took over from you. So "Win-Win" no matter how usless you might actually be...

tdsSeptember 2, 2019 4:44 PM

https://techcrunch.com/2019/08/31/china-google-iphone-uyghur/

"Sources say China used iPhone hacks to target Uyghur Muslims

A number of malicious websites used to hack into iPhones over a two-year period were targeting Uyghur Muslims, TechCrunch has learned.

Sources familiar with the matter said the websites were part of a state-backed attack — likely China — designed to target the Uyghur community in the country’s Xinjiang state."

https://www.forbes.com/sites/thomasbrewster/2019/09/01/iphone-hackers-caught-by-google-also-targeted-android-and-microsoft-windows-say-sources/#40096cb84adf

"iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources

tdsSeptember 2, 2019 4:56 PM

https://www.pbs.org/newshour/nation/u-s-to-use-fake-social-media-to-check-people-entering-country

"U.S. to use fake social media to check people entering country

WASHINGTON (AP) — U.S. Citizenship and Immigration Services officers can now create fictitious social media accounts to monitor social media information on foreigners seeking visas, green cards and citizenship.

An updated Homeland Security Department review of potential privacy issues dated July 2019 that was posted online on Friday essentially reversed a prior ban on officers creating fake profiles."

SpaceLifeFormSeptember 2, 2019 5:01 PM

In re: the drive-by/water-hole attack

I just want to add that all modern Javascript engines are written in c++, and most certainly built with a Clang/LLVM toolchain.

Chrome - V8
Edge - Chakra (or was until switch to Chromium)
Mozilla - Spidermonkey
Safari - Webkit/Javascriptcore


Therein lies the problem.

If all built with Clang/LLVM, and there is an exploit in the Clang/LLVM toolchain, it does not matter what modern browser you use.

And if you do not block Javascript in a modern browser, then you can be attacked.

It's not just China spying on those that live there.

Attribution is hard.

It is of *ZERO* surprise that neither FBI or Google are talking any more about this alleged 'spying' that allegedly only happened in China.

Attribution is hard.

Did one of your browser tabs crash recently?

That is a hint.

tdsSeptember 2, 2019 5:12 PM

https://twitter.com/jacklgoldsmith/status/1167816880255619073

"Astute analysis by @emptywheel on earlier IC disclosure of secret operation against Iran, and whether it, along w/ satellite disclosure, reflects "a broader change in the US approach to deniability." Clearly there's been a change on deniability re cyber.

https://www.emptywheel.net/2019/08/31/there-were-two-dick-waggings-directed-at-iran-this-week/"


and on U.S. Intelligence agencies and Hong Kong protests:

https://twitter.com/jacklgoldsmith/status/1168511018663927808

"1/[of 4] I have no idea if U.S. intelligence agencies are in any way assisting the Hong Kong protests, and I have no affirmative basis whatsoever to think that they are. But I am also surprised how readily and confidently so many people are dismissing the possibility out of hand.

2/ All histories of US covert action make clear that a classic CIA technique is to covertly sponsor demonstrations, protests, and related propaganda to promote U.S. policies and interests against an adversary."

tdsSeptember 2, 2019 5:25 PM

@SpaceLifeForm, Ismar, Anders, helloworld

SLF wrote: "In re: the drive-by/water-hole attack ...

And if you do not block Javascript in a modern browser, then you can be attacked."

IIRC I word searched the posted (about 7) Google Project Zero documents (all?) for 'javascript' and got, like, one match, which surprised me.

Of course, there were non-browser exploits identified, too."

antiiiiik lodestoneSeptember 2, 2019 7:38 PM

Seriously.

Much of the future of several varieties of Security will not and cannot be found within the digital and electronic domains.

The sooner we come to realise this and to further develop our techniques, the better we will be as groups of individuals.

Time is still of the essence. The Feudal Warlords only want several more hundreds of years of slavery and forced dependence upon their lackluster cultures of decay and dismay.

