Alejandro December 13, 2019 6:45 PM

Feds reap data from 1,500 phones in largest reported reverse-location warrant

Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) obtained search warrants on Google to gather data from all the devices in the area of some fires in Milwaukee.

Right, the warrant didn’t even have anything to do with the four horsemen discussed in this blog recently, just some routine fires causing monetary damages ($50k).

It seems law enforcement intrusions and over reach keep getting worse, the more it’s revealed.

In part, the American Revolution was fought over General Search Warrants issued by the King of England allowing troops to go door to door in search of evidence for tax evasion (fishing expeditions) which great irritated the colonists and caused the fourth amendment to be promulgated requiring person, reason and item specificity.

That’s all out the window anymore and getting much worse.

Who the hell are these judges that allow this stuff?

Curious December 14, 2019 3:26 AM

I am not in my comfort zone writing about linear algebra, but I thought the earlier article in Quanta Magazine that I linked about Terence Tao and eigenvectors and eigenvalues might perhaps be very important, even for crypto stuff, with what is thought to be a previously poorly understood identiy in linear algebra (until now I guess). There is another article posted on Tao’s blog that is related to this “identity” as I understand it, I can’t tell myself if this is directly related to the former, or being an aspect of it all, not something I would know. I have the impression that this identiy (at least) has relevance to some kind of statistical math. I wonder what a ‘minor’ is re. matricies. I think it is a smaller matrix, but perhaps just a row, column, or both, or some fraction or part of a whole matrix. I have the impression that maybe ‘k’ (coefficient?) is related to what is called a minor matrix.

& (comments are imo always fun to read)

Also, I wonder if the following could be about the same things: I think I will try read through John Carlos Baez’ twitter posts and blog posts about what seems perhaps related to “the identity” already mentioned.

Curious December 14, 2019 5:09 AM

Here is a perhaps a silly and a very naive thought:
Imagine how horrible it would be, if some standardized encryption was even quicker to crack by some statistical method the larger the key size was. I guess for that notion to make sense, the way I vaguely imagine, you would be using a statistical method for trying narrowing down a set of prime numbers numbers to use speculatively (or some other exponent number perhaps). Having said that, with large numbers, I have no idea whatsoever if it makes sense to even imagine being able to somehow narrow down a potential set of prime numbers to try (or maybe some exponent number), presumably more plausible looking for some narrow range of possibilities than simply finding just one, or a few numbers.

Clive Robinson December 14, 2019 6:10 AM

@ Alejandro,

General Search Warrants issued by the King of England allowing troops to go door to door in search of evidence for tax evasion (fishing expeditions)

A little historical note.

Firstly they were not “issued by the King[1]” but more correctly “in the King’s name as head of state” by “Excise men” with personal agendas and profit to make.

Basically the Excise had been formed and given those powers long before to stop the smuggling from France of fine wines etc, which it was known that French Nobles if not the French King were behind for various reasons including raising money for war. Thus smugglers were viewed legaly as in effect traitors and the Excise men could be Judge, Jury and Executioner without fear of repercussions. Thus they were not “thief takers” but “self rewarding killers” just as the “waranted pirates known as “privateers” were.

But not so long ago the UK Customs and Excise dropped a real clanger, they set up a money laundering system to get money and convictions from organised crime members. It came out in court and the whole thing colappsed very publically and humiliatingly for the government of the time.

The punishment Customs got was to be put under Inland Revenue. To imagine what that was like imagine the US President putting the CIA under the FBI and transfering some of the CIA powers upwards to the FBI…

So we now have an Inland Revenue that has the power to drag people into court with no evidence and under other legislation designrd for serious crimes have people stripped entirely of any assets they might have. Oh and those bringing the action get about 1/5th of any of those assets which means promotion and bonuses, so they are not reasonable people.

One of the first set of people to get hit were “alledged” poachers the IR set them ludicrous tax demands and draged them off to court where the IR claims were just “nodded through”…

So yes Excise men what ever their stripe are a scourge on society especially when you know they are biased because they get part of the prize.

From what I’m told apparently US police likewise get to keep money and assets they take from people in cars based on no more than a well trained dog doing tricks it’s master has taught it, so “same 5h1t different place and time”. I suspect where ever you look you will find such abusive processes in place under “eminent domain”.

[1] The English King was George III the longest ruling King of England (so far). He was known as the “Mad Monarch who lost America”. Whilst Royal Records show he was “mad” and certainly treated as such with straight jackets and being tied down. His behavior patterns when seen through modern eyes suggests he was probably bipolar. As such he would not realy have played much of a role in the goings on two thousand miles and a year by boat away. As we know from most if not all Empires they fall appart one way or another, and due to more pressing issues in Europe, America was what we would now call at best a “Proxie war” with the French fighting the English. Who had also faught the Spanish in the America’s using privateers. If things had gone only slightly different the US might well have ended up speaking awful French (worse than Quebec does) and potentially having the later “Napolionic Code” as the basis for it’s legal system… Oh and looking at the 1812 war should tell people about just how limited the American forces were. capability wise at the time of “the First War of Independence”.

Gunter Königsmann December 14, 2019 7:04 AM

@Clive Robinson: There have been attacks for cases in which one of the prime numbers have been small. And attacks that were made in the knowledge that the algorithm that generates keys can only generate a specific set of prime numbers. Also if both prime numbers are known to be very high they are both near to the sqrt() of their product – which often is known. But all of these attacks require weak keys in order to work out.

Anders December 14, 2019 7:36 AM


Yes, how soviet programmable calculator could be hacked
to represent full hex digits. Western calculators had
closed down for that. Fun reading.

Sancho_P December 14, 2019 9:30 AM

@Alejandro, re collecting location data

I’m not sure if I’m concerned by LE using (warranted) metadata (but in this case it wasn’t just metadata, I know).
I’m more concerned by the value of that metadata: ”In one previous case detailed by the New York Times an innocent man was falsely imprisoned for a week, in part because of the data provided by Google.
(from forbes article).

But what brings my blood to the boil is Orin Kerr’s careless thinking:
“Sorry, lady, you have been raped once, so it’s OK when we do it again and again.”

Gunter Königsmann December 14, 2019 10:23 AM

@steve: That the German government currently is scared of extreme right-wing groups and hate speech is natural after the recent events.

Asking internet companies for passwords doesn’t account for big amounts of political knowledge, though: I hope that Facebook doesn’t store clear-text passwords, at least…

Tom December 14, 2019 11:47 AM

p and q are prime.

N = p * q

k = floor ( sqrt ( 4*N ) )

x = a positive integer

d = x2 + 2kx + k2 – 4*N

To find p and q, find the smallest x for which d is a square,
and use these equations:

p = ( x + k – sqrt ( d ) ) / 2
q = ( x + k + sqrt ( d ) ) / 2

This requires the solution of a quadratic Diophantine equation.

The QDE solution requires the prime factors of 64*N, which are
2**6 and the p and q we are trying to find, so this method does
not appear to have any practical value. (It looks very similar
to Fermat’s algorithm.) I am posting it here on the (probably
very small) chance that someone who actually understands number
theory can make some use of it.

Clive Robinson December 14, 2019 1:04 PM

@ Anders,

I do love this from the bottom of thr article,

    Colin Bastable, CEO of security awareness training company Lucy Security, said that “state and local government is woefully vulnerable to phishing-led hacking, primarily because CISOs focus on technological defenses when they should also be patching their colleagues with regular simulated ransomware attacks and security awareness training.”

So the CEO of a training company says that local government employees “need more training”… I guess no surprise there realy 😉

But lets be honest here as we’ve been through this discussion before,

    Expediency trumps security training

The reason is to the average low level employee meeting weekly/monthly targets to keep their job has a higher priority than jumping endlessly through lots of hoops to gain faux security. But that asside training is a hopelessly out of data “security response”. That is the time interval between an employee going on security training courses is two or three generations of malware developments and the bulk of the training much older than that. It’s like asking some one trained to service Ford Pinto’s to just work on Tesla model threes…

Likewise technology security soloutions are also fairly delayed in their the threats they respond to.

The soloution is to be proactive, and the first question that should be asked is,

    Why are employees computers external network connected, especially when 99.9% of them have no requirment in their job or work specifications to be connected?

If work computers are issolated it makes it oh so much harder for ransomware or other malware to get into the network.

SpaceLifeForm December 14, 2019 1:34 PM

@ Tom

Does not help. It is a rework of Fermat’s method.

d = e^2 # by your definition

e^2 = (x+k)^2 – 4N

4N = (x+k)^2 – e^2

N = [ (x+k)^2 – e^2 ] / 2^2

So, x+k is same parity as e.

At best, it tells you the parity of k,
but does not move any algorithm forward.

It is still Fermat’s method, difference of two squares, one even, one odd.

Except that it made the problem space larger.

I’m not saying that making the problem space larger is a bad thing, but I do not spot any useful insights in this case.

I believe there is more to be found via primitive pythagorean triples, and the trees of the PPTs.

Where N is the odd leg.

Give me the even leg or the hypotenuse of the non-trivial PPT, or a sine or cosine, then, I got p and q.

Clive Robinson December 14, 2019 1:45 PM

@ Gunter Königsmann,

But all of these attacks require weak keys in order to work out.

Whilst true, define what is and what is not a “weak key”…

That is what is happening is the goal posts are shifting continuously. So what was not a “weak key” a little while ago now is or probably will be in the near future.

