Schneier on Security

Clive Robinson • February 29, 2020 5:38 PM

@ Sed Contra,

“Dave, hold up your phone for a selfie and say aahh.”

Back when I was a kid some half century or so ago[1] the compulsory “School Medical” exam was called “Cough and drop”.

I’m not sure Siri can do that test, without a physical extension, and I realy think that would be one mobile extention too far 😉

That said though you can now get all sorts of “Medical electronics implants” of various forms to meaure ECG, blood preasure, breathing rate, temp, oxygen level, blood sugar level and quite a few other chemical tests on a continuous / ongoing basis. Many of these are “bluetooth enabled” and will talk to an app on a mobile phone (which no doubt Google will have backdoored to add to their patient medical database they are building)…

So in theory Siri could do the “obs” of patients every few minutes looking for changes and making pre-diognostic indicators etc.

After all with fitbit knowing how often and how energeticaly you have sex, have a shower or bath, go to the loo, climb stairs, ride a bike, or carry a fresh corpse to your car, drive, then dig a shallow grave[2] etc I’m not sure I realy want to be wired up at all even if it might extend my life by a decade or two.

Once upon a time there was this notion that you could not be compelled to give evidence against yourself… Accessing your heart rate info to use against you kind of feels like being compelled to me…

[1] It feels realy weird saying it because in my head I feel and think twenty, and I can still do quite a few things those in their late thirties or fourties either can not or chose not to do.

[2] I can’t remember the case, but the prosecution subpoenaed somebodies fit bit records and used an analysis of the data to show the murder and disposal of the body (or so they claimed to the jury).

Clive Robinson • March 2, 2020 7:57 PM

@ SpaceLifeForm,

Probably because of the San Antonio screw-up.

As I understand it the person had two clears and a weekly positive came back after the person was releasesd.

Now as far as I can tell there are certain things we know,

1, The CDC “home brew” test kits are not reliable.
2, The quarantine period of 14 days is too short.
3, A weekly positive signal can be a sign of poor testing giving rise to cross contamination, or due to a different version of the coronavirus.

The reason for the CDC “homebrew” test kits I’ve heard is due to the significant financial cut backs pushed on the CDC by “Presidential order” to save money for tax giveaways.

As I’ve said repeatedly the longest known period from infection to becoming tested positive is 27days the mean is around 12.5 days. With an upto 2day delay on test results comming back 14 days is clearly not long enough as a quarantine period.

We will hear more about “weakly positive” test results as time goes on but there are a number of ways they can happen. All tests have defects in the way they work, that is they all have false positive and false negative results that’s just a function of our analogue world. Tests have both sensitivity and specificity issues as well as noise issues. Thus a “weakly positive” signal means you are down in the levels where things are at best “fuzzy” and you are trying to make a choice between a false positive and a positive result. Erring on the side of caution in the case of virulent disease means interpreting readings in a way that will increase the probability of false positives.

Now something you have to accept about PCR testing is it is an imperfect amplification process, which amplifies all that falls in it’s input. There are many coronaviruses most of which effect the animal kingdom not humans. However there are four coronaviruses that give humans “colds”… So the chance for cross contamination even in the best of labs is there. Cross contamination however is more likely at the dirty end of the test which is “swabbing the patient”. With the best will in the world total issolation quarantine is near to impossible even with specialised premises. It’s not just medical personnel going in and out, but air, food / fluid and the resulting waste. RNA virus molecules are small very small measured in millionth parts of a millimeter. Whilst they are quite a lot larger than the basic gas molecules you find in air, making effective filters, machine / door / bag seals etc is difficult. Thus airlock systems are difficult as are decontamination systems.

All of which means theres quite a lot of opportunity for low level cross contamination.

Which raises another issue, when you have many people in quarantine knowing there is the possability of cross contamination from an infective put presymptomatic person to a non infected person, how long should you keep people quarantined?

It’s these sorts of questions I’m glad I don’t have to make a choice on but as I’ve said before simple maths puts the quarantine period upto 37days after potential infection, if cross contamination is happening then the period goes up by a complex multiple of the number of people in quarantine and how many become symptomatic or test positive. More simply you would have three types of issolated quarantine, “incomming”, “known positive”, “final quarantine” which you would progress people through.

Clive Robinson • March 3, 2020 7:57 AM

@ David,

Your piece comes off as quasi-religious victim blaiming.

First of “victim of an immunosupressive lifestyle” was used as a euphemism for somebody who was HIV positive. Many “victims” of HIV in the world are due to medical negligence not personal lifestyle choices. For instance in certain parts of Africa it’s not uncommon but shocking to find nurses reusing needles and syringes on patients because they can not aford to buy them. But even in the first world, US Prisoners and drug addicts used to get paid for “giving blood”. For quite some time this blood was not tested for HIV because the test available was not used. This blood ended up being sold abroad and ended up all over the world, and people who had to use blood products to stay alive ended up HIV+.

