Friday Squid Blogging: Giant Squid Genome Analyzed

This is fantastic work:

In total, the researchers identified approximately 2.7 billion DNA base pairs, which is around 90 percent the size of the human genome. There's nothing particularly special about that size, especially considering that the axolotl genome is 10 times larger than the human genome. It's going to take some time to fully understand and appreciate the intricacies of the giant squid's genetic profile, but these preliminary results are already helping to explain some of its more remarkable features.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on January 17, 2020 at 4:19 PM • 72 Comments

Comments

SpaceLifeFormJanuary 17, 2020 6:50 PM

Update when bugs are found.

hxxps://www.zdnet.com/article/fbi-nation-state-actors-have-breached-two-us-municipalities/

The hacks took place after attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach the two municipalities' networks.

The FBI says that once attackers got a foothold on these networks, "malicious activities included exfiltration of user information, escalation of administrative privileges, and the dropping of webshells for remote/backdoor persistent access."

Sherman JayJanuary 17, 2020 8:38 PM

Security?! some gov't idiot says these will make us more secure.

h t tps://truthout.org/articles/large-military-grade-drones-could-soon-be-flying-over-your-backyard/

Oh, goody, goody, killer drones flying over all our homes!! (yes, meant as intense sarcasm)
If they aren't killing, I can guarantee they will be spying on everyone.

who cares about my name?January 18, 2020 6:04 AM

@ Sherman Jay

They will be spying on anyone for sure:

But an article by Defense One points out that General Atomics officials want the SkyGuardian to freely fly in American skies by 2025, and one of the drone’s biggest selling points is its FAA stamp of approval coupled with its intelligence-gathering, surveillance and reconnaissance abilities — including signals intelligence.

CuriousJanuary 18, 2020 7:08 AM

Something about the EU's Court of Justice's Advocate General, Campos Sánchez-Bordona, thinks UK, French and Belgian bulk collection and/or data retention violates EU law (there being different cases with different countries I think).

"Today the Advocate General (AG) of the Court of Justice of the European Union (CJEU), Campos Sánchez-Bordona, issued his opinion on how he believes the Court should rule on vital questions relating to the conditions under which security and intelligence agencies in the UK, France and Belgium could have access to communications data retained by telecommunications providers."

"The AG’s opinion is not binding on the CJEU. The Court itself will issue its judgment in the coming months."

https://privacyinternational.org/press-release/3332/preliminary-statement-advocate-generals-opinion-advises-mass-surveillance-regime

CuriousJanuary 18, 2020 7:14 AM

@Ismar

I remember a Brian Snow (former NSA) at the RSA conference, specifically at the 'The cryptographers panel' event that year, some time back, saying something along the lines of: You don't want to mess with nuclear launch code secrets, or something like that. I remember the casual warning sounding sort of menacing at the time, which I guess makes some sense.

PrivacyWhatPrivacyJanuary 18, 2020 12:08 PM

Disturbing article on privacy, facial recognition AI, and (of course) Peter Thiel.

The Secretive Company That Might End Privacy as We Know It NYT 01/18/2020
https://nyti.ms/2NEbiJZ (may be paywalled)

lurkerJanuary 18, 2020 1:17 PM

@PrivacyWhatPrivacy
So will people stop jumping up and down about China? At least they have central govt policy, operational rules, and specifications, and their public know and expect everything will be watched and stored. Elsewhere "market freedom" allows shady companies to profit, tinpot townhalls to use, and lawmakers to ignore these systems

SpaceLifeFormJanuary 18, 2020 3:29 PM

So, is MS going to push some more updates to Win7 on 2020-02-11, and then on 2020-03-10 ?

Or did they already push on 2020-01-14 ?

I suspect that it will take until 2020-03-10 so that they can backport and test (ha!).

Funny how that Chromium-based Edge announcement was the day after last win7 update.

Me thinks MS is scrambling now.

I think NSA told them: just do it

CVE-2020-0674


Sed ContraJanuary 18, 2020 4:01 PM

@PrivacyWhatPrivacy @Winston Smith @lurker et al.

My idea: all public facial imagery must include adversarial pixel modifications so AI always sees everything as a turtle, hammer, quizzical cat, etc.

BentleyJanuary 18, 2020 4:12 PM

"the EU's Court of Justice's Advocate General, Campos Sánchez-Bordona".

Campos Sánchez-Bordona

Bring in the clowns!

SpaceLifeFormJanuary 18, 2020 4:53 PM

Forgot to note that CVE-2020-0601 may be tied to CVE-2020-0674

Jscript can cause a potentially bogus cert to be cached.

Then next step could be malware.msi that magically is trusted.

And, final step, the user.

But, I'm not convinced that it really takes user interaction.

For health reasons, do not ingest too much Selenium.

AndersJanuary 18, 2020 4:56 PM

This is interesting

www.techradar.com/news/amd-could-have-a-record-breaking-2020-with-ryzen-4000-desktop-cpus-and-new-laptop-chips

MarkHJanuary 18, 2020 4:58 PM

.
It Sounded Good on Paper

or

Luck Saved You When Your Overpriced Tech Proved Useless

Two interesting results from Iran's recent ballistic missile attack against U.S. military bases in neighboring Iraq:

1. No anti-missile defenses of any kind responded to the Iranian barrage, which lasted approximately 100 minutes. The explanation for this failure is not purely technical: US anti-missile systems are so expensive, and so few in number, that none were positioned to defend the target bases.

The U.S. has spent more than 1/3 of a trillion USD on anti-missile systems since 1990 ...

Nobody knows whether they would have been effective, had they been in place. Capable or not, elegant technology is not helpful, when it's too expensive to afford.

2. That noone was killed (as far as we know) is NOT consequent to some care exercised by Iran to avoid casualties in the attack. The bases were not empty. Iran's missiles are not sufficiently accurate to enable striking these bases without significant risk of killing people. Eleven are reported to have been injured.

It seems nearly certain, that Iran intended and hoped to kill numerous soldiers.

Lives were saved by

• a missile warning provided by Iraq
• the retreat of U.S. personnel to underground bunkers (apparently built by the late Saddam Hussein)
• luck in the scattering of missile hits
• the small scale of the attack (only 16 missiles were launched)
• unreliability of the missiles: 25% reportedly failed to function correctly.

By such slender threads, was dreadful war averted (at least, for now).

SpaceLifeFormJanuary 18, 2020 5:35 PM

Wondering if I can get this to work on a floppy fat-12

Can I dual-boot? (kidding) (or am I?)


hxxps://github.com/NieDzejkob/cursedfs/blob/master/README.md

Clive RobinsonJanuary 19, 2020 7:02 AM

@ SpaceLifeForm,

Can I dual-boot?

On some older hardware the answer is yes with FAT12 because I've done it in the past.