P.S. =

http://i.gzn.jp/img/2016/02/02/decentraleyes/00-top_m.png

Clive RobinsonSeptember 3, 2019 12:34 AM

RE JavaScript,

As some here know, I decided some years ago various things in web browsers were undesirable for good and proper security reasoning.

The only two that have not yet fallen on my old list are,

1, JavaScript.
2, Cookies.

Both of which I normally have switched off.

More recently I added amongst others, HTML5 and WebAsm.

What people appear not to understand is that any programing ability within you web browser is dangerous, conversations about "sand boxes" are moot, they simply do not work to the required level for security.

Having programability open to any and all which it is in webbrowsers is arguably one of the daftest things we have done to ourselves information security wise.

It does not favour users but "pushers"[1] from the server side who are trying to infect you at all levels including your mind (see Facebook and other Silicon Valley large Corporate Research).

Thus the real question is how long is it going to take folks to "wise up" and drop such dangerois technologies?

[1] I'm using "pusher" not in the sometimes heard technical sense but in the sense related to drug deals.

TomSeptember 3, 2019 2:05 AM

@Alejandro in re Apple products. While we must take Clive’s comments with a great deal of respect, I will add a contrary note which would apply to users such as myself whose requirements are modest.

I care a great deal how the graphics are handled. Also care about high quality audio. They’ve got a Bash shell.

There are completely non-tech users in the household, the systems must be intuitive. It also means that downtime due to virus, malware or forced update glitch is to be avoided, since there’s not much tolerance for errors normal on other systems.

I did run an XP box when I needed it for work, so I well recall the time wasted on viruses, etc. I’m fifteen years older now and just don’t have the time for such nonsense. As for Linux, I tried but just didn’t have, or have the time to develop, the skills needed to run it productively.

Don’t care if a system is three years out of date when it’s new, it would be in six months, anyway. Wouldn’t that be true of pretty much any box on the market?

Another thing I care about, besides uptime, is expected longevity. I’ve got a 2009 Mac Mini still in daily use. Also a 2012 Mini. Retired another 2009 Mini after nine years replaced it with a 2018 Mini (take a look at a teardown of this; great build quality). Overall with Apple, wonderful engineering at every level. Open an enclosure and enjoy a dust free environment.

Updates I do manually. I use no MS products. I do scan for malware, etc.

Sure, they are just pc’s so bad stuff happens and I’ve had to replace HDD’s, now with SSD’s which have worked flawlessly. But given the duration of service, no complaints.

And the built in backup app works very well, and actually does restore what you need restored.

Some may call me a fan boy, but these computers have worked well and reliably since I began using them in 1993.

Clive RobinsonSeptember 3, 2019 6:24 AM

@ Tom,

I will add a contrary note which would apply to users such as myself whose requirements are modest.

I've no problem with people having different view points or different needs in terms of security levels.

One thing people need to remember is that attacking peoples computers is not just a "low hanging fruit" game it is also one of probability and network distance.

The latter is rarely talked about, but if your aim is DDoS then it is desirable to use computers close to your target for a number of reasons. Three of which are, firstly the less the distance the less options there are to stop the attack, secondly generaly the shorter the distance the greater the available bandwidth and thirdly the closer to the attacker the less others it effects which means the numbers demanding action or actively trying to stop it are reduced.

Thus your probability on that score is how far your computer is to a target and how much bandwidth you have.

More generalised "Fire and Forget" attacks are also probabilistic for various reasons. AV software is not all the same thus some let pass what other block. Also tge Internet is a "Target rich environment" thus more potential targets than an attacker has time to gain. Currently these types of attack are forming a lesser conponent of attack types, which has the consequence of making AV software appear better than it actually is. There is also the persistent rumour that Government Entities have control over AV companies in their jurisdiction thus State Level malware won't be detected.