The real problem is that in most cases the primes software selects are “common primes” found by RNG’s with way to little or no entropy in them thus there are very few of them. Such primes may not be weak in the mathmatical sense but they are nether the less “bad” primes to use.

I’ve been pointing out from some time last century that embedded devices have very bad random number generators and this is a security risk. Especially as it was still true this decade that network devices/appliances are especially bad in this respect. Further that if I was a SigInt agency I would have worked out the primes most likely to have been generated and use those as trial factors either directly or via the GCD algorithm as the first stage in an automated “collect it all” process.

If memory setves correctly the last time someone in academia did a search they found a way to improbably high percentage of live PubKeys on the Internet had common primes and that was down to embedded devices (see “Mine your Ps and Qs” paper).

If you want to try it out for yourself have a look at,

Anders December 14, 2019 2:03 PM


I agree with you. In the old days when Netware still ruled,
there was distinct separation of LAN and WAN protocols.
LAN stuff was interconnected with non-routable* IPX/SPX
and those boxes were NOT accessible from outside of organization.
Microsoft has gone through great effort to REMOVE those
LAN protocols from any next Windows versions (if i remember correctly
IPX was removed from Win 7). What is the current state of NETBEUI, i
don’t know.

Interconnecting anything with WAN protocol, accessible from ANY
point in the WORLD is just asking a LOT of troubles.

*(non-routable in the meaning of directly accessible from any point
of the world. between subnets/novell routers IPX/SPX is still routable)

Curious December 14, 2019 2:17 PM

Maybe you would get some ideas from this. Much too advanced for me, and what I have to say is basically just wild speculations that aren’t concrete enough to make good sense within math or crypto. So, eh please take what I write with the proverbial grain of salt.

Tao wrote another comment on 2. Dec on his blog re. eigenvectors and eigenvalues, and I couldn’t help but get some vague ideas from this excerpt below off his full comment.

Btw, I want to point out that his paper on this, has gotten one or two updates, so probably a good idea to keep an eye out for the typofixes and additions for anyone following this on his blog.

Another thing the identity highlights is that the (square of the) magnitude of an eigenvector component is proportional to the distance between the eigenvalue and the spectrum of a minor. So information about how the spectrum of minors interlace with the spectrum of the full matrix will tell us something about the localization or delocalization properties of eigenvectors, and conversely.

So, I don’t really understand this, but I am fascinated by this idea of ‘interlacing’, specifically the way I vaguely imagine it, maybe somehow interlacing the very algorithm, or some pattern associated with it, somehow mixed together with the, well, I guess the end content being a piece of ciphertext encryped by some publicly known method. So, I am the kind of guy that can’t help but wonder if perhaps the use of permutations and subsitutions in crypto, presumably based on shifting bits with ‘subsitution’ and ‘permutation’ boxes (not that I could readily tell the difference between the two), that such crypto might perhaps per logarithm, or, whatever the known mathematical method would be used for transforming plaintext into ciphertex, that you could maybe cleverly unwind the crypto somehow, if only, to narrow down some basic structure that ideally would equate to the plaintext from the time of the very start of the encryption process. Basically, somehow using the encryption method itself, or its framework, to “unwind” the encryption. I can also vaguely imagine that, when working with matricies, that you could perhaps add data around the known structure of the matricies (to add data, or change the shape of the matrix, expecially if that doesn’t end up distoring the resulting ciphertext), to make the matrix calculate things in a different way and bake in some secret structure into the resulting ciphertext, which I imagined, could in turn be used to “unwind” the plaintext from the chipertext. 😐

Anders December 14, 2019 2:17 PM

So, NETBEUI is also removed starting from XP

Do we have any pure LAN protocol with Windows?

Curious December 14, 2019 2:28 PM

To add to what I wrote:
Hrm, I think have ignored the distinction between symmetric (regular encryption?) and asymmetric encryption (public key crypto?). Maybe substitution and permutation boxes aren’t used for RSA for example? 😐 I sort of imagined all crypto systems relying on shifting bits inside a box, or, a matrix.

vas pup December 14, 2019 3:32 PM

Emotion-detecting tech should be restricted by law – AI Now(read the whole article)

“It claims to read, if you will, our inner-emotional states by interpreting the micro-expressions on our face, the tone of our voice or even the way that we walk,” explained co-founder Prof Kate Crawford.

“It’s being used everywhere, from how do you hire the perfect employee through to assessing patient pain, through to tracking which students seem to be paying attention in class.

“At the same time as these technologies are being rolled out, large numbers of studies are showing that there is… no substantial evidence that people have this consistent relationship between the emotion that you are feeling and the way that your face looks.”

“Context required

Emteq – a Brighton-based firm trying to integrate emotion-detecting tech into virtual-reality headsets – was not among those flagged for concern.

Its founder said that while today’s AI systems could recognize different facial expressions, it was not a simple matter to deduce what the subject’s underlying emotional state was.

“One needs to understand the context in which the emotional expression is being made,” explained Charles Nduka.

“For example, a person could be frowning their brow not because they are angry but because they are concentrating or the sun is shining brightly and they are trying to shield their eyes. Context is key, and this is what you can’t get just from looking at computer vision mapping of the face.”

SpaceLifeForm December 14, 2019 4:23 PM

@ Gunter, Clive

Weak keys.

I can not find it currently, but one interesting attack is to weaken the keyspace.

In other words, do not let someone out of your control roll a TLS cert for you.

The attack involves enbedding a curve key in the high order bits of one or both of the primes, reducing the keyspace.

I think that is how the attack worked, I just can no longer find the writeup.

The higher order bits were controlled.

The lower bits were changed until it was
a prime. (in theory)

AtAStore December 14, 2019 5:33 PM

“Alex Stamos Retweeted @alexstamos
It’s still 2019 and Harvard Law professors are spreading election disinformation. God help us in 2020.

Alex Stamos added,
Replying to @tribelaw

Prof. Tribe-

This incident is completely consistent with other ransomware attacks against municipalities and there is no indication of GRU activity nor is this…”

SpaceLifeForm December 14, 2019 5:38 PM

@ Weather

Parser just crashed.

What is point of C? Except to limit loop.

Where did 1.58 come from?

Where is the exit with solution?

SpaceLifeForm December 14, 2019 6:01 PM

@ AtAStore

It depends upon which tribe is hunting for fancy bear.

Or not. The tribe may be fishing.

Remember, attribution is hard.

And that applies to fake news too.

AtAStore December 14, 2019 6:10 PM


“Remember, attribution is hard.

And that applies to fake news too.”

I don’t have a dog in this fight. I think I’ll leave it to them to hash it out, or try …

RealFakeNews December 14, 2019 6:43 PM

TCP/IP is supposed to have a few ranges of non-routable IP addresses (192.168.x.x, 172.16.x.x, and 10.x.x.x).

This fails completely when NAT (Network Address Translation) appeared.

It should still be sufficient to use an IP address network range no edge/internet facing router can forward.

The logical network should similarly be isolated, unless malware rolls up its own router for gaining internet access across networks/subnets.

If you’re thinking of using a protocol because it can’t be routed, it’s time to consider physical isolation.

SpaceLifeForm December 14, 2019 6:55 PM

@ Clive

Guessing you have dreamt this, many a night.

[Still may not be secure, but interesting]


The USB cable has a Logitech Unifying receiver and USB hub implanted (hub to make the real device work).

The Unifying receiver is used to do wireless keystroke injection, in order to type out a client payload on the host. This payload binds a shell and relays traffic through…

USB HID interface of the Unifying receiver. The Logitech receiver (actually a transceiver) happily forwards data to RF.

The other smartphone has LOGITacker connected, which allows interacting with the RF shell

MarkH December 14, 2019 7:05 PM

“Attribution is hard”


So are:

• breaking cryptosystems
• discovering 0-days
• solving crimes
• growing up
• marriage
• raising children
• getting old
• improving cancer survival
• finding algorithms previously thought to be impossible (like AKS)

All of those hard problems, and many others, have been surmounted with significant success plenty of times.

If I had a dollar for every time somebody wrote “attribution is hard” on, I’d buy myself something nice. It’s become a form of Pavlovian dog-slobber …

To be fair, I guess that “hard” is meant as shorthand for “subject to a risk of error which is difficult to reduce to absolute zero.” Well duh, that’s true of millions of practical situations in which people must function with imperfect information, often involving decisions of grave consequence.

The problems of attack attribution, and intentional spoofing, are probably thousands of years old. As usual, the context of the public internet shifts the costs, risks and opportunities, but the phenomenon is not fundamentally new, nor even more dangerous than before the internet.

In the Real WorldTM, the making of consequential decisions has always been fraught with confusion and uncertainty.

I think it probable that humanity will muddle through (what the French call Système D) with a limited incidence of catastrophe, as has been managed before. Maybe we’ll even do a little better!

In the meantime, people are making progress with hard problems every day. A most peculiar lot, homo sapiens!

SpaceLifeForm December 14, 2019 7:29 PM

@ AtAStore

There very well have been many NSL letters.

But, I’ll note that in 2017, all of Equifax, Experian, Transunion, claimed they were hacked.

Cover stories?

