SpaceLifeForm December 20, 2019 4:53 PM

FB. Another cover story?


SpaceLifeForm December 20, 2019 5:27 PM

@ Anders, S2PRNASAP, Clive

‘Digital fingerpointing is still just gossip and “hearsay”; it’s not a quantitative issue.’

Except when it is.

False attribution over past decades has actually become ‘quantifiable’.

I’ll note that Marcus Hutchins, (@malwaretechblog) has been on Emotet like flies on shit for years.

And, over, and over, and over again, and again, it’s either RU, NK, CH.

Over, and over again.

It’s not.

It is False Attribution.

SpaceLifeForm December 20, 2019 5:55 PM

Best tweet I’ve seen today.

by @SwiftOnSecurity

“Based on our analysis of your network, in order to secure it, you need to stop doing things that make money.”

Anders December 20, 2019 7:08 PM


I have a better one for you 🙂

Wesley Parish December 20, 2019 7:50 PM

Well, harking back to a series of discussions on a topic of great interest to some of us, namely securing earth orbit communications and whatnot, we have this interesting question that Slashdot points to, to wit:

“There is no agreement as to who pays for debris removal,” Victoria Samson, of the Secure World Foundation, told Axios. “You could argue that space being a public good, it should be the government that pays for it.”

Interesting question. I would’ve thought that there was clear enough precedent from the centuries of reliable and working maritime salvage – the owner pays for it. In the case of the unrecognizable space debris – that’s been up there too long and has been ground into lethal fragments – it’s treated as a matter of public safety: yes, the astronauts at the space station and its shuttle craft do constitute enough of a presence to constitute a “public”.

Alejandro December 20, 2019 8:49 PM

The plan by Apple reported in Forbes to set up it’s own independent satellite communication system, just for Apple devices is totally gee whizz, audacious and stunning.


If you read through the comments on ARS it’s easy to see the technical problems are formidable. By today’s standards, for example, an antenna would have to be as big as a pizza box. Also, indoor connectivity would be very difficult. Etc.

In short, it may be nothing more than a pretty slick PR/vaporware move.

EEEin(s)terSOBjectIVcollectHIVE(new) December 21, 2019 12:46 AM

Question: Is there any kind of AI optics or synthetic vision that “sees” only in terms of luminance & the hue red or dark amber? I’m following up on an odd lead that keeps turning up all over the place even when and where I’m not looking for it.

I noticed during my solitary image experiments a coincident phenomenon with extremely low-res gamut; extremely low resolution colour gamut starts to look like low-res luminance & simplistic crimson & ochre in kind of a dark rubricious amber.

So my question again, since I only see this in reduced spectrum digital imagery, which also synthetic or damaged or limited vision; Is there any kninw of AI optics or colour deficient vision that can’t see much other than dark reddish amber and raw luminance?

This question is very important to me.
I’m studying a correlation between deep security deformation issues and data corruption anywhere in the chain of data from sensory input to elsewhere.

If anyone doesn’t feel comfortable answering with words, images or sounds are fine as a response for me, also.


“Hardware Obstruction Layer” (without BOM; vehicle approacheth)

Wael December 21, 2019 5:42 AM

@Wesley Parish,

“There is no agreement as to who pays for debris removal

Too optimistic. Give humans enough time, and we’ll trash the entire observable and non-observable universe(s)!

Alejandro December 21, 2019 6:36 AM

“World’s first ‘uncrackable’ code: Scientists develop security system that can never be hacked – even by quantum computers”

Here’s another (see Clive’s post) reference to the invention of PERFECT ENCRYPTION. I am not a crypto guy, I was wonder if anyone who knows this stuff could suggest an answer to:

Does this sound legit?


(It’s from today’s Daily Mail)

Clive Robinson December 21, 2019 7:17 AM

@ Sed Contra,

Well, in our circle of acquaintances, we just use moonbounce.

Have you tried for Venus yet?

Clive Robinson December 21, 2019 7:44 AM

@ SpaceLifeForm, Anders, S2PRNASAP,

And, over, and over, and over again, and again, it’s either RU, NK, CH.

You left the fourth “one at a time, US Cyber-existential threat” off of the list Iran.

It still amazes me just how many fall for the “Chins, Iran, North Korea, Russia” bleatings of the US government, and how it usually nicely coincides who who’s at the top of the US State Dept or executives 5h1t list.

The fact that nearly all US cyber-intrusion firms fall into line with it should be a warning to people about who they “front” for.

The sad thing is that as it’s been going on for solong it’s become a self-fulfilling issue. After all if you were a cyber-crook looking for a little cover, what better place to look like you are coming from than one of the four…

Comments on this blog about this US 5h1t list issue, are now half a decade or more old, and only now other places are starting to pick up on it…

Thoth December 21, 2019 8:21 AM

@Clive Robinson, all

The holidays seasons have arrived and the we are at end of 2019 and beginning of 2020.

As per your original request for me to make a seasonal greetings especially for 2019 when I have not been making any seasonal greetings since end of 2017 when my projects started, I hereby present everyone a seasonal greeting.

Do take your time to download and have a good look and laugh especially when you look a little closer 🙂 .

Merry Xmas and a happy and fruitful 2020.

Can’t wait to hear more news about the gifts that keeps on giving endlessly ….

@Clive Robinson

I have been digging around some systems with F-140 and CC and I would say I have learnt a lot on how to dig around better inside and out and turn tables around 😛 .

If you see a ‘secure system’, just keep whacking it’s memory 😀 . It works for Intel (i.e spectre, meltdown, plundervolt …), it works for anything else too !!!


Clive Robinson December 21, 2019 8:40 AM

@ Thoth, Bruce, the Usual Suspects, and most importantly everyone else,

Perfect secrecy crypto …. or snake oil ???

I’ve just started reading my way through the paper this morning as the weather is truly appaling in London today (flood warnings all over the place).

The first problem is the paper does not read as though it is written by or for cryptographers, but physics researchers (which might be because it was written for Nature’s audience).

The system looks like a Quantum Key Distribution system (QKD) very similar to the 1984 Giles Brassard and Charlrs Bennet (BB84) paper.

BUT and it realy is a big but, it also has a lot in common with the “Thermal Noise in Resistors” crypto system of Laszlo Kish of Texas A&M University. Which caused quite a stir back in 2005, Which @Bruce commented on,

One issue with the Kish device if memory serves was that you could build the equivalent of a bridge circuit with a loop of the transmission line and by using sensitive test equipment determin the two different noise signals in use as they moved up/down the transmission line.

This new system uses a broadly similar idea in that both Alice and Bob generate a “noise” source and send simultanioisly to each other and use the result as a One Time Pad keystream. The guarentee the papers authors offer that Eve can not form a loop or other directional coupler measurment is the “Quantum unclonability” of photons.

They also talk about both Alice and Bobs systems having to be in thermal equalibrium and this would generally raise a quite large red flag as well.

There is also quite a few other “aproach with caution” ideas in there not least of which is the use of “Chaos Effect” which is not random thus has doubtful entropy properties. But appears to being used for “perfect forward secrecy”.

I suggest people actually download and read the paper through two or three times. The first just to “set the scene” in your head at a 20,000ft level, then again to get a bit closer making notes as you go, and repeat untill you think you’ve got a grip on it.

Because… Part of the problem is “naming conventions in different fields of endevor”, you realy need to get a grip on the physics view as well as the cryptography view with respect to what the actual words and phrases mean.

However if their claim is valid, and at the moment whilst I see a lot of potential red flag issues, I don’t see anything yet that would make me say “Broken and here’s why” which I normally get very quickly with snake oil. It will be a “better mouse trap”.

Currently the best “distance holder” as well as “practical for use” Quantum Key Distribution system is a Chinese Satellite which uses pairs of cloned Q-Bits that get split appart with one stream sent to one site and the othervsent to the other site.

Put simply it’s only in deep space where individual photons travel any kind of distance without issue. On earth you can go from several million Q-Bits a second to virtually none in just a hundred or so killometres of fiber optic cable due to several effects that get lumped together under “transmission linr attenuation”. Which makes current Quantum Key Distribution impractical for usage in other than a few specialised cases.

If the authors are correct then in some ways it’s going to be “game over” for several groups of people. Not least is the “Faux Going Dark” protagonists. So keep your eyes open as that’s a prize a lot of people would chearfully commit murder to posses and control.

Anyway time for a very late brunch (it is nearly time for tea) and read another paragraph or three and give them a serious mulling over.

Wael December 21, 2019 9:07 AM

I’ve just started reading my way through the paper this morning…

So have I. The math looks familiar and so does the physics. I can’t grasp the general idea yet, as the skull is heavy and practically worthless.

David Hess December 21, 2019 10:18 AM

If you read through the comments on ARS it’s easy to see the technical problems are formidable. By today’s standards, for example, an antenna would have to be as big as a pizza box. Also, indoor connectivity would be very difficult. Etc.

If the bitrate is compromised and a broadcast model is acceptable, then portable devices which work somewhat even indoors become feasible. Witness GPS.

MikeA December 21, 2019 11:12 AM


While I don’t doubt their technical prowess, and political savvy, I also don’t recall any recent attribution of cyber-attack to the Swiss.

To be fair John Walker runs, which includes among other things a service claiming to provide genuinely random bits:

Clive Robinson December 21, 2019 3:03 PM

@ Thoth, ALL,

I hereby present everyone a seasonal greeting.