Many people who are “immunosuppresed” have become so through no fault of their own, some have just got past their teenage years others have had an unfortunate reaction to some infection as a sequelei which has caused the immune system to attack it’s self. It’s not just type I diabetics, you might have heard of “cytokine storms”. In effect this is where a positive feedback system in the human immune system gets out of control and the person s immune system attacks them.

Also people with Malaria the number one killer disease in the world year on year have issues with other infections. But it’s more than that, the evoloution of a natral defence to the Malaria is the “Sickle cell” red blood cell. Unfortunately it can go wrong and there are variois “Sickle Cell Diseases” (SCD) the most widely known is “Sickle Cell Anemia”. There are something like 50million people with Sickle Cell Anemia… However one side effect is that the Sickle Cell is less efficient at transporting oxygen.

Then there are people due to surgery or physical trauma have damaged immune systems and are immunosuppresed.

But speaking of “heavy weight killers” in the western world there is cancer, those on most types of therapy are going to be vulnerable.

But there is also the likes of tuberculosis, we tend not to think about it in the first world because of our BCG jabs, but it is not just endemic in the second world, it is a pandemic in it’s own right in the third world. It is a disease of poverty, much of which is caused by first world political policy.

Thus there are well upwards of a hundreds of millions of people in the world with genetic or other factors making them immunosuppresed, and it has nothing what so ever to do with their lifestyle choices.

Likewise few people have a real choice over where they live, this “upwardly mobile” idea realy is a myth. Most have to live within easy traveling distance of where they work, industrial work one way or another be it from the actual processes or the vehicles people use to travel to work create innordinate amounts of polution that we now know micro particulates get down into the lower lungs where they lodge, making people more susceptable to respiritory or cardio-pulmonary disease including hypertension and reduced oxygen carrying capacity. We’ve known for a century or more polution creates disease, but for “socio-economic reasons” mainly of the 1%ers it carries on doing more harm than smoking does in the Western world these days. We could fairly easily clean up micro particulate polution, it’s actually not that hard it’s quite basic science and engineering, but it’s expensive in several ways. Thus the expense will cut into profits, and as we’ve seen over the term of the current Whitehouse encumberant “That can not be alowed under any circumstances”, he’s got profit to make himself as do most of the seniors in his supposed political party. The line of “What’s good for the 1%ers is good for society” is obviously false and has been known as such for generations. What COVID-19 might finally do is make it unavoidably clear to everyone that it is false to the point it murders millions each year.

As for your 5G comment, you might find it hard to come up with any science or epidemiological evidence for that supposition. I could go into the heating effects of molecular vibration from the energy in EM radiation and how the effective energy goes up with frequency such that around the ultraviolet region biological damage starts occuring becoming ionizing thus damaging DNA, but it would be irrelevant as those frequencies are many many times those used for 5G or even WiFi. Yes EM radiation has bulk heating effects but so does all radiative or conducted energy at sufficient intensity, it’s why you can boil an egg with ultrasound if you know how to go about doing it and why those using power tools can end up with “white finger”.

As for “stop eating xxx” well I’m sorry but simple –empty–
carbohydrates and transfats have been forced down our throats, with little or no choice. For sugar you can look up the lying, fakery and idiocy of Ancel Keys. His political and self aggrandizement acumen certainly exceeded his scientific acumen. His K-Rations were responsible for more malnutrition in soldiers than anything else, and was also a “god send” to the “corn syrup” industry, that upto that point had been considered a “waste product” or animal feed supliment (much the same as skimed milk was which is almost as bad for you). A number of people tried to correct his falsehoods and one such was a book called “Pure White and Deadly” the author of which was destroyed by Key’s followers. Key’s died in 2004 and since then his fakery and fraud is finally starting to be corrected, but the “corn syrup” and later industries are still fighting back with claims based on alledged scientific research that they paid for but have taken considerable energy to hide the money trail (and don’t think the researchers are not aware of this).

For most people their genetics are wired up so that sugar is effectively a drug that makes you eat more and more. The reason is evolutionary, in nature free sugar only realy becomes available in autumn when it’s sensible to build up fat reserves to see you through the winter starvation. It’s known that there is a correlation with “red hair” and an excesive sugar induced craving, along with other indicators such as a distinct lack of skin pigment that indicates evolutionary wise they have acclimated to high latitudes.

The human body runs on two basic fuels lipids (fats) and simple carbohydrates (sugars). The lipids appear to be the prefered energy source for maintaining a healthy life style. The simple carbohydrates are not realy necessary –yes you can live healthily without them– they provide “fast energy” for muscles for bursts of speed needed in the hunter-gatherer life style. However if you try living on simple carbohydrates then you will discover as did the soldiers on K-Rations you will become malnourished, tired, listless, lacking energy nomatter how many calories you ingest and die a slow and unpleasant death.

