We now have a fossil of a squid eating a crustacean while it is being eaten by a shark.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
It was a sharquidryon in the making!
name.withheld.for.obvious.reasons • June 11, 2021 6:00 PM
Interloper alert!
As someone is posting under my moniker/alias, comment ID = 381381, it is obvious that one of the troll-tools is at it again.
name.withheld.for.obvious.reasons • June 11, 2021 6:11 PM
11 JUNE 2021 — INTERLOPER TACTICS OF THE WEEK(END)
ATTENTION MODERATOR
It appears that about mid afternoon 11 JUNE CDT, a targeted campaign against the blog has been initiated. Some has scraped some of the most common contributors and posting in their name. The common theme in their narrative ramblings gives it away. Keywords:
ADHD, mental health, society, therapy
Haven’t reviewed the whole stream of posts but none of the threads appear related to anything the original authors might have posted.
Fake • June 11, 2021 8:01 PM
Wife says underwater landslide, I suppose I’m way out on this one with gamma rays under water. Maybe I should read the paper this time.
As for the aside, it looks to me to be a direct reposting you’ll note dated links from 2016 referencing various things. Pretty effective chaff short of a shared secret no?
I am not friendly. 😉
Why is it developers have all of the answers and none of the solutions?
We subcontract!
I remember • June 11, 2021 8:28 PM
The other day the Colonial Pipeline CEO said that the hackers gained access through a dormant VPN account.
The CEO also stated that they hadn’t yet figured out how the credentials were compromised.
April 2021 LinkedIn experienced a breach of 500 Million user records. What that leaked data contained is not known although LinkedIn claims it was not a breach and that no account data was included. But LI privacy policy is vague about what constitutes private data and what they sell or share.
June 2016 leaked LinkedIn data resulted in a Citrix VPN breach. Citrix called it a “password re-use attack”. According to this article at least 30 organizations were compromised. https://www.csoonline.com/article/3086942/linkedin-data-breach-blamed-for-multiple-secondary-compromises.html
June 2012 LinkedIn was breached – 6.5 million user accounts compromised . Then in August 2012 the State of South Carolina Citrix portal was breached. “Mandiant was unable to conclusively determine how the user’s credentials were obtained by the attacker”.
How is LinkedIn connected to Citrix? Microsoft.
In Excel or Word – look at Options >> LinkedIn Features. See the blue box warnings about Governmental restrictions here: https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/linkedin-integration
If the US Government, China, Germany and France think that this feature is too dangerous to use then why does it exist?
Is LinkedIn compiling consumer information and associating it to employer accounts without consumer approval? It defaults to opt-in. LinkedIn Privacy Policy says personal data is shared with employers if a user opts into Enterprise sharing (this feature?). Does this mean that corporate surveillance is also for sale?
In 2018 and 2019 Citrix again admitted to being breached due to compromised credentials but claims that only employee data was compromised. The employee class action was just settled yesterday. https://www.citrixdatabreachsettlement.com/
Are your biggest vendors selling your most confidential data to your attackers? The Colonial Pipeline bitcoin was clawed back by the FBI in San Francisco. It didn’t even leave the country.
Hopefully Senator Wyden’s “Mind Your Own Business” bill to ban the sale of personal data to foreign countries passes. https://www.washingtonpost.com/technology/2021/04/15/personal-data-foreign-government-ban/
Ismar • June 11, 2021 8:59 PM
It looks like that at least some of the ransom money paid by Colonial was seized by authorities- what does this say about the robustness of digital currencies against state-level actors?
Panic at the disco • June 11, 2021 9:39 PM
Which digital currencies?
What else has recently been in the news that could’ve facilitated interdiction?
Which wallet was man handled, who’s purse was opened? This is after all, a referrer program and cuts and costs must be idiv.
Also note that all things considered, dis/misinformation serves a purpose.
FUD for comms
FUD for finsec
It spreads like grease deep fried and airborne, saturating outlets that already were leak eager in a penny starved internet advertising age.
Someone is setting fire to fire ants.
Run!
How many have agendas, how many want to be the next intercept?
I’m not even sure ANOM short of cooperation from 5i.au would be legally pheasible stateside so maybe it was a house plant, homegrown sure but they spent how many man hours to develop this thing and then just burn it?
I have it on a lark.
Clive Robinson • June 11, 2021 10:00 PM
@ Ismar,
what does this say about the robustness of digital currencies against state-level actors?
There is way to little fact and way to much supposition in that Dan Goodin piece for any conclusions to be drawn.
For instance it’s known that the US Government has already got a stock of bitcoin from previous FBI activities (one FBI agent actually tried stealing some, a few years back and got caught).
Thus that 75 BitCoin may not have been purchased by ColPipe but only used by the FBI.
As for grabbing DarkSides electronic wallet they FBI might have done if the DarkSide operators were stupid enough to keep it in a system that could be reached by communications. Various attackers have done this from time to time already.
As for the passwords required, if you can “grab the wallet” then you can “key-log” the keyboard…
But it might be simpler…
As I noted a couple of days back DarkSide operated a “full service ransomware service” and charged around a 20% fee.
Thus it is possible that the originator of the attack was a disgruntled ColPipe employee. If you search on line you will discover their CEO was not liked at all by employees. Hardly supprising when you find out which companies ColPipe actually “fronts for”, for various tax avoidence and effectively money laundering reasons including bungs to politico’s etc.
So it is entirely possible a simple “CommSec” failure was responsible for the 63 bit coin recovery. That is the BitCoins went to DarkSide who took their cut then sent the rest on to the disgruntled employee in a bitcoin wallet with the balance in it along with the wallet password. If it got “intercepted on route” or “pulled” from the disgruntled employees computer then recovery would not be difficult.
Mind you “recovered” is an ambiguous word when it comes to encrypted information. That is you can “recover” encrypted information, but without the encryption key they remain worthless even though you in theory possess them…
So the FBI might have a BitCoin wallet with BitCoins in it but no password because the previous owner of the wallet has not handed it over for various reasons or even spoken to the FBI (actually a wise thing to do). Thus the FBI could be trying to “brut force” the wallet pass phrase as we speak[1]…
But we don’t know, as there is little or no reliable information only the minimum required for court proceedings. So it’s all speculation untill we get further reliable facts (which is actually not that likely for a while).
[1] Which may prove futile, in that the previous owner of the wallet could have picked a sentance or paragraph from a well known poem or book and added a few bits extra then run it through a hash algorithm a number of times. That number decided by say a telephone number or other publicly available information that can be turned into a number. Whilst both the search space and combinations are “finite” that in now way means that it can be found in the length of time the Universe is believed to have left.
@SLF:
@Moderator:
“Maybe they have other plans…”
Looking further back into the logs it’s interesting to note the addition of @Clive Robinson handle to that of @Winter as an ‘active target” apprars to have started @ June 9, 2021 2:24 AM with,
Thus it might have taken the Troll-Tools fumblings that long to have come up with the new attack strategy.
No one • June 11, 2021 10:55 PM
Yesterday China announces they arrested 1,100 Bitcoin cross-border money launderers. So apparently China can now trace Bitcoin too.
/www.reuters.com/world/china/china-arrests-over-1100-suspects-crackdown-crypto-related-money-laundering-2021-06-10/
News media reporting major COVID outbreak of Bitcoin conference attendees. Oh no. https://www.bloomberg.com/news/articles/2021-06-10/miami-bitcoin-gathering-was-a-covid-hot-spot-attendees-say
If I was the CIA I would have invented crypto. I’m old enough to know that this makes the most sense,
@Clive
I never heard anyone blame a ransomware attack on a CEO because he’s not a nice guy. You have to be mighty stupid to want your employer or even ex employer to be attacked by ransomware. Because this means no payroll, no insurance. 900 employees work for the biggest pipeline in the USA that you say is a fake front but Bitcoin is somehow valid. You can easily see Colonial pipeline infrastructure when you fly into NYC or Newark. I’ve never seen Bitcoin though. Have you?
SpaceLifeForm • June 12, 2021 12:26 AM
Silicon Turtles
Interesting attack via Floating Point MicroCode.
Make sure your FireFox is current. Can not speak for other browsers.
The demo shows FireFox pre version 87.0 can leak via this attack.
Note: This is not a browser problem per se. This is a microcode problem. So any attacker controlled data possibly can effect any program that uses Floating Point.
I’ll say it again: Fast does not mean safe.
Rage Against the Machine Clear
A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks
https://www.vusec.net/projects/fpvi-scsb/
INTEL – CVE-2021-0086 / AMD – CVE-2021-26314
FPVI allows an attacker to inject arbitrary floating-point values in a transient execution window created by a Floating-Point machine clear. With this attack primitive we can mount an end-to-end exploit on the latest Mozilla SpiderMonkey JavaScript engine with all the mitigations enabled, resulting in an arbitrary memory read in Firefox through attacker-controlled and transiently-injected floating-point results (FIREFOX – CVE-2021-29955).
…
Affected CPUs
Both Intel and AMD processors are affected by FPVI and SCSB. In Figure 8 we list the CPUs we tested in our experiments. Intel published the complete list of all its affected processors (Columns FPVI & SCSB). AMD confirmed that all its CPUs are affected. ARM confirmed our results of not being affected by SCSB and reported that some FPU implementations are affected by FPVI.
Weather • June 12, 2021 12:51 AM
@clive
“Which may prove futile, in that the previous owner of the wallet could have picked a sentance or paragraph from a well known poem or book and added a few bits extra then run it through a hash algorithm a number of times. That number decided by say a telephone number or other publicly available”
A loop 100k times might not be that effective as it looks, it would slow down the bruteforce but getting information from a 64 char poem might still show, as you can do the loop and use that as a table attack instead of just once?
Weather • June 12, 2021 1:06 AM
Table attack
Hashoutput[32]
For(I=0;I<fffffff;I++){
Loop(100k)
Sha(I,4,MD)
If(MD[0-3] =hashoutput[0-3]
Printf(%8x,I)
Box[I[0]]++
Box[I[1]]++
Box[I[2]]++
Box[I[3]]++
}
Run anylist on box
WashingtonInsider • June 12, 2021 4:27 AM
China used social media to spread misinformation to discredit Western media during pandemic, report finds:
https://www.abc.net.au/news/2021-05-12/china-misinformation-ifj-report-covid-19/100135016
The Media’s Lab Leak Debacle Shows Why Banning ‘Misinformation’ Is a Terrible Idea
How a debate about COVID-19’s origins exposed a dangerous hubris
https://reason.com/2021/06/04/lab-leak-misinformation-media-fauci-covid-19/
and
https://www.documentcloud.org/documents/6981198-Analysis-of-Six-Patients-With-Unknown-Viruses.html
This is a Master’s Thesis from 2013, detailing 6 patients in 2012 whose symptoms present identical to covid-19 after contracting a mystery disease after working in caves in the region. 5 of 6 died, and the samples for these cases ended up at the Wuhan Institute of virology. Since we were unable to link the wet market theory as an initial origin, logic dictates after discovering this master’s thesis the next focus should have been the Wuhan Institute of Virology, where gain of function research was taking place, however the CCP denied the world access until early this year hindering a timely investigation. Knowing these details the likely scenario is the lab leak theory, especially knowing this isn’t the first time researchers from this lab were accidentally infected with samples they were working on.
Any calls for investigation of the origin as being from a lab were shut down by parties with severe conflicts of interest. Even worse when people said lab leak, the media and any other detractors would conflate that with b weapon and use that to pound the “conspiracy theory” home. When there is quite a significant amount of data of previous lab leaks. Here is a story highlighting several near misses at UNC-CH where Ralph Baric works. These labs have worked with the WIV on multiple coronavirus studies.
Near Misses at UNC Chapel Hill’s High-Security Lab Illustrate Risk of Accidents With Coronaviruses
Reports indicate UNC researchers were potentially exposed to lab-created coronaviruses in several incidents since 2015. These incidents highlight the risks even in the most secure and respected research facilities.
It may well end up that they were doing studies on these viruses and an accidental leak occurred but the scientists panicked because to admit how risky what they were doing is/was would out their future in jeopardy, so you control the narrative.
Clive Robinson • June 12, 2021 4:44 AM
@ No one,
Another “new handle”?
It is curious that you make the, Reuters link on Bitcoin non clickable, yet the Bloomberg link on COVID clickable… I wonder why?