Anders December 14, 2019 7:54 PM


RFC1918 IP doesn’t help against ransomware.
First thing that any modern ransomware does
is that it get’s current IP and subnet and starts
scanning new victims. Big corporations with very
large 10.x internal network – it spreads like

However, name me ONE current ransomware that is
capable of scanning new victims over…lets’s say,

SpaceLifeForm December 14, 2019 8:03 PM

@ AtAStore

It is much, much more secure to never support the LD_LIBRARY_PATH environment variable, on any *nix.

And, don’t get me started on getenv(), setenv(), etc. That is a cluster that can be exploited.

I actually have a solution for proprrly managing environment variables, but it requires more ram, guard pages, and limiting an environment variable name size and limiting the size of the variable itself.

It is possible to make the documented semantics of getenv(), putenv(), etc, actually work.

But, your envvar value should be limited to 4K.

If, one thinks they need a bigger value, maybe they should consider putting it in a
config file. Just saying.

But, currently, the semantics are messed up.

Clive Robinson December 14, 2019 8:44 PM

@ Curious,

Maybe substitution and permutation boxes aren’t used for RSA for example? 😐 I sort of imagined all crypto systems relying on shifting bits inside a box, or, a matrix

To implement either a substitution (mapping) or permutation (shuffling) function in electronics you need either a AND-OR or OR-AND array (think ROM or Barrel Shifter array). All of which is primary logic circuits.

To multiply numbers you again need logic gates (Wallace tree etc). When it comes to division in a fixed integer size you can use multiplication in such a way that you get a multiplier and a remainder so that precision is not lost.


In physics there is the notion that information is never lost and that every particle carries it’s state history. So further at the quantum level things are reversible.

There is also the notion of reversable logic using toffoli gates and similar. Toffoli gates[1] are also considered “universal” that is they can be used to build any basic logic gate or maths function. Which gives rise to the observation that all encryption of what ever form could be made using Toffoli gates.

In effect for your two inputs of plaintext and key, you end up with two outputs the ciphertext and it’s reverse. It does not take any great imagination to realise that in effect all encryption functions are in fact reversable mappings and what ordinarily stops us trivially reversing an encryption function is that we throw away the reverse[2] information in conventional basic logic gates and maths functions.

As Toffoli gates can be made with two-qubit quantum gates, but quantum gates can not be made with Toffoli gates, thus whilst a quantum computer can do anything a conventional computer or state machine can do the reverse is not true.

Which leaves open the possibility of new forms of encryption with quantum logic, giving algorithms unrelated to basic conventional logic or math based encryption algorithms.

[1] The Toffoli gate is often called the “Control, Control, NOT gate” or “CCNOT gate” It can be also described as mapping bits in conventional logic, {a, b, c} to {a, b, c XOR (a AND b)}.

[2] If you look up Toffoli gates and other reversable logic you will find that the reverse is in effect energy, thus by throwing it away your encryption process is inefficient and the reverse information energy becomes effectively heat that conducts or radiates away.

SpaceLifeForm December 14, 2019 8:46 PM

@ Curious

When you visit this site (or any tls site), initial is asymmetric, but, then, via dhe, you get a temporary symmetric key.

It would be very slow otherwise.

But, the dhe is where the crypto downgrade attacks can appear.

You may have noted that I have observed this.

SpaceLifeForm December 14, 2019 9:14 PM

@ MarkH

Sorry to rile you.

Yes, I keep beating on the ‘Attribution is Hard’ angle.

The reason is that the public needs to see reality, not what the attackers attribute.

I know where the attackers are, and it is not what media reports.

Just saying.

Clive Robinson December 14, 2019 9:23 PM

@ SpaceLifeForm,

Re “weak keys”

I can not find it currently, but one interesting attack is to weaken the keyspace.

There are a number of ways you can do this.

In the past I have noted that with mechanical ciphers you get a mixture of strong keys through to very weak keys. There is an advantage of using such systems as “field ciphers” on the assumption they will be captured by an enemy at some point and duplicated as is. Now if you know that say only 20% of the key space is strong, and you also issue the key scheduals to the frontline troops you know that your communications will be sufficiently secure as a field cipher.

However any enemy who copies your mechanical cipher –or by them as military surplus– is unlikely to have the knowledge to tell which keys are strong and which are very weak, thus they are likely to select keys randomly. Which means you won’t be easily able to read 20% of the enemy comms but you will from the weak keys get sufficient plaintext to understand about the enemy to the point where missing some messages that use the strong keys does not matter to your intelligence assesments etc.

It’s fairly clear this policy was inplace during WWII and later. Thus it’s safe to assume a similar policy is still in place with the NSA and GCHQ, only as we know due to the calamity of DES the idea behind the crypto destined for the clipper chip etc was to use a very very fragile algorithm. That is it just met the 80bit requirment as designed but any small change would bring that tumbling down to 40bits or less.

With regards,

The attack involves enbedding a curve key in the high order bits of one or both of the primes, reducing the keyspace.

I’m guessing you are maybe talking about the work by Adam Young and Moti Yung on what they called kleptography which was a subset of malicious cryptography.

It works because with PQ pairs their is one heck of a lot of redundancy thus you can find two primes that when multiplied together the top bits of the product act as a pointer to one of the primes. Thus the search space is very very small to find one prime thus the second effectively drops out by trial and error factorization.

Which is why you are right with regards,

In other words, do not let someone out of your control roll a TLS cert for you.

Which is a big problem with the likes of “GoDaddy” who have insisted on you using their generated certs to the point you don’t get to see your own private key…

Weather December 14, 2019 9:32 PM


N = P* Q
C =1000000
L = 2

For L++
X = N / L
For C–
A = X + (1.58* C)+ (N – X)
B = X – (1.58*C)

If N = A*B
Check for primes

1.58 can be from 1.1-1.9 , start with 2 *1.58 =T.p
3 *1.58 =Y.o
Y= Y.p
T = T.o
Replace 2 & 3 with Y & T

You look at division by 2 making a ripple of one million, you division by 3 make another ripple…

Rachel December 14, 2019 9:41 PM

Vas Pup

“At the same time as these technologies are being rolled out, large numbers of studies are showing that there is… no substantial evidence that people have this consistent relationship between the emotion that you are feeling and the way that your face looks.”

[Interviewer} ‘ You look sad, Ringo, why are you sad?’

[Ringo} ‘I’m nah sad. It’s just me face’

Clive Robinson December 14, 2019 9:45 PM

@ MarkH, SpaceLifeForm,

In the meantime, people are making progress with hard problems every day. A most peculiar lot, homo sapiens!

First you have to understand why atribution is hard.

It’s hard because you can not see the network beyond the links from a node you fully own and can control. It’s the “Upstream node problem writ large”.

So there are only two known solutions to this problem,

1, Use boots on the ground HumInt.

2, 100% own and control every node in the Internet.

Whilst the first is possible to do across the wire, when those you suspect are not very sophisticated (the Israeli and Dutch SigInt orgs proved this), but it fails when then methods you use get burned (by the US politicos).

The second is not realistically possible for even the US which is the lair of the poisoned spider that sits in the middle of the web. Thus non HumInt atribution is always going to be at best suspect.

Thus non HumInt intel should not be used with even low confidence as it’s way way to easy to be misled or deceived by a half way competent opponent, and there is nothing you can do in that domain to stop people playing tricks on you.

MarkH December 14, 2019 9:51 PM


I’m not riled … rather, bemused by the automaton-like repetition (nothing personal: multiple commenters have been beating this horse for years).

A logic conundrum: if in truth you “know where the attackers are,” then you would seem to have solved some major portion of the attribution problem … suggesting that however “hard” it may be, it’s also crackable.

My less sympathetic interpretation of “attribution is hard” is that it means “I absolutely refuse to accept attribution made by people I don’t like, unless they disclose to me data that will endanger sources and methods.”

For myself, I’m indifferent to what any particular individual believes or disbelieves … it’s highly subjective information, and practically useless.

A weakness of the intellectually capable, is that we tend to project our personal feelings and biases as if they were some sort of scientific principle. This self-deception generates much heat and little light.

SpaceLifeForm December 14, 2019 10:30 PM

@ MarkH

‘ A logic conundrum: if in truth you “know where the attackers are,” then you would seem to have solved some major portion of the attribution problem … suggesting that however “hard” it may be, it’s also crackable. ‘

Crackable does not mean solvable.

Solvable is like AI, it takes takes lots of intel inside. Or outside.

In this case, outside being the public citizens.