One of the big lies in so called “Dietary Science” due to Key’s and his followers is the amount of carbohydrates in your diet. Overly simplisticaly there are three types of carbohydrates the sugars, starches and fiber. Whilst soluable-fiber is an essential part of your diet insoluable-fiber and startches much less so and sugars best avoided at all times unless you have a very physical life style. We used to have the ability to digest “raw” starches, protien and some fiber, but since we learnt to cook where complex startches break down and protiens depolarize we’ve lost many of them. So much so that more than one scientist referes to the cooking pot as our third stomach.

One myth is the amount of carbohydrates based on observations of oriental diets. The first thing you should realise is the reason orientals are slighter in stature than westerners is that they lack sufficient protien in their diet. Two or three generations of eating a western diet and they grow to the same size as westerners. This should be a big red flag about what they eat thus any diets based on it.

The same is observed in other cultures where “chilli replaces protein” chilli activates receptors that like protein gives you a sense of having eaten sufficient, even though you are effectively on a starvation diet. Likewise smoking cigarettes or chewing cocoa leaves and using other drugs, is related to malnutrition as they are all “appetite suppresents” and part of the reason they are addictive.

Importantly with such diets when you are in a calorie deficiency state it does not matter if you eat fat or simple carbohydrates your body will use it as fuel. As you are deficient in calorie intake your body responds in different ways. The upshot is that if you eat an oriental diet which is sufficient or more in calories then all those “Western diseases” such as diabetes hits people hard, very hard (as we are now seeing as diagnostic medicine availability improves in the second and third world). Thus a carb high diet other than fiber is actually not good for you at all, you are healthier living off of a higher protein and thus higher lippid diet, as nature tends to present it. Eating leaves of plants gives you micro-nutrition and soluable fiber that reduces many chronic conditions that are liked to cancer.

So if you throw out the bun, the chips, and the sauces, abd,drink only water at a MuckyD’s the food is actually not that bad for you. Even though they are empty calories the chips are slightly better than the bun, which in turn is better than the corn syrup and sugar and salt laden sauces, drinks, and other processed items like shakes and flurries.

But there is a reason aside from marketing and that it’s short order cooking that make people eat MuckyD’s and similar fast food and that is poverty. When you can not aford accommodation with sufficient room for storing, preparing and cooking food and cleaning the dishes etc, it becomes a significant issue, that in turn becomes a health issue. Low cost fast food becomes the only option to eat hot food for quite a large number of people at the bottom of the socio-economic ladder, especially when they are working two or three jobs just to stay alive, which also frequently means they can not purchase healthy food because they only time they are not working is when the shops that sell healthier food tend to be closed, worse they also tend to be a very considerable distance from where people at the bottom of the socio-economic ladder live. A number of experiments have shown that providing healthy food at low cost in such areas works, however Politicians don’t like such experiments as they are bad “for their friends” businesses… After all why do you think the US President is so anti food stamps etc? Profit profit profit of conglomerates that fund political campaigns.

So those with genetic issues and those at the bottom of the socio-economic ladder, are not realy responsible for their immunosuppresed state just as people in the second and third worlds are not. Put they are the ones who will pay for the 1%ers in any disease pandemic along with the old and otherwise infirm.

Clive Robinson • March 3, 2020 11:24 AM

@ MarkH,

Perhaps most importantly, he reminded us of something we as technical people should understand: when a virus (a) spreads very freely, and (b) is genetically stable (as this virus appears to be), the percentage of the population with immunity rises rapidly, which tends to beat back the epidemic.

There is a fly in the ointment of that observation.

Which is what happens to the Case Fatality Rate (CFR), which gives the % of deaths. If the virus “spreads,very freely” it’s not just the “immunity rises rapidly” so does the CFR, which is why containment is so important because by slowing the rate of spread it reduces the CFR dramatically.

There are a whole number of reasons why this is so.

But first lets start with your observation about Spanish Flu,

[C]ompare this to the “Spanish” flu which in some countries killed more than one percent — or in extreme cases, more than ten percent — of the population.

Back then the Spanish Flu was constrained by the slow movment of people as ships were the only practical method of transportation, whilst electronic communications were about as fast then as they are today. What went wrong was that certain war mongering profiters persuaded politicians to keep pushing money their way rather than try to bring medical care into the prominence. It’s why the CFR in the US where Spanish Flu started was so low, they had medical capacity to deal with the issue as it arose. Which was not the case in other countries where the sick stayed in the general population spreading the disease ever wider.

So if we have a rapid rise in base infection rate or R0 the medical resources become overwhelmed rapidly and the 14-17% of severe cases will almost all die, through want of basic oxygen therapy early on in the course of the disease, which means the 5% of critical cases rises to the 14-17% mark with the 1% or slightly less fatality rate likewise rising to that 14-17% mark. There’s no arguing against this because when we run out of medical capacity we are in effect thrown back into the middle ages of “fend for yourself” with people running away spreading the disease even faster with death rates similar to the Y-Pestis Black Death and other plagues that decimated Europe and brought avout great social change including breaking feudal law of being vasals not freemen.