But things get even stranger with you,
I never heard anyone blame a ransomware attack on a CEO because he’s not a nice guy.
That is quite a peculiar statment to make…
You will find, if you can be bothered to check, most organisational culture is shaped or set by the CEO, or those appointed by the CEO into managment positions.
Likewise the reality of ransom attacks against IT systems over more than the past five decades have almost always been by people usually insiders or ex-insiders upset by an organisation and it’s culture as it effects them (and often why they became ex-insiders).
It’s the reason the US CFAA 1986, that recently got spiked by SCOTUS, was supposadly written the way it was. As US CCAA 1984 (18 U.S.C § 1030) that preceded it was not sufficiently “encompassing”. Likewise the original UK legislation CMA 1990 because the UK Fraud Act was found to be wanting in IT access cases. The main use of the UK CMA though caused a number of contractors to be prosecuted because in self defence they added code that caused the code they had written under contract to stop working if they were not payed. Which at the time was rife in the industry because of Senior Managment thinking they could pull a “No Pay, Won’t Pay, Cause you can’t sue or take it away”.
It’s only in the past half decade that outsider ransom of ICT systems has become more normal as “Nerds learned to Crime”, Or more importantly how to “get away with the proceeds” of ransoming which was the usuall point that people committing ransom failed and were thus apprehend, arrested, tried and usually convicted.
So, the question arises,
Are you deliberately disingenuous, disengaged from reality, or just unknowledgable of what has happened in the ICT sector for over half a century?
KlausSchwab--WEF--NWO • June 12, 2021 5:16 AM
Encore
From “Event 201” to “Cyber Polygon”: The WEF’s Simulation of a Coming “Cyber Pandemic”
Last year, the World Economic Forum teamed up with the Russian government and global banks to run a high-profile cyberattack simulation that targeted the financial industry, an actual event that would pave the way for a “reset” of the global economy. The simulation, named Cyber Polygon, may have been more than a typical planning exercise and bears similarities to the WEF-sponsored pandemic simulation Event 201 that briefly preceded the COVID-19 crisis.
Some will say that a “cyberpandemic” is an inevitable consequence of the quickly developing hi-tech world in which we live, but it still fair to point out that 2021 is the year that many have been predicting for the financial destruction of big institutions that will lead to new economic systems that align with the Great Reset. The inevitable collapse of the global banking system, resulting from the off-the-charts corruption and fraud that has run rampant for decades, is likely to be conducted through a controlled collapse, one that would allow wealthy bankers and elites, such as those that participated in Cyber Polygon, to avoid responsibility for their economic pillaging and criminal activity.
This is especially true for Cyber Polygon participant Deutsche Bank, whose inevitable collapse has been openly discussed for years due to the bank’s extreme corruption, fraud, and massive exposure to derivatives. In late 2019, months before the COVID-19 crisis began, the CEO of Deutsche Bank warned that central banks no longer had tools that could adequately respond to the next “economic crisis.” It is certainly telling that entirely new banking systems, such as Sberbank’s soon-to-be-launched digital monetary monopoly, began to be developed just as it began to be publicly acknowledged that central banks’ traditional means of responding to economic calamities were no longer viable.
A massive cyberattack, such as that simulated at Cyber Polygon 2020, would allow faceless hackers to be blamed for economic collapse, thus absolving the real financial criminals of responsibility. Furthermore, due to the difficult nature of investigating hacks and the ability of intelligence agencies to frame other nation states for hacks they in fact committed themselves, any boogeyman of choice can be blamed, whether a “domestic terror” group or a country unaligned with the WEF (for now, at least) like Iran or North Korea. Between the well-placed warnings, simulations, and the clear benefit for the global elite intent on a Great Reset, Cyber Polygon 2020 appears to have served not only its publicly stated purpose but its own ulterior motives.
Curious • June 12, 2021 5:24 AM
Q: What is it that would make elliptic curve cryptography more secure than plain multiplication for deriving a private key, other than shorter key lengths?
Curious • June 12, 2021 5:35 AM
To add to what I wrote:
I meant to say, what is it with ECC that makes it more secure than plain multiplication, with the afaik known advantage of having shorter key lengths.
I did not mean to say that, shorter keys = more security. 🙁
Clive Robinson • June 12, 2021 6:12 AM
@ Weather,
A loop 100k times might not be that effective as it looks
Err where I come from phone numbers are not 5 digit but 7 or 8 digit. So loops would be 10million or 100million. In the US they are longer than that.
However your point stands with regards insufficiency of loops. But the point remains if the original wallet owner was “thoughtfull” or “knowledgable” they could easily come up with a scheme for generating a pass phrase that in human time scale terms is uncrackable, and for a long time there after, which would give them quite a bit of leverage with the current value of bitcoins.
But the usual way to attack such a stand off is by scanning any computers the “suspect” has for clues or more specifically programs.
As both you and I know, it’s not difficult to make a computer that boots and runs from a DVD and without using or needing a “Hard drive” Knopix is just one of several Linux DVD-Boot/run systems that is rich in “shell tools”. Thus if the suspect was knowledgable, and I suspect they would be, they could type everything in from the command line as a “shell script” and write the resulting password down on a piece of rice paper or similar on top of the glass in a picture frame using a soft lead pencil. The original poem or paragraph from a book could be borrowed from a friend or picked up in a charity shop or similar then as quickly and easily discarded.
Thus if they throw away the soft pencil and other rice paper there would be know traces in their environment to be found by any authorities.
Thus the stand off becomes a matter of wills or illegal interrogation techniques by the authorities (see obligitory XKCD cartoon).
A slightly more thoughtfull suspect though could arange things such that they did not “know” the seeds of the passphrase thus thwart even such “enhanced interrogation techniques” as well as giving themselves plausable deniability…
Fake • June 12, 2021 7:54 AM
The CFAA used to covert hacktivities like that.
Weather • June 12, 2021 8:13 AM
@clive
Brute forcing at 1 hash a second would take awhile, wasn’t thinking probably.
Trying to work out how you could get the words from a book as the seed without you knowing what they are, to stop the power tools?
echo • June 12, 2021 8:13 AM
Exclusive: Declassified journalist was ‘unlawfully’ profiled by UK Foreign Office
[…]
Tom Short, a solicitor at law firm Leigh Day specialising in human rights, told Declassified: “Everyone has a right to know about the activities of public authorities, regardless of who they are or the reason why they are seeking information. This is a core principle of holding government to account in a democratic society. Accordingly, the FOIA is clear that requests must be treated as purpose and applicant blind.”
He added: “A public authority’s focus should be on the information sought, not on who is requesting it — disclosure to a single requester is after all effectively disclosure to the world.”
[…]
Lawyer Short said: “Where a public authority considers or highlights an applicant’s identity when handling an information request, it will almost certainly be acting unlawfully under FOIA, but may also be in breach of data protection laws as it may amount to unlawful processing of personal data.”
He added: “Handling requests in this way completely undermines the freedom of information regime and is nothing short of an attack on democratic accountability.”
[…]
The search did, however, highlight four cases where Kennard’s information requests had been passed to the Cabinet Office’s Clearing House, a controversial unit which deals with information requests for particularly sensitive information. The unit has been accused of “blacklisting” journalists.
[…]
A previous data request sent by Kennard, this time to GCHQ, Britain’s largest intelligence agency, showed that it had blacklisted him after he published information about the agency’s controversial schools programme.
In August 2020, Declassified discovered it was blacklisted by the Ministry of Defence press office when our staff reporter Phil Miller was told by a spokesman, “We no longer deal with your publication.”
After a Level Two press freedom alert was issued by the Council of Europe, Defence Secretary Ben Wallace reversed the blacklisting and ordered an independent review of the case.
I’m not a journalist nor a lawyer but I’ve come across similar problems myself when dealing with the state and some private organisations. There can be an unhealthy degree of evading the law and trying to conceal exactly what is happening and who is making the decisions whether it’s a dialogue or information request or triggering an investigation which itself can become an exercise in evasion. I’ve triggered at least two investigations which I only later discovered by reading the newspapers and they, surprise surprise, found no wrongdoing. That does happen if you chose which evidence to obtain and review while not telling anyone the “investigation” is happening. I’ve also kicked up various stinks over things and read in the newspapers about policy initiatives which happened as a result to cover up lack of managerial attention on policy which ultimately went nowhere because although well meaning on the surface there was no real follow-through.
I guess it’s no surprise the UK is falling down the league tables I’m following if this is the kind of response you get.
At the same time as this right wing extremist organisations are actively lobbying behind closed doors and organised carefully worded mass freedom of information requests in an attempt to either push propoganda to decision makers or break the FOI system and trigger the creation of more restrictive law.
JonKnowsNothing • June 12, 2021 10:50 AM
MSM report on Google Chrome’s URL truncation scheme and the ending of their autohide of the full URL.
Per the article:
Google/Chrome has been truncating full URL paths leaving only the main domain name showing.
From:
header//name.xxx/path1/path2/path3
To:
name.xxx
Apple/Safari does something similar.
Google/Chrome will still hide the header. Meaning you don’t know if it’s legacy ht tp or ht tps or hX Xp or hX Xps. For Google/Chrome you can change autohide of the header with a setting.
… in June 2020 when the experiment was kicking off, Google engineer Emily Stark explained that the company was experimenting with a simplified URL display “to understand if it helps users identify malicious websites more accurately.” It’s a year later, and now Stark writes that the “simplified domain experiment” will be deleted from the codebase, saying, “This experiment didn’t move relevant security metrics, so we’re not going to launch it. :(”
URLs are not nice, they are clumsy and prone to typos and MITM/MOTS, however they are direct addresses to content across the global web.
Rhetorical Question:
If you went to visit someone in another country,region,city,area,locale, location, how would you know where to go if you aren’t shown map details beyond Continent?
Clearly Google/Chrome and Apple/Safari plan to be the automated UBERHauler for the internet.
“We don’t need no st**king URLs…”
===
ht tps://arstechnica.com/gadgets/2021/06/google-chrome-ends-its-war-on-address-bar-urls-for-now-at-least/
ht tps://en.wikipedia.org/wiki/Stinking_badges
(url fractured to prevent autorun or autohide)
SpaceLifeForm • June 12, 2021 1:45 PM
@ Curious
See safecurves. Understand 25519. Understand Montgomery Ladder.
The main reason why ECC is more secure than RSA is because of Constant-Time code.
It is less likely to leak.
It is also faster.
It has gotten to point these days, that when I visit a website, I can likely guess due to the TLS handshake time, whether the connection is RSA or ECC.
Firefox on desktop shows you when it is doing the TLS handshake. I’ve been doing this a long time. To quote a famous philosopher: “You can observe a lot just by watching”
I’ve seen TLS handshakes using RSA take a long time. I’ve even see one hang, but I never researched that as I assumed it was due to a dropped packet. That may have been an incorrect assumption on my part.
SpaceLifeForm • June 12, 2021 2:20 PM
@ Curious
The TLS handshake timing differences are visible even with a modern desktop, gigabit router, and high speed broadband internet.
You can spot it, if you are paying attention.
SpaceLifeForm • June 12, 2021 2:41 PM
@ -, Moderator, Clive
The Troll-tool did not take the weekend off. See prior article.
The fakes appear better, but, they are fake.
SpaceLifeForm • June 12, 2021 3:52 PM
@ Curious, Clive
Now that I think about it some more, the TLS handshake timing differences may actually be a side channel.
Where a Downgrade Attack can lead to fingerprinting.
Clive, prove me wrong.
I double-dog dare you.
@SpaceLifeForm:
@Moderator:
@Clive:
@Winter:
“The fakes appear better, but, they are fake.”
Not better exactly just different in some ways but not enough so they are still very easy to spot if you know what to look for.
Though you might have noticed the times slipped a bit. Troll-Tools a bit busy trying to make better fakes and failing miserably yet again.
However like those Monkey’s bashing away at typewriters, the Troll-Tools can be expected to have a little random success, but it ain’t gonna be t’bard they are turding out, because of fundemental errors in their abilities.
It would be interesting to see an IP address analysis put up, and what others make of it, but I can fully understand why our host will not alow that as it’s the start of a slippery slope.