The reason is historical and involves legacy support for early hard drives that used FAT12, and still current support for FAT12 floppies of various sizes (including oddities like the old Zip tape drives that were once popular, and early thumbdrives and memory cards of less than 32Mbyte storage size).

That was the short answer ;-)

Now for the long answer,

Originally IBM PC's did not have hard drives or even support them (they were around 200-500USD/Mbyte back then and had propriety hardware and software interfaces). In fact even floppy disks were eye wateringly expensive with complex 50-100 chip controler cards in the 1970's. Which is why Apple decided to create their own bare bones mechanical systems, with just five TTL IC's and a lot of cleverly written software in the late 70's it was one of the things that made Apple ][ computers usefull for a lot more than home compiting along with the UCSD p-System giving both Pascal and Fortran pushed it into academia and then what became the must have application for business Visicalc (which is argued what made IBM look again at personal computing).

So when IBM came up with their original (5150) "Skunkworks" system announced in mid 81 they had a cassette recorder interface for storage just as most "home computers did" and the bays in the case for upto two floppy drives. Or if you were more well heeled one or two floppy drives fitted at near double the price of ~3000USD (about 9000-10,000USD if converted to curent values).

So when booting the 5150 BIOS looked via the Int19 process for a floppy drive (through the int13) and if it did not find one it dropped straight into BASIC. The floppy was single sided single density and thus had less stotage than the maximum RAM that could be fitted. Thus the OS/programe disk would sit in the left hand drive and the user data disk in the right hand drive).

It would be two years before IBM offered a Hard Drive in the 5160 or XT and by then their hands had almost been tied by the independent suppliers with their perepherals and later clones, Microsoft in particular with FAT and DOS.

The reason was that originally the 5150 PC had a choice of Microsoft's BASIC a variation of Apple BASIC, PC DOS 1.0 or Digital Researches CP/M86 (even though the 5150 and all later models used an 8088 until the AT, as it was a lot cheaper) oh and something called the UCSD p-System (which kind of disappeared even though it was actually way better). In short what you got were two Disk OS's written by blokes at home and a University teaching project...

Thus to encorage a second market in software and peripherals IBM published a compleate specification from which you could have cloned your own 5150 (I used to have a copy but it got filched by someone at a place I worked). The problem to doing that was the BIOS listing was copyrighted. However it was not long before the likes of Compaq, Phoenix, American Megatrends International (AMI), and Award, designed their own fully functional at the interupt and call point versions of the BIOS. Which is why clones did not drop into BASIC but gave the infamous int19 message and stopped if there was no floppy drive or int13 and a request to put a disk in the drive if there was not a formatted disk with the correct information in the right sectors...

The real fun was "what should be in which sectors" and why.

Well as far as the BIOS is concerned the first thing it did was build a software interupt table to jump into the BIOS it then scaned certain hardware addresses looking for I/O hardware code in ROM which it loaded and executed, this might well change the interupt table to support the I/O device via it's drivers. This was how some early hard drives made themselves available as "super flopies" to the BIOS.

The BIOS via int19 using int13 would read in the first sector of the floppy or hard drive, which contained the first part or lever / boot loader. In essence it copied a block of code off of the drive directly from this first sector into memory and jumped into it. This then started the second stage of loading, reading a second block of code, often the "kernel" of the OS into memory and jumping into it, which would then have a different view of the device, not as a "super floppy" but a hard drive which had many more features.

When IBM got into Hard Drives a couple of years later, there was a problem. The drive format from FAT 12 from Microsoft was very limited in how much storage in total was possible, hard drives by then were exceeding it's limits. So they put information in the second sector including what is known as the partition table, which originally only supported four FAT partitions which in turn was quickly too small for mechanical reasons (Platters, Cylinders, Sectors, clusters and block sizes). Causing all sorts of issues as time went on and HD technology advanced (anyone remember why NT could only have a small boot partician at the begining of the disk?, Linux likewise?).

The problem was nobody ever envisaged the size of hard drives we got towards the end of the 1980's let alone the sizes we have today. In fact the first FAT was released in the mid 1970s called 8 bit Fat it was for 8inch floppies. Which was insufficient for the next generation of floppy drives let alone hard drives. So FAT12 was developed, which could only support a maximum of 31Mbyte if the underlying hardware had the correct format. For instance the IBM XT did not therefore it maxed at 16Mbyte.

But even then not all of the space was available because of "in-band signalling" that is like the terminator on a C string some FAT values were reserved for "control" reasons. A side effect of this was some people "got cute" and realised that the boot sector on the first cylinder whilst used by the BIOS was not used once the computer was booted up. So they rotated the cylinder numbering up by one. The result is the first cylinder on a hard disk is now left unused except for the "MBR".

But as floppies are still around and more or less all of them use FAT12, what applied to FAT12 by extension on Hard Drives still works on floppy drives.

So the answer is that to many OS's they see no difference between a FAT12 floppy and a FAT12 Hard drive. However at the pre-booted BIOS level it does make a difference. So the magic all happens in that block of code loaded by the 512bytes in the boot sector. If that block of code can work correctly with the pre-boot BIOS drive sector scheme as well as the post boot drive sector scheme then yes you can make a dual boot floppy.

But will it be of use?... Only if the two seperate kernels and other code etc will fit on a floppy which these days most won't, but earlier Linux systems will. I know it works because I did it many years ago to make a stand alone Forth machine to do development work and not write my own hardware abstraction layer.

So go gather your materials and give it a spin.

Electron 007January 19, 2020 11:27 AM

@Clive Robinson

"in-band signalling" that is like the terminator on a C string

A C string is a null-terminated sequence of non-null bytes identified only by a pointer to the beginning of the string as it is stored in memory.

Otherwise, (BASIC, C++?) you have to identify both the initial position in memory and the intended length of the string to identify it if you wish to allow the string to include all possible byte values.

In C, it is not even possible to compute the length of a string or perform certain other useful string operations without counting all the bytes one by one, so many of the string functions in C have evolved "n" variants that explicitly bound the length of strings, while still enforcing termination on as null byte.

Can't have it both ways, so they they don't let you have it either way.

SpaceLifeFormJanuary 19, 2020 4:09 PM

@ CLive, ALL

"(anyone remember why NT could only have a small boot partician at the begining of the disk?, Linux likewise?)."

Pre-LBA, CHS Addressing, 24 bit.

10, 8, 6 bits repectively.

"But will it be of use?... Only if the two seperate kernels and other code etc will fit on a floppy which these days most won't, but earlier Linux systems will."

I doubt I could dual boot from floppy only.

Not saying it would be impossible with an old FreeDOS and old Linux.

My first OS that I rolled (on floppy):

MinixFS, lilo, kernel 2.4.10 (first one I found stable), with a couple of NIC drivers, busybox, dropbear, and importantly, ext2.

The floppy was formatted MinixFS, with the parameters set to maximize freespace.

Barely had any usable free space.

I actually used it to rescue a headless linux firewall/router box one day.