Curious December 15, 2019 6:49 AM

@ Clive Robinson

As for reversal of time in general, I don’t personally believe in it, but I can imagine there being limited aspect to a time-reversal below planck scale, but only up to some more or less given potential. I like to imagine our perception of time, as being linear, so no problem there with our perception of reality as such, but, that the universe generally below planck scale, has this inverted relationship to things, where localized effects is always after the fact, second to regional effects, making time in itself impossible the way I imagine it (also not something very intuitive nor as clear as I try making it sound like). I like to amuse myself thinking of our notion of time (what one would refer to as reality) as stemming (but not being) from an ‘inverse’ of whatever happens below planck scale (anywhere/everywhere potentially all at once), but only time, physics and matter would equate to ‘reality’ as anticipated/expected. I was surprised to listen to Michael Atiyah (a British mathematician, died Jan. 2019) in a lecture/presentation video on youtube, who entertained the idea of something being “the inverse”, something about this called “fine structure constant” and how the number for ‘alpha’ (dimmensionless constant?) could be thought of as being the inverse of applying the “Von Neumann process”(?). Also described, if I heard it right, as “canonical analoge of pi, in the von neumann algebra sense”. I would have more fun writing this, if I actually knew what the fine structure constant was about, or, what ‘Von Neumann algebra’ was for that matter. 🙂 I wonder if that notion of an inverse might be somehow related to this notion of non-time (as if the universe was, just well, math, or perhaps more poignant, the universe being periodical, not to be confused with ‘repeating’ as that would imply causality). Hm, as for matter in the universe, I am tempted to think of the physic part of it being ‘gyroscopic’ in nature, but not causal because it would exist as a separate system in pysics I imagine, one gigantic self relating “moving” thing, or “something” that just “moves” around. So, heh, reality exists, but matter, not so much (oh, I think I made a pun by accident). 🙂 (at ca 34 min and maybe four minutes onwards)–von_Neumann_theorem (presumably related to this, I found the first sentence at the top to be intersting)

Interesting to hear about ‘toffoli gates’. I did not understand the point about it being impossible making a toffoli gate from quantum q-bits, if I got that right, but I will think about it some more. Never heard about toffoli gates before, so this is new to me. But perhaps if you secretly added more q-bits in a circuit, then maybe you could “record” in secret the discarded calculations of a quantum computer? Maybe using regular toffoli gates on top of quantum q-bits, directly, or indirectly? Just thinking out loud here. I’ve always wondered if, things got too advanced, if maybe somebody could be tempted to build a second layer of computing on top of the announced one, or, perhaps something remotely. I know this might sound silly, but I can’t help but not trusting our world with technology in it.

Ergo Sum December 15, 2019 9:26 AM


Those weren’t just “some fires in Milwaukee”, those were arson cases. The warrant issued was limited by geo-fencing and time-frames for the four locations in question. Under these limitations, the warrant seemed reasonable. If the Google data provided one or two smartphone numbers, that had been present at some or all of the arson fires, it’s a success and requires further investigation. Once the data evaluated by ATF, they should delete the data that not useful for the investigation. Instead of storing indefinitely and sharing it with other federal/state agencies.

At least the ATF used legal means to obtain this data, instead of bypassing laws and regulation. While Google limited the geo-fencing area from 400m to 50m, it should have required a filter to be applied to the raw data. Like how many smartdevices were present in two or more defined locations at the given time-frames. In another word, have Google analyze the data, instead of providing the raw data to ATF.

Curious December 15, 2019 2:24 PM

@Alyer Babtu

The other paper on Alain Connes’ website called “On an idea of Michael Atiyah” had this fascinating drawing of a spiral going from the outside, to the center of a circle. 🙂

Clive Robinson December 15, 2019 6:38 PM

@ Anders,

In the old days when Netware still ruled,
there was distinct separation of LAN and WAN protocols.

It was generally more than protocols that were sepetated. In most cases IPX networks were issolated LANs with no connections to other networks.

That is back then they filled the average notion of “air gapped” networks.

@ Curious,

I did not understand the point about it being impossible making a toffoli gate from quantum q-bits,

It’s the other way around, that is you can make Toffoli gates with two input quantum logic, but you can not make quantum logic gates from Toffoli gates.

The implication is there are things that quantum logic can do that neither reversable logic gates or conventional basic logic / maths can do. The question thus becomes what ever that extra is with quantum logic “Can it be usefully used or is it just a curiosity?”.

Alejandro December 15, 2019 9:05 PM

@Ergo Sum

Re: ATF geo-warrant

Fair comment, but it’s still fishing with a general warrant and the precedent is now set to allow police to issue similar warrants for any routine crime. The article says 1500 phones were involved, not one or two. The article said nothing about disposition of the data, and would allow for saving data for future reference, forever.

Once all the police get the process down pat, judges can legally be flooded every day with check the box geo-warrants for the most petty and insignificant crimes, allowing police to wallow through literally millions of phone records for any purpose they desire.

(e.g. Police want to know who went to the dope house, so why not a warrant for all records within a mile of the dope den, for a month, at anytime? What would stop that?)

And, let’s not even get into trust issues with Google. What is their quid pro quo angle?

Restricting, arbitrarily, for looks, the area covered is just a fig leaf. There’s no reason police cannot now demand records from an entire city, state or the entire USA if they write the warrant well enough to fool their hand picked collaborator judge.

Last but not least the fourth amendment was clearly written to prohibit open ended searches and warrants of this non-specific nature. But, that’s all gone now.

Clive Robinson December 16, 2019 3:08 AM

@ vas pup, ALL,

This might be of interest,

If the AI gets confused by soft clothing rather than hard images (see in article) it raises questions about all “human watching” AI.

Thus it might be possible to have an image that makes the AI think you are “a picture of innocence”…

Sadly though we know how this would end. The LEO’s would strip you and possibly put you in an orange jump suit before they even question you.

You might have “The right not to say anything” but the right not to be stripped humiliated etc, no you don’t have one for that.

Curious December 16, 2019 6:17 AM

I don’t know what an “OU field” is re. digital certificates, but there is perhaps an issue of non-complience for a huge amount o issued certificates by the sound of the point made on twitter. No idea what this entails, maybe some text in a certificate shown in a browser ending up being suggestive to an end user, and risk tricking end users to believing the digital certificate is something it maybe isnt?

Clive Robinson December 16, 2019 7:41 AM

@ Curious,

I don’t know what an “OU field” is

OU is short for “Organisational Unit” it is something that most certificates would not need to bother with as long as there is something in the field (some certificate generation software requires it).

In theory the “Organisation” field gives the “company details” and the “Organisational Unit” field gives a departments details.

When you obtain a certificate you will often find advice such as,

    If you are enrolling as an individual, please enter the certificate requestor’s name in the “Organization” field, and the DBA (doing business as) name in the “Organizational Unit” field. Organizational Unit: Use this field to differentiate between divisions within an organization. For example, “Engineering” or “Human Resources.”

The problem originates from certificates trying to be “all things to all peoples” and people putting their own spin on it due to a badly worded standard.

Sancho_P December 16, 2019 5:07 PM

@Alejandro, Ergo Sum

”And, let’s not even get into trust issues with Google. What is their quid pro quo angle?” (@Alejandro)
Yep, in advance collecting useful data for gov is a valuable business model, gov being the best customer ever.

My issue with that LE phishing attack (wouldn’t like to call it “general warrant” phishing spree) is the pure existence of the data they asked for.

(Location) data may be mandatory for certain services, but to store them beyond that immediate need must be outlawed for our all security.

Also the juridical value of such data must be limited.
Non of the involved IT systems is (and can be) certified as valid evidence.

Thoth December 16, 2019 7:12 PM


Time to discard Nginx or at least consider migrating to somewhere else ?

Modifications to permissive licenses should these days include clauses to prevent such situations where a future license can overwrite a historical license.

Something along the lines of the license modification for MIT and BSD licenses should include:

“No future variations of license modification or migration to another license by the developers and contributors will impact the licenses that have taken effect” … or something along the line like that …


Electron 007 December 16, 2019 8:35 PM

Constified C main() declaration

#include <stdio.h>
#include <stdlib.h>
int main(const int argc,
         const char *const *const argv,
         const char *const *const envp)
    int i;
    printf("argc == %d\n", argc);
    for (i=0; i < argc && *(argv+i) != NULL; i++)
        printf("argv[%d] == %s\n", i, *(argv+i));
    for (i=0; *(envp+i) != NULL; i++)
        printf("envp[%d] == %s\n", i, *(envp+i));
    return 0;

So why don’t people ever declare the main() function in C or C++ like this? It compiles and runs no problem on gcc 9.2.1, but the declaration seems too strict for some of the libraries out there, which are not fully const-compliant or guaranteed not to alter their given arguments.

Clive Robinson December 17, 2019 6:20 AM

@ Electron 007,

So why don’t people…

One of the reason historically is that the “command line buffer memory” and “environment storage memory” do not belong to the C program but the unknown OS. Further what these memory areas contain may not even be valid strings in C. Likewise any return value to the OS is both unknown in type or meaning. Thus K&R and the later C standard went –as nearly always– for the lowest common denominator an int that under K&R could be converted down to a byte prior to hand off back to the OS (hence recomendations for limits to less than 127). This LCD minimum resource behaviour is also why you get handed “null pointers” when you drop off the ends of the arrays.

Also that whilst main() is special a lot goes on before it is called and quite a bit afterwards and this in some cases requires the code to be written in assembler. The Function that the OS calls is often called “_start” and it is responsible for building the stack etc for main(). Likewise there are similar out of sight functions that tidy up afterwards.

If you look in the various C standards you will find this information part of which is in bold to emphasise the nature of the contract between C and the OS.

But you also have to remember that in times past when average weakly wages were down at or less than about 1/30th of todays values a single byte of RAM cost upwards of $1… Even the better part of a couple of decades later the early IBM PC’s came with as little as 64kBytes of RAM.

Thus RAM was an expensive commodity and very small in RAM executables were highly desirable. Thus many early PC C compilers minimised the hidden “before and after” functions so often you only got argc and argv not envp and the total argv memory space could be as little as 64bytes. If you wanted the environment tough it was usually unavailable especially with the original “*.com” binary format that got loaded in at memory location $100.

