Friday Squid Blogging: Apple Fixes Squid Emoji

Apple fixed the squid emoji in iOS 13.1:

A squid’s siphon helps it move, breathe, and discharge waste, so having the siphon in back makes more sense than having it in front. Now, the poor squid emoji will look like it should, without a siphon on its front.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Posted on October 11, 2019 at 4:29 PM76 Comments


Commoner, the October 11, 2019 5:48 PM

Alas, …some contingency insights with respect to preventing ecological collapse… seriously, nice good ideas.

The key word is “upcycle(d)”. I hope this is inspiring for those who can do this. I cannot do this yet, but I intend to do more of this, and less of ________________________.

Winter is coming,… “life is what happens while we are busy making other plans”.

nevertheless, congrats to several for several.

no worries = there is no need to worry too much.

bye for now.

Alyer Babtu October 11, 2019 8:08 PM

All this energy on emojis. Can’t we get back to real hieroglyphics as Ms. Rosetta Stone intended ?

Michael Leake October 11, 2019 9:24 PM

new phone hack

The 26-year-old man was charged with injury caused by forcible indecency after the alleged assault, and the case has sparked discussion in Japan about the risks of fame in today’s digital age, where it seems almost anything is possible online.

As per CBS News, the suspect told authorities he determined his victim’s location by poring through photos and selfies of the woman, and analysing the scenery reflected in her eyes.

Zucky October 11, 2019 11:41 PM

In China, you can no longer buy a smartphone without a face scan

Picture a world in which the baseline requirement for a new smartphone is a facial recognition test. You needn’t imagine it — in China, beginning December 1, that’s the scrutiny to which the country’s over 850 million internet users will be subject, without exception…

It’s an open secret that China is compiling the world’s most extensive facial recognition database — one with the power to identify any one of its more than 1.3 billion citizens within seconds.

Catherine October 12, 2019 8:28 AM

Two articles covering a stalking and assault case from Japan.

Stalker finds pop star’s home by studying the reflections on her pupils in selfies

Although her address was not public, Sato had pieced together her location from photographs Matsuoka posted on social media. From one, the reflection of a bus stop sign was visible in her eyes, which allowed him to find the general area of her home using Google Street View.

He then studied other photos posted by the star to to determine which apartment she lived in, matching her window dressings and the angle of light entering her room with other photographs.

[…] “In other words, the risk of a so-called ‘digital stalker’ is on the rise. As a result, countermeasures are required when posting to an SNS, such using photos that do not include location information or deliberately reducing the image quality,” Hoshi added. “SNS” refers to social networking services such as Twitter, Facebook and Instagram.

AP: Stalker studied reflection from photos of pop star’s pupils to find out where she lived

Japanese idol Ena Matsuoka was attacked outside her home by a crazed fan. After he was arrested, the stalker explained the complex way he’d located her: by zooming in on a photo and finding the reflection of a sign. […]

Tokyo Shimbun, a metropolitan daily, which reported on the stalking case, warned readers even casual selfies may show surrounding buildings that will allow people to identify the location of the photos.

It also said people shouldn’t make the V-sign with their hand, which Japanese often do in photos, because fingerprints could be stolen.

//// I’d like to see a push to get social media sites to reduce uploaded image quality by default, unless the user opts out and requests to keep the original resolution. Most people have no idea how much information can be gleaned from the tiny details in the background of their photos. As an added bonus, the sites would have to pay less in file storage.

JonKnowsNothing October 12, 2019 11:34 AM

The Guadrian has an interview with behavioural scientist Nir Eyal,about his new book, Indistractable: How To Control Your Attention And Choose Your Life, a guide to staying focused in an age of constant distraction.

Eyal was what MIT Technology Review called “Silicon Valley’s most visible advocate of habit-forming technology”. His first book, Hooked: How To Build Habit Forming Products (2013), became a must-read in advertising and tech circles. Eyal has spent the years since helping companies – from small workout apps such as Fitbod, to Microsoft and PayPal – manipulate user behaviour. The “hook model” he developed advocates building a “mind monopoly” by associating a product with internal emotional triggers, such as loneliness or a fear of missing out. The developer’s goal is that people are triggered to use the product “with little conscious thought”. Now that we’re all addicted to our devices, he is bringing out a book that will help us get unhooked.

The interview discusses how to avoid the Hook.

  • In a nutshell – put down the devices.
  • The problem is we don’t want to put them down. They make us feel important.

ht tps://

ht tps://

ht tps://

(url fractured to prevent autorun)

Utz Erfensterp October 12, 2019 2:25 PM

extensive facial recognition database

Given its general reluctance and injunction in regard to censorship, of which this is a type, those pursuing this may want to consider whether they lose the mandate of heaven.

Clive Robinson October 12, 2019 4:16 PM

@ Catherine,

Stalker finds pop star’s home by studying the reflections on her pupils in selfies

I’m sorry to say this has been entirely predictable for about a decade or so.

Some years ago I posted on this blog the point –I’d been telling clients for a while– that keys could be “cut by sight” fairly easily and that people who hang their keys hanging from their belt etc were very susceptable to having the key profile photographed and a key cut from that information. Most people including our host @Bruce were initially surprised, but after just a little thought realised it was true, and as with all the best discoveries whilst they initialy get met with a puzzeled look, only a little while later the same people will say to themselves “That’s bleeding obvious… Why did I not think of it” or similar 😉

Which is why some years later when hand cuff keys were being duplicated on 3D printers, many here were not at all surprised. Then when a little later the TSA published a photo on the web of all their luggage keys, they got a very high degree of derision on this site, justifiably so.

Back when I originally pointed it out if you’d asked most people they would have thought you would need a very large telephoto lens to do it. That was because they were not thinking about it the right way, that is what was realy needed and what was not. Which was the ability to get “fine detail of the key captured”… So all that you realy needed back then was a 35mm camera with around a 50-75mm lense because the granularity on standard black and white film stock was more than sufficient that you could blow the image up in a home “dark room” to get the required detail of the key profile to “cut by sight”. Not some 4×6 photo where the keys were to small to see even with a microscope (as somebody once said “It’s why we keep the negatives in the freezer baby”).

But back then digital cameras had way to little granularity or as we more normally say “pixels”. Since then that granularity is such that 18mega pixels in smart phones are way more than sufficient to take pictures to cut keys from.

But… due to TV programes doing the “crime scene” etc etc, what was (and still is) fantasy about ordinary CCTV camera images being blown up by whiz kid scientists pulling up firstly faces in car wing mirrors across the street. Then in polished body work and even cafe wine glasses across the street means the idea was “out there” with anyone with a TV. Thus what was not possible because of the lack of pixels in smartphone cameras used for selfies has crossed a line where not only is it possible, it’s become fairly easy, thus any old driven nutter can do it with a home computer and Internet downloads…

Though those mega pixel image dowbloads are only realy possible with the Internet bandwidth you can get as standard these days…

So two technology lines crossed over from the not possible to the all to easy in just a few short years…

Not realy supprising, and when explained I suspect quite a few will be thinking “bleeding obvious…”.

But another piece of advice I was giving clints back then was “No photos within a mile of home, work, the route you take or any place you might go regularly such as a pub, club, bar, restaurant, or gym”. No photos of anything you owned that could be uniquely identified thus traced like cars and their registration plates, paintings, pictures and furniture purchased at auction etc. Further “No photos in rooms with windows or any reflective objects like framed photos, certificates etc on walls, glass fronted book cases or even shiny plant pots, or spectacles etc, because they are all mirrors”.