I had messed up the firewall/router box so bad, that dropbear was not going to work over the LAN.

The LAN was unusable.

But, I remembered what I did. I had enough free space on the floppy to do a bit of diag.

I had set up the floppy to automagically run a script post init.

First I have script extract config file that I messed up, from the headless linux firewall/router ext2 hard drive, and cp to floppy, sync, shutdown.

Next, I take same floppy to working desktop, mount the floppy. Fix the config file.

Change the script to cp the fixed config file from floppy back to the ext2 filesystem on the headless firewall/router machine.

Sync, reboot. Working.

It's tricky when you really can't see much besides a solid light and a blinking light.

But, you can hear the floppy.

SpaceLifeFormJanuary 19, 2020 4:58 PM

@ Jim Daniels, usual suspects

The first thread is about end-point security basically. A lot of the comments ack that, some do not.

Funny comment, but insightful imo on 2nd tread:

' Before mobiles we used to meet @ bars or cafes. Now we call each other & ask where we’re: “at the bar u retard”. '

2nd link, hmmm.

So he is spending over $200K/month to not be located? Interesting, if true.

Wesley ParishJanuary 20, 2020 2:11 AM

@Ismar, Curious

Speaking of messing around with the nuclear launch codes, and the like, I have spent some little time wondering how secure the Iranian air defense system is in light of the sanctions. It is not inconceivable that they were hacked by certain parties in preparation for the inevitable "Shock and Awe" - considering that the US govt chose to send additional troops into an already fraught location.

Accuracy in attribution is a big ask. But if the sanctions reduced the effectiveness of the Iranian air defense network security, and the NSA and others then hacked them ... of course the NSA would never admit to doing it ...

The passengers would then be "collateral damage" a la so many others. (I don't have any evidence either way. But I think the days of assuming that an air defense system are pristine, immaculate, are well and truly over. Stuxnet should've taught us that, if nothing else.)

MarkHJanuary 20, 2020 4:09 AM

@Rachel:

Getting accurate information about military attacks and their consequences is notoriously difficult. I reported a claim of 16 missiles launched (from U.S. DOD, I think); the debka article says 19; I found another source claiming 30 missiles!

I note that the debka article was not proofread (it has a stupendous error), and that the "Russian sources" it cites sound a bit like salespeople, who have an incentive to portray Russia's export technology in the most favorable light.

For a more independent perspective, I found a National Public Radio article reporting commercial satellite imagery of the Ain al Assad airbase shortly after the raid, as analyzed by the Middlebury Institute of International Studies at Monterey.

While the full results of their analysis is not clear from the article (I suspect it was still in progress), if they concluded that the official tally of 10 hits at al Assad and one more at base in Irbil was wrong, I suppose they would want to make headlines about that.

What all this says about the reliability of Iran's missiles, readers may judge for themselves.

MarkHJanuary 20, 2020 4:20 AM

@Wesley Parish:

We often indulge in speculations here, which are practically impossible to disprove, and if true are very unlikely to be confirmed any time soon.

No doubt U.S. intelligence services would be very interested in "hacking" air defense systems of likely adversaries, if they could figure out a practical way to do so.

Off the top o' me head, I can think of four prior examples in which air defense systems mistakenly shot down airliners, so it's neither implausible nor even very surprising that this should have been repeated this month.

Inadequately trained young soldiers operating systems of baroque complexity -- particularly when full of adrenaline -- can explain all sorts of undesired outcomes. The hacking hypothesis, while conceivable, hardly seems necessary.
__________________________________________

The obvious dirt-sample error, so difficult to comprehend, is the failure of Iran to coordinate between its air defense and civil air traffic control.

CuriousJanuary 20, 2020 6:37 AM

Something about there being two private keys found in the firmware for public Netgear router firmware, for firmware R9000-V1.0.5.8, if I understood this correctly. Somehow a certificate autority aka CA is associated to this, but I can't explain it, as I don't know what the problem really me not knowing much about digital certificates in the first place.

https://gist.github.com/nstarke/a611a19aab433555e91c656fe1f030a9

I think I've learned that private keys aren't supposed to be publicly shared, as a general rule. I don't know what the exploit potential is in such a case. Seems that, a relevant problem is that some browsers might be trusting the CA that the private keys is associated with as I understand it.

They also have a rationale for full disclosure.

Stephen WelchJanuary 20, 2020 7:05 AM

Hi. Some time ago - like one year , maybe two, maybe three!! @Clive Robinson posted a comment in the blog about what he thought were a good exam / study strategy to follow to up your skill set in Cyber Security.

The strategy was up-skill in Amateur Radio / Ham exams basically amateur electronics.

I thought I had book-marked the page or saved the link somewhere but I can't find it so I assume I must have put in a safe place or just imagined I was studious and thoughtful.

I have dutifully searched the site but nothing has come up yet.

I don’t suppose anyone remembers this or even @Clive himself?

Thanks

MarkHJanuary 20, 2020 8:29 AM

@Stephen, Clive:

Traditionally (I mean, going back two generations or more) in the U.S. a fair proportion of electronic engineers progressed to the profession by way of amateur radio in their teen years.

Now, the trajectory has reached its opposite arc: local amateur radio clubs are well-populated by guys of that same vintage, who have retired from the (sadly now much reduced) engineering establishments of the region.

Young folks are a rarity there ...

MarkHJanuary 20, 2020 9:25 AM

@Curious:

Simple rule for private keys: anyone who has had even the possibility to see them, must be presumed to be able to sign, decrypt, etc. just as originally authorized party could sign, decrypt, etc.

For important keys in security-conscious organizations, private keys are stored on air-gapped computers where (for example) executable code is loaded, signed, and then a copy mechanically transferred (preferably by optical disk) to networked computers for distribution.

The role of the CA is tangential here: they signed the certificate, so people (or more practically, web browsers etc.) can test the certificate to verify that it's valid. You can pay some money to a CA to sign a certificate with your public key; they don't necessarily know anything about your private key (though I guess CAs often do key generation for the customer). It's your job to keep the private key private.
__________________________________

The first certificate is for a "dummy domain" NetGear offers as a convenience; typically to log in to a router you need to know its IP address first. The URL routerlogin.net will be intercepted by a NetGear router (if the client is using the router for DNS), and the router itself will answer with its web device-management login.

For safety, this connection uses TLS (https), so the browser needs a way to confirm that it's talking to the "real" routerlogin.net. The router answers with its certificate, which the web browser can verify because it probably has a pre-loaded certificate from the CA (in this case, Entrust).

Now, the browser must check that the server (in this case, the router) really "owns" the certificate (because anybody could have intercepted and copied it), and proceeds with steps that will only succeed if the server knows the private key.
__________________________________

How important this is, I don't know. It's a typical IoT problem: the little gadget out on the Internet somewhere must have the private key inside in order to support https; that's why it's in the firmware :\

An adversary who can read the firmware image from device storage can extract the private key. The key can be protected in firmware upgrades via Internet by requiring upgrade images to be encrypted, but how secure this can be kept in practice, I don't know.