Obviously things have changed a little these days, the old $1 price for a single byte of RAM will now buy you a Raspberry Pi single board computer, with a full modern Unix operating system. The average C compiler is now so bloated and memory hungry it could not even load let alone run on technology more than four decades old. But C’s origins are now into their sixth decade with K&R emerging around 72, and if you have source code from back then, with a few well known tweaks from K&R to ANSI format the code will probably compile and run…

Not that you would probably want to for security reasons. After all, it was not untill Phrack Vol 7 issue 49 in 1996 that Aleph One’s “Smashing the Stack for Fun and Profit” came to public attention.

Martin Walsh December 17, 2019 12:25 PM

Just read Forrester’s “BIOS Security – The Next Frontier for Endpoint Protection
Today’s Threats Upend Traditional Security Measures”

Recently received an urgent factory recall from HP. Evidently laptop batteries are in danger of blowing up. My new HP laptop – it’s good, I like it – does not have a removable battery. I think this is the case more and more. You have to send the entire laptop back to the factory. Problem is, I have a lot of sensitive and valuable information on this laptop. Can I remove the drive then send it back to the factory? NO. They want the whole laptop as is, because the recall also involves updating the BIOS. Can’t they update the BIOS without the HD? NO. Return the entire laptop to the factory.

Would you be suspicious? Am I paranoid? I decided not to return the laptop, and probably not to ever buy another HP laptop. Probably will never know, just beyond aggravating.

FA December 17, 2019 2:12 PM

@Electron 007

So why don’t people ever declare the main() function in C or C++ like this?

What do you try to achieve ?

Any ‘const’ in the argument declaration of main() only affects what you
can do (i.e. what the compiler will allow you to do unless tricked otherwise)
inside main(). It doesn’t ‘protect’ the const variables in any other way.

In C and C++, function arguments are passed by value. So argc, argv and
envp are copies. It doesn’t matter to the caller of main() what you do
with them. So the rightmost ‘const’ for all three of them are pretty

Both argv and envp are arrays of pointers to strings. In all systems
I know of, you are allowed to modify the pointers, but not the strings.

This can be quite useful. For example, many libraries (e.g. X11) have
methods that will look at argv, process the arguments that affect them,
and modify the array so that when the method returns you have an new
array that only contains the arguments that remain.

So the only ‘const’ that really matter are

const char *argv [] and
const char *envp []


Weather December 17, 2019 3:01 PM

Windows has a exploit in every program, with the program checks command line bytes =~ etc, there’s is four chars that in a row will crash it, but the cmd.exe filters them out, if you could send it some how, just fuzzer 4 bytes, through pipes or redirects I know = was one just not shore on the rest, but it has to be below 5 control chars and a max of 7 bytes.

AtAStore December 17, 2019 5:26 PM


“It is much, much more secure to never support the LD_LIBRARY_PATH environment variable, on any *nix.

And, don’t get me started on getenv(), setenv(), etc. That is a cluster that can be exploited…”

I assume you are referring to the openwall link, which I posted because I don’t hear about many OpenBSD zero days

SpaceLifeForm December 17, 2019 5:44 PM

@ Electron 007, RA

Re-read what I wrote above about safely managing env variables. How the semantics of getenv(), putenv(), setenv(), etc, are broken.

Then research **environ variable.

SpaceLifeForm December 17, 2019 6:38 PM

@ AtAStore

Actually, I was pointing out that there have been many an exploit involving any (dynamic loader on any *nix), and that is why, specifically, you do not want your platform to support LD_LIBRARY_PATH.

But, your link points to a setuid problem, which is even more problematic, on any nix. But the link also says dynamic loader *AND LD_LIBRARY_PATH.

I have not read it completely, but I;m sure the full exploit requires LD_LIBRARY_PATH.

All of this happens via _start, before _start calls main(), where dynamically loads the dependent libraries, but *unfortunately* in this case, respects the LD_LIBRARY_PATH environment variable.

As I said, did not read all of it, but LAZY LOADING would not surprise me.

And that is where environment variable manipulation can get really interesting.

Load A, manipulate ENV, later dynamically load B with modified LD_LIBRARY_PATH.

Electron 007 December 17, 2019 7:13 PM


Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) … Who the hell are these judges that allow this stuff?

Judges are not, in theory, supposed to be that partial or partisan, but when you think about it, you not only have to survive Greek life on the college campus without becoming a registered sex offender, but actually graduate law school with a J.D. diploma, pass a mysteriously and secretively proctored bar exam, and have experience representing clients in court before you are considered eligible to be appointed as a judge.

In real life, you will never, ever make it through all that without the backing of a loyal fraternity and a major political party with deep connections to academia and the college campus.

Alyer Babtu December 18, 2019 10:37 AM

“While mathematicians have been researching the hard problem of factoring large integers for centuries, we are now faced with the prospect that our future security may depend on the hardness of mathematical problems that have been studied by mathematicians for only a matter of decades. This disconcerting fact is made worse by the fact that there is an urgent need to understand both the classi- cal and the quantum security of these new proposals.”

gordo December 18, 2019 11:12 AM

How Out of Control Is Our Surveillance State?
Americans deserve a stronger assurance than “hope” that their Fourth Amendment rights are being respected.
By Julian Sanchez
Mr. Sanchez is a senior fellow at the Cato Institute.

If there’s an explanation for the errors Mr. Horowitz documents suggested by his reports, it’s not political bias. It’s confirmation bias.

[ . . . ]

While Mr. Horowitz found violations of the Woods Procedures in the Page case, they weren’t the most serious distortions. Those occurred precisely because the Woods Procedures aren’t well calibrated to catch material facts that get left out. To do that, you’d need to do the kind of intensive and comprehensive case-by-case review conducted in the Horowitz review, not just run Woods vetting a second time to see whether the results tally.

Speaking of confirmation bias, remember this . . . ?

NYT Finally Retracts Russia-gate Canard
Exclusive: A founding Russia-gate myth is that all 17 U.S. intelligence agencies agreed that Russia hacked into and distributed Democratic emails, a falsehood that The New York Times has belatedly retracted, reports Robert Parry.
By Robert Parry

Clapper further acknowledged that the analysts who produced the Jan. 6 assessment on alleged Russian hacking were “hand-picked” from the CIA, FBI and NSA.

Yet, as any intelligence expert will tell you, if you “hand-pick” the analysts, you are really hand-picking the conclusion.

Why Do Some People Believe in Conspiracy Theories?
—Thea Buckley, India

July 1, 2015

Christopher French, a professor of psychology at Goldsmiths, University of London, explains:

Although conspiracy beliefs can occasionally be based on a rational analysis of the evidence, most of the time they are not. As a species, one of our greatest strengths is our ability to find meaningful patterns in the world around us and to make causal inferences. We sometimes, however, see patterns and causal connections that are not there, especially when we feel that events are beyond our control.

The attractiveness of conspiracy theories may arise from a number of cognitive biases that characterize the way we process information. “Confirmation bias” is the most pervasive cognitive bias and a powerful driver of belief in conspiracies.

vas pup December 18, 2019 2:52 PM

This article related to the reason anonymity in the blog or other online forums as well

“In the same way, people can live out their negative emotions behind the mask in a more uninhibited manner, without having to take social norms into consideration.

“One is removed of the responsibility of one’s own actions by creating a type or an abstract figure,” says mask researcher Weihe. “I can no longer be identified, and I can no longer be prosecuted for my actions. Now my actions are, so to speak, inconsistent.”

The masking thus brings about a transformation, and behavior changes. “That’s not me, it doesn’t fit into my self-image or self-concept,” is how Hans-Joachim Clausen describes the astonishment at his own uninhibited behavior.

Masking provides protection and security, as well. The masked person sees any opponents only through a slit. And the person on the other side is unable to recognizes the masked one’s feelings.

“The opponent does not recognize my fear,” says psychologist Clausen. Now, the masked person can strike without having to show his face, his feelings, his compassion or his mercy.

Mass and power

It’s not by chance that violent demonstrators mostly appear as an undefinable group, also known as the “black block.” Not only does this protect the individual, it also increases their clout. The individual is absorbed in the black block, or in the uniform mass.

“The expression is no longer the rebellion of the individual, but the choreography of the protest,” Weihe says. “By bringing the figures into line, the action develops a tremendous effect, as does the effect of revolutions.”

Group dynamics, Clausen says, also change the behavior of the individual. “Boundaries get crossed in such a way that one no longer has any other alternatives for action. One can no longer get out of the situation, but only tries to free oneself from it by force.”

The group causes a kind of “depersonalization.” The individual is no longer perceived as an individual, but as a mass. In the anonymity of the group, the individual finds social approval. “When a masked group member is attacked, each individual feels equally restricted, emotionally sharing the fate of the attacked buddy,” Clausen says.

Especially since the group sees itself as fighting for the right cause. “Basically, these groups fight for a noble goal, for a morally higher goal or an organization,” Clausen says. “They can, so to speak, refer to a higher authority.”

Violent excesses on both sides

The security forces who oppose these demonstrators by definition also see themselves as fighting for the right cause — law and order. Ideally, they ensure security and enforce the rules.

This does not necessarily mean that they are actually justified and behaving in accordance with the law. Again and again, there are violent excesses by security forces, especially if they cannot be identified as individuals and behave, accordingly, with no restraint.

Protected by their uniforms, martial combat equipment and protective masks, security forces can also be enticed into violent attacks if they hope or can be sure that they will not be recognized, will remain nameless and will not be held accountable. They, too, meet the demonstrators as an undefinable group — also to protect the individual and to increase their joint clout.