And very nice it looks too especially with the Dickensian “Ghost of Christmas past” raising it’s spector. Oh and a lovely golden key for the front door 😉

To you and every one else, I hope you’ve got your seasonal shopping in and are depending on which side of the world you are enjoying the seasonal weather[1] and shortest or longest day.

To all an enjoyable time, and remember what ever it is “Everything in moderation, even moderation” B-)

[1] In London we currently have the traditional 21st Century seasonal “Flood warnings” which we are told year after year by our politicos, are not caused by Al Gore’s hockey Stick 😉

Thoth December 21, 2019 6:35 PM

@Clive Robinson

I thought of a wonderful and meaningful way for santa and his elves to look at the “good boys” name list … via secure chorus with our dear friends (NSA) issued laptops browsing the history of everyone’s communications that “they” (NSA and friends) have harvested.

The NSA and friends database builds up such a spectacular and impressive database on the every minute of our physical and online lifestyle that Santa couldn’t help himself but requested access so he can accurately target and tailor presents for us 🙂 .

Also we have HSMs spitting out keys from the hammer of PKCS11 internal APIs thanks to the incredible work done by Ledger team (although the same was applicable to all parties). The good thing about internal APIs is you need NDAs to access (or maybe a bad thing) and because of that, nobody really bothers to secure internal APIs except the external APIs which are more thorough because fuzzy testing could easily reach the external rather than the internal APIs.

Anyway, I am about to finalize my new creation and once that is done I will just announce it. It would be rather interesting to see how it can be applied in the Castle model.

David Hess December 21, 2019 10:43 PM

@ SpaceLifeForm

The question is, what could they do with 100s of bits/second of broadcast? That could be feasible with just a few tens of satellites or one with severe geometry limitations like WAAS. It seems useless to me but maybe Apple has thought of something.

Clive Robinson December 22, 2019 5:36 AM

@ Thoth,

It would be rather interesting to see how it can be applied in the Castle model.

Well two Castle spring to mind at this time of year, the first is the mythical story of “Good King Wenceslas” in Bohemia legging it out on the Feast of Steven (26th Dec or 2nd Day of Xmas) to take food and other gifts to those snowed in in his domain.

Then not so far from there we have Bram Stoker’s Gothic horror romance novel “Dracula” a story almost as ageless as the vampire. His Castle was in the depths of Transylvania, but he left fot 1800’d London seaking the life blood and much else from the main protaganist’s fiancee, giving rise to epic proportions of gore, lust, passion, mesmerisum and psychobable… as befitting the literary tastes of the time.

Because of this in security work various types of devices for attaching to data cables to extract information and the like are known as “Vampire Taps”.

Oh a third real one was castle building crazy “Mad” King Ludwick II of Bavaria[1]… He had built many “fairy tale Castles” and infrastructure and buildings as well as being a patron of the arts including Wagner. The famous castles are at Neuschwanstein and Hohenschwangau (yeh don’t try to pronounce them unless you’ve got a sore throat). Whilst his political enemies called him mad, it was unlikely he was, thus his mysterious death just a day after being captured by them, makes many think “assasination”.

[1] The sad joke of Ludwig’s Castles is that he like his grandfather was right, Bavaria was an unknown and to some backward place. Ludwig’s spending of his own money on infrastructure, architecture and the arts brought Bavaria into the light of a more modern world. It provided thousands with work or secondary income and shifted the economy forward from agrarian. The revenue earnt from tourism just to see his creations even shortly after his death has paid for his Castles many times over. But not just the Castles, for other works as well, they have been an important source of income for Bavaria ever since, that has made the modern Bavaria. Thus Ludwig’s dreams though initially expensive were actually a very sound investment and not mad at all. Maybe that is why Disney stole his ideas for their theme park castle and logo.

Wael December 22, 2019 10:30 AM

@Clive Robinson et all,

Then not so far from there we have Bram Stoker’s Gothic horror romance novel “Dracula” a story almost as ageless as the vampire.

“Novel”, eh?
After Vlad the Impaler. The year is 1433. The story… is history. Or … the 2014 movie; Hollywood style.

Clive Robinson December 22, 2019 12:43 PM

@ Anders, ALL,

So “self signed certs” on most CISCO OS versions in use blow up because CISCO’s software did not alow valid dates after the end of 2019…

And we only get told by CISCO of their little “Y2K equivalent issue” in the middle of December 2019… Shall we call it CISCO-Y2K02?

Well there goes the IS Dept Xmas hols, oh and any “Xmas Bonus” will have to be diverted to paying external CA’s because CISCO say it’s “security best practice” which actually it’s not, it’s at best “convenience at a price”. For various business continuity reasons and one or two potential backdoor issues that must delight certain people[1].

@ Thoth,

To late to add “CISCO’s little Y2K02 prezzie” under the tree?

[1] What you get back from an “External CA” is a plaintext they have hashed and signed with their CA “private key”. As you have no idea of how the External CA selected the primes for it’s private key you have a large unknown that can have been “backdoored”. Which gives a vulnerability point that could be exploited.

But also from a business perspective, self signed certificates are fully under the organisations control. An External CA is certainly not. Thus if the Extetnal CA revokes your certs there is little you can do about it except take a potential time hit to move to another Extetnal CA.

But don’t forget from an end user perspective all an External CA cert realy means is that the External CA got payed without doing any chrcking. And to be a CA in the first place they persuaded/bullied web browser developers etc that their PubKey should be added to the default cert list in the software… So no legal comeback if the External CA is into shady business or likewise those they sign certs for…

Oh and remember even if not into shady practice Extetnal CA’s are not exactly the most secure of businesses as history has repratedly demonstrated (or is it plausable deniability?). In the past, External CA organisations systems including their cert issue and revocation systems have come under the control of unknown third parties. Alowing all sorts of nasties to happen.

Clive Robinson December 22, 2019 1:20 PM

@ Anders,

Yes he had a good innings, and he was definitely one of the major reasons we got “lowet cost” Personal Computers.

Whist Chuck genuinely did a lot, others have over egged the pudding for both him and Bill Mensch.

Have a look at,

The foot notes and other evidence show that things were not quite what they should have been in the book most quote.

Any engineer who knows anything about patents knows that the person who’s original work it was normally is one of the last names, not the first which will be the bosses boss etc. In one company I was told not only was I not senior enough, as well as not being qualified enough, but worse still “it was not my turn” to have my name on a patent. I kind of gave me an inkling of how women in science had been treated post WWII and still do in way to many places.

MarkH December 22, 2019 1:28 PM


A very long time ago, I was at a little company which Almost Marketed The World’s First Affordable Personal Computer … but actually fell into ignominious collapse.

The design was based on the MOS Technology 6512, an external-clock variant of the 6502 (they wanted external clocking for a bizarre reason I won’t go into today).

One of several extremely clever programmers there — sadly, I believe, deceased some years ago — had been waiting for the thing to go into production for a lot more than a year (he had even pre-paid). They only had the lab prototypes to work with.

His patience exhausted, he walked into the plant one day carrying a humble little computer he had bought, enclosed in a plastic housing: the Apple I. I don’t know whether anybody there had even heard about Apple before that. We certainly thought of the tooling for plastic molds as an extravagant expense!

Of course, the hardware guys immediately opened the case, and minutely studied the circuit board. They were interested to see that it used essentially the same CPU, but scornfully proclaimed its inferiority to their God-awful complex design.

I’ve heard that Apple’s venture into making computers had some success …

SpaceLifeForm December 22, 2019 1:42 PM

@ David Hess

Think Starlink. In combo with ground station bridge/router that does satcomm and cellnet.

Should be functional.

Decent bandwidth, low latency.

It will not roll out rural for some time, but should be doable, especially with solar and batteries.

Jay December 22, 2019 5:40 PM

Something for the Doghouse: a ‘peer-reviewed’ paper in Nature on unbreakable chaos-based encryption (Perfect secrecy cryptography via mixing of chaotic waves in irreversible time-varying silicon chips, A. Di Falco, V. Mazzone, A. Cruz & A. Fratalocchi) — two chaotic generators are kept synchronized by a series of low data rate nudges — this design has been seen before and broken before

Thoth December 22, 2019 8:07 PM

@Clive Robinson, all

re:claimID …. sounds odd. Built on top P2P GNUnet with some ECC crypto. No centralization of identity needed … except for one thing I noticed … some odd crypto that seems homebrewed and smells homebrewed when it starts describing it’s protocol.

from what I can guess, their crypto can be attacked not via breaking ECC or any side channel. They don’t seem to have any protection against a malicious requesting party taking the secret key used to encrypt identity data and then handing over to some other malicious party the identity data encrypting key.

Either way, there’s always a thousand ways to skin a ******** and I am sure there’s more ways to cryptanalyze their protocol.

Quite some homebrewing going on with EC-Math ….


Clive Robinson December 22, 2019 8:37 PM

@ Anders,

With regards ToToK backdoored chat app, I kind of suspected something serious was up with it because the pulling from the “walled gardens” eas almost simultaneously done.

I also remember reading the published reports from ex MIL/NSA staff that had effectively been “loaned out” by the USG IC as part of Project Raven supposadly to do anti-terrorism. Basically they were saying their job was not spying on terrorists lots of people in many countries including journalists etc.

I’d not put the two stories together because there was not a link between them in the public domain that I was aware of.

But appart from that, I am totally unsurprised by it, it is after all a type of game play that started about a century ago with the first machine ciphers. And we have well deserved sayings about “examining equine dentition”.