However even if constraibing is doomed to failure it will appreciably slow things down. The reason the Chinese death rate against population is so low, is due to two things,

1, Rapid quarantine methods.
2, Rapid increase in medical resources.

The Chinese population is in effect mostly “uninfected” currently and the numbers of those becoming symptomatic are dropping. However if the draconian restrictions are lifted then the disease will spring up again as bad if not worse than before untill the control measures are put back in place.

If this disease becomes endemic then something like 20% of the population world wide will die, most in the age range above the mid fourties. Over time those younger who have become immune will get older but that won’t be for a quater of a century or so.

Most “expertise” in any economically productive activity is vested in those over fourty. Especially when you consider the research end of things, it takes untill you are in your late thirties to not just learn theoreticaly but practically what the job of research is realy all about.

But to do research needs technology which requires a whole strater of engineers. The problem is the US due to corporate behaviour has lost it’s engineers and even the production workers and their skills and it will take nore than a couple of decades to get them back. Which is a significant problem because as it stands the US will probably be unable to feed it’s self…

Thus the world economy as we know it would be shattered, worse the economic side effects of death duties and the like will be worse than after WWI. Whilst this might give rise to the currently locked out younger generation having a future by the need for “Dead man’s shoes to be filled” that will not replace the lost expertise. Thus we can expect a world recession to follow that might last for fifty or more years. In fact as in the middle ages it might destroy the social structure as it currently is. The one thing that is certain is capitalism will take an almighty hit as the bottom cards of it’s house are kicked out. Likewise transportation, with it the shipment of what we consider essentials such as food, medicines, energy and technology.

As you and I are well within the “age expected to die” the chances are we won’t live to see the recovery or it’s end, unless a vaccine gets to us before the infection does. Thus the more draconian the containment not just the less spread, but it will slow things down such that two things will happen,

1, Medical resources will not get overloaded.
2, A vaccine might become available.

The problem is that whilst there are some guarentees with containment the arival of an efficacious vaccine is not one of them. Remember there are many viral infections out there and the number that have vacciens are incredibly small.

However there is one thing that could be done for a limited number. But simply it’s an immune system transfusion or even transplant. You can take the blood of genetically compatible people who have had the infection and take their blood serum and white cells and inject it into people who have not had the disease. You can also transplant the parts of the body that make the immune system from people who have the antibodies. How effective either of these will be I have no idea but you can be sure that just as some US Billionairs in Silicon Valley are having transfusions of blood to “rejuvinate” you can make an odds on bet they will be looking into transfusions / transplants right now.

Clive Robinson • March 4, 2020 12:19 PM

@ Curious,

The Brazilian prosecution have apparently filed an appeal against a federal judge’s ruling…

At this point you have to start asking “Why?”, That is, is it just corrupt Brazilian politicians or are they being pushed fron the North?

Brazil’s economy is not in a good state currently for a whole heap of reasons, but one in particular stands out at the moment it’s the “Brazilian elites” backing the current politicos who appear to be corrupt. That is money is being moved away from those who earn it and towards certain “rent seeking” types, who are in effect keeping corruption in power, whilst further weakening and destabilizing the economy.

Now being in such a position as we know from other South American countries gets the interest of the exploitative elites in North America.

It’s no secret that the UK and thus the US have getting at Glenn Geenwald in their sights. The UK has in the past attacked his partner and the US others involved with the Ed Snowden trove of documents.

We know from US/UK behaviour over Julian Assange, that their MO is to wait for the target to be in custody for some reason before making a move via “formal channels”.

Thus I can not help wondering if the US are at some level behind these repeated attacks on Glenn Geenwald…

Clive Robinson • March 4, 2020 1:13 PM

@ gordo,

With regards Canadian Dr. Alywood, he’s been called “Dr elbow bump” he refuses to shake hands with people and instead does as surgeons used to do “bump elbows”.

He’s also got the reputation of being “loud” as well, he stands and sits quite away from them to talk.

It’s all part of “Social Distancing” that we should all start practicing. So no shakes, hugs or kisses and keep your distance preferably 10ft or more.

But also scrub and wipe well. That is keep your hands clean by washing well with hard soap and hand hot water. Likewise wipe things down like tables and other surfaces before you touch/use them. Also plenty of disposable paper hankies for button pushing.

But most of all above almost everything else “DONT TOUCH YOUR FACE” untill after you have thoroughly cleaned your hands.