Hopefully, people who know much more about network security than I do will chime in about this.

It seems to me that in order to make an exploit, you'd need to register the domain (which hopefully NetGear already did), fiddle DNS (if you can do that, the client system is already in big trouble), or have some equipment "in the middle" that lets you intercept the attempt connect to routerlogin and impersonate the router in order to get router credentials. Once you have such credentials, you could reprogram the real router and enable exfiltration of local traffic that was supposed to be kept private, bypass firewall settings, etc.

How practical this is, I don't know. I suspect that in most configurations, there is no physical piece of hardware in the right place to enable such an attack ... but the gurus will know better than I.

Clive RobinsonJanuary 20, 2020 11:11 AM

@ Humdee,

Lawfare goes on another rant against Tor hidden services.

It is a disingenuous article.

The authors claim to want to protect whistle blowers and others in what they see is good use of Tor via the client access (ie giving privacy to their traffic).

But the authors want to get rid of "hidden servers" because they see some of them as "bad" (some are used by criminals for criminals etc).

Well the problem with that is that user client traffic can be correlated with ordinary unhiden server site traffic, unmasking a users privacy and thus critically effecting some client users safety. Which the authors effectively admit to when talking about the types of traffic and relative quantities in use across Tor (logically you can not know this if the client traffic is private).

So the aurhors are either not telling the truth about client traffic privacy thus the lack of client user safety, or about the real traffic levels of hidden servers and they are making what are effectively claims based on unsound assumptions.

I'll let others make their own minds up about how much or how little the types of traffic are of the type the authors are complaining about.

But I will point out that when photography reached a certain stage it began to be used for pornography of all forms. Likewise films it is said on occasion that film pornography is known to have started at least as far back as 1907 and quickly became of almost exactly the same format as we see today.

The same could be said of drugs, and the ordering of them, but when the various postal and telegraph services came into being establishing the technology to make distance purchasing, whist the technology was there and in use to commit what would these days be a crime, back then it was not a crime.

Thus the real point of the authors article has little or nothing to do with the technology but what they see and indirectly admit are crimes they wish to stop. That is they are trying to make a sociological change not a technical change. Because the crimes the authors wish to stop are now done using a particular technology, they think incorrectly that getting rid of the technology will stop the crimes...

Well they won't stop the crimes that way. Other people have tried stopping these very same crimes by attacking earlier technology. The result they hurt all users of the earlier technologies and in no way stopped the crimes which moved to new technologies...

So as this has happened repeatedly in the past we already know fairly well what the results will be,

1, All users of Tor will be harmed.
2, The criminals will just use the next technology the meets their needs.

As Einstein observed, repeating the same thing and expecting different results is madness.

If the authors and others want to stop these and other crimes, it's not the technology they should be attacking. No it should be the parts of society that indulge in crime via sociological means.

However I must urge caution, what a human mind sees as good or bad is it's self a problem. The reason the likes of whistleblowers need the protection of Privacy Enhancing Technology (PET) is exactly the underlying problem of who sees what as good or bad.

We've seen this with journalists in recent times but a look back over the past couple of centuries shows that those in power who see things they think are "bad" even though the vast majority see them as "good" are generaly because those in power are engaged in hiding what they do which the majority see as bad. They will thus use their power in any way they can to maintain a basic asymmetric use of technology and sociology to keep their activities hidden whilst exposing the activities of anyone they see as a threat to their power.

Because people are starting to wise up to this those in power manipulate the truth to suit their needs. Thus those in power look for edge and corner cases that few in the majority could or would think to defend. So we get the now trite "Think of the Children" manipulation of perception. Likewise the others of the "Four Horsemen of the..." what ever those in power are currently attacking, which in this case is the Internet and the few freedoms from those in power it gives via PET.

All these authors are realy doing is grabbing hold of the sides of that particular propaganda bandwaggon to further their aims whilst ignoring or deliberately hiding the knowledge of just how much harm they will do to everyone using PET for good, bad, or other reasons. In the case of the authors the way they try to "salami slice" the technology indicates they know what they are doing but are going down the knee jerk paternalistic power grab of "For the greater good" which has through the centuries been responsible for impossible to count due to numbers involved deaths and persecutions.

Thus I find their article biased to the point it not just damages their reputations, it will cause harm to many more than it will help. If people think this is good or bad depends on their cognative bias which the authors are attempting to manipulate.

I will finish by saying that society needs PET for more reasons than anyone could list. Privacy is an essential factor, in fact possably the very foundation stone by which the society we currently live in can function, amoungst other things it helps give freedom from oppression. But as I frequently say technology is agnostic to use, it's the directing mind and how others perceive it which is important and that is sociological not technical, and deliberately conflating the two most often causes a "greater harm" not "greater good", think wisely and act wisely, otherwise you might become one of those added at the bottom of the list that starts "First they came for the..."

vas pupJanuary 20, 2020 3:26 PM

Today is Martin Luther King Jr Day.

That is link to interview with MLK:
https://www.cbsnews.com/news/mlk-a-riot-is-the-language-of-the-unheard/

My attention was caught by those statements which I want to share with all respected bloggers [language as MLK said - no sanitazing - it was 1966, not 2020]:

"I think that we've got to see that a riot is the language of the unheard.

I will never change in my basic idea that non-violence is the most potent weapon available to the Negro in his struggle for freedom and justice. I think for the Negro to turn to violence would be both impractical and immoral.

I would hope that we can avoid riots because riots are self-defeating and socially destructive."

Very good point made by MLK: when solution for the conflict is not addressed by civilized way and grievances are not heard(conflict resolution in the broad sense),riots/violence channelize frustration of injustice.

SpaceLifeFormJanuary 20, 2020 3:49 PM

@ Curious

There is *ZERO* reason for a small router to have TLS Certificates. None.

If you are physically by the router, connected over ethernet, then you can reach and configure the router via ip address.

There is absolutely no reason to require TLS in order to configure your router.

None. Zilch. Nada.

It is a convenience for dummies that do not understand ip.

SpaceLifeFormJanuary 20, 2020 4:27 PM

@ vas pup

There is no doubt that MLK understood the issue. That responding to oppression by riot will only to lead to more oppression.

I think most people realize that.

Does not matter where you live, colour, race. Does not matter.

I think 99% of homo sapiens 'get it'.

But, there is that 1% that try to stir pot.

And, at some point, the oppressed can't take it any longer. They are starving. They feel like they have nothing to lose, that they feel defeated. That is when others have to help them as much as they can.

All on the same boat (earth). Divisive tactics will not solve anything.


SpaceLifeFormJanuary 20, 2020 6:16 PM

UDP port 18634

To Block, or Not to Block?

That is the question.