It realy comes back to my point about messaging Apps and the OS on the device they run on, none of them are secure. Because the security end point is in effect non-existent…

Clive Robinson December 22, 2019 8:41 PM

@ Thoth,

The card is looking good B-)

As for the reclaim ID I’m going to have to look at it after I get some sleep. I’ve not just because I’ve been burning the candle at both ends, the middle looks decidedly melted as well :-S

Clive Robinson December 23, 2019 4:02 AM

@ ALL,

Every so often we get to hear about “GPS-Spoofing” with regards various aledged large criminal organisations (Chinese sand miners, Iranian oil smugglers, etc) or Governments (Russia, North Korea, Iran, China, etc).

But there are others, how about Sales people “spoofing” their travel routes, Pen-Testers busting geo-fencing and a whole bunch of other localized attacks.

Generally you don’t get to hear or see just how easily such things can be done, which is important mainly because you could make the mistake of “building-in” spoofable technology into the foundations of your own organisational security and discover the hard way what a bad idea it was[1].

To see how you can do this with just a little technical knowledge and available Open Source software and general purpose hardware might be a bit of an eye opener,

[1] A clasic example of this is devices that report back location as a security value for transaction or other authentication purposes, such as some car/door locks or geo-fenced thumb drives or other backup devices. Which is a major security hole you can find in several IoT devices.

Clive Robinson December 23, 2019 6:47 AM

@ Bruce and the usual suspects,

With regards the Quadcopter launcher whilst the specific application is new the ideas behind it are in some cases quite old.

Take for instance the monofiliment burn and spring deployment of the arms. I’m not sure who first came up with the idea but it’s how Amature Radio Satellites deploy antennas. The antenna is like a wound up tape measure or clock spring, restrained by the monofiliment, when it burns through the antenna springs out. It’s mechanically very simple, very light and very reliable. Thus has been “space qualified” for some time now.

I guess the attraction of the baseball pitcher/launcher is that as it runs on electricity, and is a fairly light and compact as well as quiet system, it can be built into a small turret on a light reconasance vehicle.

However, whilst the “baseball launcher” is fairly simple mechanically, it is quite a bit less mechanicaly reliable than a “clay pigeon launcher”. But even a clay launcher’s reliability pales in comparison to the likes of a catapult. As far as we can tell the catupult was first turned into a “siege engine” weapon in 399 BC by war engineers working for Dionysius I of Syracuse. Which in turn was probably based on the earlier ~425 BC Greek “gastraphetes” (belly-bow).

But mechanically simple as catapults are they are still much harder to make and also less reliable than the later Trebuchets.

The problem with the catapult reliability is they are “stored energy” devices and the ideas behind materials science effectively unknown at the time. Thus they could be “over wound” or suffer from “stress failures” and blow up in the faces of the operators.

But way more importantly when it comes to launching fragil objects such as quadcopters, like the baseball launcher they suffer from the problem that the bulk of the potential energy is released to the projectile at the start of the firing cycle, thus cause “impulse shock” against the projectiles inertia.

The trebuchet came in two basic varieties the first was fired by man power, it could be constructed easily and did not store energy, they were also very fast to reload and could maintain a relatively high rate of fire, so were more battle field than siege weapons. The second type used a weight box to store energy whilst they did occasionaly suffer catastrophic failure due to material failure, they failed in a predictable way (downwards and in line with the arm), thus were much safer to operate.

Importantly though when it comes to fragile projectiles like quadcopter drones the trebuchet starts it’s firing cycle slow and continues to add energy untill projectile release. So giving a near constant acceleration, thus increasing velocity to the projectile through out the firing cycle.

A characteristic not lost on first millennium siege commanders, as it enabled the trebuchet to be used for biological and psychological warfare. That is to spread pestilence and fear into towns under siege by firing the rotting or dismembered corpses of their fallen soldiers back over the defenders walls and ramparts (remember back then the very strong belief that you had to be interned whole to enter heaven and thus have an afterlife).

This slow start high velocity finish charecteristic is actually very usefull when doing testing experiments with electronics based projectiles as it mimics rocket launches. So the use of small trebuchets to develop rocket style launch charecteristics has been used quite successfully for testing Pico-satellites (little bigger than large coins).

Also a trebuchet does not need either gunpowder or electricity just a rope and possibly a couple of pullies, and can be made with just about anything you can find with a bit of scavaging. The only two bits that need any vaguely specialist skills is the axel bearings and the projectile release hook. So anyone who can fix a 1980’s or earlier car or motorbike can make one in a day. Infact if you can fix a pushbike and put together an Ikea flat pack you can build a trebuchet and join in “The serious business of projectile testing” 😀

There are some basic design rules to think about when you are at the early design stage,

However it helps to have some knowledge of physics if you want to optomise for maximum range etc,

But importantly remember using a trebuchet is also darn good fun as you can get golfball type projectiles to go many times the distance a golfer can, and some people have flung upright pianos across two or three fields. You don’t need much mathmatics to do this because practical experimentation usually suffices 😉

Thoth December 23, 2019 7:41 AM



Gotta thank @Clive Robinson for requesting too otherwise I would be busy buried in work !!!

Clive Robinson December 23, 2019 9:57 AM

@ Thoth,

Need better EM shielding.

Definitely and low pass filter components etc etc…

As for the article, there’s a famous last words line at the end there,

If you’re already capable of making computers from scavenged parts you’re one step ahead of most of the world.

Which is a bit like saying “it does not look like it’s going to rain today” moments befor a Cat 5 Hurricane relandscapes the house and gardens from “art deco” to “gothic pile”…

Electron 007 December 23, 2019 12:56 PM


A spying tool used by United Arab Emirates, allegedly.

It’s a Middle Eastern (predominantly Muslim?) social media app.

Tok is a small town in interior Alaska. Perhaps insignificant vis-à-vis total population, but nonetheless a major highway junction in Big Oil country. OPEC definitely has a spy outpost there, in collaboration with a not-so-friendly Canadian government.

Major highways from Fairbanks through Delta Junction from the northwest and from Anchorage, Eagle River, Wasilla and Palmer through Glennallen from the southwest meet at Tok where the Al-Can highway takes off to the southeast through Yukon Territory and British Columbia to enter Washington State at Blaine or other border crossings.

Clive Robinson December 23, 2019 2:37 PM

@ Anders, SpaceLifeForm, ALL,

BTW, the New Year bring us another “present” from Intel

Yup the BIOS is gone, long live the BIOS… And people sound surprised when they hear Rissia’s President Putin still uses MS WinXP on I presume a decade or more old hardware with a BIOS inside, and I’m guessing no “Over the Air Interfaces” like WiFi, Bluetooth or god alone knows what else over and above the obvious in built cameras or microphones.

@Nick P and myself[1] used to talk about when you should set the cut of date for hardware, I argued for pre 2000 he argued for pre 2005. It has been a busy decade and a half or so where the PC changed from “Computer to assist you, that you controled”, to “Spy to assist them, that you had no control over” (pick your choice of data thief).

So the “lock down/out” of ownership continues with you the user becoming more and more the involuntary data source. With no rights over what you create and privacy rapidly becoming something you leave behind around the time you leave the womb, and you don’t get back even when they have nailed the lid down…

The good news is if you are carefull you still can have some privacy like “Winston Smith, writing his journal in the out of sight alcove”[2]. However you have to be careful, especially who you trust and how, and build in deniability. We call it “Good fieldcraft” or OpSec and if used carefully still works the way it did upto the end of the cold war. It started going wrong because to many people for politicsl and profit reasons made the mistake of thinking technology could replace the old hard won skills. Whilst it could on the covert observation side on home ground –but only if undetected or unprepared for– it could not realy replace the hard won skills of agent-handler field craft. Thus “Knowledge and Preparedness” are the real armaments of defence.

Remember it was terrorists that turned electronic observations against those hunting them and In the process proved to the world what had actually been known but not talked about in the corridors of power since the 1950’s. That is “attribution is hard” at the best of times but darn near impossible when the potential target of observation takes just a few precautions to play games with both SigInt and ElInt, and why at the end of the day HumInt is what is needed, with more often than not “boots on the ground”.

And it’s “boots on the ground” where things go wrong for those using technology to observe as Facebook and others have found. If you don’t have the human based resources to observe other humans then they will win. Not just at “Fake News” and the alleged “Election Manipulation”, but also at covertly organising themselves against technically resource rich but human resource limited authoritarian entities like governments and their guard labour.

Thus the real “gift of the season” is being given the information by which you can take back your privacy, and in the main it is not by “new technology” but “old fieldcraft” where you use your adversaries weaknesses against them to defeat their strengths against you.

[1] Nick P and others who used to be regulars, if you are still reading along, solstice seasons greatings to you all, and “keep the faith” on ICTsec and privacy.

[2] He was the main protagonist in George Orwell’s book “1984” written during and just after World War II, where Orwell predicted much of the distopian things we now have around us. Including televisions that spy on us, the need to have continuous distant wars that can neither be won nor lost, thereby control the home population and give excuses for government failings. As well as the likes of “Managment Speak” where words have a different meaning and they can be used to segregate groups of people on the basic notion of “Divide and conquer”.

Anders December 23, 2019 5:57 PM


I wouldn’t draw the line in exact years…but PIII line was good.
Coppermine, Tualatin.

Pentium Pro (especially on the SMP motherboards) was good too.

There is still a lot that can be done with those old computers.