Since then I’ve also noticed that small gaps in drawn blinds can act like “pin hole cameras” projecting faint out of focus images up onto plain walls. Unfortunatly whilst we even with 20-20 vishion can not see the image clearly or at all most of the time that is not true of digital cameras and software… They can bring out enough quite course detail that patern matching may be done.

But there is another consideration, many don’t consider, photos are like ciphertexts in depth, whilst one or even two will not break the code of where you are located, enough will eventually provide the break if you have not taken precautions…

I know this is going to sound like I’m blaiming the victim, but famous people should know about this sort of attack. After all there has been enough stalking cases of even Z-Listers that laws have had to be introduced in very many first and second world countries to know there are “nutters out there with very single minded purposes”. Whilst famous people might not understand technology from a personal security perspective, there are quite a few people that do understand it, and those agencies who make people famous should realy ensure that “their stars” are properly informed, if for no other reason than self interest. The star at best gets “cents on the dollar” their agents and others actually get rather more. Such income will stop if the star gets scared, injured or dead.

Alyer Babtu October 12, 2019 5:21 PM

There is also the common movie trope of noting particular sounds over a phone or on a tape etc. and then being able to identify location. And so by (associative) indirection do we find direction out.

MarkH October 12, 2019 5:21 PM


I spent the best part of an hour today, writing up facts and analysis for this thread concerning a development in international security, because I believe the matter is very important, is receiving little attention, and is likely of interest to some who follow security matters.

Within a few hours the comment vanished.

What’s going on?

Otter October 12, 2019 7:55 PM


Surely “I spent the best part of an hour” … indeed, the whole of your first paragraph … is irrelevant to your question.

Clive Robinson October 12, 2019 8:13 PM

@ Otter,

… is irrelevant to your question.

You might want to have a think about that statment of yours.

I think you will find that people will disagree with you.

Long time reader October 12, 2019 9:03 PM

I don’t think the post by @MarkH violated the guidelines and also wonder why it was removed.

Ismar October 13, 2019 2:00 AM

I have not seen the post by I would suggest that you
Please repost it if you can and if it gets taken down again without explanation then we will need to ask Bruce as to why.

Ismar October 13, 2019 2:20 AM

“The war against the Islamic State was the first smartphone war. News organizations and government organs were there, but they were responsible for only a portion of the images of the combat and its surroundings. The other images, the great majority of them, the ether and the cloud only know how many millions of images, were shot with phone cameras by the people who really had to live through the combat. “

David October 13, 2019 2:53 AM


Disappearing messages.

There’s a been a bit of this going on. @ name.witheld… complained about it, and it’s happpened to me a few times with surely innocuous messages ( security related links with a one line comment) although I didn’t report it.
( however my comment about Root on the thread by the same name was removed and I can appreciate that was a little wayward)

MarkH October 13, 2019 3:44 AM


I much appreciate your thoughtful comments in response to the question I put up concerning moderation.

I didn’t retain a copy of the lost comment, and have no wish to redraft it for a second trip down the memory hole.

SpaceLifeForm October 13, 2019 11:58 AM


I suspect the subject is too hot.

International security is a much larger issue than your normal computer and network security issues.

Stick to the tech, avoid geopolitics.

Hot issues can invite problems, ex: DDoS.

Tatütata October 13, 2019 12:01 PM

But… due to TV programes doing the “crime scene” etc etc, what was (and still is) fantasy about ordinary CCTV camera images being blown up by whiz kid scientists pulling up firstly faces in car wing mirrors across the street.

As illustrated in PhD comics 1156: “If TV science was more like real science“, upper right quadrant.

This know-how is an extension of the landmark paper by Cann et al: “Xerox Enlargement Microscopy (XEM)” published in 1995 in the Annals of Improbable Research.

A revolutionary new microscopy technique makes it possible to achieve subatomic resolution levels by using standard copying machines. The process consists of iterative enlargements of enlargements. The authors present several examples, including a 15,392 magnification image of ferroelectric barium titanate and a 1,367,481 X image of a deuterium ion.

I have it on paper somewhere.

But more seriously, mechanical locks have very loose tolerances, so the effective number of combinations is in fact rather small. Richard Feynman (can we still mention his name?) broached on the subject in relationship with padlocks at Los Alamos. This is somewhat advantageous with my aging eyes without glasses at the swimming pool, I can often open my lock with up to +/-5 units error in the numbers.

In high school, management imposed the use of Dudley locks acquired from the front desk, as they carried a serial number on the bottom and the combinations were compiled in a list. A kind of central key escrow if you will… The [expletives deleted] bullies never needed these to pick the locks. and that was decades before Yootoob.

Patriot October 13, 2019 12:11 PM


That was a very interesting article. Glad you posted it. But we can do without the references to Hitler’s Germany. It’s hyperbole, and it’s not innocuous. This kind of talk might get people to start thinking that the SA, Gestapo, etc., were not so bad. Just a thought. If you really look into the NS-Zeit and become a student of it (if you are not already), if you really see what it was, you should know that its particular evil cannot be compared to anything else.


You made a very good point about that being the first Smartphone war. I noticed a commander using an application on his Smartphone to call indirect fire on his enemy (during a news program). That was stunning!

  1. Who wrote the app?
  2. How was that information encrypted?


Rewrite your piece. Think about what you are saying. I had something deleted a while ago. It’s OK. Actually, it was my fault.


In China, an incredible percentage of the population uses WeChat. You use it for social media, for payments of all kinds, for work, utilities–it’s a must. I know hundreds of people in China, from children to the elderly, maybe a thousand. Every single one has WeChat, or a close family member does, and all people do is take pictures of each other and themselves. And a lot of people have QQ.

People use the internet in China every single day without showing their ID. Walk into a print store or photo store and start surfing. If you go to an internet cafe you must show your ID. I think that is normal. Let’s not start imagining that China is North Korea. It’s not at all.

Let’s try to be objective about China. First, seeing is believing, and talking to Chinese people you meet in China is the way to get a real view. Chinese people feel protected, yes, feel good, when they see this kind of thing being done to prevent crime. The way they think and the way Westerners think is not the same. The differences run deep. They actually trust their government and are proud of it. They just had a celebration for the 70th Anniversary of the founding of the PRC. If we are objective about China, if we call how people feel for what it is, then it goes like this: pride and optimism. They have not given up on national pride. Kids, grandma and grandpa, flags waving–I am just telling you what it means to them.

They have a zero tolerance policy about terrorism. I say this: good for them. It is their country. Having good safety is important, a foundation for having a nice place to live and being able to focus on work and achievement. This is what scanning faces is about in China. I bet that there is not a soul who minds it, or even gives it a moment’s thought. Excellent security is one reason why China is such a good place to work and a very decent place to visit.

Otter October 13, 2019 12:55 PM


I did have a think, several thinks, revised it in my thinker, and deleted half … before laying fingers to keyboard. Once typed into the box, I revised it somemore.

Of course, people will disagree.
People use inadequate passwords, and post them in public and in dodgey corporate databases.
People publish naked images, of themselves and of unsuspecting others, to public fora.
They post incriminating texts and images, where nefarious agents watch for them.

They also neglect to backup their files.
And they toss considerable time, effort, and importance into networks well-known for mysterious hardware and software mishaps … not to mention harried, misguided, hostile, or simply fumble-fingered @Moderators.

@MarkH also attempts to guilt @Moderator with his time and effort. Although I am sure moderation criteria might be sympathetic in borderline cases.

And he attempts to appeal to the commons with words and phrases like “security”, “analysis”, “very important”, “little attention”, “likely”, “interest to some”, and “security” again.

The text of his question is “What’s going on?” … which doubless includes “Why do you bin my comment?”;
but also implies unseen, possibly concealed, activity.

His whole first paragraph is surplus to the simple question.
It merely supports and implies the darker meaning.