Is it a Port Knock?

Or, is there something deeper involved?

hxxps://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html

Clive RobinsonJanuary 20, 2020 8:00 PM

@ MarkH, Stephen Welch,

Now, the trajectory has reached its opposite arc: local amateur radio clubs are well-populated by guys of that same vintage, who have retired from the (sadly now much reduced) engineering establishments of the region.

There are at least four basic types of ham,

1, Club social members.
2, Rag chewers.
3, Contesters.
4, Technical tinkerers.

These are not exclusive groups, you can be in some or all of these groups, but it's rare to find someone not in any of them (such as say historical equipment collectors who's only reason to hold a licence is to have their collection without legal risk).

I for instance have never been a "contester" it's not something that intetests me. Which might make it appear odd as to why I belong to one of the clubs I belong to which is strongly contest oriented. Well if you turn it around a bit and look at it from a different angle I'm one of the technical tinkerers, and my aim is to move the hoby along in many ways, with the result as with other tinkerers we make more oportunities for contestors to contest with each other. One such very technically difficult problem to solve is that of co-location and sharing resources. For instance some contests have a "single antenna rule" which for most means that they can only ise one band at a time. However the laws of physics don't agree with that... As many hams know from VHF and UHF working you can share an antenna, commercial radio and broadcast technicians know that you can run several transmitters simultanioisly in the same band if you know what you are doing. Such knowledge is almost always in the province of the highly specialised technical engineers.

Thus I used to have occasion to rag chew with other technically minded hams and thus run an informal "net". But other more modern technical methods alow other methods, some the equivalent of Email, others Twitter alow much greater range of contact. Whilst I would be hard pushed to get reliable contact with Australia except at some very specific thus awkward times modern digital modes give me the freedom to use VHF/UHF into "hotspots" and wider area systems not to disimilar to repeaters that can give me access to the equivalent of an Internet "chat room" except give real audio not typed text. Which means I can multitask, thus whilst on a piece of equipment I can also chat verbally with someone in Australia.

Thus like any social system it changes and mutates to available opertunities. The fact I rarely "key up" without calling "Test Test Test" or sending it out in morse, before running tests, thus rarely speak over the air does not make me any less of a ham. Not every one uses the "experimental" allowance in their licence conditions, I just happen to be one of the ones that does, almost but not entirely exclusively these days. This might change, it has been known to happen in the past when I'm confind to the "six foot by three foot six prison" Doctors call "bed rest". That's just the way life is "different strokes for different folks" be it life in general or in the specific with ham radio. To say a hobby or other aspect of life is dead or dying because it's not the same as it was four decades ago or more (that I've had my call sign) is a bit silly. Four decades ago there were still folks with only black and white TV's, AM radios and no phone in their house. The fact that it looks like every kid over eight from here to Timbuktu and beyond has a mobile phone that they watch videos on listen to music and chat to their friends does not realy change things socially that much, even though the technology is to many eyes extrodinarily different.

ThothJanuary 20, 2020 9:54 PM

@Clive Robinson

Re: Lawfare Anti-TOR post

What's the difference between the post by Lawfare and backdoors, key escrow, Secure Chorus ...

They love to use the cases of child harming issues to push their point across and how it ties to harming children as a great shield to hide behind.

No difference between them and FBI, NSA, GCHQ and so on using the exact same rhetoric of child abuse and drug trafficking.

It is sad to see a blog that is suppose to support whistle blowing and privacy has fallen to such a state.

End of the day, I guess it seems to reinforces the fact of not trusting these organisations (i.e. EFF, ACLU, Lawfare and so on) to fight for the benefits of privacy and personal security and use political means via lobbying to ever be of any effect to improve our current situation.

We have had discussions long ago on the efectiveness of lobbying for improvements in the political context and use of "Rights Groups" which mostly are less than effective. What drives a Government(s) are two things ... money and power.

CuriousJanuary 21, 2020 6:56 AM

@SpaceLifeForm

I initially wanted to say something about how problematic the use of the word 'riot' was imo, but it seemed against the spirit of things given MLK and all. I think it is interesting, and presumably it is true, that the police thinks of groups larger than two, as being a part of a riot.

I find your idea of "All on the same boat (earth)" is something I find to be insulting in a way. Please indulge me: I think there is a risk of perversion of hypocricy in arguing that "we are all on the same boat because we live on planet earth". It is a nice thought, but I think I know very well, that a generalized idea of altruism isn't, or can't be true. Presumably, it is only true if ignoring that for example people on the other side of the earth in particular being so poor. A man from Bangladesh once told me something like this: if I were to travel to the most porest areas over there in that region India/Bangladesh, I would become distraught and possibly mentally scarred for life. I belived him.

CuriousJanuary 21, 2020 7:36 AM

Btw, on a somewhat unrelated note: George Orwell died on this day many years ago, (on 21. January in 1950).

Perhaps I can be forgiven for plugging the very reference to his essay called:
"Politics and the English language" (about 9 pages).

My own reference being "2005-2006 Standford MLA Application Critical Writing Piece"

A lot of good points being made there in that essay, one of them being "What is above all needed is to let the meaning choose the word, and not the other way around." He also brings up the importance of being 'sincere', or as he puts it "The great enemy of clear language is insincerity.".

CuriousJanuary 21, 2020 8:44 AM

"Reuters: Exclusive: Apple dropped plan for encrypting backups after FBI complained - sources"
https://www.reuters.com/article/us-apple-fbi-icloud-exclusive-idUSKBN1ZK1CT

I don't see any reference to a date on this with regard to Reuters having spoken to people at Apple, but I guess this might be semi-recent. This Reuters article is from today though.

"More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee."

"Under that plan, primarily designed to thwart hackers, Apple would no longer have a key to unlock the encrypted data, meaning it would not be able to turn material over to authorities in a readable form even under court order.

"When Apple spoke privately to the FBI about its work on phone security the following year, the end-to-end encryption plan had been dropped, according to the six sources. Reuters could not determine why exactly Apple dropped the plan."

"Apple’s iCloud, on the other hand, can be searched in secret. In the first half of last year, the period covered by Apple’s most recent semiannual transparency report on requests for data it receives from government agencies, U.S. authorities armed with regular court papers asked for and obtained full device backups or other iCloud content in 1,568 cases, covering about 6,000 accounts.

The article at the end mentions that "Alphabet Inc’s (GOOGL.O) Google" offered their customers (Android based phones) a similar option in Oct 2018.

SpaceLifeFormJanuary 21, 2020 11:58 AM

@ Curious

"All on the same boat (earth)"

You can not get off of the boat.

You can not avoid climate change.

The cruise ship you are on provides no refunds for lousy service.