@ SpaceLifeForm,

It looks like WHO’s Dr Alywood has been hearing similar things to what I’ve been told,

In the U.S., that’s a barrier to speed. People think: “If I see my doctor, it’s going to cost me $100. If I end up in the I.C.U., what’s it going to cost me?” That’ll kill you. That’s what could wreak havoc. This is where universal health care coverage and security intersect. The U.S. has to think this through.

I’ve made the point about the intersection of Security and Universal Health Care on this blog before. Some understood the point but I got the feeling it was not a popular idea.

It will be interesting to see if people change their minds after COVID-19 kills upto ~3.3million US citizens based on China’s admittedly low CFR of 1% due to biting the bullet and enforcing “Social Distancing”. Or worse 18.5million which is based on the CFR of 5.6% that China had before they got serious about the health care side of things…

People in the US and other Western Countries need to have a rethink about priorities. After all saying “socialism is bad, free market good” is going to get a lot of people killed most of whom will be over 45 thus those most affluent, or if you prefere “With the money and spending power to keep the economy going”.

In the US we know there is a very large amount of “non communicable disease” which is also known as comorbidity, there are according to some statistical reports a lot more than there are in China per head of population. Some reports in the past have labled some parts of the US as worse than “third world”, these places will become disease “havens” or “hotspots”, effectively the nexus to much larger wider spread communities and “community spread”…

Clive Robinson • March 4, 2020 8:30 PM

@ Bruce,

Your definitions of security depend on many things, which makes things complex.

However when one of the Senior representatives of the World Health Organisation very publicly and clearly says

This is where universal health care coverage and security intersect. The U.S. has to think this through.

He’s making not a political point but something that transcends that bucket of snakes, and reaches to what the very definition of society is all about. It’s not just a point about the US healthcare system it’s about all western healthcare systems and the way we and the second and third worlds will respond to managing this novel disease.

History shows that we have in one way or another been blessed for the past century, we’ve had no serious pandemics which is unusual. As far as we can tell the result of previous epidemics were,

1, Significant deaths, leading to,
2, Massive social changes, and,
3, The effective downfall of the previous social hierarchy and order.

I think most people would after a little thought consider that a quite real Security issue, especially when in all probability it will be in response to a fairly masive collapse of the “growth economy” that the Western nations in particular are dependent on.

When you do the figures based on the information we have about the SARS-CoV-2 virus so far you see,

1, Uncontrolled growth is exponential, China had a doubling time in 6 days.
2, Uncontroled death rate in China was 5.6%.
3, Available Medical fascilities overwhelmed with a month.
4, 17% sufficiently effected to need oxygen therapy.
5, 5% required ITU/ICU care.
6, Some required heart/lung machine support to oxygenate blood from outside their bodies.

The Chinese then took what most would consider draconian action that others claim Western Countries will not tollerate.

But the simple fact about viruses is they have a short viability time outside of a host. If the virus can not infect new hosts then after a relatively short time it will cease to exist.

When the Chinese “lockdown” started due to a peculiarity of the virus –infectious befor symptomatic– case numbers continued to rise for a while and then started to drop off.

However the world wide cases outside China are still showing uncontroled exponential growth rates.

Thus the choice appears to be strong containment or 1/6-1/5th of the people in the west becoming infected in a short period of time.

We know that no western nations healthcare system can cope with that level of patients, in the very short period of time exponential growth will give. Therefor the Case Fatality Rate will be up around the 5.6% that China initialy saw.

If we get draconian control measures in place what we saw happen in China will happen in the West. The sooner we get started two things will occur,

1, The number infected will be considerably less.
2, Any spread will be significantly slowed.

Both of those meen that the number of patients at any point in time will be less. Thus if we start early enough then the number of patients could be kept within the capabilities of the healthcare systems. Further that also means that the CFR will drop to potentialy less than 0.5% rather than 5.6% or higher if it remains unconstrained.

The thing is the virus it’s self will not kill you, it’s the lack of oxygen in your circulatory system that causes systemic issues firstly clinical shock, organ failure, clotting of the blood and death, basically “death by sepsis” if you want all the unpleasant details[1] you can look them up. However as we have no antivirals for The SARS-CoV-2 virus the earlier oxygen therapy starts the greater the chance that your bodies immune system will have time to generate the antibodies to destroy the virus. But for that to happen you have to have the fascilities to do so, which brings us to a big issue it’s not just the hospital resourcrs it’s also the “supply chain” you can only give a patient oxygen if you have it available in sufficient quantities and realistically we don’t have any easy way to ramp things up.