Both sides, then — violent demonstrators and security forces — see themselves as a closed group, as a “we” against “the others.” The group sets the direction and the rules, and the anonymous individual adapts his or her behavior to the group.

“The frustration that has accumulated in several areas of life can finally be channeled, by both sides, during a demonstration,” Clausen says, “which becomes a kind of lightning rod for aggression. No one knows who it was.”

!!!This is why in most countries of the European Union, for example, police officers are required to be identified by a name tag or an identification number. This is intended to protect against unlawful police violence and strengthen confidence in the police.

Traditionally, assassins also often wear masks. Not only to remain unrecognized, but also because the mask lowers the threshold for killing. Through masking, the assassin slips into the role of a merciless killing machine. Masking creates the necessary distance from the victim. It gives the assassin the power to kill without visible human emotion.”

Clive Robinson December 18, 2019 3:37 PM

@ Alyer Babtu, SpaceLifeForm,

With regards,

    “we are now faced with the prospect that our future security may depend on the hardness of mathematical problems that have been studied by mathematicians for only a matter of decades.”

It’s actually worse than that, due to the issue of patents.

Both RSA and ECC were patented, thus were avoided whilst under patent, so usage and attention was low.

A mathmetician like most other academics is not doing themselves any favours investigating areas of little attention unless there is the prospect of making “big noise”.

So things like factoring had been avoided for years and only when not only did it get used in crypto but that type of crypto got quite prevelent did people “dig in”.

The fact ECC has been around for thirty years, actually does not mean very much if it’s only been seriously studied for a half decade or so.

It’s one of the reasons I’m cautious about ECC.

Clive Robinson December 18, 2019 3:56 PM

@ gordo,

    Christopher French, a professor of psychology at Goldsmiths, University of London,

Funny I walked past that very dept (in Whitehead bulding) less than a couple of hours ago, and stoped to see what was on at the cinema there (Curzon Goldsmiths) to see what’s on…

Clive Robinson December 18, 2019 4:34 PM

@ vas pup,

With regards “masks” the behaviour changes when people are behind drawn curtains or alone in a room.

But as I’ve mentioned before, I used to be a keen cyclist and used the bike to go more than three quaters of the way across london twice a day (40miles round trip).

As this was in “rush hour” that was more like three, I used to pass one heck of a lot of cars and see the drivers faces. It was scary in that they were “naked faces” of people who had dropped their “social mask” because they thought they were unobserved.

Interestingly the face they showed on realising they were being observed, fractionally befor the “social mask” went on was rather more often than I would like, anger or pure hatred…

Which might account for the likes of “road rage” in some people.

Worst were certain types of car driver, the sight of a cyclist coming up to overtake them was obviously an afront to their virility or self importance (take your choice). And on one or two occasions you would get abuse from “White Van Man” types wanting to “get physical”, hence I used to always have my “D-Lock” very much to hand…

Wesley Parish December 19, 2019 2:41 AM

@usual suspects

Just thought you might find this interesting. I’d been wondering about this myself, for various reasons:

Google tightens the screw on ‘less secure apps’, will block most access from June 2020

What is an LSA? The company says “non-Google apps that can access your Google account with only a username and password.” In practice, it seems to mean any app that does not support OAuth.

Using OAuth means that applications request access to the API and, after user login and consent, receive a unique token for authentication. This means that the client application does not have to store the user’s password, but only the token. Users can also revoke access to that specific application.[…]

Is Google pushing better security practice, or steering users towards its own browser-based client applications and away from alternatives? Probably more the former, though changes like this do put pressure on users. Note that adopting two-factor authentication is also substantially more secure, and in this case access from LSAs is automatically disabled for both G Suite and consumer accounts.

Should be interesting. The deil’s in the details, of course.

Clive Robinson December 19, 2019 4:33 AM

@ Wesley Parish,

There are ways you can use OAuth to track people…

I’m guessing Google, after GMail got hit by a phishing attack using OAuth. Know quite a bit about how OAuth 2.0 can be used to track users thus it is probably seen by them as quite desirable.

Also if you think about it OAuth helps reduce anonymity as well, as any hierarchical system does it vests the most power at the top, thus potebtially giving Google and thr US significant advantages over other nations and their citizens.

Nearly all single sign on systems especially those that issue tickets can be used to break user privacy… It’s why I won’t go near SSO systems…

One thing people need to remember about so called “security proofs” –which OAuth has some– is that they are generally tightly focused in one small area of security. Thus it’s kind of like talking about the strength of the knob on the shaft of a combination lock built into a vault door on the front of a tent…

@ Thoth,

Have you still got one of your pretty “holiday” in-security certificates still around somewhere 😉

Clive Robinson December 19, 2019 5:09 AM

@ Thoth,

Time to discard Nginx or at least consider migrating to somewhere else ?

Whilst it is most definitely a “shake down” it’s not unique to Russia. There was the SCO backed by Microsoft attack on Open Source via both the Linux kernel and GNU tools etc.

These things are messy, but the one thing we all should have learned by now is that it’s a form of bullying, and at the end of the day the only way to stop a bully is to “smack back” in some way, and the sooner the bully learns there is pain in it for them in their behaviours the less likely they are to continue with them.

Thus as one group proved whan a patent troll turns up you don’t try to be reasonable you go after them like a rabbid rottweiler and make them bleed in any way possible legaly[1].

Fairly quickly they go away and if it’s public others get the message loud and clear and thus keep away.

[1] A friend had problems with a company sending faxes etc in the middle of the night. His solution send them a “cease and desist” with a hidden contract in it. He’d found out where the Managing Director (MD) lived, thus his contract promising a “prompt response to any communications”. The next fax that came in he drove his vehicle to just around the corner from the MD’s house, got out a bike covered with lights and mirrors put on a bright yellow “S’wester” cape and hat very thick rimmed glasses and banged on the MD’s front door. The MD went balistic but did not sort the issue out so it happened again and the MD called the police who realised it was not just a civil dispute but one that was within a contract… The MD must have got some legal advice because when my friend phoned him up to tell the MD things would continue as per contract the MD promised to stop the faxes, and did…

Thoth December 19, 2019 7:54 AM

@Clive Robinson

“Have you still got one of your pretty “holiday” in-security certificates still around somewhere ;-)”

Who should we put on the Holidays Special edition ?

Give me a short list of “characters” so I can do some design work.

Thoth December 19, 2019 7:59 AM

@Clive Robinson

“Thus as one group proved whan a patent troll turns up you don’t try to be reasonable you go after them like a rabbid rottweiler and make them bleed in any way possible legaly[1].”


“[1] A friend had problems with a company sending faxes etc in the middle of the night. His solution send them a “cease and desist” with a hidden contract in it. He’d found out where the Managing Director (MD) lived, thus his contract promising a “prompt response to any communications”. The next fax that came in he drove his vehicle to just around the corner from the MD’s house, got out a bike covered with lights and mirrors put on a bright yellow “S’wester” cape and hat very thick rimmed glasses and banged on the MD’s front door. The MD went balistic but did not sort the issue out so it happened again and the MD called the police who realised it was not just a civil dispute but one that was within a contract… The MD must have got some legal advice because when my friend phoned him up to tell the MD things would continue as per contract the MD promised to stop the faxes, and did…”

Indeed an excellent idea to go for the soft spot wherever possible until they give in.

It is a nice idea that I have never considered to hide a contract in a cease and desist letter. Would have to add that to my Trick Box.

MarkH December 19, 2019 8:51 AM

In re cease-and-desist letter:

In my non-lawyer understanding, a contract (under U.S. law) is not valid without:

(a) an affirmative act of assent by each party to the contract [mere passive exposure, or failure to object, does not constitute assent];


(b) terms which place a meaningful obligation (called “consideration” by lawyers) on each party [a contract specifying that A pays money to B, and B need do nothing, is not enforceable, even though both A and B signed it].

Within these constraints, I don’t see how a valid contract can simply be embedded in a one-way communication.

Perhaps there was something in the letter demanding that the receiver sign and return?

PS to Clive: “What’s black and brown, and looks good on a solicitor?”

MarkH December 19, 2019 9:03 AM

@Clive et al.:

Hoping that this is not an improper use of this thread …

I want to set up a box with a public internet connection limited to three roles:

• ICMP ping

• connection to an SMTP server to send emails

• SSH initiated from the box

Otherwise, I don’t want it to respond to any packets whatsoever.

If any of you knowledgeable folks would be so kind, I’d welcome pointers to (a) preferred distros, and (b) how to “lock down” the internet connection.

Note: the application is not very critical; nobody’s going to live or die based on its success or failure 🙂

Clive Robinson December 19, 2019 1:03 PM

@ Thoth,

Who should we put on the Holidays Special edition ?

Dare I say “wrong question”. It might be easier to list those not to put on the list 😉

I would include some of those who invade privacy for profit, but that’s now nearly everyone involved with user level communications, including Silicon Valley and what feels like half of China and a big chunk of India.