Mind you I do find the Troll-Tools antics mildly amusing for various reasons, kind of like a stand up on open mic night, not getting any laughs at their jokes, but getting laughed at for their desperate efforts of trying to be funny.
But hey a bowl of popcorn is only so big.
echo • June 12, 2021 5:40 PM
This is an old article but says basically the same as the newer material although the newer material does map out terrorist links (including US based terrorists) and the Latin American Catholic Church joining in and a lot of other organisation names plus Russian interference. Social media as we know can have a radicalising influence and this has been more exposed too. A fair few NGO’s and EU instititions and politicians and UK and US based activists and others are very much on the case now.
The EU is not asleep on the job. Meanwhile the UK stands out as the “dirty man of Europe”. The UK government is utterly compromised and falling down all the major league tables for corruption and human rights abuses.
I have a backlog of stuff to log so a bit behind. Honestly, it’s a deluge at the moment.
Clive Robinson • June 12, 2021 5:51 PM
@ SpaceLifeForm,
Clive, prove me wrong.
I can not because your hypothosis of,
Now that I think about it some more, the TLS handshake timing differences may actually be a side channel.
Is correct and easily shown as such, the only real question is the “information capacity” under any particular set of circumstances.
Which raises the question of “How much information capacity is required?” for you second hypothosis of,
Where a Downgrade Attack can lead to fingerprinting.
The answer depends on how good a fingerprint you desire, and wether you are using it to “identify or eliminate”. That is when in “search mode” it’s often faster to ask “is this NOT the target?” rather than the much slower “is this the target”.
For the “NOT” case only one time based test is required thus “targets in potentia” can be rapidly “eliminated” depending on what you know about your actuall target.
For instance there are photographes of our host with a “laptop” some will be able to visually recognize the make and model, thus get a hardware specific “time”. If @Bruce is at a conference with a video link, an attacker will know the network address range and if @Bruce can be seen using his laptop from the video link of the audience an attacker can go through active connections from an upstream node one by one forcing a re-negotiation etc.
Cutting out the dull bits, it’s fairly easy to see if the re-negotiation has the right time signature or not. Once you’ve eliminated all the “not” wrong time signatures you are left with a small subset that you then have to gain other information on for a sufficiently positive identification.
Can you squeeze sufficient further information out of a re-negotiation? that I’m not sure of as I’ve not tried it. But I suspect other slower techniques used to identify time deltas of the main CPU XTAL frequency peculiar to each motherboad will work just fine (it’s one of the ways I identify services running on the same host but at different network addresses).
I was just looking at that very picture yesterday thinking about how his is likely a dvd player board w some generic plan chip gutted reflashed and running some docker image remotely.
🙂
Maybe a TiVO w a spoofed mac 4 lulz.
Clive Robinson • June 12, 2021 6:57 PM
@ SpaceLifeForm, Weather, ALL,
You mentioned the “floating point” denormalisation CPU hardware issue yesterday.
Oddly, I’m looking into a related subject.
As you probably know in assembler you have access to a flags register, so when you add two ints you know if the result is zero or has overflowed as there are flags you can branch, skip over, or jump on depending on your CPU. Likwise there are greater than, less than, and equall to branches etc in most CPU assembler instruction sets. As an assembler level programmer you just take it for granted they are there and just adapt your thinking as to if it’s branches, skips, or jumps in the CPU ISA you are working with.
However jump that chasam between the CPU ISA and a supposed “high level language” and there are no flags you can get access to…
So lets look at C because it’s used to write so many other “higher” level languages, they all inherit the same defect “no flags”…
So consider a multi precision library you define a structure of,
{
Ptr : to digit array
Ptr : to exponent array
Int : size of digit array
Int : size of exponent array
Int : flags
}
Or similar, where “flags” contains the sign bits, carry bits and zero bits for both arrays your low level algorithms fake. That way you only have to worry that the two arrays only have positive integers in them.
Now when you look at Knuth, and Menezes et al, they both give algorithms for doing multiprecision add. Likewise several Open Source libraries writen in C.
When you look inside those low level algorithms you see something that I consider “most odd”… As you are probably aware a MAD (multiply and add) instruction is a standard primitive for nearly all arithmetic on integers snd in most maths algorithms.
Well the “ADD” in all the cases I’ve been looking at is half as fast as it can be and uses twice the memory it needs… All because of the way the “carry” is implemented.
Look at it this way, lets assume an 8bit CPU it has two natural integer sizes 8bit/1byte and 16bit/2byte.
In assembler you would use the 2byte ints and uses “ADD with Carry” to add two arrays (U and V) to get a result in in a third array (W) withvthe lengthbof the W array being equal to which ever is larger the U or V array. Simple quick and fairly painless.
In C however with Char being an unsigned byte and Int being an unsigned double byte what you see is most odd.
You load an int with a char for both the U and V array and add the two ints then save the Int away in the W array. You then shiftvthevresult down 8bits so the W int hogh byte is now the low byte and add the next ints for U and V that each only contain a byte, and around you go working your way up the U and V arrays making a W array twice the size it needs to be, and only doing a single byte add as opposed to a dpuble byte add and doing a very slow 8bit shift… You then have to “fix-up” the W array to remove all those redundant high bytes.
Without going into the nitty gritty, you can do a two byte “int add” and care not that it overflows because you can easily check with a fast compare that is if the result is less than the smallest of U or W a carry would have been generated.
Thus you can do 2byte int adds using the memmory efficiently, not having to do the mind numbingly slow 8bit shift down of the high bit and with half the number of add operations so only half the number of loop iterations and no fix-up required.
It strikes me as odd that from what I’ve seen every one does the equivalent of byte sized adds in 2byte ints…
Just wondering if you’ve ever seen anyone do it the more efficient way?
And if so where?
echo • June 12, 2021 7:33 PM
https://www.independent.co.uk/asia/southeast-asia/duterte-hitler-maria-ressa-rappler-b1859291.html
Philippines president Rodrigo Duterte shares parallels with Nazi dictator Adolph Hitler, a leading Filipino media executive has said.
Maria Ressa, chief executive of the Filipino investigative news site Rappler, toldThe Independent that Duterte’s populist rhetoric is “appealing” in the same way Hitler’s was.
The prominent journalist said “lies laced with anger and hate” circulate “faster and further” than facts on social media as she warned Duterte’s rise had partly been fuelled by Facebook.
Doing a bit of end of day housekeeping and this was open in one of my browser tabs.
Yet another example of the authoritarian populist Nazi-esque and social media fuelled model playing dirty with journalists and abusing human rights. The article mentions a scattergun of tactices everyone reading it will likely recognise. Often the impact is lost in these kinds of articles but the stack of reports behind each observation can get rather long.
mac and simm • June 12, 2021 7:59 PM
@echo
Grand to hear your thoughts.
To “break the FOI system” in Canada, one would have to believe it ever worked.
Even accepting redaction and response times as they are, one still has to wade through the morass of finding which public services are involved, before you can even initiate one, and likely, as with every other law, u will discover some contramanding law saying “oops for ‘certain people’ there are EXCEPTIONS, please try again sometime, sucker”.
‘Disclosure’ and ‘Transparency’ are among the many myths of democratic propaganda, which seem to also want us to believe that “boys clubs have vanished into history”, and “public servants always serve the interests of the public, never their own vendettas nor criminal lust”.
Weather • June 12, 2021 8:38 PM
@clive slf
You can do add CX, bx , the overflow flag won’t be set because its not ECX, ebx, you could try test ECX, which might set the pf or cf flag with a jz after,or and ecx 0x01 followed by xor bx,0x01 camp bx 0x01.
Just wook up will replied later
Weather • June 12, 2021 9:06 PM
@clive slf
Add ECX, bx
Test ECX, 0x10000
Jz or jnz
Test is and then cmp in one, sets the zf,cf,pf flags
Weather • June 12, 2021 9:12 PM
@clive slf
Moved ECX cr:8
Camp ECX ,0x05
MarkH • June 12, 2021 9:39 PM
@Clive:
I rolled my own multi-precision (fixed-point) code years ago, and your question inspired me to take a look at it.
It uses the full integer width, and derives carry (a boolean variable in the source code) from an unsigned comparison.
Note that it isn’t necessary to select the smaller of the two addends for comparison; when carry out occurs, the truncated sum is smaller than both of the addends. A single compare is sufficient for each “word” of the add or subtract operation.
Probably the half-width with shift method would never have occurred to me, because of my years of assembly programming … I have a reflexive horror of inefficient operations in time-sensitive routines.
[Typically a compiler with really good optimization will handle shifts-by-8 as byte moves, so the time cost might not be as great as one would expect.]
As you know, Python integers are inherently multi-precision, and Python does large integer arithmetic very fast. I studied the C code for integer arithmetic from a version of Python, and it used an impressive variety of speed strategies. I don’t have time to look it up right now, but I would expect that Python would also avoid the shift method.
Though it’s an ugly practice, many projects aiming for high levels of speed use “asm” pragmas, in which case the flags are directly accessible.
MarkH • June 12, 2021 10:32 PM
@Clive:
Two clarifications, for what I wrote above:
First, the C code I wrote represents integers as pure binary; a long integer is a sequence of concatenated words (I had 32- and 16-bit versions).
Second, it’s the Python long type that is multi-precision; in general, Python automatically converts to long when any fixed-point input or result is too large for its integer type.
As it turned out, finding the specimen Python source I studied didn’t take very long. I downloaded it in 2006, so it’s some flavor of Python 2.
The Python C module for the long type does indeed use shift, storing 15-bit segments of the bit sequence in 16-bit words. Rather than just testing the high bit after summing, the code actually does a C-language right-shift by 15 bits … though again, a compiler with very good optimization might handle that intelligently for the target architecture.
imm • June 12, 2021 10:42 PM
just wondering what emulator doesn’t set OF for a 16bit add reg,reg
SpaceLifeForm • June 12, 2021 11:59 PM
@ Clive, Weather, MarkH
In C however with Char being an unsigned byte and Int being an unsigned double byte what you see is most odd.
Well, first, Int in C is normally signed, so you have to force unsigned.
I’m guessing you are dealing with some older stuff, including compiler.
But, by doing it word size, aren’t you setting yourself up for potential undetected overflow? Consider x=0x01ff, and y=0x01ff as the two words. If you add them together as 2 byte Int, the result will not overflow. Yet, if you added the two ff bytes together, that would overflow a byte.
https://stackoverflow.com/questions/6876124/read-flag-register-from-c-program
Weather • June 13, 2021 12:50 AM
@clive slf mark h
tt ps://www.schneier.com/academic/archives/1997/01/fast_software_encryp.html
SpaceLifeForm • June 13, 2021 2:14 AM
@ Weather, Clive, MarkH
Funny how much has changed since 1997, eh?
I have hardware from that timeframe (Pentiums). That work.
If I was going to to be doing any serious crypto stuff, I would use that old hardware.
I don’t care if it takes 5 minutes to create a cryptographic signature.
I have confidence that the microcode will not leak.
Plus, it is old BIOS, not UEFI.
How do people know what’s in their firmware?
https://tcsltesting.blogspot.com/2021/06/how-do-people-know-whats-in-their.html
imm • June 13, 2021 2:15 AM
</
I can’t use PUSHFD: it’s not supported in 64-bit mode. At least thats what gcc tells me 😉 .
After which assignment should I push?
/>
I wouldn’t know about that but there is also a 64-bit variant: PUSHFQ. Typically you put the push instruction after an arithmetic operation that would affect the bit you’re after, as soon as possible. Just like with a conditional branch like JO I mentioned. Check my edit.
> Word bro.
MarkH • June 13, 2021 2:53 AM
@SpaceLifeForm:
I didn’t understand the offered example. 0x01ff “overflows a byte” before addition — it’s 9 bits long.
If the addition were performed on 8-bit words, the first operation would be 0xff + 0xff → 0xfe. The test for sum < addend indicates a carry out.
The second operation would be 1 + 1 + 1 → 3 (the two more significant bytes plus the carry).
Applying simple logic, nothing will be missed. [Note: in my realization the full addition is just a little more complicated, in that tests for carry or borrow must take into account any carry or borrow propagated from the preceding (next less significant) word.]
The results are unconditionally correct.
Weather • June 13, 2021 3:02 AM
@imm
Does pushfd put more than 4 bytes on the stack making a possible off by one bug?