@MarkH’s later comment, at October 13, 2019 3:44 AM, says his first was not very important or interesting afterall.
And accuses @Moderator of deliberately, possibly maliciously, sending it “down the memory hole”.

ASeriousHypothetical October 13, 2019 1:37 PM


Thanks for your comments about “China” vs “Chinese People”.

I deeply distrust and kind of loathe the Chinese Communist government. (Having been born in Taiwan to US Military patents colors this a little bit…:)) And I have had very unpleasant business dealings with Cantonese business owners here in Los Angeles, and found those parties so hostile and unpleasant as to be deeply shocking.

But it is important to remember that China is +1B actual human beings, and despite the fact that the government and 2000 years of their history and culture wants to supress the individual, and individual rights, and dignity, still, each of those people have those rights and dignity, and might be more like us than we might suppose.

I think the current keruffle with the NBA, and South Park, and now Apple, might be a big Snowden moment for Americans realizing that the Chinese govt is horribly fascist. An abstract Chinese person who might be afraid to speak out is one thing. But a Chinese person who IS A FAN OF THE SAME NBA TEAM AS ME! Is suddenly a very real person you want to reach out to and help.

Thanks for your insights.


Bruce Schneier October 13, 2019 1:37 PM


Your comment was about the Open Skies Treaty — interesting, political, and off-topic for this blog. I still have the post; email me if you would like a copy.

Sherman Jay October 13, 2019 2:11 PM

The tool in question below has recently been mentioned as being very helpful and effective in our fight for security on our computers:

h t t ps://

Of course, the Chr0me browser itself is widely considered spyware. I would never use anything developed or owned by G00gle.

vas pup October 13, 2019 2:57 PM

“All things are subject to interpretation whichever interpretation prevails at a given time is a function of power and not truth.

Friedrich Nietzsche”

I hope this statement help you to understand more things than your deleted post


MarkH October 13, 2019 5:03 PM

@vas pup:

As much as I enjoy quotes from Fred, this is Bruce’s salon, into which he graciously welcomes us.

He sets boundaries on the conversation as he sees fit. It seems to me that he demonstrates both reverence for truth and skepticism toward power …

PS: Here’s actual graffiti once observed on the campus of Princeton University:

“God is dead” – Nietzsche
“Nietzsche is dead” – God
“Nietzsche is God” – Walter Kaufmann

Clive Robinson October 13, 2019 7:18 PM

@ Tatütata,

As illustrated in PhD comics 1156: “If TV science was more like real science”, upper right quadrant.

Which looks suspiciously like an early episode of Bones, with from left to right Booth, Bones and what is ment to be Zach with his back to us… The problem is it was never Bones holding up photos or pictures in the early series it was her friend –in real life as well– Angela. Who’s on screen father was played by Billy Gibbons, one of the beards from ZZ Top (another oddity, because in the band, the drumer and occasional video front man who was the only one who did not have a beard was one “Frank Beard”)…

Yes I know, I’ve now condemed myself to being an “all round nurd” of “historic proportions” 😉

Just to make it worse =(

You mention,

But more seriously, mechanical locks have very loose tolerances, so the effective number of combinations is in fact rather small.

The loose tolerances often called “mechanical slop” are usually quite deliberate in locks. The reason is “bind”. For various reasons locks are made with metals of diferent thermal coeficients of expansion (oddly I posted on bimetalic effects here just yesterday when talking about EMP shielding). But… In the case of those awful rotary dial combination locks, the loose tolerances are due not to slop but backlash and takeup issues. I would be quite happy to explain why in great detail 0:) but I can hear the ghost of a @Nick P comment whispering in my ear :-S

Winter October 14, 2019 3:19 AM

This is as bizar as it is alarming: 30% of (Android) phones is sending personal information out over Tor, The data included GPS coordinates, web addresses, phone numbers, keystrokes and other PII..

#SecTorCa: Millions of Phones Leaking Information Via Tor

The researchers explained that they set up several Tor exit nodes, just to see what they could find, and the results were surprising. The researchers found that approximately 30% of all Android devices are transmitting data over Tor.

“You’re probably scratching your head now, like we were a couple of months ago, because that doesn’t make any sense,” Podgorski said. “There’s no way a third of Android users know what Tor is and are actually using it.”

What the researchers determined is that Tor is being bundled, embedded and installed in other applications and users are not aware of its existence. It was not entirely clear to the researchers why Tor was being bundled with so many applications. Podgorski said that it could be due to a misunderstanding of the technology and how it can be used. Tor was also found on Apple IOS devices, but the numbers were smaller with only approximately 5% of devices sending data.

Clive Robinson October 14, 2019 5:20 AM

@ ,

With regards the wired article you will find,

    As dangerous as their invention sounds for the future of computer security, the Michigan researchers insist that their intention is to prevent such undetectable hardware backdoors, not to enable them. They say it’s very possible, in fact, that governments around the world may have already thought of their analog attack method.

Only it’s not “governments” it was people on this blog quite some years back. Have a search for @RobertT and “capacitance” he described some much cleverer varients, with @Nick P and myself.

But also you will find in the article,

    “Detecting this with current techniques would be very, very challenging if not impossible,” says Todd Austin, one of the computer science professors at the University of Michigan who led the research. “It’s a needle in a mountain-sized haystack.” Or as Google engineer Yonatan Zunger wrote after reading the paper: “This is the most demonically clever computer security attack I’ve seen in years.”

Actually it’s not that clever when you think aboit it, any student who has ever played with an NE555 timer as a retrigerable monostable used in many circuits will have used a capacitor as an integrator to triger a level change in a logic circuit. It’s the repurposing of an old idea in a new way that makes them think “It’s bleeding obvious… Why didn’t I think of that” it’s a sign that the idea has come of age in a broader market place.

But Todd Austin is wrong about detecting it, it is actually quite easy to spot, and I’ve said as much and described in some detail how to do it on this blog and other places some years ago now…

The first thing to keep in mind is that in the French language the same word means both safety and security. Thus the French way of thinking does not distinguish the ideas into unrelated domains as much as do those in the English language way of thinking[1].

The big problem with computer security is we “build pyramids not boats”. Our thinking is skewed to believe that you can only build on secure foundations. It’s not true, boats for millennia have got along fine without any foundations, and the water they float on is in no way stable or secure. A moder side view of this was Elon Musk and his landing barge for rockets, atleast in his case he could point at aircraft cariers to show he was not mad.

What if we decide not to have our compiter design process be one of Castles on bed rock, but warships on water? The English Tudor king Henry VIII found he could build a navey and thus set England on a course to become the worlds formost maritime nation and build an empire that covered the globe.

That is there are great possabilities in thinking mobile castles. Leonardo De Vinchi, drew up designs for such things, but his idea did not realy become part of military thinking during WWI with the invention of the armoured car that became the tank. Which again opened up significant possabilities and changed the face of land based warfare for ever.

Ask your self are there ways we could use a mechanism thought as for safety to one we can use for security?

The answer is look in the area of reliability. Unreliable systems are either “not dependable” or “dependable for a limited time”. New York Telephone realised that if you could monitor an unreliable system and detect when it was going wrong and switch it out rapidly for a working system then you could keep a circuit in operation whilst you replaced the defective component. Thus the idea of fault tolerant systems began to be used.

The problem was detecting when a unit was starting to fail, eventually this gave rise to the idea of “voting systems” which NASA did not invent but certainly made famous.

Some years ago now I realised that redundant fault tolerant systems were infact “boats” from the security aspect, and that “fault” also covered malware. That is an idea for Safety works just as well for Security, to which some might rightly say “but of course, why would you think not”.