Unfortunately they end up in Guiyu 🙁

I hate the modern web, it’s big bloatware.

Luckily there’s still old-style lightweight websites available,
like this one.

JonKnowsNothing December 24, 2019 9:45 AM

@Clive Robinson

re: Trebuchets Catapults

In USA we have an annual Fun Contest of hurling old pumpkins after Halloween using various machines including trebuchets and catapults. The machines are often built by the competitors from whatever is laying around the farmyard unused.

It’s great fun to watch all the different machines working and a great education in the evolution of “hurling something far”. The trebuchets is really impressive to watch unwind flinging the pumpkin.

Per Wikipedia the distance records are:

  • Catapult 4,091 feet 2019
  • Trebuchet 3,377 feet 2019

ht tps://
(url fractured to prevent autorun)

Pumpkin chucking, or for rhyming purposes Punkin Chunkin and Pumpkin Chunking, is the sport of hurling or ‘chucking’ a pumpkin solely by mechanical means for distance. The devices used include slingshots, catapults, centrifugals, trebuchets, and pneumatic cannons.

SpaceLifeForm December 24, 2019 12:04 PM

Not sure what I think about this, other than that while closed source certainly can have this problem, open source can also until someone studies the code in depth.

But, reverse engineering a closed source binary may just be as difficult these days as reviewing source code. (keep your open source codebase as small as possible).

Note: the email is fake (but could be legit).

Point is: Backdoor, reduced keyspace.


Clive Robinson December 24, 2019 12:56 PM

@ JonKnowsNothing,

Per Wikipedia the distance records are

Impressive to say the least, when you consider 5280ft is a mile and 3281ft is a kilometre. Especialy when you consider even the shortest is longer than most soldiers can manage with a standard infantryman rifle. With that sort of range and mass potential why bother with sending up a quadcopter 😉

Infact a quick thought suggests if you dry the pumpkin a bit then fill it with a liquid hydrocarbon and a rag. With a payload weighing in at around gallon of gas or moonshine[1] you could have a very interesting fully natural fully renewable and also 100% green –alright orange– ammunition 😉

[1] I wonder how many other readers when students used to buy a mellon and inject it with a goodly quantity of “grain alcohol” over a week or so to make a very boozy party piece 0:)

Electron 007 December 24, 2019 1:06 PM


(keep your open source codebase as small as possible).

The smaller the codebase the better. Less is more. Part of the old Unix philosophy.

The complexity is in all that closed-source crap swept under the rug: the bloated GNU compilers, all the legal-beagle GPL fine print, all that proprietary Intel//AMD microcode to implement the obligatory CISC “architecture”, the Rowhammer memory leaks and other cache contention, buggy CPU pipelines and branch prediction failures, the list goes on and on.

The attitude of “high level” programmers in crisply starched bleached white collars and the endless sermons on “abstraction” they preach for fear of getting their fingers dirty on “low level” code…

It’s all hell or high water, corporate risk management, you’re fired, guns are banned, go knock on the door of NAMI if you want a job somewhere else but in reality, neither flood nor fire helps any of that computer shite work the way it’s theoretically supposed to.

MarkH December 24, 2019 1:47 PM

To all of our kind commenters who observe western Christmas, or any such solstice celebration — and most especially the stalwart Mr Robinson — my best wishes on this festival!

Electron 007 December 24, 2019 3:22 PM

Remember the Nazi theme of rationed healthcare? The criminals are defeating biometric IDs, and the poor cannot obtain healthcare to restore needed life function to their bodies.

Plast Reconstr Surg. 2004 Jan;113(1):247-53.

Fingertip replantation using the subdermal pocket procedure.

Lin TS, Jeng SF, Chiang YC.

Department of Plastic and Reconstructive Surgery, Chang Gung Memorial Hospital at Kaohsiung, Kaohsiung Hsien, Taiwan.


Restoration of finger length and function are the goals of replantation after fingertip amputation. …

This article is already ten years old. Poor people suffering frostbite in the far north are not getting any benefit from such procedures. On the other hand, reformed gangsters are getting new fingerprints to help clear their criminal records.

Prosthetic Fingers Help Reform Japan’s Feared Yakuza Gangsters
A prosthetics maker never expected his job to lead him to the underworld.

That is the unfortunate state of science and the application of science.

@MarkH, Clive Robinson

Some people do celebrate Winter Solstice with fireworks around here. I don’t know that fireworks are tradition for Christmas per se Christmas, but Isaiah did well prophesy on “burning and fuel of fire” …

SpaceLifeForm December 24, 2019 4:04 PM

Interesting flaw. Behaviour differs based on network path.


JonKnowsNothing December 24, 2019 4:07 PM

@Clive Robinson


I wonder how many other readers when students used to buy a mellon and inject it with a goodly quantity of “grain alcohol” over a week or so to make a very boozy party piece 0:)

Watermelon was the favorite. Fresh pineapple worked well too. I never tried a cantaloupe or honeydew.


Infact a quick thought suggests if you dry the pumpkin a bit then fill it with a liquid hydrocarbon and a rag. With a payload weighing in at around gallon of gas or moonshine[1] you could have a very interesting fully natural fully renewable and also 100% green –alright orange– ammunition 😉

The selection of the Right Pumpkin is a big deal for the Chunkers. There are some varieties that are more round with tougher skin-shells and more uniform in size. Common orange Halloween ones in the USA are oval or oblong or misshapen. Nice for carvings but not good projectiles.

Round, medium-small, tough shell. Depends on which delivery system too. You don’t want it to collapse on launch or in mid-flight. You also don’t want to hit any of the judges ’cause Wind and Elevation are significant variables and the best of aims are “That A Way”.

While not a Chunkin’ topic, one interesting photo of the unrest in HK(understatement) was an image of 3 persons creating a human anchored Slingshot or Wrist Rocket. They weren’t chunkin’ pumpkin’s.

ht tps://
(url factured to prevent autorun)

Electron 007 December 24, 2019 4:38 PM

buy a mellon and inject it with a goodly quantity of “grain alcohol” over a week or so to make a very boozy party piece 0:)

Watermelon was the favorite. Fresh pineapple worked well too. I never tried a cantaloupe or honeydew.

“The fruit’s too fresh at the grocery store.”

That “grain alcohol” isn’t exactly your ATF-approved and tax-stamped-for-human-consumption kind, either. More like the 10% ethanol intended for your motor vehicle fuel tank.

Greengrocers have been not only misplacing apostrophes but pulling every dirty rotgut liquor trick in the book since the 1930s.

Thoth December 24, 2019 6:24 PM

@Clive Robinson

Sponsored post on The Register (by Intel) regarding the In/Security of “Secure” Enclaves and “Trusted” Execution Environments.

Can’t wait for next Xmas to produce a new greetings card.

The reason why the “Secure” Enclave idea survives is the excellent marketing and sponsorships around. Lots of cash from Intel et. al. going around to whoever promotes them.

No kudoes for those that attacks them (i.e. researchers). I doubt if any $$$ bounties too if you do Plundervolt because it is not part of what the “Secure” Enclave is suppose to protect !!

The security unicorn that keeps gifting gifts tows the santa sled and distributes more gifts …

We shall have the Security Unicon next time featured in future seasonal greetings cards.

Remind me to add the Security Unicon in it !!!


Thoth December 24, 2019 8:04 PM

@Anders, all

Re: APT20 bypassing 2FA

“They said APT20 stole an RSA SecurID software token from a hacked system”

It’s a software token and asking to be stolen. All software tokens are simply sitting ducks and I have already predicted and warned long time ago how insecure it is to simply rely on your Android or iOS to protect your secrets.

What @Clive Robinson calls, a bubble up attack.

They can generate as much OTP codes as they want as there is no more security once the HMAC key is stolen.

That’s the price to pay for trying to go cheap & free because you don’t need to pay for a hardware token and carry it with you. You simply just download and issue license for software tokens.

Just use a proper physical RSA SecurID hardware token ….

vas pup December 25, 2019 3:57 PM

China is getting smarter – but at what cost?

“More and more data and information is falling into the hands of the government via sensors and other technology in cities.

But what happens when cities do deals with private tech giants such as Alibaba and Tencent, who themselves have vast databases of information on citizens?

Alibaba is headquartered in the eastern city of Hangzhou and has spent two years developing a platform dubbed the City Brain, which analyses data from cameras and the GPS location of cars and buses, and uses it to control more than one thousand traffic lights to prevent gridlock.

It claims it has helped drop the city of seven million people from the fifth most congested in China to 57th on the list.”

tds December 25, 2019 5:16 PM

@vas pup

From your BBC article: “Thirty years ago, Shenzhen was a fishing village, surrounded by paddy fields.”

Shenzen included here, too,

“What Happens When You Say No

Agnes Ouyang was heading to work in Shenzhen last year when two police officers told her she had jaywalked and would need to show them her identity card. When she refused, she said, they grabbed her roughly and used a phone to snap a photo of her face.

Within moments, their facial-recognition system had identified her, and they issued her a ticket for about $3.

“It was all too ridiculous,” Ms. Ouyang said. “Law-enforcement officers of low moral stock have high-tech weapons.”

High-tech surveillance is reshaping Chinese life in ways small and profound. The Communist Party has long ruled supreme,”

Thoth December 25, 2019 6:03 PM


It needs to be more usable than PGP and Yubikeys.

PGP has been around for ages and its usability is rough around the edges and still unusable.