However there is an obvious couple of facts that people forget with the more traditional types of AV. Firstly put crudly they are only effective against attacks that the developers are not just aware of but have decided to take action against. Thus an attacker has a time window, that is more often than not dependent on how soon users see the effects of malware. This means that APT attacks that are both stealthy and covert in function could be using attack vectors built into consumet OSs and Apps that might be twenty years or more old. This is why APT tacks can get so deeply into systems.

The point is AV alone is insufficient to protect an Internet connected computer, and thus nearly all consumer computers especially those of leisure, SOHO and even SBLB entities are in the "attack lottery" and there is little they can do about it. Even "whitlisting" is not proof to fairly simple to understand Man In The Middle attacks.

It's one of the reasons I fairly endlessly talk about using two computers, your work/private computer not connected to any network, the second a sacrificial browsing computer. With appropriate methods to move the security end points past the sacrificial computer communications end point.

The problem with "target rich" is that it has a probability function of attack. Which means the most insecure computer in the world may never get attacked... Which is just one reason people have a distorted view of the privacy and security of their systems.

Gunter KönigsmannSeptember 3, 2019 3:01 PM

Regarding the lack of simplicity in BIOSes: one friend of mine hand an early 8086 computer that seemed only to contain a start screen and a floppy driver. The rest of the BIOS was then loaded from the BIOS disk. Afterwards DOS could be booted. Never seen a second computer like this. But we were scared that the bios disk might break/get lost.

SpaceLifeFormSeptember 3, 2019 3:31 PM

@Clive

I Would add NodeJS, to the list, just in case some do not realize that NodeJS *IS* Javascript.


As to the Drive-by/Water Hole attacks:

I'm pretty sure it is c++ related.

As I am not Google, with the time and resources to roll many various toolchains and OSes to debug this problem, I'll just drop my idea where the problem actually resides in the hope that others reading can research further.

I hope that Google has the exploit code on various test machines.

I believe the hole has to with with name mangling and likely tied to dynamic loading.

Anyone running a statically linked browser?

AndersSeptember 3, 2019 3:52 PM

@SpaceLifeForm

"I Would add NodeJS, to the list, just in case some do not realize that NodeJS *IS* Javascript."

NodeJS is engine that runs javascript, it's not actually the language itself.

-September 3, 2019 5:39 PM

@ Moderator,

Somebody calling themselves "Dream Calendars" and "Helena Orstem" have poped up on several threads, with their unsolicited advertising, as can be seen on the 100 Comments page.

SpaceLifeFormSeptember 3, 2019 6:05 PM

@Anders

NodeJS uses c++.
Because it uses V8.

The problem lies within c++ implementation.

It may not be a direct exploit or backdoor, but the hole may exist to be exploited via name mangling.

How it can be expolited to get eop/lpe is not going to be trivial, but I'm certain Google folk are on it.

They already know it takes many steps on iPhone.

Someone has found the primitives to carry out the exploit. On various platforms.

In older news...


https://blog.ret2.io/2018/07/11/pwn2own-2018-jsc-exploit/

ThothSeptember 4, 2019 9:48 AM

@all

Probably not a good idea to hit out at a new project with seemingly strong potentials but .... scroll down to the bottom of the page ........
It says:

" Built for speed! Capable of over 100Mbps VPN at peak, Quad core ARM processor, 1024MB RAM .... blah blah ... Open source, Patent Pending .......................

Sounds odd ?

So it's open source but with patents :) .

And the "patent pending" words are located just after the open source in front ahead.

I guess it should be a cateogry of its own that Richard Stallman would really be interested in .... another way ... the category of "Open Source Patented (Soft/Hard)ware

Link: https://www.invizbox.com/products/ib2/

RachelSeptember 4, 2019 9:10 PM

Tatütata, Clive Robinson, MarkH

Thanks for discussion about Russia nuclear project.
What do you think about this being disinfo? The reports are ever increasingly ludicrous. We know Russian has solid expertise in technical areas. Could the bizarre mishaps and failures we are reading be deliberate disinfo? 'We are incompotent, and we are not currently building an exciting military project in another region of our huge country you should be nervous about' I mean, really, what else could they have to gain by such an expensive disaster. I have trouble believing they just blindly walked into this.
Actually it's a reminder to me of how much we take whats in the newspaper for granted, instead of accepting as deliberately crafted lies.