It became a small but essential part of my “Castles-v-Prisons” idea which you can search for on this blog to find conversations about it.

The problem thus has a known solution…

Thus the question now is who takes on the Sisyphean task of pushing the idea over the group think mental entropy hump?

As I’ve noted over the years a great many ideas on this blog are discussed and solutions possed several years prior to both industry and academia even realising they should be looking at them, as for Governments, you hear that squeaky noise way way behind, that’s the wheel they are to busy greasing with pork fat rather than replacing. Because they are still doing things the way their Grandpapy did, because in their conservative view “What was good enough for Grandpa, is good enough for me” (mind you Grandpapy was pretty quick at grabbing brown envelops behind his back 😉

[1] A point I’ve made before, is that our primary language we learn when very young befor we are two forms the way we think. There is evidence of this with “tone deafness” and language where languages such as some Asian ones that depend on pitch to convey infomation. Speakers of such languages are considerably more likely to be “pitch perfect” across the population. It’s why I think the fact that the number of native languages decreasing is actually harming the world by reducing the number of different ways people see and think about the world.

Clive Robinson October 14, 2019 6:14 AM

@ Winter,

This is as bizar as it is alarming: 30% of (Android) phones is sending personal information out over Tor,

But not “unsurprisingly”…

Tor is a technology, and as I point out from time to time “agnostic to it’s use”, it is the “Directing Mind” that you need to consider.

You probably remember the Carrier IQ debacle where there software was compulsory added to phones as a supply chain poisoning carried out by the US mobile phone companies against their customers?

It created a bit of a sensation at the time, but proved the point for those with their eyes open that “end run attacks” around security were not just possible but easy and in progress.

Some US politicians had some not nice things to say about Carrier IQ and it’s customers spying on US Key strokes (it’s all right somebody did take them aside into a dark room and stopped them gabbing fairly quickly 😉

The point is Carrier IQ used no encryption and even if they had it was obviois where the data was going.

Thus a Directing Mind seeing what is currently “lucrative data collection of PII” is not going to want to lose it, or be identified as doing so.

To many Directing Minds Tor fit’s the bill on that score and is available for free, even though as shown by this research there are ways to remove it’s protections if you are sufficiently knowledgable and the Directing Mind has not been sufficiently cautious.

So from my perspective, the two questions that arise are,

1, Why has it taken so long to happen.

2, When are people going to realise that Tor has very real issues for the incautious.

Of the two I think the second is the more important to take on board[1]. For which no doubt someone will pop up and do the usuall “Fanboi routine” for my temerity for having suggested Tor is not 100% wonderfull.

[1] I’ve been pointing out for some time that Tor is not what people think it is security wise and given it’s provenance that is perhaps not that surprising and it’s later related history id cause for atleast a raised eyebrow. The problem is that way to few people understand the issues involved with sufficient depth. Tor in practice when used in a system has flaws, lots of them, it’s not robust, nor can it be as I’ve pointed out in the past because it’s “security by obscurity” at the network level. This upsets people who have invested in Tor in some way, and they want to “punch back” thus as with most human failings it’s the mortal messenger thet attacke whilst their gods laugh on. This happens time and time again with Tor but the suplicants still genuflect to the gods they have made, and each time you point it out you get a Pythonesque “Tis but a flesh wound” answer from the Fanboi’s. Because they have not realised that in Security unlike in many other walks of life a “nearly right solution” is actually more dangerous than “no solution”.

Winter October 14, 2019 6:50 AM

“2, When are people going to realise that Tor has very real issues for the incautious.”

Note that this article is about the installation of spyware by carriers and others. This is illegal on many levels in many jurisdictions. Most notable, any EU party found doing it might stare corporate death in the face.

For the role of Tor in this. It is simply repurposed as spyware.

Tatütata October 14, 2019 8:37 AM

Re: TOR spyware

I am rather skeptical of the claim that 30% of Android devices leak data through Tor (cheap shot: especially when the source is one of the infamous Big 4 Accounting Firms), and would like to know more before I cry “bovine chips”.

At this point I have only found secondary reports reproducing the same headlines, in particular the “30%” figure, but nothing more specific which would provide an indication of how this number was derived. The name of an actual spying app, or any details about the location and the presumed owner of the servers would help. But with these news, it shouldn’t be too long before a bunch of wise guys will find out.

There would be an accumulated 2.5 billion out there, but the link does not provide insight about how many would be actually active. Many are not smart phones, but Android OS embedded in smart assistants and suchlike.

30% of 2.5G is 750M devices.

The set of applications that finds its way on 30% of the installed Android fleet mustn’t be very large, and would be rather popular or useful.

Do they call home using a persistent TCP connection, or send cumulative batches? Assuming 1MB of data is sent daily by each and every device, an average bandwidth of ~9GB/s is needed. That suggests a rather large server infrastructure, which leaves traces.

But 9GB/s would easily consume the largest chunk of the available aggregated Tor bandwidth, which currently hovers around 200Gbits/s, so assumptions would have to be revisited.

It seems to me hard to estimate the number of infected devices by examining eventual unique IDs contained in the payload. Wildlife estimation methods (“Mark and Recapture“) seem difficult to use in view of the size of the population relative to the traffic handled by the exit node, unless said node is rather large.

And do they unmask all the exit traffic, or do they target only the subset that goes to the server farm? There would appear to be an ethical problem here…

Estimating the dimension of the server farm would appear a more practical approach. With the knowledge of the average bandwidth for a average user, which is obtained by unmasking, you could estimate the number of unique users going through your node to the farm. When you add the knowledge of how much of the Tor exit bandwidth your test node provides, Adam Riese will work his magic.

If Tor code is really compiled and included in many applications, it would be a trivial matter for the Android app store to find and flag these.

But “innocent” applications might be caught in the net. Maybe that’s the real purpose of the exercise?

gordo October 14, 2019 9:00 AM

As information operations go, if that’s what it is—and regardless if it’s not, Ukrainegate, like Russiagate before it, is turning out to be another exercise that generates “more heat than light“.

Winter October 14, 2019 9:13 AM

” in particular the “30%” figure,”

I assume it is 30% of the identified (mobile) requests over these Tor exit points do leak GPS and key log data. On itself, Tor would never ever transmit such data, so someone, or something, has send those data over the Tor network.

That is itself is relevant information, irrespective of how many devices are infected. It means there is spyware installed on a considerable number of mobile devices that uses the Tor network to send data.

The number of devices can be estimated by multiplying the number of devices observed by the total number of Tor exit points and the time course of access (number of unique devices over time observed etc.).

Tatütata October 14, 2019 10:25 AM


I don’t see how I could estimate the number and/or proportion of affected devices from what you wrote. Maybe we’re talking past each other.

I saw comments on other sites that echo my doubts.

One commenter reflected the incompatibility of the reported number with the actual number of Tor users.

I checked up on this, and found this statistic reporting that Tor about 2 million daily users,. In decreasing order, the largest contingents are in RU, US, IR (!), DE, ID, FR, UK, UA, NL and IN.

Russia most certainly has WAAAAAY more than 400k Android smart phones. And this applies even more so for all the other listed countries.

But extrapolating from what I stated earlier (2.5G Android devices), the number of currently active Android devices probably range at the very least in the hundreds of millions.

The gross discrepancy in the orders of magnitude make me reach for my gold-plated 12-tine titanium industrial-strength manure fork…

Wael October 14, 2019 10:41 AM


make me reach for my gold-plated 12-tine titanium industrial-strength manure fork

+1 🙂
Heavens know I’ve seen more than my share of the stuff. I’ll buy one from you to expand my arsenal. You wouldn’t have an industrial-strength active carbon breathing air filter to go with it, would you?

