Schneier on Security

Clive Robinson • May 29, 2021 5:15 AM

@ JonKnowsNothing, SpaceLifeForm, ALL,

With regards “Apple breaks the ARM Spec and Opens up a Hardware bug”

The finder of the bug has given it a name and a website,

https://m1racles.com

But you really should read it all.

It has one factual error that is immediately obvious,

“Covert channels can’t leak data from uncooperative apps or systems.

Actually, that one’s worth repeating: Covert channels are completely useless unless your system is already compromised.”

That applies to a limited subset of covert channels. Also “already compromised” is at best ambiguous as a statment.

The reason is,

“How far down the computing stack you implement your covert channel, and what your intended channel medium is”

For instance I could[1] arange I/O on a SoC such that addressing a particular register unrelated to say BlueTooth just happens to “blip” the power control circuitry for BlueTooth causing it to transmit a short blip of carrier with a funny shaped envelope of AM modulation on it (for Ham’s think “CW Whine” in old tube/valve transmitters).

If the register I select is “security oriented” then accessing the register causes a blip on the BlueTooth TX, leaking information “off of the chip” to any near by receiver that is setup to look for the blip via a matched filter or similar.

Which brings up the question of what is the difference between a “covert channel” and a “side channel” and it’s one of those “All cats are grey at twilight” answers. Some will say it’s the difference between “accidental and deliberate” but that avoids two points,

1, At a sufficiently low level in the hardware stack you can not tell.
2, If you are creating something covertly, then you will try your best to make it look accidental.

As we now have good reason to believe the NSA fritzed the NIST AES competition so that what was presumably a side channel (chache hit timing) would become a covert channel[2].

But some people are going to ask why these two bits? And not say a byte or word?

Well Only Apple or possibly ARM can say for sure.

However two bits are all that are needed to do “buffer control” used for messaging.

Imagine you have a byte register in which you want to transfer information. You write a value into it but how do you know the other process has read it before you write the next byte that might even have the same value? The simple answer is you set a flag when you write to the buffer and the other process clears it when it reads from the buffer. You then have the issue of how do you stop coincident writes with reads? Simple you set a “lock bit” before you change anything, then you clear the lock bit so the other process can read or write which ever it is doing.

Back in the late 1970’s the use of two 8bit latches and two D-type layches (7474) was a “letterbox” between two seperate CPU’s for high speed data transfer without the expense and realestate of DMA hardware. Most IBM PC’s came fitted with an almost identical system ro talk to printers (see Centronics interface) likewise various parallel instrumentation busses.

It’s a quick and easy hack you would add if you wanted to “instrument up” a logic circuit for “In Circuit Emulation”(ICE) or a “test harness”.

So I suspect that only half the “secret” has been discovered so far… Or Apple engineers bodged the “tidy up”.

I guess we are going to have to wait and see what gets said if anything and if it’s “Truth or Spin”…

[1] Whilst this example sounds contrived, similar has actually happened accidently. The register concerned enabled a hardware circuit that “sucked power” as it reset latches etc and due to power supply routing it dipped the power to down stream circuits which caused modulation of an IO line used for serial communications…

[2] If you think about “cache” issues that leaked AES information directly onto the network interface via time delays you can see that covert channels can be fun to stop…

Clive Robinson • May 29, 2021 4:36 PM

@ All yore basis, Ignorant US redneck,

It’s a shame someone must’ve CC’d all their friends prior to the eviction notice lol.

Aside from the “cleanup” before handing the keys back, they appear to have stayed within the terms of the Obama-Xi agreement, and not exfiltrated commercial or propriety information.

So the question arises as to what the two groups did get out of their work, and can it be used to meet objectives in another way (such as finding potential targets for “honey traps” or similar).

We might find out but I suspect not.

I guess the real question as always is why the prolific connection to the Internet?

Look at it this way, why do the R&D team need Internet access, likewise Human Resources?

What part of their job description require their work computers be connected?

“What’s the business case for this computer to be accessable from aby external network?”

Is almost the first question I ask, and I’ve learnt to stand atleast four feet away due to all the arm waving like a windmill in a storm… (Hey I’m not Don Quixote and I see no reason to get the lance in amongst such whirling).