The FIDO/WebAuthn standards are very rough and are governed by corporate structure runned by Google et. al. and for those that do not know about FIDO, it is the authentication standards used by Yubikey for so-called Passwordless. There are lots of conflict around FIDO and lots of unimplemented functions that should exists in client browser implementations that are still missing because Google/Chrome hasnt implemented as precedence. One example is the use of smart cards to host FIDO application in it as an authenticator on desktop web browser which has a standard already written for it in FIDO but Chrome doesnt support it and so doesnt the rest. Only place where smart card for FIDO can be used is on contactless NFC enabled phone with an NFC enabled card.

If you are having a hard time understanding the whole section I am saying about the Yubikey, FIDO and all that, rightfully so should you be confused because of the complexity in the FIDO/WebAuthn authentication environment that its simply too complex to understand for non techs and thus they dont want to mess about with these complexities and prefer to use the traditional 8 character password and write them all down on sticky notes hidden under their computer keyboards.

Thus, Passwordless camp ain’t making much progress converting the non techs since after years of continuous touting and failing.

How can non techs be secure ?

Good luck for them.

They see no reason to adopt because of the difficulties in tech, complexities in political environments and all that. The politicans have taught them that they have nothing to hide and hiding is a heinous crime so
…. you have a bundle of many highly volatile cocktails of nasties mixed in for a nice kaboom.

How do we help them ? We need to help ourselves first. We need to change how we should present ourselves to them and stop putting corporate profit as the sole indicator of success.

The above is just a short opinion for now.

JonKnowsNothing December 26, 2019 12:15 AM

@tds @vas pup

re China high-tech city interfaces with Corporate and Government systems.

iirc: Google was about to do this either in Canada or UK or maybe both. I think they were forced to back down some after the locals figured out what was being sold.

There’s a great Sci Fi story about a stranger who finds and enters an abandoned Hi Tech city.

It’s not so Sci Fi anymore.

Apple’s latest “Always On even When Off Geo-Location Tracking” UWB system, is the latest in “unexpected” interfaces. It’s not there to benefit the end-user any more than RING (Amazon) benefits the home owners when camera is capturing images of the neighbors in the hood. The side non-benefits are that it’s WAI and 600+ LEOs have direct access to the 2way system.

Sed Contra December 26, 2019 7:27 AM

The idea (perhaps not the implementation) of using some kind of satellite-based interferometry or other signaling to measure ground movement goes back to at least the mid-1980s.

My idea: use the millimeter accurate GPS to send messages by waving the receiver around, encoding text to position or position changes. Yes (Yoda voice), texted you have.

Wael December 26, 2019 7:43 AM

@Sed Contra,

My idea: use the millimeter accurate GPS to send messages by waving the receiver around…

Excellent idea. How about a satellite system that can read lips? No need to gesture about like an idiot; just talk to one’s self like someone who escaped from a nearby asylum 😉

Clive Robinson December 26, 2019 8:35 AM

@ Wael,

No need to gesture about like an idiot; just talk to one’s self like someone who escaped from a nearby asylum 😉

Well, remember for a satellite to see thus read a persons lips, they would have to be looking upwards towards the direction of orbit, so facing towards the West…

So it would be more like praying than being fresh out of the “big white house”.

Bong-Smoking Primitive Monkey-Brain Spook December 26, 2019 10:25 AM

@Clive Robinson:

they would have to be looking upwards towards the direction of orbit

Orbits have a circular path so one doesn’t have to look directly up. Also, there must be at least one satellite that can see a person’s face and lips.

being fresh out of the “big white house”.

You and your idioms! Please decipher!

SpaceLifeForm December 26, 2019 1:41 PM

@ 1&1~=Umm

I’ll fly corrected. Sorta.

Osprey (FishHawk) is considered a separate family from non-fish eating Hawk (ex: Redtail).

SpaceLifeForm December 26, 2019 1:51 PM

@ Sed Contra

So, waving your GPS receiver around, is going to be able to transmit a message via what path?

The GPS satellites only broadcast.

How are you really xmiting?

Clive Robinson December 26, 2019 2:10 PM


Orbits have a circular path so one doesn’t have to look directly up.

I’ve discussed this in the past with @Wael, all orbits, including thrown objects follow an eliptical path. A circular path is basically a limiting case where the focus points coincide.

As for “looking up” you are talking about “horizon distance” which depends on many things but any obstruction above the same hight as the lips of the person standing normally to the plane of their horizon requires “upwards”. But further the shortest path is directly above ie at the normal point in the plane of their horizon. It’s also the point with least disfavourable optical charecteristics.

As for “The big white house” it’s an euphemism from the 1960’s or earlier that was a common expression often used as a threat[1] where I lived (due to Victorian lunatic asylums being built “out of London” to the South West. It was used much in the way “funny farm”, “rubber room” or “men in white coats” for state run mental institutions where people were dumped[1] and more often than not mistreated if not actively abused (involuntary electro shock therapy, labotomies, sterilization, sexual abuse etc).

Some such places had in earlier times been long term sanatoriums for polio or TB –usually recognisable by the balconies– and the like and were thus painted white on the outside and that awful shade of “hospital green” on the inside. Some were purpose built in the Victorian era and so old that rather than have “hot and cold running water” they had “hot and cold running roaches”.

[1] It was often used on misbehaving children and certainly adolescent girls when their behaviour was not what was expected. It’s why sometimes when I hear XXX is destined for “The White house” that I might smile ironicaly[3].

[2] Untill the early 1950’s English law alowed unmaried women who were nolonger virgins for what ever reason to be locked up indefinitely. Thus any complaints by a girl about being sexually abused would often end up with her in such an institution whilst the man would still be an upstanding citizen etc. etc. Also those that tried to commit suicide be they male or female were “criminally insane” tried, convicted and locked up in “locked wards” next to what we would now call psychopaths rather than be given the help they needed.

[3] Speaking of “The” White House as they say in “The” USA or 1600 Pennsylvania Ave did you know there are actually two of them? “SE” is an appartment block with 77 residences, “NW” is the old Presidential Palace the British gutted with fire, and it takes over 570 gallons of white paint to keep the scorch marks hidden…

1&1~=Umm December 26, 2019 2:16 PM


“I’ll fly corrected. Sorta.”

Just remember that in real life,

‘There is always an exception to all rules, even this one’ 😉

Paradoxically I’m not a Cretan

Electron 007 December 26, 2019 2:43 PM

TSLA is coming out with a new battery that is supposed to last 1,000,000 miles due to the highly proprietary patented intellectual property of its new chemical technology. Strong legal protections for the patent, and enhanced penalties for circumventing intellectual property protections mechanisms, or performing unauthorized repairs in violation of the DMCA, are expected to further extend the life of the battery and the environmental benefits to be realized by electric vehicle technology with such highly secured, proprietary, non-open-source computer controls.

Stronger legal protections for intellectual property, and stiffer penalties for DMCA violaions may one day enable a fully self-driving highway transportation system without the necessity of employing human drivers, or even allowing them on the road.

SpaceLifeForm December 26, 2019 4:36 PM

@ Ho-Ho-Ho

FB is Zucked.

Your quad link was interesting, btw.

But FB is Zucked. And should be.

What FB is saying, not the real story.

Not even close.

Bong-Smoking Primitive Monkey-Brain Spook December 26, 2019 4:41 PM

@Clive Robinson:

and more often than not mistreated if not actively abused (involuntary electro shock therapy, labotomies, sterilization, sexual abuse etc).

Reminds me of:

One flew east;
One flew west;
One Flew Over The Cuckoo’s Nest.

I like the dedication of this audio book 🙂

1&1~=Umm December 26, 2019 5:03 PM


Ahh the art of misspelling at an opportune time…

For those who might have a raised eyebrow of consternation or enquiry,

Epimenides was a Cretan, who no doubt made many statments in his life but only one immortal statement of ‘All Cretans are liars.’

It’s why it’s called Epimenides’ Paradox and is often said as,

‘I am Cretian, and all Cretians are liers’

Which no doubt would have pleased the Roman poet Ovid who’s thoughts on those born in Crete was ‘mendax Creta’, or ‘lying Crete’. For some reason even the Greeks had a downer on Crete, they used the word ‘cretize’ as a synonym for lie.

Why everbody appeared to have a downer on Cretians I don’t know. But I do know that it’s something that repeats apparently endlessly throughout history.

For instance in quite recent times the English had a real downer on the Irish, certainly post WWII when children were taught a poem about the Irish that to put it politely was not polite, and despite it being illegal to discriminate by race it was not uncommon to see adverts for rooms to rent that listed people who should not apply amoungst which were the Irish.

It still has a legacy today with the ‘There was an Englishman, Irishman and Scot’ jokes oh and speaking of Scots, there is a good reason why the last verse of the National anthem for the ‘United Kingdom of Britain and Northern Ireland’ known as ‘God Save the Queen’ is not sung… It’s kind of hard to be united when singing about Marshal Wade and what he was doing to the Scots… Which might be why ‘Flower of Scotland’ is sung at sporting events and the like because it referes to the Battle of Bannockburn, where Robert the Bruce led a victory over Edward II of England and to my ear, any way, Flower of Scotland sounds more whistful 😉

MarkH December 26, 2019 5:27 PM

@Clive, re White House:

The identification of the two meanings is now nearly perfect.

You can add to that the White House in Moscow, which house the office of the prime minister and other high government offices.