Sherman JayJanuary 21, 2020 2:37 PM

Another view of the 'apples are not secure' 'clouding the issue' article:

New Report Says Apple Dropped Plans To Fully Encrypt Backups After FBI Complained
(Mis)Uses of Technology from the encrypt-all-the-things dept
Tue, Jan 21st 2020 11:58am — Mike Masnick
h t tps://www.techdirt.com/articles/20200121/11384243772/new-report-says-apple-dropped-plans-to-fully-encrypt-backups-after-fbi-complained.shtml


Quick Observation --
MLK Jr.: quality of character, not color of skin

Today maniacs think: color of skin, not quality of character

Clive RobinsonJanuary 21, 2020 2:57 PM

@ Curious,

Something about Glenn Geenwald being charged by Brazilian authorities:

For entirely unrelated reasons the current political encumbrants in Brazil are attacking all journalists that don't print what the government thinks they should.

Thus in the more traditional way the Brazilian Government is "getting rid of a problem". Unfortunately Glenn is to well known world wide to be taken out by being killed in his home by a "burglary gone wrong" or accidently be shot by a gang fight on the street etc thus other more annoying techniques for the government have to be used. That is stopping him is not sufficient he has to be discredited in the worlds eyes first then stopped.

Glenn will no doubt disapear into the Brazilian prison system. The question is will he have become sufficiently discredited or forgoton[1] that he could fall down a flight of stairs or get involved with a prison fight and be stabbed or become sick and die, or die of a drugs overdose etc without many people noricing. Much as has happened and still happens in other "authoritarian regimes".

But if he does make it to trial I think you can guess what the outcome will be and what the results will be.

It's the way the world is going this century, get used to it, it will soon be "absolutely normal".

[1] Have you heard much recently about an ex resident of the Equadorian Embassy? Have a think why that might be. Have you heard what his country he is an alledged citizen of doing to support him in any way? My guess is he's going to be US bound in the not to distant future, if his illnesses do not become terminal first.

lurkerJanuary 21, 2020 5:59 PM

@SpaceLifeForm: No more birds for this Swift apparently
there's a nugget in the dross below that

Russia’s military Astra Linux is really quite cool, [...] It’s built on Debian proving all Linux users are really communists.

Clive RobinsonJanuary 22, 2020 2:28 AM

@ SpaceLifeForm,

If people go to the link you gave and scroll to the bottom, it has a warning that suggests you save the page as a PDF.

When you see the two entities mentioned on the warning, you'll know why I said,

    ... it should give you some "background" on what is going on in Brazil, which may well be heading our way in the very near future...

In the UK it is now abundantly clear that the Editor of "The Guardian" has somehow become compromised by the UK security services, and that they and some of the "staff writers" there are on a mission to discredit by various means including direct lying of both Glenn Greenwald and Julian Assange.

Oh the latest on JA makes grim reading. In what has been made by the UK Authorities in cahoots with US Executive driven lawyers an impossibly complex legal case, those in charge of the "high security prison" where JA is being kept in the equivalent of "Special Measures" he has been consistantly denied access to his legal team before the latest case.

It is plain and simple a clear case of "Rights Stripping" by the UK authorities presumably with the full knowledge of our current Prime Minister "US born" Boris Johnson, who appears hell bent on turning England into just another "US State" but will probably end up like eight hundred or so other places around the world. As this year is the centenary of one such event,

https://www.culturalsurvival.org/publications/cultural-survival-quarterly/struggle-hawaiian-sovereignty-introduction

Oh and as normall "the ignoring of the legal will of the international community", issue is causing problems for a proto-vasal state,

https://www.dailymail.co.uk/news/article-6745057/Future-army-base-Diego-Garcia-hangs-balance-rules-illegally-seized.html

So "it's" already got to the mid Pacific and Indian Oceans, and is digging in deeply on this side of the Alantic...

Oh note the basis of the original lease, Polaris nukes for a supposadly "independent" UK nuclear deterent that is most definitely neither these days. It's been said by others that one of the reasons for the significant political interference in the UK recently was in part based on the fact that a more than significant number of people in the UK want to "do a South Africa" and get rid of them.

CuriousJanuary 22, 2020 2:59 AM

Re. Glenn Greenwald & The Intercept

Strange, I thought I had last night actually posted this link below. It is an older 'The Intercept' article from August 2019.

("Brazil Supreme Court Minister rules to protect press freedom for Glenn Greenwald and The Intercept")
https://theintercept.com/2019/08/08/brazil-supreme-court-glenn-greenwald/

"Minister Mendes’s ruling is only preliminary, but the full court may take months or years to take on the case, so Mendes’s ruling may stand for a significant length of time. It is a powerful rebuke of those in the Bolsonaro government who have indicated they would like to sweep aside important press freedom rights for all journalists."

Clive RobinsonJanuary 22, 2020 7:05 AM

@ Bruce, ALL,

People realy should read this article from Bert Hubert,

https://berthub.eu/articles/posts/5g-elephant-in-the-room/

Even though he is primarily talking about 5G and the Telecommunications industry, the actual meat of the article is appropriate across all manufacturing and quite a few other industries.

And yes whilst I do mention the dangers of "outsourcing" here from the security asspect and the stupidity of the "short term thinking" that causes it from time to time, I think other views should also be seen on it's long term destructive effects.

With thanks to @Fazal Majid for supplying the link.

Sherman JayJanuary 22, 2020 12:43 PM

No one will be surprised at these:
h t tps://www.juancole.com/2020/01/personally-vacuuming-kushner.html

Did Saudi prince Bin Salman personally Hack Jeff Bezos’s Phone, Vacuuming up Secrets? What about Jared Kushner? Ann Arbor (Informed Comment) – We’ve long known that Amazon CEO Jeff Bezos’s phone was hacked. Large amounts of data were taken off of it, […]

h t tps://www.techdirt.com/articles/20200120/09504843768/after-years-scandal-incompetence-us-telco-frontier-files-bankruptcy.shtml

u.s. broadband is a horrible corrupt cesspool: way too expensive and way too slow

vas pupJanuary 22, 2020 5:05 PM

URGENT! ON HEALTH SECURITY!
Coronavirus: Wuhan to shut public transport over outbreak:

https://www.bbc.com/news/world-asia-china-51215348

Good informative video inside.

Question: we do have in US Fort Detrick to address counter biological/chemical threats,
@Clive, you do have PortonDawn with similar functions.
Could our President DJT and your PM Boris J assign those resources to preventive and mitigating measures? Just curious.

SpaceLifeFormJanuary 22, 2020 5:05 PM

@ Clive, lurker

"If people go to the link you gave and scroll to the bottom, it has a warning that suggests you save the page as a PDF."

I did not see that. Do not trust PDF.

Weird, I no longer see any followups, and I had seen the astra linux comment.

What you see or not see depends upon location.

It should not function that way.

Did someone try to convince me that HTTPS is secure, and that there are no invisible caching servers?

Oh, wait.

I convinced myself 2 decades ago that the opposite is true.