TomSeptember 5, 2019 12:04 AM

@Clive— Thanks for your thoughts. My apologetic tone was not at all in reference to your tolerance for differing opinions, but that my opinions are based on anecdotes and limited experience rather than actual technical knowledge.

People tell me how they’re experiencing systems running slowly. Seldom an Apple product. Even guys who should know better dream up arcane theories to explain why their machine is getting slower and slower.

My own experience improved when I started clearing out cookies and web databases (those especially), using an app called Cookie 5. Those db’s would slow things down considerably, with lots of HDD activity (with a SSD I would now have a hard time telling the difference). Are they reading everything on my drive? mining bitcoin? Well, they don’t last long now.

Your observations about existing in a target-rich environment are eye opening. It seems to me that it’s time to run Little Snitch again. Look into router logging.

Clive RobinsonSeptember 5, 2019 5:21 AM

@ Rachel,

What do you think about this being disinfo?

It's a good question, which first needs a little bit of history.

The US was as far as most could tell badly loosing the space race back in the 1950's and 1960's if you watched / listened / read the Western Media of the time. The CCCP/USSR appeared to be faultlessly putting things into space every few months, whilst the US however had disaster after disaster appearing in the news.

The reality was the CCCP were actually having more and worse disasters but those were in secret, whilst the US for political reasons did things in public.

The US spent over seven years on Pluto and Tory before canceling it at what would be considered a very early stage. Russia appears to have got to "flight trials" in less than a couple of years of research and engineering. Which appears improbable under normal considerations (hence the question)

Whilst this is getting on for half a century of technology development since Pluto's inception, the actuall technology involved has not received that much development. Hypersonic flight is to put it mildly very difficult. In essence aerodynamics becomes hydrodynamics when you cross the sound barrier and increasingly like a solid as the mach number goes up. But as with banging a long thin nail into seasoned oak you have a very narrow angle over which you can get it to penetrate without buckling up. But worse the faster you go the less time margin you have to make corrections thus manoverability is at the very least just to fly a steady course difficult. Thus at horizontal low hights traditional cruise missiles fly at you run into problems that you don't with vertical accelerating flights of rockets. Thus something like an ordinary thermal can be a significant hazard to hypersonic navigation. But it also opens up a hole in the "invulnerable missile" argument made about hypersonic flight.

But even so we are with the best will in the world still around twenty years of normal paced engineering and material science away from hypersonic flight as a practical low level flight method. Assuming of course we ever want to go there considering the effect of shock waves etc.

So yes in "war footing" development corners are cut and envelopes pushed way beyond limits (think German V weapons etc).

Is Russia doing this on a "war footing" time scale? From the little information we have the sparse evidence points that way.

Russia sees it's self as a 'Resource rich super power' and like China it can see the US has burnt it's resources rapidly, and likewise as most outside the US see it the US is "Happy to resort to conflict to get more resources". Russia also sees China "capturing" other areas with resources such as Africa by various means. Thus it's not difficult to conclude that the likely hood of a new world war is increasing exponentialy with time.

So yes I can see Russian leadership beleving it has not just the US but China, Europe and India as potential aggressors thus put it's self effectively on a war footing for the highest tech of weapons, with a globe spaning nuclear tipped hypersonic cruise missile technology being a major goal. Even though, as with the North Korean nuclear weapons and rockets, it is in reality more of a "Keep of the Grass" sign rather than a full on MAD deterrent. It is after all what a rational actor does when faced with one or more aggressors that behave as a non rational actor.

EvilKiruSeptember 5, 2019 2:11 PM

@Anders Node.JS is used both server-side and in the browser although server-side is probably more common.

ChrisSeptember 5, 2019 5:02 PM

I not sure what to do in a long run with this issue, especially since alot of companies have a BYOD policy, making alot on unmanaged devices, any ideas.