SpaceLifeForm • June 13, 2021 3:06 AM
As expected, Freenode is imploding
Also, anyone that was using Freenode should be aware that your passwords may have been collected in recent days.
This is breaking news…
hxtps://twitter.com/fsf/status/1403941542532952067
Despite our plans for a gradual transition, FSF staff and GNU volunteers are no longer in control of the #fsf and #gnu channels on the Freenode network. Please find us at http://libera.chat instead.
@clive
Without going into the nitty gritty, you can do a two byte “int add” and care not that it overflows because you can easily check with a fast compare that is if the result is less than the smallest of U or W a carry would have been generated.
A compare would have to be followed by a branch, and that could be quite inefficient. OTOH, on most modern processors the shift will be single cycle or even come for free as part of the next addition (e.g. ARM).
pushf pushfw pushfd and pushfq are all the same
but with slightly different behavior under different addressing modes
high level language is generally processor agnostic
it is possible to write processor and position agnostic code manually
it’s up to you to know that when you see an 0x90, what you’re actually looking at is an
xchgw %ax,%ax
somebody just gave you a shorter way of communicating that to the processor
no-op
nop
@FA,
certain processors are batched branch+compare operands correct?
VLIW groupings, fun.
SpaceLifeForm • June 13, 2021 3:45 AM
@ MarkH, Clive, Weather
Maybe I am misunderstanding what Clive is trying to do.
I read it as he was trying to get a speed up by treating 2 bytes as a 16 bit word.
Which it is of course. But if you actually are intending to add 8 bit values…
I guess the real question is: what are in the individual bytes? Have they already been sanitized so you know that the 16 bit add can never mess up what two separate 8-bit adds would do?
Remember, as char, they are treated as unsigned.
Also, as a Bag-of-Bits, interpretation means everything.
FAKE • June 13, 2021 3:57 AM
re cfaa
plea agreement
his lawyer must’ve sold him that one, signed sealed and delivered before the federal ruling recently you think?
@SpaceLifeForm
Maybe I am misunderstanding what Clive is trying to do.
The odd thing about the method he describes is that, having 16-bit registers, it uses only 8 bits per iteration while it could use up to 15. To me it looks like somehting from ancient 8-bit microprocessors that didn’t have fast shift instructions.
Clive Robinson • June 13, 2021 5:19 AM
@ Weather,
As I said assembler is generally straight forward and if I was only dealing with one CPU architecture and a sensible optimising compiler that you can use in-line ASM macros in it would for both speed and efficiency be the way to do it…
But when talking 1byte and 2byte ints CPU architecture, there is one “truck-load” of CPU architectures which whilst the all do an add with carry and the bottom of the loop test is more or less,
Compare LoopCNT with MaxSize
(though there was the compare-branch in one RISC design which always struck me as odd).
What happens next is where the “fun” happens… Some CPUs might or might not change the “carry flag” on a compare as the CMP is actually a SUB (sometimes “one’s complement”)… so you have that little prob to deal with, but if you are lucky you just get the Zero flag set for equal thus the simple,
Branch if not zero LoopTop
Or on CPU’s that use “skip”,
Skip if zero
Jump LoopTop
But weirder ones where you can only branch or branch on zero and both only backwards, and all jumps are forwards forcing Do-Until loop bottom testing unless you like complex constructs,
01 Jump 03
02 jump 25
03 CMP R1 with R2
04 Branch zero 02
.
. Loop block
.
24 Branch 03
25 …
Some even futz with the carry flag on the negative branch… (thankfully these are now rarer than “hen’s teeth”).
So doing things in a C compiler starts making a whole load of sense not just for code reuse but the average coder’s sanity.
But… the compiler will often be some dialect of K&R not ANSI / ISO, thus “native CPU ints” of “unsigned”. As “sign bits” are a “whole different ball of wax&resin” to chew on, if the CPU even supports them in hardware…
Which when you think about it, it realy need not as they are just a programmer convenience “artifact” bought at the expense of CPU instruction time[1]…
[1] That’s why some early generation programmers like those writing Reg Transfer Logic (RTL) or the Microcode that sat on RTL, realy did look “Einstein hair-do mad”, with optional inch and a half wide “good old boy suspenders/braces” as well as two inch wide belt, both of which you could easily tow a truck with… Oh and the all important waist coat / vest to show they were “thinkers not doers” The colour of which denoted “status”[2] much like martial arts belts do these days, but being based on “gown colours” with black being the starting or default with white being the top 😉
And before you ask yes I have my own waist coats but as with our hosts @Bruce’s shirts, mine are not plain (and I don’t button them, unless I don’t want to be disturbed like “Office Door Policy”). Oh and there is the European “Shirt sleve” policy. Professional’s do not roll their sleves up also collars and cuffs should be white for those who are “desk” managment fastener with links for those who have personal assistants / number 2’s. Sleeves are only ever rolled up when “examining or operating” something much as with medical practitioners. Thankfully “belt and braces” have morecor less faded out these days, but there dress signals still apply. What many in the US call “The IBM look” is actually “off duty” informal for “officers”, business suits for “formal” or “duty of base”. With the On-Duty “dresses” being No 1 – ceramonial/parade, No 2 – formal, and then these days just “working dress” on base or in public sometimes called “soft top” due to head covering not being a peaked cap. Oh and then “field” or various levels of “battle dress”.
[1] The “waist coat” or “Vest” tradition is perhaps best known at NASA where Gene Kranz used to get a new white one made by his wife for each mission.
Curious • June 13, 2021 6:50 AM
I wonder if you could inverse the sum of all prime numbers, such that, in the inverse form, you ended up with simply integer numbers again. In that case P*Q could be as simple as 4+9=13 in some inverse way I imagine.
Clive Robinson • June 13, 2021 7:02 AM
@ ALL interested,
Yes I have to write code for “odd machines” which range widely in capability…
Some where CPU might actually be “Custom FPGA State Machine” for getting a 5-100 times speed up over traditional Consumer Off The Shelf(COTS) CPU’s you find in PC’s, Smart Devices and IoT and the myriad of “rack servers”.
But I also still have to do stuff with “the cheapest of cheapest” used in “instrument heads” which can be 8 or even 4bit microcontrolers used in the likes of Industrial Control System(ICS) sensors or two-wire “control pannels” (think a switch or shaft encoder with bit banged RS232 output). Or what some now call “Dumb meters” for utilities providers and even “medical electronics” and “robotics”.
The expression “Full Spectrum” realy does not cover it, like “Full Stack” stops a long way short of the depths I dive into.
The problem is, people are finally waking upto the fact that even instrument heads and two-wire interfaces need to be secure these days, as you have not a clue what some twat will do between sensor and operator control desk to shave a few cents of “operations costs”.
Well even low grade security these days means what was not so long ago “munitions grade crypto” restricted by international agreement[1] being the minimum requirment.
With such crypto comes the need for “multi-precision” integers be they for just logical operations or arithmetic operations. Which means you have to build the equivalent of upto a 512bit ALU. Or software equivalent.
You would be surprised at just how many “microcontrolers” do not have “Wallace Tree multipliers” or “Barrel Shifters” that do things in minimal clock cycle counts.
Also the clock cycles to save power are in the “less than 100MHz” range not the “greater than 1000MHz” range your PC or Smart Device uses where burning 10-50Watts of power in an “idle loop” waiting for user input is taken for granted… Some microcontrolers draw picoamps (10e-9) in standby waiting for a wakeup interupt from what might be femtoamp output sensors (think differential moving plate capacitor instead of a moving contact switch).
Adding inefficient code be it in cycles or RAM is a non starter.
Adding machine code is likewise a non starter.
Like @MarkH I do multi precision add without worrying about “overflow” thus you do,
W = U + V + C
Where the only issue is C moves the goal posys left and up one.
Think of a two bit add of U+V,
-00 -01 -10 -11
-01 -10 -11 +00
-10 -11 +00 +01
-11 +00 +01 +10
Where “-” is no carry and “+” is overflow or carry which you do not need to see it just helps explain.
Which is the same as with no carry in thus C=0
With carry in the table is
-01 -10 -11 +00
-10 -11 +00 +01
-11 +00 +01 +10
+00 +01 +10 +11
Thus you have to take care how you decide how you set the carry out because the result can equal not be less than the lowest value of U or V
That is,
W = U + V + C
00 = 00 + 11 + 01
As “code is sequential” this is just a matter of testing C before you test U and V agsinst W thrn set C appropriately.
But the “standard refrences” programers would reach for if implementing multi-precision for crypto, such as Knuth or Menezes et all, don’t show this. And the stand alone multi-precision libraries I’ve looked at don’t either…
I get the feeling they fall into the MAD primitive thinking.
That is rather than have seperate MUL and ADD primatives you think of “Multiply then Add”(MAD) as an atomic primative as this is a universal primative for all polynomial based (ie radix) arithmetic including matrix maths.
[1] Here’s a document from the end of the last Century about the imolications of the Wassenaar Agreement,
https://www.cyber-rights.org/crypto/wassenaar.htm
Where even putting a “Linear Feedback Shift Register”(LFSR) in a product was viewed with deep suspicion and often significant bit length restrictions (16 bit for checksums and error detection / correction codes being about all that would get the nod).
It’s realy not much better even today, there are hoops, loops, rings of fire, and other “dog show” style impediments put in the way. One such being “Electronic Code Book”(ECB) being “suggested” in a way that says “do you think yer big enough?”.
Curious • June 13, 2021 7:40 AM
Re. the notion of an “infinite” amount of prime numbers:
One might at first be tempted to think of “an infinity” to actually be ‘infinite’, but this is obviously wrong. Because, instead of “an infinitely large range of numbers” as having ‘meaning’ by itself as a ‘metric’, if one take into account a notion how you can even conceptualize a metric as being meaningful, this relation is obviously indicative of a multi-dimensional aspect of something symmetric.
Thus, in acknowledging that one metric is related to another metric, then this very relationship is this inverse relationship that explains the meaning of the two dimensions, so you end up with at least three dimensions to account for, not just two.
It seems to me that, just like with thinking with “logic” (anything language based), also in mathematics, the contrasting effect of the very meaning attributed to numbers and metrics, would have to be symmetry breaking at the foundation of that type of relation, because of mixing one infinite and symmetric metric in one dimension with another infinite and symmetric metric in another dimension.
Thus a word like ‘dimension’ is both, something specific and concrete, but also ‘metaphorical’. This type of metaphor I think, hides its inverse relation between things, as if, any relation, could be understood in some infinite number of ways.
One could imagine any one dimension, or the definition of any one dimension, as having symmetry; such that, ‘symmetry breaking’ would rely on relating to one dimension with another, and then you would require another dimension again to relate to the very relationship, thus the ‘relationship’ between two dimensions (metrics) becomes an inverse of each other. This ‘inverse’ relationship, alone as a separate dimension, would foremost be thought of as ‘linear’ I imagine, but ‘inverse’ when accounting for other dimensions.
Finally, in acknowledging that ‘time’ is but a metric, and understanding that ‘time’ is NOT a dimension (because, time, cannot be understood by time alone), relating to ‘time’ as something self similar, just wouldn’t be possible in the first place. Instead, by acknowledging that ‘time’ is a symmetric metric, perhaps one would find that prime numbers are indicative of a ONE infinitely large one-way-function serie of numbers, ultimately relating to ‘time’.
Weather • June 13, 2021 7:52 AM
@clive
Unsigned char v=0x41,v1=0xff
Into v2,v3
V3=V2 = v+v1
V=v&1
V1=v1&1
V2=v2^1
V3=v2|v
V3=v2|v1
Maybe something like that, markh idea about comparing if less than is good.
Curious • June 13, 2021 7:53 AM
To add to what I wrote:
If multiplying two integer numbers that was added from +1’s just before (even more integers), and seeing how two integers on a curve is the same as addition with a function leading to a third integer, perhaps it can’t be a surprise if an inverse relationship between numbers is just something obviously linear in ways.
Having said that, I still don’t quite know how ECC works.
Fake • June 13, 2021 8:17 AM
@Curious,
The way i understand ECC is…
How many different round trips can be taken between your house and the three nearest Walmarts?
Pick a point along one of those such routes and memorize it, the more accurate the geolocation of this analogy the harder your path would be to duplicate/retrace.