Today I was reminded of William K. Black’s concept of control fraud. To borrow from the wikipedia article, a chief executive “is uniquely placed to remove the checks and balances on fraud within [an organization] such as through the use of selective hiring and firing.”

Hmmm, where have we seen that recently?

Clive Robinson December 27, 2019 1:18 AM

@ SpaceLifeForm, Sed Contra,

How are you really xmiting?

I’ve mentioned how back when the TAO catalog got tallked about on this blog.

There are two methods one inconsequential and the other slightly more consequential.

You can look up the “pith ball experiment” where you spin a charged pithball and it radiates an EM field at the frequency of rotation. Due to the low frequency of rotation the wavelength (speed of light / rotation rate) is vast compared to the pithball path, therefore it is a very ineficient radiator, and likewise the low charge movment per cycle of movment the signal radiated is very very small…

Less inconsequential is the movment of conductors or dialectrics in a wave field. It distorts the wavefield proportional to the movment and therefore modulates the field. This can be picked up at a distance if you know what you are looking for.

One way to move a wire with respect to the field is to do it physically that is put a couple of halfwave radiators of the field frequency on either end of a boom about 1/10th of a wavelength appart and spin it. The result is for several tens if not hundreds or more of metres a radio receiver will pick up a phase modulated signal at the rate of spin.

Obviously this is not mechanically practical in most cases though it has been tried with various things including reflectors that most of us have either seen or heard about made realy famous with 1970’s Disco, and the infamous “mirror ball” or it’s later 80/90’s green light laser image projectors, but some two hundred years or so before that with the predecesors of frensel lenses in light houses[1].

Whilst some reflector or waveguide antennas still rotate for centimetric radar and above the modern trend at lower frequencies is towards phased array antennas where the equivalent of the mechanical rotation is synthesized by changing the characteristics of radiators the simplest of which is the halfwave dipole.

If you make a dipole antenna and change it’s center impedence with an electronic device such as a FET or PIN diode it modulates the EM field around it. Whilst the transistor/diode changes the “real impeadence” or resistance of the antenna which absorbs some of the EM energy the use of variable inductance or capacitance changes the “imaginary impeadence” or reactance, in effect moving the antenna impedence at any given frequency by changing the resonant frequency of the antenna. Thus making it work like a “reactance modulator”.

A capacitor can be made with very very fine foil or ribbon, and work exceptionaly well as a microphone. The “Great Seal Bug” as used by the Russian’s against the US diplomatic premises in Moscow is an example of combining a foil microphone with an antenna to cause changes to an “illuminating” EM signal.

The inventor of the Great Seal Bug was Leon Theremin who in 1928 patented an electronic musical device now called the Theremin, that worked in a similar way in that it contained an oscilator that had it’s resonant components exposed to the environment, and the musician could by simply “waving their hands around” change the output of the oscillator. I guess the most famous example in terms of people hearing it is the start of the Beach Boys Good Vibrations.

But as I’ve also mentioned you can use the WiFi signals going through peoples homes to actually see their movments through brick walls and the like. With sufficient clarity after significant processing to see not just hands waving around but fingers typing…

A thought that makes some people want to hide in a hole in the ground[2] to do their typing

[1] A short history of which can be read at,

[2] The military like many other bureaucratic organisations don’t like calling things what the are because it might scare people which would never do. So a hole in the ground becomes a “bunker” and what is in effect a room surounded by metal like a jail cell on steroids as a “SCIF” for “Sensitive Compartmented Information Facility”. Which sounds oh so much better than a sound proof tank with metal door lined with rubber and soft padding, which lets face it sounds like something you would find in a lunatic asylum for people to bounce around in all day. In the electronics industry we are a little more honest with “RF Cage” or “Anechoic Chamber” or “TEM cell” which is essentially a “horn antenna” with an RF absorbing load where the open end would normally be (also jokingly known by some as a half Madonna).

Weather December 27, 2019 1:40 AM

Didn’t I talk about this ten years ago a GPS sat can be used by listen to the E field detect stealth aircraft.

Alyer Babtu December 30, 2019 12:47 PM

Re quadratic equation solutions paper above

This touches indirectly on a vast field of current research concerning what are valid numbers – we have integers, rational numbers, algebraic numbers, and some specifically defined numbers beyond these, and what else ? – ; and what does it mean to solve polynomial equations.

See e.g.

Teo Mora, Solving Polynomial Equation Systems (4 volumes), Cambridge University Press

Harold M. Edwards, Essays in Constructive Mathematics, Springer

name.withheld.for.obvious.reasons January 2, 2020 5:27 AM

As the TLA’s and IC’s of the military industrial surveillance complex (MISC, not to be confused with RISC or CISC), continue to eviscerate constitutional constraints on government power, and thus render the U.S. Constitution meaningless, little comfort is taken from the nearly vapid and spiritless treatment of 4th Amendment issues addressed by citizens or interest groups in the last decade. Lawfare has a take that is hilarious in section III. Lessons for the Future hxxps://

Technologists have fallen down flat on this one, and I can hazard a guess as to why. Something to do with a potential conflict of monetary interests, possibly an ethical dilemma, or just a plain “AMP” (Aint My Problem) attitude. Ironically, there are probably more than dozens of people that fit in all of the above categories for which this is true. But here is where it becomes intolerable…

Nearly seven years after the Snowden revelations, no substantive progress has been made in addressing the use of general warrants, sneak-and-peek, EO 12333, and other fun elements such as those contained in 2001 Patriot Act or the vile and treasonous FISA Amendment Act of 2008. You could probably include the NDA 2010, 2013, 2015 along with the friends of the IAA of 2012, 2014, and 2017.

The legislative milieu and the landscape that has been littered to no end with laws specifically written to continue, not curtail, the reach and scope of out of control government agencies. An article at lawfare takes a stab at what is the current thinking in courts on the subject; hxxps://

EFF is still challenging the courts with the Jewel v NSA case, that has gotten almost nowhere in the 9th circuit. The legislature has not taken up any legal framework respecting privacy and still relying on the 1986 Computer Abuse and Fraud Act and ECPA as a basis for law in privacy. The courts have little to go on as demonstrated by the Bates opinion from the FISC in 2011. (See hxxps://

Is it obvious to anyone else that the redactions in the later portion of the document give cover to government metrics of FAILURE? See if you can by reviewing the “Memorandum Opinion on Upstream Collection” hxxps://

How often and how far does this republic need to be abused before people, that I know who know better, will act to correct the abuses of power and to the citizenry. This is not rocket science, hell it’s not even rock science. It’s more like rock, paper, scissors child’s play. What is wrong with our culture, society, and world? We can put a person on the moon in less than a decade, but damn if we will correct our own mistakes any time soon.

Clive Robinson January 2, 2020 6:08 AM

@ name.witheld…,

Technologists have fallen down flat on this one, and I can hazard a guess as to why. Something to do with a potential conflict of monetary interests, possibly an ethical dilemma, or just a plain “AMP” (Aint My Problem) attitude.

It’s not just technologists and they did not “fall down” but were violently forced down by “rights stripping” backed by “guard labour” and a very very biased legal system.

It’s hard for people that have been through the US education system to see, but what they hsve been taught about society and it’s purpose is mainly total nonsense with a huge political bias.

I’ve mentioned before that the health of the population in general effects every one else. Thus you might be a 1% of the 1% living in your private estate without a “commoner” in sight, but your health and their health are so intertwined that even if you lived in total issolation your health outcomes are still linked in ways you might not realise. Improving health and it’s outcomes only works when there are sufficient people to make it cost effective to support what we would now call research and the development and production of solutions. There is a reason why we die nearer 100 than 50 in just a century or so.

US attitudes directed by education might be the reason why life expectancy has started to drop in the US and not in other parts of the world…

But obviously it’s not just health care that is wrong in the US. The number of deaths per head of population are realy quite a bit worse in the US than they are else where. Perhaps people in the US should start asking why, before it’s their turn to “die early”, more often violently or painfully than else where.

That is work out the root causes of what is perhaps the worst “blaim the victim” society in the Western World, and why it persists despite the all to obvious harms awaiting for the majority of people that live there.

I can give people answers, but it’s best they take personal responsability to investigate and think with an open mind. Because that way they will find out who has been misleading them and why, and not have to rely on the words of others that they might think are lying to them due to the cognative bias built into them mostly from a time before they first went to school.

A hint however might be “Consider that worship of sentient dieties is not the main religion in the US” and why that might be.

name.withheld.for.obvious.reasons January 2, 2020 7:43 AM

@ Clive

Not to beat this point beyond reason, and I do agree that U.S. centric thinking is tainted by a number of maladies, that WE the more enlightened and cognizant of the issues of concern are less effective than is helpful. We are slowly dying from a thousand cuts.

My last paragraph is a good summary, and so is yours…except I think you meant to say that the U.S. is plagued with a level of magical thinking that dooms us all.

Electron 007 January 2, 2020 10:26 AM

@Clive Robinson

US attitudes directed by education might be the reason why life expectancy has started to drop in the US and not in other parts of the world…

But obviously it’s not just health care that is wrong in the US. The number of deaths per head of population are realy quite a bit worse in the US than they are else where. Perhaps people in the US should start asking why, before it’s their turn to “die early”, more often violently or painfully than else where.

There’s a irreparable split in some of those attitudes as compared to Europe.

There’s too much life insurance in Britain. That’s a contract on a human life when they talk about mortality rates and deaths per capita like that. Murder-for-hire, we call it in the good old USA. You can’t really mince words about some of that stuff.