Sherman JayJanuary 22, 2020 10:51 PM

@vas pup, ALL
One infected person is already in the u.s. and is now (not immediately) in quarantine in a hospital in Washington state.

However, since the warning the u.s. agencies got was ~12 hours earlier and NO action was taken, this proves to me that the TSA (transit cops), Health Department, CDC (centers for disease control) etc. are incompetent at best.

The White House resident was busy bragging with the billionaires at Davos and apparently couldn't be bothered with acting on anything as inconsequential to him as a potential epidemic.

Based on historical performance and research, there is no effective plan that I have been able to find that would act within an hour or so of notification and thus screen people coming into the country and prevent the illness from spreading.

It's always "OMG, the horse has gotten out of the barn, now quick, close the barn door!"

JG4January 23, 2020 6:24 AM

It's fortunate that humans have evolved beyond the problems of other primates.

How Infighting Turns Toxic for Chimpanzees
https://today.duke.edu/2018/03/how-infighting-turns-toxic-chimpanzees
...
"What started as infighting among a few top males vying for status and mates is likely what eventually caused the whole group to splinter."
...

https://www.nakedcapitalism.com/2020/01/links-1-23-2020.html
...

Big Brother Is Watching You Watch

How AI and facial recognition tech could reshape Las Vegas casinos Nevada Independent

Exclusive: Apple dropped plan for encrypting backups after FBI complained – sources Reuters. So The Cloud is a surveillance tool. Nobody could have predicted…
...

Clive RobinsonJanuary 23, 2020 9:42 AM

@ vas pup, Sherman Jay, ALL,

There is now a second Chinese city in lockdown and it looks like Hong Kong is going to go that way as well due to a couple of infections there.

Thr BBC has another update,

https://www.bbc.com/news/world-asia-china-51217455

The UN's World Health Organisation (WHO) is looking at it as a potential "Global Emergancy" which means it is a significant security concern but no need to panic yet. Basically it's new to humans and is thus an unknown that scientists are urgently trying to characterise in a way they can model on previous knowns like SARS etc.

On the science side there is not yet much to say but anyone who says "Totally under control" as a politician is a blithering idiot. However currently provided people prepare sensibly there is no reason to panick.

Whilst WHO is at the point of considering it a "global emergancy" which is the highest warning they have (medical DefCon 1 effectively). Even though there are only 500 deaths so far, models at the MRC Centre for Global Infectious Disease Analysis at Imperial College London estimate 4,000 people sick with the virus in just one of the Chinese cities (Wuhan) where the out break started. Which would incorrectly suggest a 12.5% mortality rate (unknowns kill more at first, and China's aging population is more susceptable especially as many have chronic affluence diseases like diabetes high blood preasure and also due to smog etc have much higher respiratory system diseases).

What we can say so far is that like the common cold it appears to be fairly easily transmissible from person to person thus can spread easily by inhilation or injestion. It effects the respetory system quite hard and that those that have died have been over 45 with existing chronic illness including diabities asthma etc.

So if you fall into that catagory it's important to make sure you are upto-date on any medicines and that you have atleast a four week supply of them, and that you keep taking them as prescribed. I've not heard anything said about anti-virals with regards to this outbreak yet, but some nations do have significant stocks of them. However the usuall protocol is to wait as they have a short active period and are eye wateringly expensive (other drugs such as metformin hydrochloride have been shown to have some benifits, but why is a bit of an unknown, current thinking is impart the way the drug works, but also oscilating blood glucose levels are particularly bad for the respitory and cardiovascular systems, more so than high blood glucose levels at the mean of the oscilating blood glucose given by HbA1c readings).

Whilst some are talking about wearing face masks, sorry guys but unless you get the right ones then as it's a virus it's going to be to small to stop with the masks in DIY centers. That's because most masks that are on sale are the one size fits all "dust masks" not those that stop chemical molecules or virus. Masks are a complex subject because even the cheap disposable masks for biological/chemical filtering "have to be 'fitted' to be effective" thus getting the wrong size or shape could be worse than not wearing one at all as it might engender over confidence etc.

If people are worried then looking for the right masks might be an expensive distraction. Cutting back on being "out and about" making contact with lots of people would be sensible. Thus starting to stock up on a few basics of "tinned food" would not go amiss as it means less trips to the shops. But remember go for "protein not carbs" and don't get anything you would not eat at any other time.

As for the "prepper staples" of "beans grains and pasta" they need both a lot of water and heat to make them safe to eat and they realy do not taste very nice (some beans are poisonous if not soaked for 24h then rapidly boiled for atleast ten minutes). So unless it looks like we will have "lockdown" in the west --unlikely if you think back to this centuries SARS and Ebola outbreaks you don't need much more than to top up a sensible family pantry, so it will keep you going for a week or two. Most people living in places that get "snowed in" know what that means as do those old enough to have had parents who were children during the first half of the twentieth century.

Put simply you need 1kg of "staples" food and a minimum of 2kg of water per adult per day for an active or cold weather 3000kcal diet if you are housebound then the "sixty percent of your diet should be carbs" idea goes straight out the window as your energy (carb) requirments drop significantly whilst protein and fats required for body maintainance remain near the same. Thus the makeup and wieght of a daily food ration changes... So rather than "prepper hard tack" that's got a longer sheld life than you have, you are looking at stuff that's readily available and will last a few weeks or months at most.

So if you know how to store them root veg such as carrots and potatoes will last you quite a long time on the carb front and being high in water and soluble fiber help on the digestive front which the hard tack does not. Both carrots and potatoes be eaten raw though it's inadvisable for potatoes, because if not stored properly they can develop "green potato toxin" and other problems. Other things to stock up on are onions, garlic, ginger and various bulions/stocks, because the first thing to drive you nuts with "Pantry living" is the lack of variation in taste (trust me if you try living on packets of rayman noddles and tins of baked beans because you have a bust leg and nothing else in the pantry your sanity won't last a week).

Which brings up one of the exceptions in canned goods being protien, which is tomatoes, especially passata if you avoid the ones with herbs in like bassil you can use the tinned or tetra packed versions to make not just sauces for pasta, but for all meat dishes including the likes of curry, oh and if diluted with water and a dash of Worcestershire sauce make a breakfast fruit juice, or soup base etc. You'ld be supprised how tomatoes onions and a tin of corned beef can make a base to so many dishes that with a few herbs and spices will keep your taste buds from rebeling.

As for herbs and spices unless you are up on the cheffy side of cooking go for mixed italian herbs, mild curry mix, cayenne / paprika with some "smoked" Worcestershire sauce, chilly powder, mixed spice or all spice. And don't forget the bulion / stock powders/cubes, they might be high in salt, but they are also high in flavour. If you get it right, even a bowl of vegtable stew can be made to taste "meaty" (fry half the onions on a low heat untill starting to caramalise, fry about a third the carrots till soft, and all the potato cubes untill golden on the out side, use a beef or lamb stock cube).