Winter October 14, 2019 1:04 PM

“I don’t see how I could estimate the number and/or proportion of affected devices from what you wrote. Maybe we’re talking past each other.”

Probably. My point was like this. I operate a Tor exit point. I observe that x%, say, 30%, of (Android) devices show signs of involuntary data leakage. I extrapolate that to all N Tor exit nodes and adjust for the time I measure and the data traffic I cover. That gives me an estimate of the number of affected devices.

I agree that number will never be a billion devices. The numbers reported are simply wrong.

Thunderbird October 14, 2019 3:29 PM

Clive, in re

It’s why I think the fact that the number of native languages decreasing is actually harming the world by reducing the number of different ways people see and think about the world.

you might enjoy the book The Language Hoax by John McWorter. He is a linguist that feels the “different languages force different ways of thinking” idea is somewhat incorrect. I have no dog in the fight myself.

Clive Robinson October 14, 2019 3:29 PM

@ Winter, Tatütata,

For the role of Tor in this. It is simply repurposed as spyware.

Whilst that is in part true, possibly the only reason we are hearing about it is the OpSec failure of those using Tor as spyware[1].

If the reporting is accurate, and they are faking up an exit node attack then as Tor fails at this level it is not even providing “transport security” and likewise not even “routing security”…

Thus the question “What is Tor providing the Directing Mind?”.

Obviously not what they thought it would, which realy should be a warning to all Tor users…

Which I would have thought would be important to people thinking of using Tor for Privacy or even Security for the likes of whistleblowers etc.

The reason this attack is possible is because neither the client or server computers are properly part of the Tor network, a point I’ve made often and been attacked over by Fanboi’s. Who, as it has happened repeatedly as an attack, are obviously not taking the information “on board”. Neither would it appear are the Tor developers as it still happens.

Which brings up the question of how fundemental to Tor’s design this issue is…

Which brings me again back to the question of it’s provenance? With the addition of if it is a critical failing in the fundemental design?

My own view (somebody sold a cat in a bag) is not realy germain, as

    If Tor can not be fixed to be even minimally “fit for purpose” then people realy should not be using it for any kind of privacy or security function.

And that is the message that should be comming out of it for all Internet users not just some unintentional Android users.

[1] Assuming of course those that are reporting it are not doing a “Bloomberg”

Tatütata October 14, 2019 4:14 PM

I accidentally came across this item on supply chain attacks (a frequent topic here) as I was looking for something completely different.

Andy Greenberg: Planting Tiny Spy Chips in Hardware
Can Cost as Little as $200 — A new proof-of-concept hardware implant shows how easy it may be to hide malicious chips inside IT equipment.
, Wired 10 October 2019

At the CS3sthlm security conference later this month, security researcher Monta Elkins will show how he created a proof-of-concept version of that hardware hack in his basement. He intends to demonstrate just how easily spies, criminals, or saboteurs with even minimal skills, working on a shoestring budget, can plant a chip in enterprise IT equipment to offer themselves stealthy backdoor access.

The hack is achieved by reprogramming in-place a support chip on an Arduino board, and transplanting it afterwards on a Cisco router.

Since hardly anyone anymore services or examines electronics at the component level, it could indeed remain undetected.

I will return to the Tor stuff later.

Think October 14, 2019 8:15 PM


Say you had tested a subset of determine pathways on your circuit board. With an electronic signal moving at a relatively constant speed. You run tests on your equipment and have signal values with a certain tolerance preprogrammed into a chip that tests certain pathways in your subject circuit board at pre determined intervals or at certain events or both. If deviations are found upon an integrity check any number of actions could be triggered. Any number of codes could be shared, warning or lights or sounds or even device failure. A simple but more costly addition to the device in question.

A clever engineer could test various paths on his board and thus pinpoint any tampering and zero in on the location. Think Time Domain Reflectometer.

Just build a TDR into your device and have it compare values to precomputed stored values.

When signal latency changes just imagine what kind of listening device could be added into ‘the mix.’

Idea on a macro scale;

Subs adding a bit more certainty into clandestine signals gathering.

tds October 15, 2019 7:31 AM

John Bolton is in the news

“Folks are missing several parts of the genius of [Fiona] Hill’s testimony.

The headline quotes are her repeating Bolton.

So he will attract Trump’s ire more than Hill. He will be forced to confirm or (if he’s sure she doesn’t have notes) deny. But he can’t cower anymore.


Note: Bolton knows well how [Dick] Cheney violated the law. He made sure the lawyers were involved (cf John Yoo).

So it’s unclear whether he referred Hill [to NSC legal advisor John Eisenberg] to try to bury it (as Cheney would) or out of real concern.”

Elsewhere from @emptywheel:

“… I [emptywheel] have been waiting for reminders that he [John Bolton] was trained by the greatest bureaucratic genius in recent memory, Dick Cheney.

And … Fiona Hill just locked him in.”

Apple Eyes October 15, 2019 7:50 AM

Apple Browser Defaults to Sending Your IP Address to Google and China

‘But, Apple said, the internet or IP address of the person’s browser may be shared with Google or Tencent. For people concerned about their privacy, the service can be turned off in Safari preferences on the iPhone or Mac.’

Apple marketing always emphasizes consumer privacy. But time and time again they only change after researches uncover their on-purpose leaks.
The cover story is Google pays Apple billion of dollars a year JUST for ‘search’. In reality, with the default settings (which most consumers are too ignorant to change) Google gets you ip_address, every web page visited in addition to your searches.

The bottom line is Apple’s huge payroll expenses come first. Then shareholder value. If they didn’t have these proprietary sweetheart quid pro quo deals, Tim would have layoffs instead [1].

Intelligent consumers disabled the data-miner ‘safe browsing’ over a decade ago. For true privacy its far better to disable javascript and use an ad-blocker [2].

[1] Take Uber and WeWork as nearby examples
[2] Now that (after 20 years) many consumers are becoming educated in the use of ad-blockers, Google is disallowing these security add-ons in the spy-ware Chrome browser.
Is Silicon Valley business model built upon lies and deception?

Tatütata October 15, 2019 12:05 PM


I was using TDRs before I found out about the opposite sex. (How nerdy can you get?)

What you’re proposing is neither feasible nor useful.

PCB traces are perhaps 10-20cm at the longest.

In free space propagation, 1ns=30cm. On a typical PCB that will be ~20cm, and on a round-trip basis, 10cm.

To resolve a fine feature on a trace (e.g. an extra chip), you will need pulses or rise-times in the picosecond range, which means a bandwidth of lotsa GHz. But the fine lines are not impedance controlled unless necessary.

An then you would have to integrate a lot of expensive (in silicon area and $$$) special circuitry in ICs.

You do already have much useful facilities in standard
interfaces, but not much of the high-bandwidth stuff you’re suggesting.

In the proposed hack, my understanding is that the parasitic chip sits on some low-speed bus driving a keyboard or service interface, and waits for the appropriate juncture to inject commands for creating a new root account.

This chip would represent a minute capacitive load on an otherwise comparatively slow signal line. It will hardly register anything on a TDR.

Speaking of JTAG, a pirate could always use the manufacturing interface to get, patch, and flash the router’s firmware. The patch could disable software upgrades and eventual checksum verification. A TDR would be of no help against that.

Alyer Babtu October 15, 2019 12:50 PM

Re: parasitic hardware hacks and chips tomography

So what wavelengths would be required to tomographically detect the presence of hardware “adjustments”

There is the crude add a bulk chip type and the subtler add at gate level type. They seem to be 3D material changes so comparative tomography might find them.

gordo October 15, 2019 2:29 PM


Thanks for the timelinnuendos. WaPo, however, is behind a paywall (Democracy Dies in Darkness). NPR’s timeline doesn’t cover the apparent post-Maidan-Revolution shakedown of Zlochevsky/Burisma Group. Suffice it to say that Burisma Group and the Atlantic Council co-hosted a cyber resilience event this past May in Kharkiv, Ukraine.