@All,
Google has cheapened their keyboard, please if I’m wrong correct me.
Tatütata • June 13, 2021 9:54 AM
Clive,
If I understand correctly, you are implementing some sort of BIGNUM arithmetic on toaster chips (6502, MCS-48, PIC, and suchlike).
Are you dabbling in exotic methods including transform based approaches (FFT, etc.), CORDIC (useful in trig computations), Toom-Cook, Karatsuba, etc., or do you stick with “grade school” long multiplication?
MarkH • June 13, 2021 10:17 AM
@Clive, who wrote:
“you test U and V against W then set C appropriately”
As I wrote above, a single test is sufficient. It doesn’t matter whether it’s U or V. [In the following, all word values are interpreted as unsigned.]
Suppose that the word is L bits wide, and define M = 2^L. Word addition effectively includes reduction modulo M.
In each word addition
U < M and V < M
If summing U + V generates a carry then
U + V ≥ M
If W is the word result (modulo M), then in the carry-out case
W = U + V − M
To prove that W is smaller than both addends, assume the contrary:
W ≥ U
By substitution,
U + V − M ≥ U
V − M ≥ 0
V ≥ M … which is impossible.
Therefore, the assumption that W ≥ U must be false: if the word addition generated a carry, then W < U.
This argument is symmetric between U and V, applying likewise to both.
Pick one of U and V arbitrarily; testing it against W will determine whether the word addition generated a carry.
Fake • June 13, 2021 10:27 AM
likely whatever the reference platform allows,
hence the timing/usage requirements.
i think he was issuing more of a challenge for some of the woodworkers around here
my jnb usage is an unpublished? size optimization for cstrlen wrt https://mattst88.com/programming/AssemblyProgrammersJournal/issue/3/
not the original host, good information circa early 2000 cstdlib analyzed and reimplemented in ia32.
nasm’s macro facilities are powerful enough one can emit a whole dynamic executable without the need for a linker for linux/windows/bsd and likely others
trust me 😉
personally, i prefer modifying the .s output of cc to look like it was emitted from a different compiler family and then piping it back through gas for immediate linkage
license requirements frustrate me, thankfully CFAA EULAgy disagreements no longer amount to prison time.
sue me.
Clive Robinson • June 13, 2021 2:45 PM
@ Weather, All interested,
First you need to understand a little fact that an optomising compiler should know if you make “C” local in scope to the loop block…
W = U + V + C
Is not equivalent to
W = V + C
W = U + W
Or any other combination using two adds.
This is because the compiler would recognise that C can only be 0 or 1 thus a single add of U + V with the assembler code starting with “add with carry”(ADC) not ADD would add C in at the least significant bit, so in assembler the C compiler would set the real CPU carry flag as appropriate.
Why would it do this, well in a standard ALU Logic operations are “bit wide” and done in parallel, but Arithmetic operations are “bus wide” thus carry has to propagate across however many bits wide the bus is, thus 64bit adds are slow compared to 64bit clears, complements etc.
One thing you find a lot of students misunderstanding is that a SUB is actually a “two’s Complement ADD” but importantly with only one ADD not the two adds implied by,
R1 = U
R2 = V
R1 SUB R2 :
R2 = R2 XOR 11…11
R2 = R2 + 1
R2 = R2 + R1
W = R2
Smart compilers look out for such savings because INC (++) and DEC (–) are actually not ADD 1 or SUB 1 due to tricks you can pull with Fast Look Ahead Carry generation (no I’m not going to go through it, it’s way to laborious). Also CLR R1 and XOR R1, R1 are the same microcode using just the XOR bit wide logic instruction that is built in of a “full adder” (look up the design of the logic in a 4bit “bit slice” ALU like the 74181 TTL ALU chip[1].
Mad as it might sound the design of wide adders is not a done deal, thus is still an area of active research.
But getting back to the loop block
i = 0
X = Array size
C = 0
LopTop
. M = MAX Of (U[i],V[i])
. W[i]=U[i] + V[i] + C
. If C==1 and (W greater than M)
.. C=0
. If C==0 and (W less than M)
.. C=1
. INC i
. If i is less than X
.. Then branch to : LoopTop
If you check the tables you will find that “droping through” from the If C==1… That clears C into the If C==0… Does no harm to the results. But you do get some flexibility if the CPU does “odd” branching.
SpaceLifeForm • June 13, 2021 3:08 PM
@ Clive
I’m sure you are familiar with this, but if not, hope it can help.
Weather • June 13, 2021 5:15 PM
@clive all its a given
V = ff, v1= 41
V2 = v&00000111b
V3 = v1&11111110b
V4 = v&11111110b
V5 = v1&00000111b
V6 = v2^11111111b
V6=v6^v3
V6=v6^v4
V6=v6^11111111b
V6=v6^v5
Carry=v6
Clive Robinson • June 13, 2021 5:19 PM
@ Tatütata,
… or do you stick with “grade school” long multiplication?
There are a lot of time/memory trade offs with “multiplication” most do not realise that bit-by-bit multiplication generates “no carries” and is in fact the AND function. Thus can be made very fast if you have the memory.
But even when not, multi-precision does not gain anything using FFT multiplies untill you kind of clear the 1024bit mark, so certain security algorithms do not gain on random multiplication. However you can pre-compute oft used numbers so the FFT method suddenly does start offering advantages.
With regards,
If I understand correctly, you are implementing some sort of BIGNUM arithmetic on toaster chips
Not “toaster chips” if it can be avoided because they realy do lack memory to play with…
But remember a PIC32 chip that costs aboit 1USD has had BSD Unix 2 put on it and hooked up to four terminals… A Micro-Vax that could do that in the day would be about $1,000,000 equivalent in todays money…
The issue is not the cost of the actual chip but putting it in a package which defines the bottom of the “cost curve”.
Apparently the Raspberry Pi fondation has come out with a new very low cost small in size PCB for around $4 which makes it a rather interesting little product about the size of a 40pin DIP chip.
I can not obtain the parts for that price let alone build and test…
The Pico is one of the things on both my “shopping” and “to do” lists of products to play with for putting into other products like Broadcast Transmitters and other equipment where I’ve previously designed in PIC micro controlers.
Whilst 8bit micros will trundel on for a few years to come in low end consumer “white goods” etc their tipping point onto the death slide happened some years back, there are in fact “clothes irons” with 32bit SoC chips in them just doing thermostat control. But in some areas such as Smart Meters and Medical implant electronics, 8bit will remain current for quite some time due to “certification costs”.
It’s these areas where extra security in software can be “bolted on” at much lower cost. So yes whilst not officially “toaster chips” any longer they are still “Pacemaker chips” and “Utility Meter chips”…
As for Robot and ICS sensors, these can use realy weird “grain of rice chips” in sub miniture 4, 6, and 8pin surface mount or ball grid array chips of similar footprint. Some of these can do interesting DSP as well as Secure Comms… And when PCB mounted can be soldered directly to the back of the physical sensor they are that small.
echo • June 13, 2021 6:29 PM
When they’re ignored, hypocritical agents lose opportunities to receive donations, and their strategies also have less chance of being copied by others and carried forward to the next generation. This disadvantages hypocrites meaning that being fused becomes aligned with stronger levels of payoff, making fusion an attractive strategy to pursue.
Interestingly, it appears not all of the fused population need to behave in this way. It’s enough for only the most fused agents to act like this for identity fusion to take hold. This further helps the concept to be established.
Humans are instinctively sensitive in detecting, internalising and responding to hypocrites. Our results indicate this remarkable capacity could have a role to play in sustaining strongly held identities.
I had some other topics from terrorism to discrimination to varying forms of abuse lined up to fit around this but as they are all involved and require expertise to discuss and can be contentious if not phrased in the right way thought I’d leave it at this.
In other news I had my second AZ vaccine last week. The only symptom was a sore arm which has lingered. All the usual anti-vaxxers and malcontents on social media are waving their bogus cures and protesting at continuing restrictions. This is the one thing I hate about social media – the never ending supply of idiots and against the background of the Brexit and similar idiocy it gets a bit much.
As for the failure of G7 that’s on Johnson.
Clive Robinson • June 13, 2021 6:33 PM
@ Fake,
i think he was issuing more of a challenge for some of the woodworkers around here
No I could do that with One’s Complement arithmetic and it’s two zeros.
What I had noticed was that atleast two Pen Source multi-precision or very long integer libraries dod the same inefficient addition.
Then checking “standard refrences” from Knuth (Art of computer programing) and Menezes et al (Handbook of applied cryptography) I discovered they also used the same inefficient addition.
And I was puzzeled as to why, as I’ve shown above as had @MarkH it’s not that dificult to reason out in both the non carry case and carry case.
So when @SpaceLifeForm put up the latest Intel CPU “go faster stripe” disaster involving “normalisation” of floating point arithmetic. It just jogged me to ask if others had seen the problem and or worked out the solution. That’s all.
@ SpaceLifeForm,
I’m sure you are familiar with this
LibTom is one of the ones I looked a while ago that was doing the ADD this “odd” way. Not looked recently, I might go and look again.
@ FA,
The odd thing about the method he describes is that, having 16-bit registers, it uses only 8 bits per iteration while it could use up to 15.
Look again, whilst the implementations I’ve mentioned use only 8 of 16 bits, the version I use uses the full 16bits.
That is you realy do not need the Carry to be created/stored that way.
Clive Robinson • June 13, 2021 7:00 PM
@ SpaceLifeForm,
From s_mp_add.c
/* zero the carry */
u = 0;
for (i = 0; i dp[i] = a->dp[i] + b->dp[i] + u;
/* U = carry bit of T[i] */
u = c->dp[i] >> (mp_digit)MP_DIGIT_BIT;
/* take away carry bit from T[i] */
c->dp[i] &= MP_MASK;
}
Looks like it’s still using an overflow bit that gets shifted down by MP_DIGIT_BIT into an int for holding the carry ‘u’. Then a mask ‘MP_MASK’ to remove the overflow from the number.
Weather • June 13, 2021 7:20 PM
@slf
The input was <[%#pLABT1046djker!'?pqn72CV
With no loop of output to input
23/28 found 154/255 group
With one loop
16/28 found 164/255
I'm trying 5 loops and see if it keeps dropping.
MarkH • June 13, 2021 7:52 PM
Re:multiplication
I don’t know the derivation, but the old Python multi-precision module I looked at doesn’t use Karatsuba multiplication unless one factor is at least 1021 bits in size (if I read the code correctly).
One way to choose such a threshold is by running trials … but the speed crossover point will surely vary as a function of instruction set, compiler selection and optimization settings.
An FFT library I examined does a whole series of trials when it is first invoked, to determine empirically which of several code variants runs fastest.
name.wtihheld.for.obvious.reasons • June 13, 2021 10:43 PM
In the so called leak investigation of congressional members of congress, the reports say subpoenas were issued to Apple from the DOJ. Obviously Apple isn’t a service provider, so it reasons that the DOJ was after the content on their devices.
The Real JG4 • June 13, 2021 11:26 PM
I was entertained to see the recent quote from my 2016 comments, even though the continuing vandalism is sad. I was inspired to read the original post and found it to be generally well written. I’m not sure that I can write that well now.
It also reminded me of another long ago post (“mashup”) that I referenced in January. I’m sorry to say that I can’t find the original post, but my best recollection is that it includes “Empire is a machine with eyes about a foot across.” Apparently it has five of them.
Amazon is a machine, with gears made of sand and rust, lubricated with government subsides, driven by ambition, money and insatiable consumerism, that crushes employees, partners and competitors alike, to make monopoly and pollution.
nakedcapitalism.com/2021/06/links-6-11-2021.html
…
Big Brother IS Watching You Watch
How I Lost Control Over My Own Face Der Spiegel
TikTok changed the shape of some people’s faces without asking MIT Technology Review
…
Clive Robinson • June 14, 2021 2:08 AM
@ MarkH,
RE Multiplication:
One way to choose such a threshold is by running trials … but the speed crossover point will surely vary as a function of instruction set, compiler selection and optimization settings.
Your two points of “trials” and “variation” are to be expected.
But… The trials have not just “overhead” at initialisation but also large “resources” to test with.
It also has the disadvantage that it optimizes arithmetic over some other function that might make code more “effective” over all.
So “trials” carry the obvious Initialisation delay and the less obvious resource overhead. But you can get into a “Catch 22” problem.