The upshot is I’ve yet to hear a solid case for most of the computers in organisations being connected to any kind of communications network outside of the organisation.

When you boil it down it generally appears to be a case of mythical productivity improvment, for which nobody has produced any objective testing…

What I can say is some organisations such as Telcos take not just logical seperation, but hard segregation seriously, and they appear to suffer no loss in productivity, in fact the opposite.

Some years ago now I did contract work for a large pension managment company. Back then they took both organisational seperation and trading floor / back office segregation very seriously and did not suffer the more usual woes. From what I’m told these days everyone has Internet access and the ICT staff are not able to keep up with the nasties that cross the threshold all to easily.

Whilst I can understand “home working” at a time like this, I’ve always been supprised that “Business Continuity Plans” did not consider it as a viable option. Yet had elaborate plans for alternative work sites including down to first aid kits in staff transport and caffine free tea/coffee and water coolers…

This lack of “plan ahead” for “home working” has cost many businesses big and some will not recover, but others have become so insecure due to lack of planing ahead that their chances of not having intruders in their networks seems slight.

And lets be honest, most of the colabarative working applications were not realy “stress tested” or “security tested” either.

I get the feeling that this past year has been such a target rich environment, there has been way to few attackers to take advantage of “the bounty on offer”…

So those businesses that have not had an intruder so far, is not down to any skill in the business, but just the probability of attack is in reality so very small currently.

It’s possibly why “Ransomware” has been on the up but proportionately other forms of attack have been less.

Though speaking of Mandient they have just published a warning that attacks on small green energy systems, building plant, Industrial Control Systems (ICS) and other Operational Technology(OT) systems are likewise on the up buring this past year of lockdown etc,

https://www.securityweek.com/ot-systems-increasingly-targeted-unsophisticated-hackers-mandiant

Clive Robinson • May 30, 2021 7:59 AM

@ Curious, vas pup,

I’ve always wondered if, Israel (nearby Turkey), presumably denying having nuclear weapons, if not fielding their own nuclear weapons, maybe they could be either, leasing, or storing

Of course Israel has nuclear weapons, any doubt about that was removed decades ago.

The reason the Israeli govrnment lies about it is due to US legislation…

Basically Israel only survives in it’s current state with the assistance of a very large amount of US Resources that Republican politicians do just about every thing they can to ensure that the Israeli Government gets the US resources.

If Israel admitted to the nukes or the politicians stopped looking in the other direction over the evidence then under US legislation those resources would have to stop.

There is no way that variois US Entities want that to happen, as they actively want Israel to carry on with it’s behaviours in the Middle East as they serve the US interests especially those of some in the State Dept very very well on the “divide and conquer” principle.

So the fact that Israel has nukes is very usefull to US Policy, but also Israel denying them despite the evidence is very usefull to US Policy.

Look at it this way without the US Resources, then Israel would not be able to maintain it’s current policy towards the rest of the Middle East, thus would have to come to some sort of peace agreement, which the US State Dept and other US Entities realy realy do not want.

People are asking questions about the rockets and Iron Dome that are curently in the news… One question is,

“Why did those firing their rockets at Israel offer a cease fire, just as Israel’s Iron Dome was about to run out of it’s missiles?”

The answer is simple it’s actually economic warfare.

The rockets being mass produced are very very cheap and in most cases don’t even have war heads, they are also aimed to cause minimal damage if they do get through Israel’s Iron Dome. The reason is that as long as they fire rockets but the citizens of Israel which includes, Arabs, jews and others, as well as those of Christian, Jewish, Muslim, and other faiths remain unharmed then world opinion tends to be against the Israeli Government and IDF.

So they fire rockets that cost next to nothing but those missiles in the Iron Dome are expensive, very expensive in comparison, and often several get fired for each rocket they launch towards Israel.

Lets just say Israel are reliant on others for their Iron Dome missiles and the financial cost is wracking up faster than the Israeli economy can support. Thus the pain of the Iron Dome is being transfered back to others, which has knock on effects including on US Fiscal policy…

What some Republican politicians call “idiot rag heads” or worse, are running circles around the IDF, Israeli Govetnment Policy and US Government Policy.