There are certain harsh and unavoidable truths about life on earth. If people aren’t dying violently or painfully, then they’re doing heroin, and “passing away” oh-so-peacefully in their sleep. And we’re getting a lot more pain medication than we really need from that awful European-dominated pharmaceutical drug industry.

Clive Robinson January 2, 2020 12:41 PM

@ name.withheld…,

I think you meant to say that the U.S. is plagued with a level of magical thinking that dooms us all.

I’m not sure “thinking” is the right word “reacting” might be better.

Certain words, phrases or statments, cause a reaction below the concious mind. It’s like a tiger growl, that causes the monkey brain to send you from sitting on the ground to balancing at the top of a tree in from “zero to nothing” that is less time than your concious mind can think tiger let alone danger.

It’s a learned response from a very early age, unlearning it, is a thoughtfull process of self re-education. It’s especially hard when nobody around you want’s you to. But we know that from alcoholics and smokers who give up, it can be done dispite peer presure.

But it’s actually worse than an addiction, because for some giving up on faux notions, means giving up on their employment, thus income, thus car, home, food on the table, etc because they “don’t conform” any longer. Worse still as history shows non conforming can get you sanctioned in worse ways as some believe that examples have to be made to keep othets in line.

This recent nonsense with the profits from Edward Snowden’s book, is further proof if any were needed that the ideas behind “divine right” being expressed as “might is right” through “guard labour” actually shows that our alledged betters are actually worse than petulant kinder school children. Who have been caught doing things they know they should not have been, punishing the messenger rather than mend their wrongdoing. It’s actually a form of risible impotence and thus not something that they should paraded about so publically, much to the embarrassment of onlookers.

Clive Robinson January 3, 2020 7:36 AM

@ Name.withheld…,

It apprars world events have sped past our conversation,

Mind you what did those in executive power realy expect to happen?

The last little “adventurism” into the Middle east created many terrorist organinations and as indicated at the time took a counterbalance out of the area that was keeping terrorism very much in check. When you create a power vacuum as the US and it’s few alies did you can not expect it to stay empty and putting into place a puppet government that is weak, corrupt and ineffective as they did just creates openings for others. Which they will take advantage of,

Often to your embarrassment and that of your alledged allies. I’m sure neither Israel or the House of Saud has liked what has happened and the House of Saud are probably feeling “the winds of change” comming in their direction. As for the Emirates their recent political changes must have most in the ME wondering what they are going to do. Stories about the US having “geo-fenced” weapons sold to both them and the House of Saud will not have gone down well and gives an opening to other arms market players.

Also Europe which has been picking up a big chunk of the humanitarian tab of US Adventuring in the Middle East is unlikely to sit by and take another deluge of immigrants, especially if it gives the likes of Turkey more power. Germany and France will probably have to rethink their plans they have been slowley influancing through the “Council of Ministers” with regards the south and east of Europe.

But it would be wise to regard what ever is comming out of the US executive currently as without a doubt as at best misdirection at worst easily disprovable falsehoods.

I suspect this is going to end up starting a new proxie war between the US and Russia the warning signs and flags have after all been waving for a while.

Also without a doubt a proxie war will also serve certain home interests (but the old “trying to buy the US out of deficit” has been tried and failed before). Thus expect a whole series of changes in the US with regards the diminishing of freedoms etc, whilst many will be covert, some will almost certainly be overt and directrd against media etc.

However unlike previous proxie wars it has significant global issues attached that are not going to go away or potentially stand by. Especially as Iran has demonstrated repeatedly they are capable of not just defending themselves but taking things forwards into other countries.

China for instance also has significant interests in the ME that are more favourable to Russia and Iran than the US and the US has taken quite a bit of effort to alienate China under this administration. But less obvious publically is that US weapons have been more and more dependent on resources out of China. I’ve mentioned this several times in the past. So if you see a change of US stance on “Rare Earth Metal” mining etc you might regard it as a bit of a red flag starting to be run up the pole.

Oh and importantly do not forget the relationship triangle behind some of this. In part it’s between Iran and North Korea, with the Pakistani “father of the bomb” A Q Khan. Which got the US and Israeli to cooperate on “stuxnet” amongst many other oddities. Pakistan for all the MSM saying otherwise is fundementally not Pro-US and it’s leaders are well aware of the limits on “playing nice” to the US.

Further Pakistan and it’s leadershio have other more important issues at hand. You also have to think inturn about India and it deliberately souring it’s relationship with North Korea and the problems India has with China on one side and Pakistan on the other and the fact the Indian political leaders appear hell bent on making them worse as quickly as possible.

Thus this latest US stunt is not exactly wise and it comes at a time when it will take very little to start a war that will spread out quickly. It’s been noted by others that the US Empire is crumbling, and that the world is over due another “world war”.

For many years now I’ve mentioned that I expect the US to go to war with Iran or in the South China seas, with Iran being more likely.

Thus the question to some is how far will this go? And how far will we fall?

Many are already “hunkering down” and stocking up on what they consider essentials[1], with those that can like Silicon Valley execs having their “hide-aways” in New Zealand’s “south island etc (last bus stop to the antarctic). All stocked up with five years food, water and other precautionary measures in several square miles of land.

For the rest of us a year of food and water is realistically insufficient to “start from scratch”. Because you need two years of food to see you get through starting subsistance level agriculture and getting it to the point where you can survive a whole year by it[2]. The unspoken problem by most is the amount of land required, and other resources. All of which generall requires guarding from those who live not off the land but by preying on those that do. Unfortunately “guard labour” gets us back into feudalism via the “King Game” and the mess we are in now…

[1] To give you an idea of what that involves it’s assumed that properly packed and including container weights it’s ~1kg of “dry food” for a 3000calorie “working” diet and ~4kg of “potable water” per person per day, to cover basic needs. Thats ~7 tons per year for a group of four[2] and if stored correctly to keep, avoid rodent and other pest issues, and be “pantry accessable” would need around 35 cubic meters of space or if you prefere around 1250 cubic feet or ~200 sqft of floor space in an average hight room. But with that weight it would need reinforced floors if not on or below ground on reinforced concreate floors. It would also require temprature and humidity control as well to stop fast spoilage, hence below ground covert “root celler” storage is considered by many, but flooding is an ever present risk.

[2] Testing by various governments has shown militarily four multi-skilled personnel is the minimum group size for independent combat (sometimes called “a brick”). When you add in other things such as manual labour for maintainence and farming a group of twelve where a minimum of four are “next generation” is considered the minimum viable starting size but only for two or three generations befor “closed stud book” genetic issues arise. For a community to be longterm viable at subsistance levels it needs ninty to a hundred mainly unrelated people to start with, with a birth rate greater than four children per couple is needed. To be able to do more than subsistance living requires high level education and the ability to go beyond artisanal crafts into manufacturing which is required for farming, living and health sustainability and improvment especialy energy production for “force multipliers” and making potable water etc. This needs to be around four hundred people to start with in a resource rich environment of which very few realy exist any more. But the big problen is to feed one person a very basic vegitarian (potatoes, beats, and beans, with some onions and tomatoes and pepers) diet for one year needs around 8000sqft of fertile land.

To make this sustainable you need to develop effective recycling thus human waste needs to be properly turned into safe fertilizer as well as not poisoning the land or ground water (see “humanure” which needs straw) this takes land requirment up, and to add in food variety, goats/sheep geese/hens/pigeons rabbits/fish and bees along with the growing of flax/hemp/cotton for clothing and cordage takes it up to well over 20,000sqft or half an acre for each person. Thus for four hundred people you need a square mile for food, double that with agricultural animals (two people can plow an acre/day a man and a bull ~5, a man and a horse ~10). Then there is land required for copicing and forestry and brick and tile making fish lakes and water purifing etc which is another couple of square miles or so. Within a generation or two you would be looking at two or three vilages in 10-20 square miles of valley larger if the land is less fertile or more arrid.

MarkH January 3, 2020 12:30 PM

Something I just discovered (perhaps Clive knew it already) … American mathematicians D N Lehmer and D H Lehmer, father and son, were responsible for a series of remarkable machines, very strange and crude in appearance (and ingenious in conception), to help in the factoring of large integers.

Their first contraption used bicycle chains.

I haven’t yet worked out the theory, but it seems that the machines solved systems of modular congruences. Those solutions are not factors in themselves, but pointed the way to finding large prime factors.

Note that while the machines used electric motors to propel the “integers,” and an electric circuit to stop the machine when a solution was reached, the computation itself was purely mechanical.

Sometimes within minutes of runtime they were able to achieve factorizations impractical to compute with pencil and paper.

Along the way, I learned of William Stanley Jevons, who perhaps made the first argument for the RSA computational complexity case.

In an 1874 book, Kevin’s wrote “Can the reader say what two numbers multiplied together will produce the number 8,616,460,799? I think it unlikely that anyone but myself will ever know.” His number is the product of two 5-digit primes; he understood that reversing his few minutes of computation would require vastly greater effort. Of course the word “ever” was too strong: a fellow Englishman factored the number 15 years later.

Around the same time the Lehmers were building their machines, Alan M Turing was ordering bespoke gears with large specified numbers of teeth, likewise for a computation related to number theory.

MarkH January 3, 2020 1:04 PM

Apologies for auto-correct; should have read “In an 1874 book, Jevons wrote”.

@Clive did a nice job of explaining why “preppers” would drop like flies if their imagined apocalypse were to reach them.