In more powerfull less resource limited systems this is less of an issue and can give real advantages. But as resource limitations bite ot does become a problem.
That said if you are writing a commercial library then you want sales and good specmanship is going to give you extra sales. So yes it’s kind of expected in closed source, but has the down side that it makes an Open Source project “more opaque” to users and learners.
From years of being bitten in “small systems” / “embedded systems” I’m somewhat leary of “early optomisation” as it has the habit of acting like a tipping point on all that follows and whilst that can be good, the general probability is it is not.
So it boils down to the old,
“It’s horses for courses”
Issue, thourough breds may be fast on the flat but can’t jump so don’t do well in steeplechase. Where as…
Weather • June 14, 2021 2:20 AM
@winter
Like magneto cool, have they got one for storm?
Clive Robinson • June 14, 2021 2:44 AM
@ Winter, Weather, ALL,
It’s proven that shiny cutlery sticks to people
But… It ain’t magnatism, because it works even better with plastic cutlery than metal…
Basically it’s a form of suction.
Some here will have experienced the shere force required to pull apart two sheets of glass where just a few drops of water has got between them…
Well your skin has thousands of very small holes that emit from the sebatious glands a liquid that becomes greasy…
It’s this with the shiny surface that causes the cutlery to stick…
As a kid around seven or eight in the school dining area we used to hang spoons off of our noses to then see if we could eat the main meal without it dropping off… Some could do it others could not sometimes the winner got the loosers “Spotted Dick and Custard”[1] as the prize.
[1] It’s a “steamed puding” made with flour, suet, sugar, and drided fruit like raisins made into a dough rolled into thick sausages encased in floured steaming cloths and cooked for several hours. With a good custard it is like nectar to children who burn calories running around the playground and in other ways dehaving like the crazed lunatics they are in many adults eyes but we still love ours even though those others are a bad influance especially “That Spottywode child!” 😉
Clive Robinson • June 14, 2021 3:17 AM
@ SpaceLifeForm, ALL,
The code I cut-n-pasted from s_mp_add.c in TomsMath code is “deficient” in certain characters…
Becsuse the “smiley filter” on this blog “silently swallows them”…
[que grinding of teeth noises off stage left]
So look up the original code on git hub.
But the point remains it generates a “carry” by wasting memory thus CPU cycles that it does not need to do.
Whilst on PC’s most don’t care about memory usage inefficiency, they do care about what they get for CPU cycles so the question still remains,
“Why use a method that requires twice the number of turns around the inner loop?”
Especially when you consider the hidden “pointer arithmetic”[1] that accessing large arrays can have with some compilers.
[1] Pointer arithmetic in C is “done out of sight” and it can be a real “health hazard” especially in loops. It very much depends on how good the compiler is at picking up “hints” in the source code. One solution is to do it yourself by using the sizeof operator outside of a loop to get a constant that you can then do your own simple “Add and Compare” pointer arithmetic with, rather than let the compiler throw in multiplication or other CPU cycle hungry operations. But as @MarkH notes, things are, different on different CPUs (sometimes even in the same ISA family such as the IaX86 family). So you should manually “walk through” the compiler assembly output and run tests.
Who? • June 14, 2021 7:02 AM
@ SpaceLifeForm (about the “know your firmware” issue)
I agree with you; in the last years firmware has become incredibly powerful but, at same time, incredibly convoluted. This was obviously not the goal but a consequence of our lack of understanding about how a computer should work.
Right now there are few options; running an old, mid nineties, computer seems a good approach. But these computers are difficult to get and, usually, very expensive collectible items.
Another choice would be buying open source hardware, or at least mostly open source hardware, with a simple and auditable firmware and useless features like vPro and Intel ME disabled at factory. The best choice would be a small machine that supports coreboot with a simple payload (a classical BIOS payload like seabios would be preferred to a UEFI one, except in those cases in which a hardware root of trust can be implemented only on UEFI).
I guess a combination of open hardware/firmware on the boundaries of the network and strict integrity measurement and monitoring for the internal systems looks like a reasonable approach to me.
We are moving to a zero trust network model. I would say there is room for those “enhanced firmware” computers yet, but we must treat them as untrusted, just as we do to the rest of the hardware.
Thanks for the link to tcsltesting.blogspot.com, it is a good summary of our current status.
My advice would be, whatever you do, try to close the firmware as much as possible. A good starting point would be NSA’s cybersecurity technical report on secure boot customization. This advice applies to legacy BIOS too; some systems, let us say old ThinkCentre desktops, have remote flashing capability enabled by default for their BIOSes, so even pre-UEFI systems may be vulnerable.
Clive Robinson • June 14, 2021 8:02 AM
@ Fake, ALL,
With regards The Grugq, whilst he does get somethings right, he sure makes some howlers…
This one made me laugh like you would not believe,
https://gru.gq/2019/11/02/security-thinking-ruined-secure-messengers/
The first few paragraphs are a compleat nonsense,
“Secure instant messengers are a miracle of the modern age… …Modern mobile phones are the safest and most secure computers available, anyone can get one.”
Sorry but as I’vr said repeatedly and explained why that’s a “truck-load of bull crap”.
Anyone buying into that thinking is doomed from the start.
The only correct thing in there is the rather astute Charlie Stross observation
“Telephones connect places, mobile phones connect people.”
But even that kind of misses the meta-data issue of the age old “follow the money” which along with other physical resources can “track back” if care is not taken.
That said though The Grugq’s further points have some validity appart from,
”
1 – Ephemeral messaging”
Which unfortunately is based on an invalid assumption, even though for ordinary crypto and secure apps is all to true.
Thus,
“Firstly, once a message has left your control you no control over that menage anymore. That is very literally the first principle of communications.”
Is actually NOT TRUE.
To understand this you have to understand how “Perfect Secrecy” based on “True Random” can give you not just “plausable deniability” but “actual deniability”[1].
When you do and you follow the rules correctly, it’s game over for Second Party betrayer as their alleged evidence only convicts them not the first party…
Thus the notion of “Arms Length Anonymous Managment Of Sources”(ALAMOS). That is it has full message content deniability and if used correctly the message can be broadcast as plaintext over as wide an area as you want.
An early version of this idea was the code phrases broadcast by the BBC to all German occupoedvor influanced areas prefaced with “Now some messages for our friends”. The actuall phrase was selected randomly as a “code word” the person who had the code book with it in could look it up and read what the actual message ment.
Much in plaintext carries redundancy that can be exploited. For instance the set of phrases,
{Dear Sir, How Are You, I hope this finds you well, Hi, Wotcha, Hello, …}
Are all replacments for each other if you have eight of them then you can obliviously send three bits of information in plaintext in plain sight. If you use an OTP to change the actual three bits to what can not be told appart from truely random then, there is no correlation possible.
Obviously you can expand this. To as many bits as you want with phrases that have random content such as,
“We should meet up for XXX”
Where XXX is from a set like,
{tea, coffee, meal, drink, beer, lunch, breakfast, supper}
The real trick is to get the Second Party to generate the OTP written in their own handwriting and send it to you… If they are even half smart they will know that the evidence will only point to them and them alone… Thus betrayal is fairly pointless.
But the real take away for everyone is to know that Politicians and Law Enforcment has already lost the “golden front/back door” arguments, and they can not win[2] them ever. Thus they can be questioned closely on what their real motives are (setting up a “Police State” etc?).
[1] I’ve explained this in the past and how you can use it to various levels. But to start thinking in the right mindset remember that the security of a One Time Pad, is not that the original message can not be recovered it can, but “That all plainrext messages of the same or lesser length as the ciphertext are equiprobable”. Thus even though you are seen sending a message the true message is only recoverable by having a copy of the “true random” keystream. Thus even if the second party beytays the first party all they can show is they have a ciphertext and an unverifiable key stream that is easily arguable they created themselves for their own reasons… To make it even more deniable you actually send innocent plaintext messages and use an interesting form of covert channel within them call an “oblivious channel”[2].
[2] An oblivious channel is one with a proofvof “Perfect Security” in the same way an OTP has. You can look it up on Wikipedia and the like, but it was made public back in 1984 by Gustavius Simmons. He described it by posing the “Prisoners problem” that is a highly constrained communications environment. The important point to note is that exploits “randomness” that is inherant in an othereise structured format. Thus you simply use the OTP principle to hide the communications securely in the plaintext message. The important point for the First Party is never to “act on the secure message” they send to others, otherwise that provides circumstantial or better corroboration if the Second Parties betrays the First Party. Instead the First Party should act on the visable “Open plaintext message” as though it’s valid and fully above board, thus providing corroberation that what the open message is actually valid.
echo • June 14, 2021 8:32 AM
The real story of how Enigma was broken – Sir Dermot Turing
https://www.youtube.com/watch?v=qn_BBQEjCxI
This is a new video. Most people will be aware of the details but it’s a good listen and a way to spend an hour.
@Clive
[1] That’s why some early generation programmers like those writing Reg Transfer Logic (RTL) or the Microcode that sat on RTL, realy did look “Einstein hair-do mad”, with optional inch and a half wide “good old boy suspenders/braces” as well as two inch wide belt, both of which you could easily tow a truck with… Oh and the all important waist coat / vest to show they were “thinkers not doers” The colour of which denoted “status”[2] much like martial arts belts do these days, but being based on “gown colours” with black being the starting or default with white being the top 😉
And before you ask yes I have my own waist coats but as with our hosts @Bruce’s shirts, mine are not plain (and I don’t button them, unless I don’t want to be disturbed like “Office Door Policy”). Oh and there is the European “Shirt sleve” policy. Professional’s do not roll their sleves up also collars and cuffs should be white for those who are “desk” managment fastener with links for those who have personal assistants / number 2’s. Sleeves are only ever rolled up when “examining or operating” something much as with medical practitioners. Thankfully “belt and braces” have morecor less faded out these days, but there dress signals still apply. What many in the US call “The IBM look” is actually “off duty” informal for “officers”, business suits for “formal” or “duty of base”. With the On-Duty “dresses” being No 1 – ceramonial/parade, No 2 – formal, and then these days just “working dress” on base or in public sometimes called “soft top” due to head covering not being a peaked cap. Oh and then “field” or various levels of “battle dress”.
[1] The “waist coat” or “Vest” tradition is perhaps best known at NASA where Gene Kranz used to get a new white one made by his wife for each mission.
There are a lot of “male by default” assumptions in this (which is rather typical for Clive) as well as social and cultural and hierarchial assumptions. It’s a nice little narrative and persusive patter but does need some unwinding. Cad shirts? Really?
There’s a lot already written about heirarchies and displays of status. The one often missed is “hazing” which traditionally occurs in the medical profession, military, and trades and even within academia and the legal profession among others, This can vary between outright abuse to rote learned donkey work and being the gopher. It’s all very neatly wrapped up as a self-reinforcing and self-referential system. This is partly why sexism and ageism and perhaps even ableism and class differentials are persistently rife.
Security can be a broad topic and overlap with many different specialities many which don’t normally advertise themselves as security. I personally tend more towards the European definition of security as enshrined in the EU treaties more than the narrow technical usually culturally American view of security which itself tends to overshadow even social engineering. Imagine a see-saw with a ten ton weight on one end and me jumping up and down on the other and this is approximately how it feels when discussing this topic.
The weather is nice and I’m in light summer dress mode. I sometimes wear a matching lightweight jacket to keep the sun off my arms. That reminds me I need to buy a parasol. An umbrella will do at a pinch. I have a small one I usually carry in my bag in case of April showers but a micro-umbrella might do as well during the summer as it’s less windy and less likely to be damaged. I also plan my walks so I’m on the shady side of the road for most of the journey if I have to go out which also reminds me I need a wide brimmed summer hat. I don’t always carry them but depending on whether I am using bag number one or bag number two have emergency rain coats and folding carrying bags of varying grades of weight and compactness as well as a pair of lightweight folding galoshes. I have a posh folding fan which is very nice and provides pleasant relief when resting after activity.