It’s a war of attrition that neither the Israeli or US Governments can win without stepping up the murder etc of innocents in the areas around Israel and pilitically they realy do not want to go there…

As I’ve pointed out in the past, if your opponent has nothing to loose by fighting even if hopelessly incapable of winning an open war, they will still fight and if they can gain an advantage in the eyes of the world, then they will fight in any way that gives them that.

So the, Israeli Government whilst apparently winning skirmishes is actually loosing the war. It appears that many of the Israeli citizens are aware of this which kind of accounts for why the Israeli Premier is running around holding his ass, desperate to avoid what is likely to happen to him if he looses power.

Clive Robinson • May 31, 2021 11:22 AM

@ echo,

Maybe someone will start treating my verification and trust scheme seriously rather than sneering at it.

It is deficient in anonymity and would make it’s database a toxic liability to the site host.

Things that would be easy to fix but for some reason you want to get sniffy and accusatory without reason.

You feel free to accuse others of gaslighting, piledriving and sneering. Not exactly reasoned argument is it?

Mistakes in security systems are known to be not just harmful but sometimes fatal (CIA system that went bad and Iranian and Chinese lives were lost).

Poorly designed or poorly implimented systems suffer from bit-rot and thus become unstable. So do systems with unneeded attributes and complexities. Unstable systems have a habit of blowing up in peoples faces and the fall out can be quite extensive.

These are the subjects this blog deals with as and when they come up, thus pointing out a technical deficiency in somebodies design is to be expected as par for the course.

Think about taking out the need for “real ID” and the main issues of lack of anonymity and toxic data effectively go away. You get a simpler system that requires less complexity and less security which would be other pluss points.

Otherwise defend your requirment for “real ID” and the costs required.

Clive Robinson • June 2, 2021 2:23 AM

@ SpaceLifeForm,

I know you maintain a watchful eye on the activities of AWS, and the “control power” they are accumulating.

Not sure if you know about this fun little “Amazon Inside” game they have started in on,

https://www.theregister.com/2021/06/01/aws_ecs_anywhere_goes_live/

It’s clearly a “The Amazon way, not the Open way” and even though the hardware may be in your data center, it’s “remotely controled” maintained etc by Amazon who can “flick the off switch” at any time…

If I was into “Dane Gelt” or “Official Ransom” then I would be salivating at the opportunities that this would give for “tightening the screws” and “upping the premium” because whilst the end customer might think they own their data…

Clive Robinson • June 2, 2021 3:19 AM

@ The usual suspects,

https://www.theregister.com/2021/06/01/bt_starts_trials_of_new/

I originally read the article because of the mention of Quantum Key Distribution (QKD) mentioned, but unfortunately it did not go into any details.

Put simply the “Hollow Fiber” or “Optical waveguide” could double or quadruple the current QKD range at a given bit rate which would be advantageous to a limited subset of potential QKD customers such as “Inteligence Agencies”.

But Hollow Fiber will almost certainly be well in the sights of “High Frrquency Traders” and their like who pay “megabucks” for nanosecond shavings.

But I’m sure some will be thinking “What is holow fiber and why is it of interest?”.

Well current fiber is currently made by heating a block of optical class up and pulling it very rapidly into a single very very thin fiber of great length (think miles not yards).

As a process at the 20,000ft view it’s little diffferent to drawing a single hair fine strand of copper wire. At a similar hight view making hollow fiber is like drawing a copper pipe rather than wire.

Which as it’s a more complex and thus currently more expensive process raises the question of “Why go to the trouble?”

Overly simply the velocity of light in a medium is related to the mediums properties that are also related to it’s density.

It’s been long known there are three basic types of unbalanced transnission line for Electro Magnetic Signals in the lower end of the RF spectrum,

1, G-Wire transmission line.
2, Coaxial conductor.
3, Waveguide.

You can try and think of them as a single wire, a wire in the center of a tube, and a tube without a wire in it.

In the first two cases you need a suppprt structure that unfortunately effects the transmission of the EM signal along the transmission line that not just slows it down it also increases the losses for any given length.

I could give the transmission mode lecture as to why this is but it would be fairly dull if not incomprehensable reading for most without a lot of background knowledge.