From a Security of Supply issue one of the worst things you can have is a Just In Time (JIT) delivery process. Put bluntly it’s made all supply chains extreamly brittle and incapable of responding to sudden change. It’s not just medicine it’s everything from basic infrastructure upwards, we can not deal with sudden change. Worse long supply lines means often that the fastest response time is going to be measured in months. As the root of most of these supply chains is China and that is shut down or has redirected manufacturing to their home needs, the supply chains are already broken…

But basic infrastructure all very much depends on electricity and as many people in California can tell you it’s not just brittle, it’s actually being turned off due to law suits PG&E are effectively bankrupt. They chose not to spend on maintainance for the sake of “shareholder value” this caused issues that resulted in highly costly court cases and significant damages orders of magnitude above the maintainance costs…

The point is the electrical power supply is so “cut to the bone” just a few members of staff being unavailable from disease will bring the network down. That is there is no Security in electricity supply. So if electricity stops then it’s not very long before communications for control and keeping pumps for gas and water etc runing fails…

This in turn means trucks and railways stop moving goods etc. Once some systems have stopped the required systems to bring them back up have also stopped so you can not bring either back up…

But there is worse to consider, the older you are the more likely you are to die. The big change starts in the fourty to fourty five year olds and increasingly gets worse. If you look into the basic socio-economics the population above 40years old are the ones with disposable incomes these days not those any younger. So if the 40+ start to die they are not going to be spending in the economy and many things will take a turn for the worse and a recession starts. Due to the way various nations economies are tied together, the recession will most probably global, how bad is not known curently but it could eaaily be worse than the two financial crises added together…

So yes a colapse in the global economy is fairly likely to end in armed conflict…

If the global economy colapses ITsec and CommSec are going to be well down on peoples lists, so the likelyhood of ICT Security being worthy of investment will be very low…

Only with the alleged lack of will for the necessary control measures in the West, it’s going to be very insecure on so many fronts and levels for quite some time.

Thus what is the most important Security Measure that needs to be considered is an interesting dilemma in it’s own right.

[1] Having had sepsis and been one of the lucky ones who survived it (because I had bacterial sepsis and the very expensive antibiotics worked in time). I can personaly tell you, you realy realy do not want to go that way, WHO estimate a 20-30% fatality rate world wide…

Clive Robinson • March 5, 2020 6:11 AM

@ SpaceLifeForm,

Stblr ended up…

USB was at one point the bain of my life, to say it’s protocols are “optimistically” thought out might be an understatement.

Normally when you design a “communications protocol” especially a “low level or hardware” one you assume “unreliability is normal” thus do a rigorous state/fault analysis.

Because of USB trying to be “all things to all people” it’s not possible to be anything close to rigorous… Which in turn means there are lots of indeterminate states, which also vary from one implementation to the next.

As USB at higher speeds has to work “below the CPU level” in the computing stack, the possibility for security vulnerabilities –bubbling up attacks– is immense.

In effect that is what this jailbreak exploits.

But it’s not just the “states you think about”… Most engineers be they hardware, firmware, OS or upwards like many other people “think left to right” that is across the page on the assumption things only go “forwards not backwards”. They rarely if ever think about what happens when things move “right to left” or backwards via “errors and exceptions” and how these form independent communications and control channels that can “reach back” even through hard security measures like “data diodes”.

A partial solution but only for data delivery is “Forwards Error Correction” it’s wastefull on bandwidth so frequently does not get considered. But worse if care is not taken it does not play well with link or traffic encryption for various reasons, thus you should use encryption above it at say the message encryption level, which can cause other issues.

Nobody with any honesty and life experience said life is going to be easy, so we should not expect it or behave as though it is when doing robust design. It’s something I think the designers of USB forgot somewhere along the way.

Clive Robinson • March 5, 2020 10:09 AM

@ Sherman Jay,

… now after visiting the same sites, it is deleting ~500-900.

Colour me unsurprised 🙁

I am getting the feeling the bubble is about to burst for a lot of Internet Business models. And in the process of finding this out they have killed a lot of real world business models in the process.

Take “magazines” they used to be big thick and full of adverts, which few of us even looked at let alone read (unless we were very young and wanted a pair of X-Ray Specs 😉

The business case for “online” was “cost reduction” and “faster to market” that is printing and distributing was expensive.

But many assumptions were made about monetizing for income. Back in 95 I took an indepth look at charging models for services on the internet as academic research. Needless to say none of them looked good, the only one with any potential was the “Telecoms model” but at the time there was no cheap secure nanotransaction system for it to work on… Not much has changed in that respect.

Traditional magazines are vanishing from the shelves of also diminishing numbers of bookshops and newsstands/newsagents.

Part of the problem was that “anyone could Internet publish” that is the previously very high bar to entry in the publishing business disappeared. The result was a significant drop in quality due to “dilution” more than anything else. That is if you write ten articles only one or two might be “fit to publish” the rest requiring further work to bring them upto standard or enough rejection notes to give the author a hint that either they or the subject they were writing about was not “sufficient” in some way. This encoraged higher standards and the Magazines were thus desired. Internet publishing ment that space had to be filled in online magazines as there were so many of them, thus quality dropped and people lost interest, so the problem got worse.