Meanwhile all the men will be charging about looking like boiled lobsters. You bunch really need to have a summer wardrobe too. Lightweight jackets and suits and, yes, even braces as they let air flow. And please for God’s sake don’t pick the first one you find on the rack. Check the fit or buy made to measure if you cannot afford Saville Row. They are surprisingly affordable and last for years if you buy quality. Look to Europe for sartorial inspiration. Some parts are more used to the sun unlike the UK and you don’t want to look like a sloppy American wearing cargo pants. If you want to be hands free and need to carry things buy a satchel or for more formal use an attache case with a shoulder strap.
Clive Robinson • June 14, 2021 9:11 AM
@ Who?, SpaceLifeForm, ALL,
in the last years firmware has become incredibly powerful but, at same time, incredibly convoluted
Various members ofvthis blog raised concerns over all asspects of Firmware in Flash years ago.
Oh and Pre-2007 hardware, you are looking nearly a decade to late, it was untrustworth by 2007.
As you note “old hardware” is becoming like solid gold hens teeth, just something you hear talked about and never see for real. Nor could you tell it had not had it’s ROMs pulled and reprogramed before you acquire it…
Thus the question of,
“If you can not verify how can you trust?”
There are solutions to this and they can be found described on this blog in various places.
But the first step is to realise that you can work with hardware that will betray you, just as you can work with systems that have low reliability in a high availability environment.
That is use three entirely seperate and unrelated hardware systems to do the same task then compare the three outputs. If they are all the same then the probability is up at near 90% you’ve not been betrayed.
Thus you can improve that by running “check work” where you know what the answer is thus can tell if the system has “switch states”. This then means that hardware in the betraying state will be detected. Which forces the attacker to only betray once in a while. With three systems the probability that all three will only betray when you are not running “check work” can be made arbitrarily small.
Hence “Probabalistic Security”.
Conceptually or in theory it’s easy to understand. However in practice it needs considerable care to get right but it can be done.
The next problem is segregating your nearly trustable system from external influance…
This is easiest if the system is only a generator, that is it has no input other than the initial seed and it just sits their generating output.
However even getting data out is problematic, as the data rate incresses the need ti check for errors etc rises. Thus any error mechanisum that is not “Forward Error Correcting” only is going to have a “back channel” input that can be exploited by an attacker.
I could go on bit I suspect you get the jist of the complexity of the problem.
Oh and any input back channel or otherwise can contain an “oblivious” transfer subliminal covert channel (see my above post).
Each of issues that arises will have ways that they can be eliminated partially or fully, but only if you can recognise the possability of their existance…
Which gets out of the “Known, Knowns” (white swans) territory to the “Unknown, Knowns” (black swans) or “Unknown Unknowns” (platupus) territories.
echo • June 14, 2021 10:22 AM
But the first step is to realise that you can work with hardware that will betray you, just as you can work with systems that have low reliability in a high availability environment.
My Swiss cheese security model is as good as it needs to be given the social and technical threats and people I need to work with almost all whether aggressor or none aggressor have next to no clue about technology let alone security and even if they do are almost always not persuadable.
I note instead of discussing well documented tetchnical issues on hierarchies and power and alternative starting points on security as documented by various treaties and protocols and manuals Clive has began snarling and hissing and spitting. Why? Because I have knocked the “certified professional” out of his field of expertise and out from behind his desk onto unfamiliar territory. Advantage, moi.
Apparently I’m being silly. But like I say I got a chief constable fired and with another force, the Met, had them issue a page full of grovelling in the newspapers so maybe not so silly after all. Hows that? Somebody forgot they were leaving traces on IT systems and somebody forgot that their institutional fortress leaked data. You’d think they wouldn’t do that twice but yes they did try it on and they also tried to secure that leak then got caught again. So how did that happen? Women get in everywhere and don’t play by the supposed “rules” and blab and won’t shut up about it.
Putin called Pussy Riot silly. How’s that going Vlad?
That reminds me. There is a rule in the Russian constitution which basically says that people are not bound by unpublished law. Most people don’t realise law is quite a broad definition from higher law to lower law, statute and in common law jurisdictions (which Russia is) case law, as well as soft law like policies and guidelines and instititional practices. There’s law and law in practice which is often not lawful but what they can get away with. And that’s where legally Vlad may come unstuck.
Being silly is a security strategy. Nobody takes you seriously but where abuses occur in one form they usually leave a trail of breadcrumbs to something else and something else then GOTCHA.
Oh noes they may spy on me and my phone recording everything! I was even recording a cop breaking safeguarding rules who then assaulted me (you could hear me being slammed into a wall) and picked the phone up and handed it back to me. Because silly.
Technology can be useful to a point but I feel it’s a bit of a red herring.
echo • June 14, 2021 10:44 AM
https://www.trendsmap.com/twitter/tweet/1404329351211016192
Deona Marie.
She positioned her vehicle in a way that would protect other protestors in case anyone would attempt to ram into them. Unfortunately, she was struck by her vehicle when someone did that very thing. She saved lives in Uptown.
May she rest in peace.
#Minneapolis
A US far right extremist “lone wolf” struck in Minneapolis. But we know they are not lone wolves. They are extremists who are part of a loosely coupled terrorist network and as deadly as any Islamic terrorist locked up in Belmarsh. And they kill.
Clive Robinson • June 14, 2021 1:37 PM
@ Bruce, Moderator,
You removed my reply,
To yet another of @echo’s fallacious ad hominem attacks on me.
Not only have you left the original ad hominem, you have emboldened @echo to further fallacious attacks.
That is clear double standards by you.
Worse @echo’s attacks are very much without any merit.
I will remind you that this is the third occasion @echo has returned to this blog to mount ad hominem attacks.
The attacks are frequently directed at me without any cause or justification.
Thus if you remove my reply correcting her fallacious attack the very least you should do is also remove the unjustified ad hominem attacks as well,
Or should I just keep re-posting responses to defend myself?
SpaceLifeForm • June 14, 2021 4:06 PM
@ Clive, Moderator, Bruce
It may have went into auto-moderation.
Did you have over 2 links?
Were you cursing?
SpaceLifeForm • June 14, 2021 4:24 PM
@ Clive, ALL
The code I cut-n-pasted from s_mp_add.c in TomsMath code is “deficient” in certain characters…
Becsuse the “smiley filter” on this blog “silently swallows them”…
Yep. My in-brain Bison parser spotted that immediately. But, I do not need to read the original source code, I can fix that illegal syntax on the fly.
Maybe I am a Buffalo. 🙂
SpaceLifeForm • June 14, 2021 4:37 PM
@ Who?
Right now there are few options; running an old, mid nineties, computer seems a good approach. But these computers are difficult to get and, usually, very expensive collectible items.
I’m Rich! Who needs Bitcoin?
Another choice would be buying open source hardware, or at least mostly open source hardware, with a simple and auditable firmware
See PinePhone. AES instructions are still there in the SoC, but you should not have to use them.
In theory. But what is the GPU really doing?
Fake • June 14, 2021 5:18 PM
@SLF,
You almost made me think you were undercover Early for a second w the whole I’m rich response.
Also,
I’m surprised nobody is mentioning code subconsciously self correcting, any of us who are native in certain languages likely didn’t stumble over the minor omissions at all… All that time manipulating language w W3x Bong I am not friendly and him it should’ve been a non issue.
But, it’s covered for future generations in this case. 😁
Fake • June 14, 2021 5:22 PM
Early is an interdiction, my apologies as the proper message should’ve been Wael. Unfortunately Android and Google are sub par where trustworthy couriers are concerned.
SpaceLifeForm • June 14, 2021 5:52 PM
@ Clive, ALL
Security Theatre
This will not leak…
Sounds cool…
Sounds great…
Wait, wtf?
https://techcrunch.com/2021/06/14/google-workspace-encryption-keys/amp/
Fake • June 14, 2021 7:04 PM
“Google will let enterprises store their Google Workspace encryption keys
Zack Whittaker
@zackwhittaker / 3:00 am PDT • June 14, 2021
As ubiquitous as Google Docs has become in the last year alone, a major criticism often overlooked by the countless workplaces that use it is that it isn’t end-to-end encrypted, allowing Google — or any requesting government agency — access to a company’s files. But Google is finally addressing that key complaint with a round of updates that will let customers shield their data by storing their own encryption keys.“
I’m assuming the title should read as follows:
“Google will let enterprises store their” **own **”Google Workspace encryption keys”
BUT!
Does that mean that Google will not be storing them anymore?
Does that mean that anyone else will not be storing them anymore?
Cheers!
Clive Robinson • June 14, 2021 7:32 PM
@ SpaceLifeForm,
It posted, but Judge for yourself,
===============================
@ echo,
There are a lot of “male by default” assumptions in this (which is rather typical for Clive)
Grow up, they are a mater of historical record.
Yes most of early computers and science in general was “Male Domminated”. I’m not going to go around presenting a false narative and call it “alternative facts” or other stupidity[1].
What I have done through my career is encorage the sheding of the 1950’s notion that the hight of a woman’s abilities should be “to cook the perfect baked beans on toast for her or others children”. That nonsense comes from religion and the power and status it tried to accrue with which I have no truck with.
Instead I’ve actively promoted what we now call STEM.
So do yourself a favour cut out the snide “faux PC/SJW” nonsense, it makes any other arguments you make that might be not just valid but relavent look as trite thus get disregarded as more “faux nonsense”.
[1] As it turns out truely exceptional strong minded women did break out of the mould others including their own mothers had tried to force them into. Historians are now revising history as the facts kept hidden come to light.
Clive Robinson • June 14, 2021 7:54 PM
@ SpaceLifeForm,
Maybe I am a Buffalo.
The opportunity that afords for jokes is immense[1]…
So I shall go for the essoteric and simply say,
“Watch out for Young man with Springfield”
[1] Turns out “Buffalo buffalo buffalo” is a valid sentance as “buffalo” also means “to bully”. Worse after that you can just keep adding buffalo…
https://en.wikipedia.org/wiki/Buffalo_buffalo_Buffalo_buffalo_buffalo_buffalo_Buffalo_buffalo
echo • June 14, 2021 8:24 PM
@Clive
We’re coming from different starting points and clashing. I do have particular nitpicks about sexism and “certified professionals” and narrow specialities blinding themselves with their own science and that is really where it begins and ends. It’s easy to discuss formulas and maths and rules but with some material it’s more probablistic and covers multiple domains and it’s easy to bikeshed if you don’t know anything about them. I am good enough at what I do but if you want an expert lawyer, journalist, or academics opinion with all the working out written up I’m not the one to ask. You will find I post links when I discover articles covering what is on my mind whether it’s science of perception and reasoning, or governance structures, or from time to time something more hairy. We agree on a lot but we don’t agree on everything and I have my hardlines on some things. So do please calm down Clive.
I had actually drafted a comment on the different presentation rules and choices for women as opposed to men which drifted off into social engineering and other things more kenetic. It sounds easy but it’s actually very problematic to write about. In the end I changed my mind and wrote about summer attire and human geography and cultural points of view. Where’s the security in that? Well, I’d look a bit silly in a gas mask and boiler suit and three point harness with an HK slung on the end plus I’d probably shoot myself. For those not up to special forces levels of fitness and not under deep cover there is something to be said for attention to attire. Being cool helps avoid irritability and keeps your mind more clear. Sartorial elegance gets you into more places and obtain better service. A wider range of options allows you to make more choices to blend in so you don’t stand out as a target whether at home or abroad. There are also benefits for self-confidence and mental health and social interaction too. There is no need to be trapped by rote elarned hierarchies but at the same time no need to be a least effort slob. You can also carry a pencil and paper, or map more easily with a bag rather than one of those snoopy phones plus they are less likely to suffer from flat battery syndrome.
For Mayne, Merrily is Arzner’s most ambivalent film about marriage, right up to its uncomfortable last scene, which makes a mockery of the idea of a happy ending. “I think sometimes people are very eager to make newer films sound a lot more radical and forward-looking than they are,” says Mayne. “It’s always worth going back into Hollywood history to find what’s really going on in terms of what filmmakers did, frankly what Dorothy Arzner did, in relationship to the current conventions of Hollywood cinema.”
As for history, which Clive mentions, this article is an interesting retrospective on earlier endevours and clashes with established male by default hierarchies. I make no comment on the quality or watchability of Dorothy Arzner’s movies for a general audience. Ernst Ingmar Bergman’s arthouse movies never gripped me and he himself said he hated them but there was an audience for them. I find it an interesting take on “modernity” and the so-called “Overton window”. What I would like to read is more technical material rather than the circling around relationships almost every article on women seems to involve. You can see similar with actors and it really stands out of you compare interviews with Nicole Kidman and Al Pacino for example, or compare this article with interviews with famous male directors. This article itself contains a mention of Dorothy’s innovation on set which she made a boom mike but this is only in passing while pages and pages are written about James Cameron’s use of new technologies in Avatar.