The short take is the “velocity factor” in twisted pair transmission lines can be as low as 1/10th the speed of light and around 2/3rds in many coax cables, whilst in what are the metal tubes of wave guides it’s not much different to the velocity of light in air.

Well for similar reasons the same is true of optical transmission lines with solid fiber being appreciably slow compared to optical waveguides which hollow fibers are in effect.

Another advantage, is that as EM waves are energy they heat any lossy material up. The more loss the shorter the length of transmission line you can use and the more it heats up. The same is true of copper conductors where very thin wires are often used in things called “fuses” that melt if too much energy is pushed through them. Dry air for various reasons is not very lossy at all thus does not absorbe the energy and heat up. Therefor waveguides and hollow fibers can carry significantly more energy for a given diameter, as well as having a way more significant range.

Thus as hollow fibers become more economical to produce they will naturally displace single fibers made of glass or plastic. Thus they will be the next generation of bulk data transmission technology (with I suspect vaccum waveguide working up in the top end of the EM spectrum the generation after that).

Clive Robinson • June 2, 2021 4:36 AM

Is RowHammer Dead and gone?

Whilst many thought the added protections in DDR4 would kill RowHammer off, as expected it turned out to be a “Sticking plaster for a broken bone”. That is it tried to cover up the surface symptoms not what was broken and actually failed to do both…

Well Google have not unsurprisingly found that you can with some effort get the RowHamner effect to work not just on immediatly adjacent DRAM rows, but the next rows out,

https://security.googleblog.com/2021/05/introducing-half-double-new-hammering.html

They call it “half-double” which is less clear than a yard of lard as far as naming goes, however the article is a brief easy read and gives links to other recent RowHammer attacks.

But the big take away realy is not the fact that RowHammer has been extended, but that you actually have to solve such problems as “cover-up mitigations” are only as good as what they cover, and most times they cover very little.

This is because they focus on “specific instances” rather than “general classes” of attack…

I know it’s a point I keep making but as such failings keep occuring people are obviously either not taking it onboard, or they are going for “cludge solutions” for some reason (managment/fiscal/speed/?).

As I’ve also pointed out such “cludge solutions” have been known since before we had scientists and engineers. It came to a head in the Victorian Era when artisan craft persons built the first steam engines for real work. For reasons that are with hindsight obvious, they often failed sometimes catastrophically, and it was the rising numbers of deaths that cause politicians to finally enact legislation.

Security fixes by cludge solutions in hardware, I had hoped, would have reached a head in the 1980s and 90’s with the issues surounding Smart Cards. But no, they are still with us and as Intel have shown with their CPU issues, they now see no real reason to fix the mess just offer mitigations that are every bit “cludge solutions”.

To an end user of such “broken hardware” the choices are stark, you either live with a major security vulnerability which will bite hard at some point or you come up with your own “general class” level mitigation. The most obvious and broadest scope mitigation against outsider attack being “total segregation from communications”. That is if an outsider can not reach a vulnerable system then they can not attack it, subvert it, steal data from it, or make the data unavailable.

Whilst total segregation can be done comparatively easily with energy-gapping, for most the total lack of communications makes it unsuitable for what they need to do. Even push-out style gap grossing as was seen with Data Warehousing in the 1990’s is insufficient, as data needs to be got in and updated quickly these days.

Comming up with secure bi-directional gap-crossing is not at all easy, and comes with some non obvious security vulnerabilities via flow control and error handling to name but two.

Perhaps the biggest problem currently is lack of appropriately skilled staff, where even the equivalent of a million dollars a year, just won’t get you the staff you need…

Clive Robinson • June 2, 2021 8:21 AM

@ Winter,

But isn’t it a kind of “law of nature” that any efficient system will have time/energy side channels that allow inspection of the processing?

It’s axiomatic and follows on from the laws of thermodynamics.

To simplify,

1) To do work, requires work to be done thus no system can be 100% effeicient.

2) ultimately there can only be two forms of waste from the inefficiencies of work, matter and energy. Currently the energy to convert energy to matter is not within our effective grasp.

3) Coherent energy becomes steadily less coherant and where possible more diffuse and ends up as low grade random thermal energy, that would take more energy to make coherent than you could get out of it, thus there is what is in effect a barrier. Otherwise perpatual motion would be achievable.