The other issue is “online advertising” is actually a quite deliberate scam. To see why, look at how much money someone running an add has to pay into the “chain” then see how little comes out of the chain to those who in effect publish the advert.

Even the likes of “Condon Nasty” are finding out that online advertising is not paying the bills, and in effect they have “killed the golden goose”.

So having killed their own fall back position, where do the go now their advance is taking them over a cliff?

However one thing you might want to try is turning off javascript and cookies. I’ve done some experiments on load times and other asspects, in most cases things are better off…

Clive Robinson • March 5, 2020 10:24 AM

@ Tatüt,

In order to determine where a patient could have been infected, and whom s/he could have contaminated, mobile phone location and call data maintained by Google, Apple, or network operators such as the Deutsche Telekom, would be used to establish a contact profile.

I kind of knew this idea would come up, it’s the corner case of corner cases a kind of “thing of the childrens children” appeal.

From an epidemiological view point it would show “clusters” but not “contacts”. That is clusters are based around “infective objects or places” where as contacts are moving people who may or may not have “passing contact”. Clusters tend to show up quite quickly by other methods.

Thus epidemiologicaly I’m not convinced the phone records of “known individuals” would be of use.

That said general traffic volumes would show up where but not who people tend to bunch up and slow down which would become a potential cluster.

It’s something that needs quite a bit of thinking about especially as it’s a “trees and forests” issue.

Clive Robinson • March 5, 2020 10:28 PM

@ Lurker,

Hand sanitizer however is a small sized, high profit item, loved by advertisers. But the consensus of advice I have heard from various medical experts is that a bar of hard laundry soap and water, used properly, is more efficient, more economical, and has a far longer shelf life.

The reason for “more efficient / economical and longer shelf life” is something people realy should know, not just for cleaning but why there is so much profit in the not very effective / usefull cleansing products…

There are two types of “hand sanitizer” around. One is the stuff the medical proffession uses, it’s basically alcohol held in a gel and a colourant so you are not tempted to consume it. The second type is basically a poor detergent and a colourant in a liquid which can be water or a fast evaporating solvent of which alcohol can be one (with water and thickening agent of high molecular weight esters and modified vegetable triglycerides). These second types of sanitizer often come with some kind of oil to “stop dry hands”, think of them as shower gel with added alcohol and about as useless.

The first type usually has around an 80-90% alcohol content and if used properly will render any virus stuck on your skin not viable, the down side is it strips all the protective oils from your skin as well hence the dry hands and skin cracking issues. The second type has way less alcohol in. Below about 75% alcohol it will not be upto the task of rendering all virus non viable, thus is considered insufficient to the task, worse the oils can trap viable virus to the hand.

From a practical point of view all hand sanitizers realy should be considered not upto the task of being effective because they don’t actually remove anything from your hands, so any virus that remains viable will still be stuck to your hands…

Why does the virus stick to you? Well you naturally emit an oily or waxy substance called sebum from an exocrine gland at the base of hair follicles which provides a lubricant for the hair and skin in mammals (yes it is similare to other exocrine glands in mammals).

It is called the sebaceous gland and the sebum it emits is what leaves behind fingerprints and also holds dead skin cells that can be used forensicaly (look up “Dr Edmond locard’s contact exchange principle”). But it’s not just microscopic flakes of skin and hair sebum holds stuck to your skin it’s also millions to billions of often quite lethal pathogens such as bacteria and viruses, which is why the top couple of layers of skin are both “dead and shed” as part of your bodies overall defense mechanism to disease.

What “real” soap is, is a salt of a fatty acid molecule[2] which has a hydrophilic (polar) head and a hydrophobic (nonpolar) tail. This allows the soap molecule to dissolve in both water and oil forming a colloid mixture. I won’t go into the physics of it but this molecule has a very strong force at the surface between water and most lipids, which the sticky sebum is made of.

The result is that, hand hot water and soap render any pathogens non viable and take them and the sebum away down the sink with the running water.

Which leaves the difference between “laundry soap” and other soaps[1]. Laundry soap is a hard soap, that is, it is quite pure, which whilst very good for cleaning and longevity of the bar of soap is quite harsh on the skin. Usually to use laundry soap you have to grate it down to soap flakes as it does not easily go into water thus needs a very large surface area. Soft soaps that most bars of hand soap are, are realy soap that has been pre-mixed with the likes of milk and vegtable oils[3]. Unlike soap which is a salt of a fatty acid thus chemically fairly stable, the molecules in milk and vegtable oils are not particularly stable chemically thus the “turn”, “go stale”, or “go rancid” unless further stabalising chemicals are added. All of which detract from the soaps ability to clean your hands…

[1] You can make something called “dry shampoo” by grating soap into alcohol or disolving it in ether to make a gel like substance, that if you comb it through your hair will remove the sebum from your scalp and hair thus cleaning it almost as well as washing it but without using two gallons of water. You can also make a traditional “shampoo” with liquid soap, not modern detergents that do so much environmental harm. You can also turn hard soap into hand soap by melting it and whisking in vegtable oils like palm or coconut. In years gone buy when we used to make “town gas” by turning coal into coke, one of the residues was “coaltar” that had a kind of “clean smell” but also acted as a preservative so it was often added to soap. You can still get the yellow almost orange coloured “coaltar soap” but it is quite a rareity, but I’ve never known it “go off” even when more than half a decade old, and the smell reminds me of school more than half a century ago.