Czerno October 15, 2019 5:14 PM

@Clive : With regards, re. French words, security vs. safety : you – maybe others too – keep repeating that in French, both words translate to the same hence the notions would be easily conflated, but that is NOT true !

Security -> sécurité. Safety -> sûreté.

Disclaimer : native French speaker here :=)

Jon October 15, 2019 7:01 PM

Waittaminute here. Isn’t the only evidence that the stalker found her “by looking at reflections in her eyes” the statement of the stalker himself?

And “predicted her actual apartment by sun angle”?

What’s more likely, that, or that he just spotted her on the street a few times, followed her around, broke into her building, &c, things he would rather not admit because he’s not an ordinary stalker but a l33t h4x0r?

Really, guys. Here’s a dose o’ salt for you.


Bob Paddock October 16, 2019 7:20 AM


Perhaps he was a fan of the 1982 move Blade Runner, where reflections in the eye first came up (to my knowledge), to provide useful information.

tds October 16, 2019 11:00 AM


“… WaPo, however, is behind a paywall (Democracy Dies in Darkness).”

From the USA, or perhaps using a VPN from an IP address in the USA, it seems that with javascript off, or using NoScript, the NYT and Washington Post newspapers’ text is available. Any feedback from others on the blue planet?

“… “In late 2018, Parnas said, he helped to connect Giuliani with the former Ukrainian prosecutor-general Viktor Shokin, who was fired in 2016, by President Petro Poroshenko, after Biden and other U.S. and European officials complained that Shokin was lax [lax] in pursuing corruption. Biden, in particular, had threatened to withhold a billion dollars in loans that the Ukrainian government desperately needed. In a Skype call with Giuliani, Shokin falsely [falsely] claimed that he was fired because he wanted to investigate Burisma, the Ukrainian energy company where Hunter Biden, Joe Biden’s son, was on the board. Ukrainian and American officials said that Shokin, contrary to what he told Giuliani, did not actively investigate Burisma while he was prosecutor-general, and that the dormant cases in Ukraine that targeted Burisma—questioning how it obtained its exploration licenses and whether it paid all of its taxes—had nothing to do with Hunter’s role on the board. But Parnas said that he accepted Shokin’s claim that Biden had him fired to protect Hunter. In Parnas’s view, “Shokin basically stepped down, and allowed himself to get fired, to save the country.””

I think James Risen, The Intercept, and Jane Mayer, New Yorker, might be consistent with the above.

vas pup October 16, 2019 2:46 PM

Intersting technology:

“The US Air Force has just taken delivery of Phaser, a microwave-based weapon from defence giant Raytheon. Firing from a disc resembling a giant satellite dish atop a sand-coloured container it wipes out the digital elements inside a drone.

Raytheon cannot say where the rapidly purchased Phaser has been sent, but the Pentagon has stated that it is being deployed overseas.

Perhaps Phaser’s biggest strength is it operates at the speed of light. That is the rate at which it fires out bursts of microwave radiation. And that can bring an approaching UAV down in a split second.

The beam emitted by Phaser is 100 metres broad at a distance of one kilometre. That translates into a lot of dangerous space for an attacking UAV. Targets are tracked by an electro-optical sensor converting images into electronic signals and working in tandem with the microwave beam.”

Alyer Babtu October 16, 2019 3:54 PM

“ Our research shows that the printed circuit board could be replaced with the same material that makes up the chips that are attached to it, namely silicon. …

“ Unlike connections on a printed circuit board, the wiring between chips on our fabric is just as small as wiring within a chip. Many more chip-to-chip connections are thus possible, and those connections are able to transmit data faster while using less energy. …

“ Silicon-interconnect fabric could play a role in an important trend in the computer industry: the dissolution of the system-on-chip (SoC) into integrated collections of dielets, or chiplets. ”

Maybe use this to realize C-v-P ?

Clive Robinson October 16, 2019 7:35 PM

@ vas pup,

The US Air Force has just taken delivery of Phaser, a microwave-based weapon from defence giant Raytheon

The one thing we do know is that “Phaser” is a trade or project name. Probably taken from the Startrek cannon where a Phaser is a directed energy weapon.

What we also know from the article is that it is not an ionizing particle weapon but an EM weapon. Most likely a variation on a High Energy Radio Frrquency (HERF) gun, which I’ve made a couple of myself over the years…

A mistake many people think on hearing “microwave” is it is some kind of “heat ray”, that is however about the least effective way to cause the jaming or destruction of the electronics in a drone. It just so happens we know this because a very high frrquency microwave gun was developed as a “non lethal weapon” as part of a US Military funded project for “crowd control”. Whilst it was not an out and out failure it had issues. Not least of which is the same one that afflicts all radiant weapons which is “beam collimation”. Put simply even with fancy adaptive beamforming technology, the beam will still diverge, thus it’s power thus heating capability drops of as a function of 1/r^2.

Independent work I did back in the 1980’s gave rise to “EM active fault injection” where an RF carrier is modulated with an “attack waveform” that can it’s self be another “attack wavetorm”.

In essence your RF carrier is in the small Centimetric Bands that start around 10GHz (3cm). This is designed to use the slots in any casing around the drone electronics as an antenna, thus easily conducting the RF carrier inside the casing. This is basically AM modulated at frequencies that the internal wiring of cables and PCB traces will resonate at or in other waus have a very high Q. In essence the microwave signal is “Envelope Detected” by the protection diodes inside IC’s. Thus the modulating waveform at 30-100MHz is reradiated inside the case from the wiring or PCB traces. This signal is also AM modulated with a known attack waveform that disrupts the mean DC level on circuits etc. And causes the electronics to fail.

This only works because the electronics in the UAV/drone is susceptable to these frequencies and is very poorly shielded at best in order to significantly reduce weight…

MarkH October 17, 2019 2:02 AM


I’m grateful that you explained the means by which these microwave attacks function.

I’d much value your perspective on countermeasures. On one side, weight is ruthlessly minimized in aircraft; on the other, the kinds of vehicles used recently against Saudi Arabia (for example) probably have takeoff weights in excess of 50 kg (and for many UCAVs, a lot more than that).

I’m guessing that by the “law of diminishing returns,” the first few hundred grams of added shielding would probably give the most incremental protection, with much bigger weight penalties for subsequent similar-size improvements to hardening.

Cutting the range by a few percent, in order to get a higher probability of completing the mission, is exactly the sort of trade-off required in an “arms race” (that is, measure/countermeasure) situation.

I suppose that almost all of those bad boys are heavily reliant on GPS, which I’ve heard is easy to jam. Is it practical at all to shield GPS antennas, perhaps at the cost of losing satellites at low elevation angles?

You’re our uWave guru. Looking forward to any thoughts you will share …

tds October 17, 2019 7:11 AM

About U.S. digital campaigns, but perhaps generalizable to the world at large. Many links are included.

Trump Is Winning the Online War

The technical superiority and sophistication of the president’s digital campaign is a hidden advantage of incumbency.

The Trump campaign has put a lot of effort into harnessing the electoral power of its supporters’ smartphones.

For all his negative poll numbers and impeachment-related liabilities, President Trump has a decisive advantage on one key election battleground: the digital campaign…”

Clive Robinson October 17, 2019 8:57 AM

@ MarkH,

I’m guessing that by the “law of diminishing returns,” the first few hundred grams of added shielding would probably give the most incremental protection, with much bigger weight penalties for subsequent similar-size improvements to hardening.