It looks a little like circular reasoning so far but the likes of radiation transport go through cycle after cycle untill you get the end result of low grade random thermal energy. Think of what happens when a nuclear device happens to see this in action. As has been observed “all clocks run down eventually”.

There are only three things you can do with information,

1, Communicate it,
2, Store it,
3, Process it.

Depending on your view point information either is subject to physical forces and the speed of light or it is not. As we know that is true for both energy and matter that make up our physical universe. Thus the question is does information exist outside of energy or matter, and is impressed or modulated on them so we can interact with it in the physical universe.

The answer to that depends on your definition of impress or modulate, as far as we currently believe that requires a force of some kind…

So working on that view all things we do with information would require work to be done, thus there must be information leakage impressed on the waste products of inefficiency.

Which has implications for your statment,

in other words, every system that does not have equal-time/equal-energy processing of input will leak information about what is processed.

It’s not true due to the fact you use qualifiers via, “does not have…”

The factually correct statment would be,

“Every system that performs work will leak information about what is processed.”

What you might try to hide by using “equal time” will require extra work to get the desired reault, thus waste will be produced in another way which by definition will carry the information negative in some way. Which makes “equal-energy” of the system not possible. It might draw constant energy from a source and store an excess to “smooth” what is drawn, but atleast twice the energy movment plus some will occure at the storage mechanism, and that “plus some” will leak information at twice the rate, first as the energy goes into storage, then as it comes out again to do work.

Even if you significantly “bandwidth limit” the information is still there as it’s spectrum folds over at what is the Nyquist point. So what was a positive frequency becomes a negative frequency and can still be extracted[1]. However the more times it folds over, the more the additions make it look like random noise.

[1] See the likes of the Weaver “third method” for SSB for a practical use case that id now much used in “Software Defined Radios” that use DSP techniques,

http://www.hanssummers.com/weaver/weaverlib

Clive Robinson • June 2, 2021 6:11 PM

@ MarkH, Winter,

That’s just bad engineering.

That depends on the viewpoint. Most memory manufacturers know a 1 in 10,000,000,000.0 soft error rate across a chip is not directly achievable. Thus correction mechanisms have to be used hence Parity check and later ECC DRAM sub systems were being built and put in use for getting on to half a century ago.

As the size of memory elements decreases the expected error rate increases, worse the number of bits goes up to some power for any given chip area (thermal conditions are less of an issue with memmory). Thus even with “engineering improvments” we can expect similar or worse error rates to still apply.

Thus in effect an economic bench mark has been set, and moving it will not prove popular either with manufacturers or customers.

It does not matter if we like such a bench mark or not as engineers, it’s the economics that dictate what engineering is done.

If people want higher reliability, faster memory or both, they can design their systems to not use DRAM but some variation of SRAM. However due to the limitations imposed by the speed of light and the physical properties of PCB materials, you quickly bump into the law of diminishing returns. So SRAM will never have the same maximum bit density as DRAM at the same clock speed.

Which brings us onto,

However, it’s a fundamental error to view “Rowhammer” as some kind of side channel. It isn’t, properly speaking. It’s the exploitation of a design defect.

That actually depends on who is defining “side channel”. If you say RowHammer is not a side channel attack you will have to say the same for cache timing attacks, and many others that are currently considered to be either side channel attacks or some more selective subset of them.

As I’ve previously noted the original definitions of various channels goes back to Lampart 73 and Simmons 84 with the fundementals Shannon 48. Likewise not only do others go back quite far into the past, they have all been “updated” over the years thus the definitions change (much as colloquial language does).

Clive Robinson • June 3, 2021 5:11 PM

@ SpaceLifeForm, ALL,

Hope nobody minds if I avoid the politics involved. But will note that there were other charges that could have been used and would probably have succeeded.

However the prosecutor went with what they thought would be an easy win, as it was assumed to be impossible to not be found guilty. But it blew up in the prosecutors lazy ass face as it rightfull should have done.

So why do I say rightfully?

Well consider @SLF’s point,

Does this mean I can be abusive with nmap?