There is some noise about some plugins that has been eather knowingly collecting data more ore less trojan horse spy, or just collecting data trojan horse like and then been hacked, not sure how the exact scenario is.

However they all seem to hide behind a small disclaimer, and users using the "apps/extensions/addons/plugins" are not the wiser and its creating a lot of mess and alot of fuss.

There is tons of examples of these "trojanized" apps plugins etc all the time
even if you follow all the security shitchat you wont catch all of it
even if you have an uptodate IDS blocking the "uptodate" IOC stuff you are going to be vunlnerable, and with BYOD you have a different kind of ballgame alltogether.
So, any clever ideas what to do to this.

Link below:
https://securitywithsam.com/2019/07/dataspii-leak-via-browser-extensions/

Temporary fix via block at 9.9.9.9 rejector
address=/adclarity.com/9.9.9.9
address=/ebehaviors.com/9.9.9.9
address=/fairsharelabs.com/9.9.9.9
address=/freevideodownloader.net/9.9.9.9
address=/funnerapps.com/9.9.9.9
address=/getspeakit.com/9.9.9.9
address=/gobranded.com/9.9.9.9
address=/hvrzm.com/9.9.9.9
address=/mxpnl.net/9.9.9.9
address=/networkanalytics.net/9.9.9.9
address=/nodehop.com/9.9.9.9
address=/panelmeasurement.com/9.9.9.9
address=/prestadb.net/9.9.9.9
address=/savefr.com/9.9.9.9
address=/savefrom.net/9.9.9.9
address=/skechboy.com/9.9.9.9
address=/superzoom.net/9.9.9.9
address=/ymnx.co/9.9.9.9

ChrisSeptember 5, 2019 5:16 PM

I can answer how to do on a peronal level, its a pain in the ass procedure and takes about a year to perform for one person, but on a company level its not doable

The solution i used when in a hostile environment was whitelist only
on hostname and ip level (firewall), it works but boy is it painful :-)

I think of political clausul where a BYOD device needs an app installed that will put the device under control but its still not an easy task.

ChrisSeptember 5, 2019 5:40 PM

Ok so back to the DNS / TOR vulnerability thing i have now been experimenting with some different scenarios i still think i am correct with the assumption that

TOR is breakable to find a user that is of intrest that is surfing to a not often used homepage
that is under surveilance, this is been written about and mentioned that it uses DNS fingerprinting
and it makes sense to me as well, i can easily see a scnariio where a homepage of intrest is analyzed to see what kindof dns queries is produced when going to that particular page
Even easier if its a honeypout where you probably can do other stuff as well, who knows but i am thinking about tinkering with some tcp flag or similar.

Any which way, what i still think is that using a plain TOR browser with default settings
it will do its DNS queries over the TOR and thats fine, but thats where the attack occurs

First of all we need to make sure in my opinion that the dns caching is working for long time
this doesnt seem to be the case in the TOR browser, so that should be changed.
Then i am not sure about the TRR thing, its set to 0 is it then used or not i think it can be overrider if its not set to 5, but setting it to 5 the whole browser stops working, so not sure how it works there...

Then i got the idea that ok the correlation is made on dns and tor level it need to be a big player
so we look at what the big players are, and then make 2 TOR chains, and make the DNS query go with the opposite big player and disable tor over socks on Tor browser
I have allready mentioned this but i just feel that i want to tell this one more time little bit more clear.

So only a global player can do this kindof trick, make sure that the
first tor chain where you surf is using global-adversary-1 and the dns tor chain is using global adversary-2, and avoid dns as much as possible to make fingerprinting over dns possible all together, eather with whitelists via hostsfiles, dnsmasq, long cache times or combinations of the same...