Yes and no, it rather depends on how you go about doing things.

As a rule of thumb engineers like to simplify things thus they break large complex problems into sub parts and so on down, then when they have things logically seperated they start to build the sub parts up as independent units. If you do things that way then yes you pay an often quite significant price in extra bits in return for reduced complexity easy maintanence and higher availability systems.

Which if you think about it are gains that are not worth having in a “one trip” weapons system. As history shows the Japanese “Divine Wind” aircraft, stripped out a large amount of weight as there was to be no return journy, that they then replaced with “mission benificial” payload.

Thus a standard reusable UAV will be firstly encumbered by the “return legacy” and any Electronic Counter Counter measures such as adding extra shielding and absorption materials will add to the total weight of the aircraft, thus diminish the mission payload weight.

The trick to reducing that extra design weight is by designing systems more as a whole unit. Thus if there are metal support members, redisign them and sensitive equipment together, such that the sensitive equipment is inside modified support members. Likewise if you have equipment that is not sensitive, redesign it such that it can replace structural support members. These are things engineers had to start doing when safety regulations on road vehicles started to get tough. Things like having a seperate chassis for the engine drive chain and wheels that then had body work with it’s own chassis bolted on had to go, so you got monocoque design as standard. You also got other ideas where parts of the body work were deliberately weakened rather than strengthened. The idea being in an accident those areas were designed to fail such that impact force energy was absorbed and not transmitted to the passenger compartment, as a side effect significantly rrduced weight thus higher performence. We chearfully call those “crumple zones” and now talk avout them positively, not negatively as in the past. The trick in all cases is to find a different engineering sweet spot, that best suits your mission goals.

Another trick that I would think they would investigate is “stealth tech” on the UAVs etc. Radar works by bouncing VHF through microwave signals off of objects and getting a return which means the defenders have a round trip issue which tends to boil down to as a minimum a 2/r^2 problem but goes up to a 1/r^4 problem. As our eyes tell us in a dark room and a flash light, white or brightly coloured objects are more easily seen at longer ranges than dark objects. That is materials that absorbe the light are harder to see than those that reflect it. It’s known that old aircraft with “organic” structure and surfaces and glues don’t reflect radar signals at anything like the efficience metal skin aircraft do. In effect they either absorb it, or like glass with light let it pass through. Thus another way to protect sensitive equipment is to make the surface materials absorb some of the microwave energy rather than be transparent to it. This may be as simple as replacing low cost plastics and glass reinforced plastic composits with more expensive harder to manufacture but stronger thus lighter carbon fiber which as a side effect happens to absorbe RF signals. Likewise you can bend light with glass it’s what we do with lenses. What few people realise is that radio waves can be lensed with very light dielrctric materials like polystyrene. All of these tricks help in various ways.

For instance,

Is it practical at all to shield GPS antennas, perhaps at the cost of losing satellites at low elevation angles?

Is an interesting idea. Normally L-Band patch antennas are used and would get mounted on upper surfaces. The thing about patch antennas is that they have an “inside void” that is all the signal beam forming is done at the very edge of the upper plate. You can infact put quite a lot of stuff in the middle and infront ot the patch without much effecting it’s performance. To see an example of this you can look up the recent work of ham radio designers for an antenna feed for the new geostationary Es’hail satellite. They have an L-band patch which has an X-band feed going through the middle using a 22mm copper water pipe and cone/pyramid shaped dielectric lense… That is quite a chunk of volume in which you could build your GPS receiver and have it fully screened. You could also rather than mount the L-band patch on the upper surface put it lower down and build an L-band dielectric lense above it to increase the gain of satellites in a narrower quadrant above and to the front of the vehical whilst also reducing any interfering signals from underneath or to the front.

Each 1.5dB of change means in effect a 3dB improvment in favour of the UAV which in effect means to double the jaming range the phaser has to use four times the power. It might not sound a lot, but if the target is in open ground, then the UAV can switch to glide slope or iniertial or some other form of navigation that much sooner reducing on target error by 1/r^2 so you get effectively an r^4 advantage to play with (which is also what stealth tech is all about).

There are other tricks that could also be used. Back in WWII pathfinders used an early form of high accuracy navigation called “Gee” and similar. In effect a ground station sent a radio pulse out that the aircraft retransmitted back. Thus the ground station had a reasonably accurate direct line distance. Two such stations gives a quite accurate position information. The more modern equivalent would use LPI techniques. Then there is the stand off spotter, it’s no secret that early generation “smart bombs” flew towards coded spots of IR illuminating the target. That is someone some distance away “painted the target” with an IR diode laser –like those used in some laser pointers– to illuminate the target with a pulse code modulated signal the smart bomb then flew in on. The stand off spotter could be on the ground or in another aircraft at a safe distance.

The weakness of the phaser is it is a close range device, which if the assumptions are correct jams either the electronics very inefficiently or jams the GPS. Thus if a spotter UAV stands off outside the phaser’s effective range and then gives a different guidence system for the other UAV’s that the phaser is not designed for then the phaser being an ECM device has been countered by an ECCM technique. As I’ve mentioned before this counter-counter game can go to quite some lengths. That said though it does not favour a static defender, it very much favours an agile attacker. Thus it’s yet another form of asymetric warfare, and we know by now where that ends eventually… By the defender loosing by attrition or entering honest peace talks. Thus the only advantage in not cutting to the end game for a defender is “putting off the inevitable”. Which is something prevaricating leaders both military and political hope will get them another way out, which is a gamble that very very rarely pays off and at best leads eventually to a pyrrhic victory (the war on drugs/terror are examples of such in progress),

JonKnowsNothing October 17, 2019 9:43 AM

There are now a number of countries including the USA that are using AI/ML to collect “overpayments” of various government or social support payments occurring 30 years (maybe more) in the past.

These debt collections are separate from other sorts of debt collections but based on the same principles. They are exempt for the most part from consumer challenges because they are focused on so-called over payments of Unemployment, Child Care, Food Support and any other program offered by national, regional, local governments.

aka as Robo-Debt, Zombie Debt

Things of interest

  • The AI algorithms are secret
  • The number of linked databases are secret
  • The number of queried or secondary queried sources are secret
  • Right to challenge is nil because the 90 day challenge period expired 30 years ago
  • The recapture of moneys can be redirected from the original person to others that may be able to pay. ex: If you are charged with a 30 year old overpayment that can be collected from your spouse, children, your tax refund, your social security retirement benefit or any other current benefits you might have like food support allocations.
  • There are few to none methods of talking with anyone that can alter the computer decision. The computer has the ultimate decision and cannot be overridden by a case worker
  • The look-back period is currently upto 30 years but there’s no reason to stop there
  • The “proof” of original notice letter is pretty suspicious but no one can challenge that
  • The counter proofs are rarely available
  • Guilt by Default
  • Past and Current Income calculations are incorrect, wrong data, wrong person, wrong methods, income averaging until the computer finds a “collectible amount”
  • There is no upward limit to application. Currently this is rolled out against the poor but there’s no reason it can’t be rolled out against the wealthier people
  • It’s profitable for the AI/ML company. It’s marginally profitable to the government agency
  • As many countries now use an electronic debit type card the cut off is instant leaving people with no cash for food, housing, health, medications.
  • The debt instant cut off also affect other mandatory compliance requirements. This can create an no-exit spiral as one system cascades into another.

It’s active in UK, AU, USA and many other countries including India.