Though I’m sure that others could come up with some candidates. In the UK there are several good candidates for the list, despite years of political determination to destroy anything that looks like it might be an industry that makes anything other than debt an inflation…

Weather December 19, 2019 1:07 PM

Tracking people through VPN.
Your a web server someone connects to you, you first time of replied, plus any passed com’s to point to say western Au, next time they connected to you you delay a packet, will you loose source route to WA IP range, you use the syn,back numbers, if you get a replied through VPN or directly it was them, otherwise the webserver send one more packet because of timeout, then the IP range continued.
Normal at minum you have three proxies with the first scrapped, if paranoid or got some spare the second goes, but just as it makes it hardier to track, its hardier to get working. VPN are for the first one or two hops, not for anonymity.

Clive Robinson December 19, 2019 1:22 PM

@ Mark H,

Within these constraints, I don’t see how a valid contract can simply be embedded in a one-way communication.

You mentioned “consideration”. The point of a Cease and Disist is you have to talk about remediation, thus it forms an “offer” conditional on the offending parties initial actions and failure to remediate.

They can offer a couter offer but ignoring the cease and disit and carrying on the offending behavioir is not one of them.

Promising “a prompt response” in the cease and disist will be seen by a judge as part of a reasonable offer.

Thus unless the offending party makes a counter offer rejecting the “a prompt response” then they are stuck with it. But if they do make a counter offer it has to be reasonable and must not reject what is legal.

It’s why I always say “All corespondence must be by first class post to the above address with the addressee given.”

And that can open up another can of worms. Because legaly the addressee name can be “From the YYY at XXX” where XXX is their organisation and YYY as some way of identifing who is responsible there. In the UK “company secretary” is acceptable as are other things thoug I suspect “blithering idiot” might be pushing it slightly (but not much 😉

That is there is no legal reason for you to give your name or any other identifying information, because you are not at fault. Thus legal representatives can say “our client” and if you are writing to a residence you can use “owner or occupant”. As far as the law is concerned it is “the responsible entity” not what people might chose to call them or be named as.

Electron 007 December 19, 2019 2:30 PM


In re cease-and-desist letter … contract (under U.S. law) … affirmative act of assent by each party … terms which place a meaningful obligation

I want to set up a box with a public internet connection limited to three roles:

  • ICMP ping
  • connection to an SMTP server to send emails
  • SSH initiated from the box

Otherwise, I don’t want it to respond to any packets whatsoever.

If any of you knowledgeable folks would be so kind, I’d welcome pointers to (a) preferred distros, and (b) how to “lock down” the internet connection.



The default “block drop” rule refuses to respond to packets whatsoever on OpenBSD’s packet filter.

I was a onetime user of OpenBSD, but I was rather put off by that whole Canadian // Swiss // European pharmacy spam crowd that insists constantly on advertising and selling certain controlled substances and various prescription and non-prescription drugs online.

I would consider OpenBSD the best (simplest, easiest) distro for what you are asking.

What side of the law you are on, I really don’t know, but there is a definite angle to this line of questions and comments. …

MarkH December 19, 2019 2:34 PM

This won’t surprise any long-time readers of Bruce’s blog, but it’s still really depressing:

A view into the massive U.S. mobile phone location-data industry: private companies which perform “Big Brother” surveillance of mobile phone geolocations over time.

The authors examined what they were able to learn from a dataset which is a tiny slice of what these firms have gathered, are selling, and can use for any purpose they choose.

Perhaps in Europe such activity would be constrained by privacy laws.

Electron 007 December 19, 2019 3:41 PM

private companies which perform “Big Brother” surveillance of mobile phone geolocations over time

Google doesn’t help us there. Think mob bosses. Murder-for-hire on a grand scale. CDU tracking down Jews, LGBT, and other minorities for the next Holocaust.

Perhaps in Europe such activity would be constrained by privacy laws.

Humph. Those Swiss guards are altogether too parochial, and I don’t buy that “neutrality” they’ve put on for us since the Great Depression. The CDU has been into all the banks through city hall since the Second World War.

tds December 19, 2019 4:39 PM


More from the authors of the NYT’s “The Privacy Project” :

“Freaked Out? 3 Steps to Protect Your Phone

Stop sharing your location with apps
Disable your mobile ad ID
Prevent Google from storing your location
Understand location tracking is hard to avoid”

SpaceLifeForm December 19, 2019 5:08 PM

@ MarkH


What exactly is the problem you are addressing?

Are you basically wanting to set up your own personal VPN so you can roam and send emails from any location?

If so, what will be your portable client platform?

Clive Robinson December 19, 2019 5:15 PM

@ Anders,

Oh boy what a…,

    … to do business in Westminster is that Signal has an auto-delete function. It allows users to put a timer on messages before they’re completely cleared from the app.

They have a lot to learn…

Leason number one might be,

    Nothing is ephemeral on the Internet.

Oh and leason number 2 might be,

    No app is secure against an OS end run attack

In short,

    If you can see it on your device then many others can see it as well. Some on some off device, can see it long after you can…

I guess they might learn at the next scandle, which is bound to be soon, UK politicos these days are after all a train wreck in slow motion.

Anders December 19, 2019 5:39 PM


If your box answers to ping, it’s already discovered.
Your first goal is to make it invisible.
Nobody who don’t know about it, shouldn’t be able to discover
it by scanning. That’s your first task.

Next put your SSH on non-standard port and make it to answer
ONLY to specific IP’s. To all others give timeout, as the box
is not even there.

You could also implement port knocking, of course with crypto,
that prevents playback.

Weather December 19, 2019 5:46 PM

I posted a iptables conf, it can be tuned, I recommended Linux with raw sockets which Ubuntu etc don’t offer, it will be secure enough with only email, but it is probably over kill.

SpaceLifeForm December 19, 2019 6:31 PM

@ MarkH

“Just an ordinary PC which can export data via email”

You still have not fully described the problem space. I can understand why you may not want to.

So, are you just wanting to email to yourself?

Or, are the emails intended to go to other email users?

If it just you (which is my guess), then there may be other options.

Your PC, Windows, Linux, MacOS? Guessing Win.

Your PC OS will constrain your software options.

If, you actually want to forward email to other users, then the problem space is larger.

MarkH December 19, 2019 6:48 PM


Nothing mysterious, a simple x86 PC for business use, able to send email via SMTP. The email software will be my own (no mail apps).

How is the number or identity of email recipients a factor?

I asked for distro recommendations because the OS is not fixed … but certainly, some flavor of *nix.

Thanks to all offering suggestions!

SpaceLifeForm December 19, 2019 6:50 PM

@ Anders

Putin using XP. Apparently, he does not use much on a daily basis anyway. He has others do work. He is not on twitter daily.

Think about it. You can’t run XP on modern hardware. There will be missing drivers.

Putin is actually doing decent OpSEC.

He is using OLD HARDWARE.

It’s not that the SOFTWARE is OLD.

He is avoiding NEW HARDWARE.


Think about it.

SpaceLifeForm December 19, 2019 7:20 PM

@ MarkH

You have not fully described your client PC end. I would go with a linux server, because you can do the ‘proper magic’ with iptables.

Including port-knocking.

But, I still do not see the problem you are trying to solve.

If, there are going to be external email users, then, you have made the problem space larger.

Now, you are looking at the can of worms dealing with a domain.

If, regardless of your location, you have internet, why do you need a server?

No matter how you do this, your email will not become invisible. See the headers, and path.

Really, what is the issue?

Electron 007 December 19, 2019 7:59 PM

@ SpaceLifeForm

the ‘proper magic’ with iptables. Including port-knocking. But, I still do not see the problem you are trying to solve. …

I agree that Linux with iptables is reasonable, but then you add a lecture along with that. Is SELinux enabled and enforcing in that case? Are certain protections against stack-smashing and buffer overflows enabled? Let’s not make assumptions. We’re talking at least in theory, for the sake of argument that MarkH may be able to send large volumes of unsolicited bulk email that others may not want to receive or pass on from such a system.

Some of it is a judgment call, and of course there is potential litigation and related issues involved along those lines.

Utmost security is obviously mandatory to prevent a hostile system takeover and misuse of one’s domain by others for spamming purposes or a “Joe Job”.

Are there etiquette rules involved? Who enforces them? We’ve got a German “house,” along with related German-based standards like SPF+DKIM+DMARC.

What if they discriminate? Or classify as spam certain political speech that they want suppressed? With ROKSO they are known to go to great lengths to track down subjects of interest worldwide to prevent them from sending email, but we don’t seem to see any due process of law to such carefully coordinated German and EU anti-spam efforts.

I’m just curious. They’re Germans. They decide who’s a hacker and who’s not. They decide who’s a spammer and who’s not and who may send legitimate or “double opt-in” email. They filter at the backbone level in collaboration with the U.S. NSA, which still maintains various listening posts in Germany.

Those are at risk, especially if the U.S. withdraws from NATO.

Trump, if he had his way, would apparently do so. But the bipartisan broads resist it.

It may take a “Black Swan” event, but it will happen, and it’s a matter of when it happens, not if. Be prepared.

SpaceLifeForm December 19, 2019 8:04 PM

Try, try, to get your contacts to ditch FB.


In total 267,140,436 records were exposed. Most of the affected users were from the United States.

[Note: 267M records does not mean 267M phone numbers. It’s likely there were many duplicates of phone numbers]

MarkH December 19, 2019 8:20 PM


I think I’m starting to grasp the disconnect …

In fact, I don’t need a server. I don’t wish the PC to function in the role of server, but rather to function as a client in two types of connections:

• connection to an SMTP server to send emails [PC in client role]

• SSH initiated from the box [PC in client role]


No spamming. Exporting info to accounts designated to receive it, once or twice per day.