Well before this the answer was almost certainly no because the CFAA does not in any way define what it means by authorised access…

Look at it this way I send a packet from a computer it goes through the Internet and arrives at the destination computer.

The actual process as we should know is rather more complicated.

Lets’s say you did a search on Google and you found some information and returned a bunch of links with a short paragraph for each, or a photo.

Does it return the site access policy and who is authorized or not?

Simple answer of course not. So how do you find out what it is?

Simple answer in 99.99% or more of cases is you can not unless you actually access the site… Which of course in most policies is not covered. So you would under the CFAA as written be guilty.

But it’s actually worse than that.

To access the site you first have to get the URL converted to an IP address usually via the DNS.

The DNS is a hierarchical system with very limited caching. The way it works is you walk up the hierarchical system till you find the IP address in a cache. But unless the site is one of those top thousand or less sites, the chances are it won’t be in any of the caches between you and the root of the domain.

So what happens is you go “over the top and down the other side” looking in those caches till either you find the IP address in the cache, or you hit the sites authorative DNS records, which will be in a lot of cases be held on a computer at the same site the server you are looking for the IP address for. Almost certainly the policy will be a,site policy not a host by host policy.

Now the CFAA does not specify what access is in terms of technology only what is the “directing mind”.

Ergo you clicked on a link supplied by Google, and a “user agent” for DNS was launched by you clicking on the link. The user agent crawls up to Google’s root DNS service, and then dropps down into the site…

Where it probably breaches the site policy under the way the CFAA is written.

So you are as far as the CFAA guilty before you even get the IP address to follow, that might give you the site access policy, but probably does not. The chances are you will then get sent via the Google suppled URL based on the Google DNS service pulled IP address to a web server you then “access”. You are by this time quilty twice over, and have not yet got anything back, including any warnings or site policy agreement.

Many will argue it’s the equivalent of walking through someones front door without permission…

But that is at best a very very long stretch and “trespass” is a “breach of a private duty” (Tort) not a “breach of a public duty” (Crime).

Think about that for a moment, even if I have an “access forbiden” notice on my front gate, and front door, if you can walk in without committing any other crime then it’s a “Civil not Criminal” matter. But… More importantly,

1, It needs a contractual breach
2, The remedy if a loss can be shown is a fine.

So when and what is the contract…

Well it depends on if it’s a private, commercial or public property and importantly who the person accessing it is.

A postal worker has an implicit right of access to all of them to deliver mail, unless otherwise specifically prohibited. A court appointed officer can not be prohibited if they are on official court business, if not they actually have less rights than a private citizen. Law enforcment it is ambiguous and based quite often on “a belief”…

But what about a private individual, well like police officers they have a right of access if they have reason to stop a crime, aprehend a criminal in the act, or if they believe a life is in imminent danger. Also to “serve notice of proceadings” which can be either written or verbal. Yeah think about that one, if your neighbour is creating a nuisence or acction likely to cause a breach of the peace, you are entitled to go up and give them notice that you intend to initiate proceadings in a court (in fact you are required legaly to “give notice of intent before action” a minimum of usually 14 days before submiting papers to court.

Now via a thousand years of practice, various implicit contracts have developed about what you are and are not alowed to do and when. Unless there is a notice on a gate, you are alowed to go upto the door of a private dwelling and knock etc to reasonably attract attention of the property owner or their agent for a whole number of purposes. However if you start going anywhere else then things get complicated.

Commercial premises, you are alowed to enter if the doors are unlocked for the purposes of business during reasonable hours. Obviously there is a difference between a shop and an office, but an office is reasonably expected to have access control via a locked door or barrier between a vestibule / foyer and the rest of the building (it’s more complicated with the likes of loading bays etc).

Public buildings work on the notion of access alowed at reasonable hours unless a prohibition (private party staff only etc notice) or shut/locked door or barrier is used to segregate public from private areas.

Now consider the online equivalents, how the heck are you expected to know what implicit contract is inplace if you can not see what type of site it is and the server freely alows you access by responding to your TCP request and compleating a transfer of information that does not contain any warnings or policy…

Well the CFAA expects you not only to have balls of crystal, but if you have not to stand accused of being a criminal for having the temerity of even asking what the contract is.