Just my ideas on that holw dns/tor idea, now i will not mention this again
sorry for the followup feels little bit stupid...
//C.L//

ChrisSeptember 5, 2019 6:06 PM

Now i have a question again, and its kindof related to tor and the broken honepot net of cloudflare but not only clouflare i would like to filter out http:// stuff also

So i use Searx localy as my main search engine and it works just fine, i can hook it up via a tor chain and i am happy however i cant find any information on how to filter or block via a personal filter/block file or setting or similar, i would like to first of all filter all
results that are http://, today most results are https anyway but still some are not, i would like to filter them away

Then we have this cloudflare nonsense, i want to add to searx engine a filter that automatically filters search results that points to useless pages that are hosted bye this useless honeypot company called cloudflare, any ideas how to do this filtering...

Or maybe just as simple as a blocklist, yeah i know i should ask the dev...
but i ask here enayway since at least i get my noise out, i hate cloudflare
//Cheers

ChrisSeptember 5, 2019 6:13 PM

So if you are into development, and know about search engines or frontends to those
make a hidden tor search engine that automatically filters away cloudlfare in the results i would easily see it be a hit!!! :-) basically a very big hit

Goodnight
//C.L//

Clive RobinsonSeptember 5, 2019 6:41 PM

@ David Australia,

>>

I guess I should say that NASA were one of the first to shoot laser beams at the moon. But for the purposes of ranging measurments rather than communications.

The upside of using light as the carrier frequency is that it comes with a very high bandwidth, and very high directionality so in effect has a very high gain over an isotropic radiator.

However those plus points are also minus points. For instance a modern satellite which is only 30x10x10cm doing microwave comms to the moons surface, to hit it with a laser from earth whilst it is in orbit around the moon requires not just some very accurate orbital calculations ot also requires some very high precision mechanics at the earth end. Secondly that high bandwidth is very susceptable to the effects of group delay and other issues that arise from sending light through a continuously variable optical medium with some unpredictable behaviours caused by space debris burning up in the optical medium that is our atmosphere and effects of "space weather" caused by variable solar wind / flux.

Thus a lot of the bandwidth would have to go to producing high levels of redundancy that make the likes of Forward Error Correction (FEC) work. A well known FEC is found on the likes of CD's and DVD's and a lot of other places and it is called "Reed-Soloman coding". Whilst it will work with the laser heads for CD/DVD readers it's charecteristics are not as good as other coding methods for long haul communications or communications through our atmosphere. Thus anythong upto 90% of the raw bandwidth of the laser will be taken up with multiply layered FEC codes...

But talk of "off satellite processing" makes an assumption that may well not be true. That is the off satellite processing is "delay tolerant. In most cases it actually will not be, in the case of high resolution imaging the feedback control loop needed to keep the optics close to being optimal can be in the nanosecond area (time it takes light to travel about 1ft).

Seperating out the control loop from the other processing will make things more complex to the point you end up doing the same function twice, once "on satellite" for the control loop and a second time when processing the images "off satellite" in the ground station some considerable time later (ie atleast 250/186 or around 1.3441 seconds or more).

What the article is making big about is,

    Quantum optical communications technology is considered a major step forward in space communications

However no where in the article is it explained what is special about the "Quantum" in this optical communications system that makes it so leading edge...

As can be seen from this reading list,

https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-453-quantum-optical-communication-fall-2016/readings-and-lecture-slides/

for MIT's course on Quantum Optical Communications, the subject matter is quite diverse.

gordoSeptember 6, 2019 7:19 AM

@name.withheld.for.obvious.reasons,

In that same vein:

The Pentagon Wants More Control Over the News. What Could Go Wrong?
The Pentagon is using a moral panic over “fake news” to gain influence over the domestic news landscape
By Matt Taibbi, September 5, 2019

If there’s a worse idea than the Pentagon becoming Editor-in-Chief of America, I can’t remember it. But we’re getting there:


From Bloomberg over Labor Day weekend:

Fake news and social media posts are such a threat to U.S. security that the Defense Department is launching a project to repel “large-scale, automated disinformation attacks,” as the top Republican in Congress blocks efforts to protect the integrity of elections.