I want the PC to ignore all packets other than those needed for my list of connections.

Back when I was configuring embedded network systems, I made sure to eliminate all of the “usual” servers bundled into distros, like sshd and (God help us!) sendmail. The only listening ports were ping and our custom application server. I ran nmap with maximal settings, to check whether I left anything open by mistake.

SpaceLifeForm December 19, 2019 10:13 PM

@ MarkH

You are still not clear.

“SSH initiated from the box [PC in client role]”

What are you trying to accomplish?

Do you want another user to be able to comm back to you via a server via ssh?

SpaceLifeForm December 19, 2019 10:32 PM

@ MarkH

I think you are confused.

What you are saying can be done with Thunderbird and Putty on Windows.

You are not explaining the core issue.

MarkH December 19, 2019 11:33 PM

The core issue — to quote from my initial request for advice — is

how to “lock down” the internet connection

I already know how to implement the required application functionality. My concern is how to make an internet connected PC — with strictly limited outgoing-only connections — as robust as practicable against inevitable attacks.

This being a security blog, my questions are about how to protect the box … not how to send emails etc. I now see that I needed to be more clear about that.

For more than one reason, I’ll not be using Micro$oft

Clive Robinson December 20, 2019 2:08 AM

@ SpaceLifeForm,

With regards Facebook loosing personal records to a criminal organization.

It’s obviously not the first time, nor I suspect will it ever be the last time.

But the article says,

    It’s difficult for Facebook and other social media sites to prevent scraping because they often cannot tell the difference between a legitimate user and a bot. Scraping is against Facebook’s–and most other social networks’–terms of service.

I find ludicrous, Facebook could stop scraping in two ways,

1, Not put such data in a page.
2, Not put such pages up.

But the if anyone thinks a TOS that says “no scraping” is going to be obayed by criminals or their close equivalent corporates and governments they need their head examined.

Facebook in various ways grabs as much data,as possible, they have various psychologists, psychiatrists, behaviourologists and god alone who else on the pay role with the sole purpose of wringing as much information out of people as they can, short of shoving a needle full of “truth drug” into their users arms.

Having obtained it Facebook has a history of making it available to a lot of highly undesirable people, over whom it excercises no control what so ever (Cambridge Associates being just one of very many).

It just amazes my why people even consider using Facebook[1] or other social media personaly. Sadly I know that increasing numbers of employers and entities get upset if you don’t have social media or “linkedIn” and it’s kin they can search through. But in all honesty do people realy want to work for any entity that thinks “Invasion of privacy” is their right as an employer?…

[1] I never have used Facebook, but it’s reasonably certain they have a file on me, simply because people I know socially use Facebook. Then again Facebook might not like what I say about their (va)inglorious leader and his repellant behaviours 😉

gordo December 20, 2019 9:15 AM

@ Clive Robinson,

Out and about, haunting the hills and halls from Hampstead to New Cross and such. Good for you. The title of the film showing Curzon Goldsmiths’, “The Knives are Out,” reminds me of infomercials and the 24/7 news cycle and that there are probably worse models for information operations.

@ Clive Robinson, SpaceLifeForm,

Regarding conspiracies, the intelligence communities (plural; I noticed that the headline for Julian Sanchez’s NYT opinion piece has changed. That the surveillance state has many actors and parts, editors and directing minds as one might call them) leave(s) one wondering if it’s not ‘Kafka, all the way up’, then who’s running the show?

Alyer Babtu December 20, 2019 12:20 PM

Professor Ken Ribet will present a talk on the state of the proof of Fermat’s Last Theorem at the 2020 Joint Mathematics Meeting (Denver Jan 15-18 2020):

“Are we now able to present a proof of Fermat’s Last Theorem that is substantially more efficient than the quarter-century old version?

“Thus the question remains: is the proof simpler in 2020 than it was in 1995? As one writes on social media, “it’s complicated.” I will detangle some of the issues in Denver.”

JMM website

S2PRNASAP December 20, 2019 12:32 PM

I happened to accidentally discover this nice security-related commentary. It’s approximately a 2 minute (maximum) duration nice talk.

I feel that it correctly and insightfully discusses a primary security perspective in plain English language at an angle that traverses a lot of circumstantially irrelevant details.

Here’s the link: (0 minutes thru to 1 minute & 47 seconds). The rest of the video isn’t really so relevant to this conversation.

Yet, the main idea of the commenter I think is helpful for us.
Bit’s aren’t physical locks, like a locksmith would create, but this little commentary I feel does well to communicate what we maybe ought to think about lacking physical locks for our digital gearboxes.

Happier Holidays, I hope.

P.S. – Unsubstantiated claims are just that–unsubstantiated claims. Digital fingerpointing is still just gossip and “hearsay”; it’s not a quantitative issue.

When our culture decides to face the facts before, during, and beyond our technological inventions, then maybe we’ll have more digital stability. Like in the video blurb, I also believe that: Our social instability jeopardizes all of our digital stability.

Take care.


SpaceLifeForm December 20, 2019 1:38 PM

@ MarkH

Then you want Linux and iptables.


You should be able to do what you want.

SpaceLifeForm December 20, 2019 2:53 PM

@ Clive, gordo

‘Kafka, all the way up’

FB is the op. Blaming scraping is a cover story. FB has already admitted API problems.

The PuppetMasters are CA, SCL, AIQ, GS, DB.

The Love of Money is the Root of all Evil.

SpaceLifeForm December 20, 2019 3:44 PM

@ Alyer Babtu

You may have missed it. But, I have a ‘simple’ proof of FLT.

(It’s not actually simple, but is understandable by one that knows algebra and modular equations)

I beat Wiles by a year. It took me 23 years.

I’ll get you to the halfway point here.

We really only care about prime exponents.

We assume a solution. The proof is indirect.

X^p + Y^p = Z^p

After years of work on greenbar…

X = pdef + e^p
Y = pdef + f^p
Z = pdef + e^p + f^p

p,d,e,f all coprime.

p is the odd prime. I have not described the nature of d,e,f except to note that all of p,d,e, and f are pairwise coprime.

You still have more work to do before you find the contradiction from original steps.

MarkH December 20, 2019 8:41 PM


How confident are you, of what you believe to be proof?

Have you published?

If valid, it would be a highly celebrated achievement.

Surely you know that many thousands of people believed they had proven FLT before Wiles, and that every one of those proofs examined by competent mathematicians was wrong.

Even Wiles’ first published proof was wrong.

Clive Robinson December 21, 2019 5:31 AM

@ SpaceLifeForm, Mark H,

I realised at a quite early age FLT was probably true and the reason is very simple,

Because of the edges.

It’s very easy to see on a bit of paper what happens when you move from N2 to (N+1)2. That is you add two “edge” bars N squares long to the top and side of the existing N x N square and then you have to add one more square to fill in the corner. If you jump N by larger values you end up with not a single square but a square of squares at the corner which is the difference squared. You then realise that the two “edge” bars have now become oblongs, and that when added together can sometimes also be aranged as a square (similar to the way Pythagoras did).

Thus your corner is A2 and your original square C2 with B2 being formed of the two oblongs added together forming a square that could be evenly divided with a simple graphic.

You can come up with a set of equations which remain in a “pleasing to the eye” format for N2. However with higher powers things start to get messy and unpleasent to the eye and you can not make pictures/images that work.

Whilst the idea is simple it does not realy form a proof. Thus the hard part is moving from “by observation of a limited range” to “proof for all values”.

I have on occasion wondered if it was this idea Fermat was thinking about and either had or thought he had an easy way to move from observation to proof.

MarkH December 21, 2019 8:36 AM


It’s a great mathematical mystery story … Fermat was a talented mathematician, who accomplished many valid proofs.

To my knowledge, historians accept that the “marginal note” is authentic, and that Fermat believed he had a proof.

After centuries of failed effort to find an elementary proof, it’s much easier to imagine that he was mistaken, than that there is some elementary proof out there which nobody else discovered.

Even though Fermat was very likely mistaken, millions of people would love to know what line of reasoning led him to his conclusion. Unfortunately, there’s little hope that the finding of some undiscovered notebook will reveal this … it remains a permanent unknown.

If anyone DID find an elementary proof, virtually every mathematician in the world would study it with great fascination.

Alyer Babtu December 22, 2019 11:31 AM

@SpaceLifeForm @MarkH @Clive Robinson

It sounds like Prof. Ribet will review the fundamental theory of numbers that has been understood through working on the problem and which yields FLT as a corollary (as Gauss had predicted), but will also say there are still areas involved which need extension to get a complete scientific understanding. We know the fact of the truth of FLT, but we are still missing the right universals.

Spivak discusses this general issue in his remarks [1], p. 104 – “trivial because properly defined” – as to why the generalized Stokes’s Theorem is so much simpler than the classical special cases (Green, Stokes, Gauss, Divergence).

Another instance of this importance of the right objects is provided by Pappus’s “extension” [2] of the Pythagorean Theorem. Pappus gives an utterly simple construction, for any triangle and any parallelograms on two sides, of a parallelogram on the third side equal to the sum. Pythagoras is a corollary for the case of right triangles and squares on the sides. In a sense, the Pythagorean Theorem is a fact but not a real scientific theorem, since it is an arbitrary ad hoc, though striking, instance of a real theorem.

It’s all actually covered in Aristotle’s Posterior Analytics [3]




Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.