[2] You can make soap by rendering down fat from meat and clean it by “boiling, setting and scraping” off any impurities such as gelatins and depolarised protiens from the animal skin and flesh etc etc. You then very carefully make up a hot solution of caustic lye and melt in the fat stiring carefully increase the temperature slightly continue to stir for a while then cool. The resulting solid is a mixture of soap and hopefully a little fat not caustic residue (if you use potassium hydroxide instead of lye you end up with “liquid soap” that can be easily be made into shampoo).

[3] Some of you might know of a chain of shops selling “all natural soaps” called “Lush” I can not go near the places because they actually make me physically sick (that is my body thinks it’s being poisoned by the smell). The reason in my case appears to be the smell of butyric acid[4] Any way if you want to make some of those types of soap,

https://www.thesprucecrafts.com/goat-milk-soap-recipe-517229

There are links to other soap recipies at the bottom… You will see from them that “chemistry started in the kitchen” as did much of the rest of physical sciences.

[4] Have you ever spilt milk on a carpet and thought you had clraned it up only to have a sickly rancid smell start after a few days. Well you would not be the first or last to suffer from that “baby puke” smell. What makes it is butyric acid (so called because it’s what gives rancid butter / cream / milk that smell that tells you it’s not safe to consume).

https://chronicleflask.com/2014/11/29/butyric-acid-a-very-smelly-molecule/

The way to get rid of it is rubber gloves a dilute lye[5] (costic soda) solution and to finish some bicarbonate of soda (two good chemicals to have in your kitchen especially if you bake). Carefully brush in a small quantity of the lye solution into the area where the milk was spilt. It will react with the butyric acid and any fatty acids to make a soap that with gental brushing will go into the water of the dilute lye solution as the lye is used up. Take up the water with your prefered absorbant method, then add a little bicarb powder and brush in to take care of any remaining lye, then remove it by vacuum cleaning.

[5] Lye for all it’s dangerousness is used in the making of some food products like bagels and pretzels.

Clive Robinson • March 7, 2020 3:08 AM

@ MarkH,

But that familiar usage of “old man” is NEVER applied in the third person, as triple-x most certainly did.

The expression “old man” tends to have three meanings,

1, A wife would call her husband “old man” when speaking to her friends. That is a friend might ask her “How’s your old man doing?”

2, It is used by his children especially girls to talk about their fathers to their mates as in “The old man will kill me if I’m not back by ten!”

3,It is used as a mark of respect or wisdom as in “the old man will know the answer to that”.

In short it’s a term used to mark a patriarch or elder or one who has the wisdom to lead or does lead. Much as the older “man of the house” used to be used.

However as an expression it is falling into disuse or ridicule. Thus if some one ask a wife “How’s Brian?” she might answer “What the old fart? Humming along as usuall” or similar.

Part of the reason for it falling into disuse or disrespect was something that happend in the late 80’s where a group of people decided that children should call their parebts not “mum” or “dad” but by their christian names. For various reasons it did not work out.

A downside of the older systems is that things have become inverted… for various reasons my son is well known by quite a lot of people by sight (being over a foot taller than your class mates is just one reason) and they know him by sight. Because I am also tall and built like a “brick out house” I’m also known by sight by the school kids and their parents. In part because I also used to be a governor of the school so I had official duties. The result is that many people don’t know me by name, but many do say hello etc but call me “Alex’s dad”… So much so I used to joke about making it my name by deed poll…

Clive Robinson • March 9, 2020 12:21 PM

@ Wael,

You forgot the other “I’s” not that it is spelled that way (you very rarely see it in writing).

It’s the “Ey’s to the right, Nays to the left” of old fashioned voting in the likes of the UK Parliament and such…

It always struck me as a prejudicial system, because the “left” or “left handed people” are considered “evil” or “sinister”. Worse your left hand is your “cack hand”, or if you look at the Anglacised French “meanings of “adroit” and “gauche”…

Yes I know it arises from cristian doctrine (to sit on God’s right hand) but even so, it’s still quite discriminatory to left handed people.

Oh and it’s also why in politics those with what we might call “a leaning to the common citizen” are said to be “on the left” by lets call them the more “conservitive” self apointed “elite” and their landowning “rent seeking” or “sweat shop” business profiteering and “protestent work ethic for the masses” but not for them and their “ruling class” style mentality.