[. . .]

Stories about the need for such technologies are always couched as responses to the “fake news” problem. Unfortunately, “fake news” is a poorly-defined, amorphous concept that the public has been trained to fear without really understanding.

[. . .]

If there’s a fake news story out there, it’s the fake news panic itself. It has the hallmarks of an old-school, WMD-style propaganda campaign.

https://www.rollingstone.com/politics/political-commentary/darpa-fake-news-internet-censorship-879671/

tdsSeptember 6, 2019 8:36 AM

@Tom

"@Alejandro in re Apple products. While we must take Clive’s comments with a great deal of respect, I will add a contrary note which would apply to users such as myself whose requirements are modest."

Any thoughts about dosdude1?

For example, http://dosdude1.com/mojave/ (non-https)

One might be leery of their site because the download Mojave patch (and its hash), for older MacIntosh computers, are also downloaded from 'http' sites.

Might there be more secure ways to install Mojave on older Macs?

tdsSeptember 6, 2019 11:41 AM

https://www.citizensforethics.org/press-release/new-report-trump-conflict-of-interest/

"NEW REPORT: Trump Passes 2,300 [at least potential or perceived] Conflicts of Interest

Since taking office two and a half years ago, President Trump has tallied more than 2,300 [at least potential or perceived] conflicts of interest resulting from his decision to retain his business interests, according to a report released today by Citizens for Responsibility and Ethics in Washington (CREW)...

Here are some of the most startling numbers from the report:

The president has visited his properties 362 times at taxpayer expense during his administration, sometimes visiting multiple properties in a single day. The number of days he’s spent time at a Trump-branded property account for almost a third of the days he’s been president.

One-hundred eleven officials from 65 foreign governments have visited a Trump property.

President Trump has used the presidency to provide free publicity for his properties, which he still profits from as president. As president, Trump has tweeted about or mentioned one of his properties on 159 occasions, and White House officials have mentioned a Trump property 65 times, sometimes in the course of their official duties.

Foreign governments and foreign government-linked organizations have hosted 12 events at Trump properties since the president took office. These events have been attended by at least 19 administration officials."

vs ppSeptember 6, 2019 1:32 PM

The secrets of controlling your internet profile
https://www.bbc.com/news/business-49006256

"So can we ever completely get rid of every online trace?

"Simply put, no," says Rob Shavell, co-founder and chief executive of DeleteMe, a subscription service which aims to remove personal information from public online databases, data brokers, and search websites.

"You cannot be completely erased from the internet unless somehow all companies and individuals operating internet services were forced to fundamentally change how they operate.

"Putting in place strong sensible regulation and enforcement to allow consumers to have a say in how their personal information can be gathered, shared, and sold would go a long way to addressing the privacy imbalance we have now.""

RachelSeptember 7, 2019 11:18 PM

Clive

Russia appears to have got to "flight trials" in less than a couple of years of research and engineering. Which appears improbable under normal considerations (hence the question)

Thank you for your perspective, valuable contribution to the topic

Your comment quoted above. Whether one believes in the veracity of the original manned lunar landing - or not. The US was sufficiently spooked by the regular ping! on their consumer radiosets by the Russians space presence and all the warfare capability it hinted at. Thus JFK declared in 18 months we'll make it! And then managed to even beat that deadline. As everyone scratched their heads as to how such impossible physics could be resolved so rapidly, thus spawning suggestions of Stanley Kubricks hand. this is all from memory so don't shoot me if some of the specifics are a bit wayward

Clive RobinsonSeptember 8, 2019 4:05 PM

@ Rachel,

As everyone scratched their heads as to how such impossible physics could be resolved so rapidly

As I indicated when you put something on the equivalent of a war footing it's supprising what can be done.

The other thing to remember is that science like many things does not progress smoothly. In essence ideas come of age and one experiment can cause many who were on the side lines to jump in. Resulting in shear frenetic activity of time desperation to make your name as a domain originator thus get quoted in every paper from then on, and thus reap the rewards is overwhelming.