Which brings us back to @SLF’s question,

Does this mean I can be abusive with nmap?

The answer is NO twice over and you will get convicted because,

1, Abusive behaviour is usually a crime where ever you do it.

2, The prosecutor will tell the jury and press that “nmap is a tool used by unauthorised criminals” and that “you were unauthorised” therefore imply you are a crook who should be turned into a criminal. The judge will when giving instructions will effectively re-enforce that because of the way the CFAA is worded and scoped.

Thus as is more and more prevelant these days you are not “innocent untill proven guilty” but “Guilty unless you can prove you are innocent beyond all doubt”…

It’s almost impossible to meet the burden of proof required with the CFAA and similar unless you are extrodinary wealthy or lucky to get the level of representation required. Which means for the average person in the US they have a three way choice,

1, Go to jail.
2, Go bankrupt.
3, Accept some crummy plea deal.

With the prosecutor knowing that you are almost certainly going to go for “door number three” thus they will put a goat behind it. Most legal representatives will take a big fat fee and tell you to take the deal, cash your cheque and walk away whisteling “money for nothing”.

But hey that’s justice “The Corporate way”.

Clive Robinson • June 3, 2021 6:02 PM

@ Fake,

Very prescient sir,

Trust me it gives me no pleasure being right on this, infact the exact opposit, I’d much rather be wrong.

The reason is that there is a very good reason why most countries keep their military and law enforcment forces segregated.

Whilst they are talking of the DoJ and make it look like law enforcment will be in the driving seat…

Realistically it will now be considered “National Security” thus the likes of the various Cyber-Forces who are military or intelligence agency led will almost certainly run the show at the sharp end.

Thus the question,

“Do we want thoughtfull criminal investigations based on HumInt by law enforcment, or extrajudicial kinetic action based on meta-data from satellites etc?”

Because I suspect it will escalate to the later in fairly short order as a “show of force”…

Clive Robinson • June 3, 2021 6:48 PM

@ MarkH,

Ideally, this will be a call-to-action for Congress to enact legislation which is far better targeted.

More likely it will be a call from corporates to their lobbyists to go “persuade” Congress to “broaden the legislation”. Thus the result from the legislators will in many respects be worse.

Corporates like the CFAA and other broad scope legislation they can use to in effect externalise any responsability for the lack of security their efficiency drives for shareholder value create.

After all why spend money on security when a bit of PR and easy criminalization means they don’t have too.

I know some will question this view point but consider Pacific Electricity and Gas (PEG). They decided that spending money on maintaining clearance around over power lines and the power lines themselves was not in shareholder interests… The result was many fires, considerable property damage to others, and a judge finding against PEG who then hid behind bankruptcy law to evade responsability and instead of fixing the peoblem just instituted black outs instead if the weather forcast suggested there would be more than a very gental breeze…

This “don’t leave money on the table” neo-con / libertarian mantra mentality in corporations is a corosive poison eating away at all parts of the US not just infrastructure. The resulting downward spiral is going to do more damage than the worst “Hundred year Hurricane” ever could…

As with all “Lemon Markets” the only solition to such doenward spirals is legislation and regulation. Which is the last thing the fly by night investors want, thus neither do corporate managment. Thus paying lawyers to write the legislation they want and using lobbyists to impress it onto the legislators is realy the only game in town. Look at it this way 10-20million USD/year for properly implemented security to prevent cyber attacks, or just shell out 5 million to ransomware idiots hiding behind Russian skirts after a couple of decades… For “shareholder value” it’s a no brainer, but for the customers the costs due to not having access to energy has cost many tens if not hundreds of millions of dollars.

The shareholders take the profit and the customers get hit with the losses and cost of failures due to lack of maintainance etc.

Clive Robinson • June 7, 2021 6:33 AM

@ name.withheld…,

superstitions held by freedumb loving white men are the leading cause of preventable death during the 2020 Christmas Pandemic.

It has often been pointed out that “Bigoted or ‘Stale White and Male'” are very poor choices from relationships through running any kind of organisation or Nation or Federation of nations.

One observation is white and or male, may be a general case but there are occasionaly exceptions (Mugabe, Thatcher and in the UK currently Patel).