If you already feed yourself and your family entirely by subsistence farming on your land, without using any petroleum fuel or any industrial fertilizer … and likewise, you have an abundant nearby source of potable water which you can obtain without any use of petroleum fuel … then you have your foot on the first rung of survival. If you haven’t already been supporting yourselves entirely by these means for several years, you have got a raft of surprises headed your way.

Naturally, you’ve been keeping yourselves alive through the cold of winter (if such you have) solely by sustainable harvesting of local fuel.

Your survival will also depend on favorable conditions for agriculture. “Bad years” can happen quite spontaneously; depending on the nature of apocalypse, its effects could also be terribly disruptive to agriculture for at least a couple of years. If you’re not growing twice as much food as you need in a good year, getting through one or two ruined growing seasons is going to be a ghastly ordeal.

Other inconveniences quite beyond your control might crop up. Many of the world’s nuclear power stations store spent fuel in on-site pools. If nobody’s looking after them post-apocalypse, the fuel decay heat will eventually boil away the water, erupt the fuel elements into flame, and scatter vast amounts of deadly radionuclides world-wide. The South Island may be a better spot, but no place would be exempt.

Of course, you are fully prepared to safely handle compound bone fractures, breech childbirth, your child’s abscessed tooth, and all of the other routine medical crises.

In general, the best plan for survival is to contribute to the stability of the civilization we already have.

Electron 007 January 3, 2020 2:09 PM


In general, the best plan for survival is to contribute to the stability of the civilization we already have.

That’s not going to happen.

Establishment law enforcement officers, FBI et alia, chose to use the law as a tool to inflict wanton waste and destruction of human potential throughout the subject populace of the U.S.

How many % of the population is prohibited from possessing firearms or even getting a passport due to stupid legal technicalities that are harshly and brutally enforced against us in total ignorance of the Constitution without even so much as a pretense of due process of law?

I am sorry. There is no “stability” to the carefully groomed society and uniform civilization, which you continually express such a malicious desire to maintain and enforce.

name.withheld.for.obvious.reasons January 3, 2020 3:06 PM

@ Clive

“TEM cell” which is essentially a “horn antenna” with an RF absorbing load where the open end would normally be (also jokingly known by some as a half Madonna).

What may not be well established with respect to these designs, the balum and taper associated with a “GAP” of the dielectric plays a huge role in the “effectiveness” and efficiency of skin effects and the sensitivity of the “antenna”. Using specific interface geometries, the component can be used as not only a microphone but an effective “emitter” capable of producing device denying signals. But that’s only if your into the fun of it…

name.withheld.for.obvious.reasons January 3, 2020 3:09 PM

@ Clive, again…

Going to have to get back to you on another squid regarding the “falling down” hypothesis…by tonight.

Too much going on to organize my thoughts properly.

Wesley Parish January 4, 2020 7:58 PM

@usual suspects

Wasn’t going to talk about US vs Iran, but since you’ve mentioned it @Clive, I figure I may as well.

The current and previous US administrations have not been very good at working out the consequences of their actions, particularly when it comes to waging war. I’d like to put it out there that they don’t know and they don’t care about the likely effects going to war with Iran is likely to have on their pet Persian Gulf ally, the kingdom of Saudi Arabia.

During the “Arab Spring” I noticed there had been a “Day of Rage” in Saudi Arabia called off because of a massive police and military presence. Add to that that Saudi Arabia has been regularly exporting its malcontents in the form of wannabe mujahidin to the other places around the world, and the possibility – or probability – that a war in the Persian Gulf between the US and Iran is likely to involve Saudi Arabia, and you begin to think maybe scenting blood in the water, the mujahidin wannabes will return home.

I’ve been thinking along these lines since I first heard about that aborted “Day of Rage” – at first I thought the Shiites in the north-western region would cause the trouble, but now I’m beginning to think it won’t be them, it’ll be the House of Saud’s “Praetorian Guard” same as always, same as the last lot.

(Of course, I haven’t mentioned the likely fate befalling any US Navy ship stupid enough to get caught in the Persian Gulf during a shooting war between the US and Iran. Any naval officer who’s ever read naval history should recognize “The Battle of Salamis” and what that implies about getting yourself trapped in a narrow sea passage with little to no room to escape. The US got away with the invasion of Iraq largely because it’s still got the world’s only blue-water navy. What’ll happen when the administration throws that all away for a stupid war? The mind boggles.)

Clive Robinson January 5, 2020 6:08 AM

@ Wesley Parish,

The US got away with the invasion of Iraq largely because it’s still got the world’s only blue-water navy.

The days of surface navys for high level warfare are over, they are just to easy to find as they have absolutly nowhere to hide from modern satellites, and missiles though expensive are getting cheaper by the day, as are long range cruise missiles and even drones. All of which have a much greater operational range than fighter aircraft from carrier groups.

Whilst such antiquated systems still work against second and third world countries (the US targets of choice) they don’t if the target of choice gets properly supported by one of many first world nations or super powers. We saw the start of this in 1950 and the 70’s and several conflicts since.

The future of high level naval warfare will be “attricion” or “siege” via unmaned deep water submersible weapons platforms, that can be stealthily deployed in advance in or near key points then at a push of a button and an ELF signal they become active. Whilst not requiring AI it would be a very cheap component to add to improve the platforms capabilities.

If nukes could be made sufficiently stable, then important harbours and ports would be destroyed in hours, few first world nations can survive the loss of cargo carrying capacity that civillian maratime vessels provide, because they don’t have either the food, fuel or raw materials for more than a very short period of time.

The way to fight a modern war is not to wast your time on setpiece action against their armed forces, but go straight for the soft underbelly of their civillian population. It’s what “sanctions” are a first step of, then you go for key infrastructure.

Unless you are empire building, only reason to have a military these days is to try to prevent your civilian population being attacked, this is especially true of first world nations where the populations are overly dense. Third world nations have an advantage in that their populations tend to be much more dispersed and self sufficient, if they have a mind to fight back well Afghanistan might give people a few clues as to what thst means.

But there is also another type of insidious warfare that can be seen in operation. Back in the 60s through 90s nations would supply weapons and resources to the freedom fighters / terrosists operating in their enemies country or those of it’s allies. This has moved on, what you do is use resources to generate large numbers of refugees that then flee towards your real target.

The rather dumb US ambassador to the EU who is currently in trouble, kind of gave the game away when he told senior Europeans his job was to destroy them. It’s fairly clear that one of the usefull side effects for the US is all the ME refugees trying to flood into Europe, which you can see reflectrd in Turkey’s actions and threats. The EU is thus thoroughly devided on the refugee issue, and in effect wasting resources and oportunities by fighting internally.

The sad fact is there is only one known way to stop refugees, and that is make your country effectively “certain death” or similar for them, thus they will mostly try to go somewhere else which is less dangerous. In short unless you are considerably more ruthless than those driving them out of their home countries they will force their way in.

Now whilst I can recognize this intellectually, the actual reality absolutly horrifies me, but it would appear to be both US and Russian policy to stop / destroy Europe any way they can, preferably via the hands of others.

Wesley Parish January 5, 2020 6:58 PM


Point taken on the expected short and unhappy life of any navy caught in a war against foes with equivalent strength. See: The Battle of Jutland. As far as the Victorian-era Royal Navy and the current US Navy goes, one of their most important purposes is to patrol the international trade routes and suppress piracy. As with the Roman Empire’s Mediterraean navy and the Hanseatic League’s ships etc, during their heighday.

Anyone with an inkling of maritime trade policies can see that: that’s why the USN maintains its large fleet, even though with the development of fast cruise missiles and the like, capital ships like the aircraft carriers are now a bit of a liability.

Clive Robinson January 5, 2020 8:18 PM

@ Wesley Parish,

Ahh piracy…

One of the older ways to attack a civilian population. Henry VIII’s daughter “Good Queen Bess” knew a few things about using piracy as a weapon of state craft.

On paper the English fleet should have not had a snow ball in hells chance against the Spanish.

But handing out licences to be “highwaymen of the seas” did a lot for ship development.

Yup piracy is a good way to attack a civilian population that is dependent on maritime trading. It’s one of the reasons that under Queen Victoria Britain had one of the most powerful fleets in the world. But Empires very quickly start to cost more than you get out of them, as does the communications to administer them (why Britain developed flying boats between the world wars).

Fleets of ships are expensive especially when you don’t know if you need them or not (look at the run up to the Falklands war). Thus Britain cut back it’s navy and tried to go hi-tec… So we still don’t have working two aircraft carriers and six destroyers…

Which in many ways is actually a good thing because it’s causing a serious rethink about what we want a navy for.

Submarines are for now one way to go, but they are realy denizens of the deep as they are like ships easy to find in costal and shallow waters, with the disadvantage of being slow in comparison.

Whilst ships can be made that will do sixty knots (~110kph) there are a lot of compromises but they are still easy targets for air based weapons platforms. Big guns are now gone except for blowing holes in the coast of third world countries, missile systems though expensive does mean that a ship can stay out of aircraft range and still do significant damage.

But for civilian as opposed to government piracy, fast manoverable but small weapons platforms are the way to go unless you are looking to take prisoners. Thus 10 small highly manoverable ships will give greater area coverage and faster response time than a single large ship, as well as being less easy to attack, but have shorter mission times between resupply thus need vulnerable resupply ships. It’s easy to see why the equation is quite difficult to get right as well as be “mission ready” in many more scenarios than even half a decade ago.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.