Some recent articles

ht tps://

ht tps://

ht tps://

ht tps://

ht tps://

ht tps://

(url fractured to prevent autorun)

Rachel October 17, 2019 4:16 PM

Now I have to include this great thread by Pants of the firefox hardening project.
Eloquently decrying the browswer canvas data set provided by sites such as Panopticlick.
It’s definitely something I’ve been aware of and clearly others here. For starters the pool is very polluted. There’s more to the picture though and it’s discussed in some detail here

MarkH October 17, 2019 11:35 PM


One possibility I visualized for UCAV hardening is wrapping electronics enclosures with EM shielding tape, adding low-pass feedthroughs, and enclosing some cabling in shielding braid. The difficulty or ease of this would much depend on the mechanical design of the vehicle’s interior.

The simplest measures, I propose, will give a big reduction in the range of “jammers” at low cost.

After that, the incremental cost/benefit function likely gets steep.

Your comment mentioned inertial navigation. Any high-performance version of that would be really expensive, and carry a punishing weight penalty.

If I understand aright, you propose that after GPS jamming is detected, the vehicle could proceed to target inertially. Since this fallback system would presumably be needed only in the final stage — perhaps the last few hundred meters — of an attack, the performance requirements would be modest.

Even so, from my very limited reading on the matter, MEMS gyros are still pretty lousy for such purposes, and could yield very large guidance errors in not many seconds. Mechanical gyros are surely up to the task: they already were in the 1940s! But they’re probably an option only for the larger vehicles.

Rachel October 18, 2019 4:03 AM

MarkH & Clive

Thanks for the enlightening discussion
The question to be pondered – what happens when the device hits the ground? Can the attacker be sure their own crew, or civvies, or anything else vulnerable, are not below the falling device when it’s been pulsed?

So yahoo groups has, predictably, hit the dust. If you didn’t know, you have a matter of weeks to retrieve your stuff before they shut it all down. So much for a multi-billion dollar company.

Now arises an opportunity for many, really a great many people, to escape the surveillance and corporate ownership, and offensively poor security offered by yahoo and it’s T&C which are about the rudest anyone has ever seen

Anyone knows a Schneier adherent free email-group hosting suitable for replacing Yahoo Groups, ideally with a bit more human respect built in?

Bob Paddock October 18, 2019 2:17 PM

“Not least of which is the same one that afflicts all radiant weapons which is ‘beam collimation’. Put simply even with fancy adaptive beamforming technology, the beam will still diverge…”

Could this not be overcome via Optical Phase Conjugation like techniques? Perhaps that is the ‘fancy’ you are referring to? OPC lets you do things like see through frosted glass by using apparent negative time (-t). The beam would ‘know’ were to focus because it has in effect already been there via the probe-wave of the four way mixing system.

Good introduction is Concetto R. Giuliano, “Applications of optical phase conjugation”. Physics Today, vol. 34, no. 4, pp. 27-35, Apr. 1981.

Abstract: Light waves that are, in effect, time-reversed images of their original can serve to restore severely aberrated waves to their original state.

Rachel October 18, 2019 3:12 PM

Bob Paddock

Could this not be overcome via Optical Phase Conjugation like techniques? Perhaps that is the ‘fancy’ you are referring to? OPC lets you do things like see through frosted glass by using apparent negative time (-t). The beam would ‘know’ were to focus because it has in effect already been there via the probe-wave of the four way mixing system.

I salute you. This paragraph is a thing of beauty.
This is the most elegant, amusing, enthralling, and other, paragraph I’ve read, ever.

Bob Paddock October 18, 2019 3:21 PM

“The 3rd Directed Energy Symposium will address the increasing need across the military to develop offensive and defensive directed energy capabilities. With emerging threats from near-peer competitors as well as continued operations against non-state actors, the need for directed energy capabilities will only continue to increase. These systems have the potential to stop a future hypersonic or ballistic missile attack or counter swarms of enemy drones, as the future battlefield becomes more technologically advanced.”

November 13, 2019 | Mary M. Gates Learning Center, Alexandria, VA
Open to US Citizens only.

Topics to be covered at the 2019 Summit:

  • Rapidly Fielding Army Directed Energy Systems
  • Enhancing US Missile Defense Capabilities through Directed Energy
  • Advancing USMC Command and Control Architectures
  • Applying DE to counter enemy UAV threats
  • Providing Power and Energy Systems to Integrate Directed Energy Weapons into Naval Ships

  • The Role of Directed Energy Weapons in Future Mega City and Urban Environments

  • Conducting Planetary Defense and Exploration with Directed Energy Systems

Clive Robinson October 18, 2019 4:45 PM

@ Rachel, Bob Paddock,

I salute you. This paragraph is a thing of beauty.

And only to be said when stone cold sober at a symposium, or from behind the desk when giving a lecture to students 0:)

Like the square root of minus one negative frequencies and negative time do not exist in our physical world because they reflect around the zero point with different phases. Thus as with an IQ receiver where we can mathmaticaly resolve a negative frequency we can do similar things with time…

But don’t ask me to go there for two reasons, firstly because it makes my eyes cross and my brain hurt 😉 Secondly I don’t know how to represent the required symbols to resolve in browsers.

The one thing to remember is that whilst two photons can in theory travel in parallel, and we frequently assume they do and it kind of works for telescopes, in reality no, they always radiate from a point source or combination of point sources and even in lasers eventually become decoherant. It’s also why telescopes can not have infinite resolving power. Thus you can bring a beam into focus at a great distance but not beyond a certain distance which is in proportion to the effective apature of the source.

But due to Einstein and some of his successors there is a much more fun asspect to it. It takes time for a photon of light to travel, and it does so across a gravity field which reaches out to the closest we can get to infinity in all directions. Thus the gravatational vector at any point in space is fractionally different from every other adjacent point. Because we know that any uniformly laid out set of masses can not have a uniform attraction. Thus any uniform pattern is not nor can it ever be stable (Stephen Hawking did a good lecture on his advancment to Cosmic Inflation and importantly the iregularities without which we would not be here). Thus as photons have been shown to be effected by gravitational fields, any two photons that start in parallel paths with as best we can make them identical vectors, we know that they will become dispersed not just in direction but time as well.

Also arguably everything travels in a parabola based predominantly on the nearest two masses. With a straight line just being a very specific shortest path between any two points in issolation, a situation that even Newton knew was not possible in nature.

There’s quite a bit more to it all, but the last time I heard a lecture on it for some reason my mind developed it’s own tiny black hole as it were. Stephen Hawking assured everyone that information could escape from a black hole[1], but he did not put a time scale on it 😉

[1] It’s actually quite a logical consequence if you have a thought experiment to consider the result of firing one of a pair of entangled particles into a black hole.

Bob Paddock October 21, 2019 8:09 AM


Thank you for the compliment. It can be difficult to explain the brain numbing math and the non-linear mixing of multiple signals. It is just simpler to say it works like negative time (-t). The reference I gave does a good job explaining both.

Specifically to my Phasor point is ‘atmospheric distortion compensation’:

“… The beam energy delivered to the receiver is close to that delivered in absence of turbulence if turbulent inhomogeneities of high spatial frequency are resolved by transmitter. …” – Proceedings of the SPIE, Volume 3610, p. 164-175 (1999). May 1999 DOI: 10.1117/12.349231

There are real world security implications of Optical Phase Conjugation and Phase Conjugate Mirrors. Such as seeing through frosted glass, glass block windows, and target lock systems as a few examples.

Now if you want to talk about actual negative time (not apparent
negative time of OPC) look up things like ‘Decisions Augmentation
Theory (DAT)’ that says every decision we make is being influenced by
our future. Lots of work, and interesting papers, on retro-causality
going on in the field of parapsychology. See the work of Julia
Mossbridge and Edwin C. May for starters.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.