We generally only get to see where it goes right, not where it does not for various reasons.

One of the few occasions it went wrong and the public had ring side seats was the Martin Fleishmann and Stanly Pons experiment that kicked off in 1989 briefly but highly visable Cold Fusion[1][2] research.

I can remember US universities running adverts about their leading edge courses on Cold Fusion etc. It quickly became a three ring circus because of the way the whole thing started. It happened in an unusual way, in that it was mainly carried out across the Internet not Published Journals and was jumped on by many journalists and others who had no or insufficient training to understand what was being said. Apparently this happened because the University of Utah wanted to establish priority over the discovery and any patents arising by making a public announcement before the usual scientific journal publication process.

Thus other scientists hastily cobbled together their own experiments and some likwise made hasty reports that apparently confirmed Cold Fusion. Then the haste gave way as others could not reproduce the results, to more considered behaviours and retractions started...

As it turned out it appears Cold Fussion was more of a damp squid than repeatable science. Fleishmann and Pons moved their research into France and a degree of secrecy at Toyota's IMRA laboratory (since closed). As far as I'm aware Martin Fleishmann never retracted the claims, though he did express regret at the way they were released. Likewise nor had Stanly Pons to date.

There is still similar research carried out but under different names as journals will not carry papers that mention "Cold Fussion". As to if it's possible, I have no idea, some scientists still report positive results of nuclear energy production, as it's a long way from my knowledge base I don't propose to speculate on it.

[1] It was not the scientists that called it "Cold Fusion" it was as is so often the case thought up by journalists without any refrence to those who know about the domain.

[2] https://en.m.wikipedia.org/wiki/Cold_fusion

MarkHSeptember 8, 2019 7:49 PM

@Rachel, Clive:

As far as I'm aware, there's nothing very surprising about the timeline of the "Skyfall" missile program -- other than the extreme foolishness of undertaking it in the 21st century.

Though Putin announced it publicly only recently, I've seen no information about when the project began; it might be a dozen years old for all we know.

It's not unlikely that the engine design builds on secret research and development from Soviet times; Russia has been recycling various forms of Soviet glory.

To make a compact unshielded reactor whose heat output can power a ramjet is a special design challenge, but Russia's experience in reactor design is vast.

I think Clive may have conflated two distinct projects: although Putin has bragged about a list of "vapor weapons" including a hypersonic missile, I see no reference to Skyfall as hypersonic.

It's supposed to be a cruise missile, breathing air and flying at relatively low altitudes. Hypersonic (typically defined as Mach 5 or faster) flight in the atmosphere is strictly incompatible with long range, because heating from air friction produces temperatures able to destroy even extremely exotic materials.
_______________

If this were disinformation, what might be its purpose? To announce a project with great fanfare ... achieve good success ... and then pretend that it's a humiliating failure? Can anyone propose a purpose for such machinations, not achievable by simpler means?

My reading of history is that when a national project appears to have become a massive f*ckup, that is almost always what really happened.

In Russia, that goes double.

MarkHSeptember 8, 2019 8:37 PM

@Clive, re "cold fusion":

The name is quite a reasonable one, because the probability of fusion is practically zero except at very extreme temperatures.

So, when dolts claim to have achieved fusion without (a) physical evidence of such temperatures, and (b) physically sound theory accounting for the creation of such temperatures in their apparatus, then "cold fusion" is an apt label for their claim.

When it comes to the more general category of "tabletop fusion" -- that is, achieved with fairly ordinary lab apparatus -- there's no need to keep an open mind.

Those methods which either have been shown to work, or have some whiff of plausibility, require vastly more input energy than they can ever produce.

Those methods claimed to be capable of yielding useful amounts of energy, like that of Pons and Fleischmann, are pure codswallop because either (a) a fusion reaction powerful enough to produce measurable heat would emit radiation that's both easy to detect and terrifyingly dangerous, or (b) most of nuclear physics is absolutely wrong.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.