Fats are the most important food group you have to consume in a long term "Pantry living" life style (they are essential especially when it comes to mental health and cognative ability). Various oils keep well and can have high temprature cooking advantages, I have coconut around because I like some Far Eastern dishes. But as for fats butter is the best way to go as most meat fats we consume these days go rancid in just a few days (it's a down side of fast grow factory farming, omega 3 for instance is now around 1/25th of what it was in chickens of the 1950's). The problem with butter is it has both milk solids/sugars and water in it, the more it has the faster it goes rancid it's why salt used to be added. Especially with cheap butter as this also alows for more of the "waste product" water and milk solids/sugars to be left in adding weight without value thus increasing profit. Also worth noting is many people with "dairy allergies" it's to the milk solids and in some cases the sugars not the fats they have problems with.

Which brings us to clarified butters, a normal good butter --which need not be expensive-- will keep for weeks in a cool pantry and months in a working fridge and almost indefinately in a freezer. But if the power goes out or it's hot weather you want butter that keeps for a long time. In warmer places "clarified butter" that is "canned" is the way to go, what it is is butter with the water and milk solids/sugars removed, it's easy to do you just need a sauce pan and a little patience, but "canning" is not something most people do. So you can buy clarified butter in Indian and other Asian food shops as the more refined "Ghee". If you must have the "full butter" taste then you need to replace the "milk solids" you can do this by warming a small amount of water and adding "powdered milk" --not non-dairy creamer or coffee whitner-- to make a skimed milk, you then warm the ghee in a microwave add a little of the milk liquid and whisk it in as it cools[1]. You can take this method all the way to an acceptable cream if you have an old fashioned "cream maker" that turned butter and milk to cream. But if you are baking just add the milk powder to the dry ingredients and use the ghee in the same quantity the recipe calls for butter or other fat.

As for other dairy products, milk just does not keep and even modern technology cannot help much because it can not be realistically frozen just have the fat renoved and be freeze dried into powder, it's why historically we have yogurts and cheese they can both be made with both fresh and powdered milk. The classic yogurt recipie is "warm milk, add spoon of yogurt, wait, then cool to set and you have more yogurt. Because the secret ingredient like that of bread is a biological agent politely called a "culture", which eats the milk sugars etc and helps the proteins to change. Cheese can be made with yogurt, but it's more normal to use a mild acid to open out the milk proteins such as lemon juice or vinegar[2]. We've all made jokes about certain "plastic" processed cheeses, well all cheses from cottage upwards are in fact a natural plastic look up casein. The fact that cheese has most of the water and milk sugars removed and has a high fat content is why it can be stored for years in the right conditions (and you can also "can it"). Part of the waste from cheese making is whey, if the fats and protiens are high then it's called "butter milk", which can be usefull in cooking meat and baking (you can make your own butter milk by just adding a small quantity of lemon juice or white vinegar to milk before making the likes of soda bread or jerk chicken marinade).

Which brings us to flour, unless you are making risen bread where you want a lot of rise, ordinary flour will cover a lot of bases from thickening soups and sauces through pancakes all the way through pastry biscuits and cakes. The rules are some combination of Flour, Fat, protien/liquid. With the latter being the likes of eggs or milk. The exception is risen bread that like beer is wheat, water, yeast and time. Yeast is a "live agent" and not something that keeps unless you feed it (ie sourdough). However unrisen bread is easy to make as "soda bread" and fairly quick to make basically "mix and bake" for fourty to fifty minutes. Also flat breads can be made with just flour and water, or a more liquid soda bread mix.

Oh one last thing, wheat flour is a pain to make and people hsve allergies to it (around 2% of the population). Much to many peoples supprise you can replace the flour in cake and other recipes with potato... So you can make a quite acceptable carrot cake or even fruit cake with potato, even some soft biscuits or brownies.

If people are wondering how I know this, both my parents fought in WWII they were taught this stuff by their parents when children and my parents in turn taught me most of the above before I was ten. It's stuff we should all be taught if we ever hope to be self reliant, which is the basis of all security. As for pickles I have to thank a Korean girlfriend from a quater of a century or so ago who due to visa and employment issues had to go back home :-(

[1] You might see "powdered butter" for sale at eye wateringly expensive prices. All this realy is is clarified butter fats that have been atomized into tiny drops and mixed with an anti-caking agent not unlike chalk and powdered milk. High in calcium and one or two other minerals, but for the price realy low on flavour.

[2] Apple vinegar is easy to make, it's a basic fermentation process you can do in the kitchen. A similar process is used for making pickles that preserve vegtables the most notable of which is Korean Kimchee, which can and is made at home and will preserve vegtables for six months to a year easily and longer if you know how to "bottle" properly.

vas pupJanuary 23, 2020 4:22 PM

That is interesting research and important in particular in high stress level security work environment:

Faking emotions at work does more harm than good
https://www.sciencedaily.com/releases/2020/01/200117162703.htm


"While some managers Gabriel spoke to during the course of her research still believe emotions have little to do with the workplace, the study results suggest there is a benefit to displaying positive emotions during interactions at work, she said.

"I think the 'fake it until you make it' idea suggests a survival tactic at work," Gabriel said. "Maybe plastering on a smile to simply get out of an interaction is easier in the short run, but long term, it will undermine efforts to improve your health and the relationships you have at work."

"In many ways," Gabriel added, "it all boils down to, 'Let's be nice to each other.' Not only will people feel better, but people's performance and social relationships can also improve."

vas pupJanuary 23, 2020 4:30 PM

Cybercrime: Internet erodes teenage impulse controls
https://www.sciencedaily.com/releases/2020/01/200121112915.htm

Many teenagers are struggling to control their impulses on the internet, in a scramble for quick thrills and a sense of power online, potentially increasing their risks of becoming cyber criminals."


"Flinders Criminologist Professor Andrew Goldsmith says illegal online activity is especially attractive for adolescents already prone to curiosity and sneaky thrill seeking, but the internet encourages new levels experimentation which are easily accessible.

"The internet allows young people to limit their social involvement exclusively to particular associations or networks, as part of a trend we've termed 'digital drift'. From a regulatory perspective, we're finding this poses significant challenges as it degrades young people's impulse controls."

"It's becoming increasingly important to understand the connection between young people's emotional drivers and committing crimes, as well as human-computer interactions to establish why the internet easily tempts young users into digital piracy, pornography and hacking."

myliitJanuary 23, 2020 10:39 PM

@Clive Robinson

“Even though it's only a couple of days old, it should give you some "background" on what is going on in Brazil, which may well be heading our way in the very near future...”

Regarding your statement, I’m reminded of the fact that Brexit and the 2016 presidential election may have been purchased for less than the cost of a f 35 fighter jet. It used to cost ‘real money’ to sway an election?

See Pardo, New Yorker, “Private Mossad for Hire”...

‘ biggest ... win ever’

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.