But on to other things…
CARBIS BAY G7 SUMMIT COMMUNIQUÉ
https://www.g7uk.org/wp-content/uploads/2021/06/Carbis-Bay-G7-Summit-Communique-PDF-430KB-25-pages-3.pdf
Reform (44-47) isn’t just about macro issues or just opening doors but also perspectives and comfort zones and the multiplicity of small details which add up to this thing called “culture”. By this I don’t mean “culture wars” which is a right wing slogan used to dumb down and hoodwink people by organisations and groupings and political parties with a vertical mindset who view everyone in a dress as a tradwife with the far right only two steps behind. Much like security or games development and similar complex endevours it is a process and not just a one way street zero sum process as the dialogue includes adjustments on all sides. Some of those may be perceived as losses. Others as gains. And yes there may be as much howling and screaming and sobatage and self-sabotage on the part of women as much as men. After all what woman wants to get shot or put their arm up a drain or blow snot bubbles because her work has been savaged? Perhaps there may also be a change of tone. What hope for a low status man on the receiving end who gets no mention like bus drivers and shop workers during a pandemic?
Clive Robinson • June 14, 2021 8:56 PM
@ SpaceLifeForm, Fake,
Security Theatre, This will not leak… Sounds cool… Sounds great… Wait, wtf?
I do not do TechCrunch any more on principle –I do not agree to be data raped– thus I would encourage others not to use them.
But that asside…
Am I correct in thinking it relates to,
https://support.google.com/a/answer/10741897?hl=en
And Client Side Encryption(CSE) that has been in beta for a little while?
If you read the document, you will see that all Google are realy doingvis moving the “Key Managment” thus follow on leagle issues from them to a third party supplier…
As for “in browser” security, I simply do not trust it going back to the earliest days of “hushmail”.
Realistically the “security end point” issue I highlighted back with secure messaging apps still applies.
And let’s be honest Google is doing things to Chrome that are weakining it’s security so the answer to the question of “This will not leak…” is like that in a Christmas kiddies pantomime when the “Dame” makes a comment and you all shout back “Yes it will”.
I suspect it’s a “technical fix” to the NSL and similar Google get from the FBI fronting for other US Federal agencies and other LEAs etc that costs them real money to process via the legal dept.
Now all Google has to do is just send each agency a stock letter saying “Not possible to comply so ‘cease and desist'”.
I suspect Alphabet calculate that the FBI and DoJ psychos are still a little wary of Big Silicon Valley Corps after the calamitous result over the very public case they started against Apple. Apple unexpectedly for the FBI DoJ psychos faught back big style with lots of adverse publicity flooding in on the FBI and DoJ, who then had to humiliatingly “Pull the rip-cord” after it became clear the case was going to go against them and make adverse case law…
In a way Alphabet / Google are “Firing a warning shot across the bows of SS FBI”. Which means the FBI will go after the “Third Party KeyMan service” be it an organisation or via malware against a companies own service.
Either way Google does not get the “butchers bill” or “bad publicity” and can maintain the fiction of “clean hands” just as Pontius Pilate supposadly did[1] in the Bible.
Will the FBI “double bluff” and try calling Google on it… I suspect not at the moment. Because I guess the FBI and DoJ psychos will keep pushing their golden key front/back door nonsense at non US legislators just as FBI Director Louis Freeh did during the 1990’s. Working on the theory if they can be persuaded other nations, then the resulting foreign legislation can be used as a fulcrum to jam a lever up agsinst US legislators (see the nonsense that Australia have enacted).
[1] We get the expression “To wash our hands of …” from
Pontius Pilate’s alledged actions via scriptutes, thus some now regard him as a Saint and a myrta because of it…
Fake • June 14, 2021 9:23 PM
@SLF,
How about using the AESNI in the cutefone in concurrence with a non-aesni impl, or altering the routine involved to randomly or pseudo randomly select between pro-aesni and non-aesni blocks.
With it being open-software it’s entirely within reason but I can’t guarantee signalling wont escape, I’ve been very tempted to purchase one or two of those for my business for custom perl bindings to edge out the competition.
But just remember there’s still potential look-inside/look-aside vulnerabilities in any of the infirmware. I thunk my last look at the hw said 2g is open-software 3g/4g are not and it’s obviously not open-hardware.
Custom perl bindings of an open linux device that fits in your pocket is a game changer in almost any field.
Then, there’s the other side of me that wants bulk access to pi’s for what would be labeled as nefarious by some aspects of the outside world.
Fake • June 14, 2021 9:26 PM
you could potentially have it usb or i2c interfaced to something like a smartcard or better also, there’s so much potential w that device.
Curious • June 14, 2021 11:57 PM
My intuition tells me that P and Q on an elliptic curve would have to be be symmetrical to the periodicity of a single unit circle, regardless of how the elliptic curve is shaped.
SpaceLifeForm • June 15, 2021 12:53 AM
@ Clive, Fake
It’s all about how you cook the perfect baked beans.
If you Downgrade Attack a cell modem connection from 4G to 2G, does it smell?
Will the neighbors notice?
Baked beans at 4? Or at 2? Which tastes better?
Curious • June 15, 2021 1:32 AM
To add to what I wrote:
It seems obvious to me: knowing that an elliptic curve is mirrored across the x axis, and in thinking of any bend in the curve as being an event mirrored across x axis, whatever “fraction you get” for segmenting the elliptic curve on either side of a given point, that fraction would have to also end up having a mirrored event across the x axis, and being divisible by 2, necessarily resulting in an integer number for describing all odd numbers, even primes.
It sort of seems obvious to me that this mirroring of a whole (previously presumed to be indivisble) across an axis, hides a “whole amount” across origo, or, I imagine “across” all zero roots in multi dimensional space, part negative, part positive, but both neg and pos value equally large, yet having a finite quality to both of them simply because, two equal lengths that represents a whole cannot both be an ‘infinite’, they would be the same.
Presumably prime numbers have a hard limit, because they would have to be inversely cyclic, or so I think.
I think an interesting way to try visualize all this, is thinking of drawing two same sized circles with some space between them. The distance between the center of two circles can and cannot be finite/infinite, depending on either your perspective inside one dimension, or outside an infinitely many dimensions, as if relating to an infinitely many other dimensions by counting all infinite dimensions as integers, and I imagine, depending on one’s point of view, there must be an infinitely small remainder preventing a total overlap of the two circles, being to same small areas, one of each side of the two circles. The very distance itself between the two centers for the two circles, would be equal to the diameter of another third circle. So I think it makes sense that the idea of infinitely many dimensions, can be represented by a unit circle, because, a unit circle is just a metric, not a volume, the circle itself being self similar, would be either 0 or infinitely dimensional depending on ones’s “point of view”. The previously thought “indivisible reminder” can ofc be divided by 2.
So as I see it, there cannot be an infinite numbers of primes.
Curious • June 15, 2021 1:39 AM
To add to what I wrote:
I think Fermat’s last theorem has to be wrong, in thiking that cannot be an infinite amount of primes, but ofc I am no mathematician so I can’t prove this with a calculator.
name.withheld.for.obvious.reasons • June 15, 2021 1:40 AM
14 JUN 2021 — Your the Next Powerball Lottery Winner, ?[1]
DISPARITY IN ECONOMIC CIRCUMSTANCES, HUH, MERITOCRACY CAN TAKE A HIKE
Today, in the United States, there are 400 individuals with wealth that exceeds that of 50% of the population. In other words, the average persons share of the economy as measured against the wealth of the top 400 is 400 / 170,000,000 or 0.000235%. I don’t believe you can even see a sliver of the pie at scales easily portable, say by tractor-trailer rig. You are far more likely to see this type of numerical equivalency in your clinical readings from water samples respecting known toxins.
More Numerical Expressions
Again, the ratio of personal wealth for 50% of the population, as a share of the economy, is 0.000235%, not 0.235 % said as zero point two, three, five percent. Now that would be a fantastic interest rate on a credit card. But it is not close to expressing the economic house rules were playing by.
Say My Name
Let’s try one more time; 0.235% is not the same as 0.000235% expressed as zero point two, three, five percent. NO, the percent of wealth individually for those fifty percent is zero point zero, zero, zero, two, three, five percent.
Let that sink in…
Another way to look at is from a lottery perspective, how likely are you to be among those at the top, well how about 425,500 to 1. This is power-ball territory when it comes to this kind of wealth.
And yet one more way to ponder this disparity; how many people do these people believe they have replaced or are as productive as:
One Oligarch = 425,500 workers
[1] SEE ABOVE LINE IMMEDIATELY ABOVE
Curious • June 15, 2021 1:41 AM
Oh hold on, I think I for a moment confused Fermat’s last theorem with the Riemann hypothesis.
Curious • June 15, 2021 1:53 AM
To add to what I wrote:
Presumably Riemann hyphothesis is correct and Fermat’s last theorem is wrong.
Curious • June 15, 2021 1:57 AM
To add to what I wrote:
I guess, in thinking Fermat’s last theorem being wrong, I guess it would depends on ones point of view.
name.withheld.for.obvious.reasons • June 15, 2021 2:02 AM
——————-DIALOG BEGIN——————-
@ Clive
My apologizes as I did not confer, but as in any gesture where the object is straightforward communication, honest and human dialog, I went ahead and added myself to the conversation. Hopefully in a meaningful and useful manner.
Cheers
+++++++++++++
@ echo
I truly applaud your tapestry and the yarn used to weave together an interesting topic. You are on the mark and without question I align myself with your remarks. What you may not realize is that many of the “men” that contribute to this blog have been flagged for the hyper-sensitivity (at least that is how it is characterized) and a prevailing toxic-masculinity often finds refuge here. If I were to say, and I am not trying to speak for Clive, just as a simple observation; there may have been a cautionary burn notice.
I too am in cause with our sisters, but it is more than difficult when the male of the species becomes self righteous about both their OPINIONS and FACTS. And let me say, we are all the lessor for not having more of our sisters in conversation and at every table. You may think my statements are trite, I assure you I am most sincere, I have a young daughter for whom my eyes have the affect of her vision. I can see a definite generational divide in understanding, but it is because, as she says; “I learned from you, what not to do.”
——————-DIALOG END——————-
Maybe, just maybe, we can drop the tone down a few cycles and lower the amplitude a few db, there are people here that are conscious and alive, though it may seem like a bunch of bots at T[0].
Gnu • June 15, 2021 2:07 AM
Restating Goats question @Clive what do you think about stallman?
name.withheld.for.obvious.reasons • June 15, 2021 2:19 AM
Normally I’d chime in on hardware security issues, especially design and fabrication related topics. But, as it appears what is old is new again, except for the non-deterministic wet-wear that is part of contemporary computing platforms over the last twenty years and the “Microsoft” model of lifecycle that has infected every reputable hardware manufacturer (AMD, Analog, FreeScale, MicroChip, National Semiconductor, and a couple more esoteric but highly respectable fabs).
The previous sentence is about all I have…even if it is a run-on.
Clive Robinson • June 15, 2021 3:13 AM
@ SpaceLifeForm,
If you Downgrade Attack a cell modem connection from 4G to 2G, does it smell?
It will fairly soon…
2G has been pronounced dead, but has refused to assume the position in some places… So in theory is rotting away, but it grasps firmly to resources others want, like an aged miser to their gold.
Likewise 4G should be eventually be told the same thing but… There is 4G LTE that delivers today what 5G might but cirrently does not and actually may not for various reasons.
And some for geo-political reasons want 5G dead now, hence the lack of push back over that definate over cooked if not roasted beyond caramelized smell in the vicinity of masts…
Apparently 6G has the Microsoft piz azz[1] look, much is promised bells will have their own whistles and dogs will do back flips through hoops on fast moving buggies and the 6G world will have peace prosperity and loads of apple pie…
But that’s all marketing bumf, the reality is as US industry know, that the technological capability is not there…
But the truth is actually the technology is there, it can be seen in 5G, but owned by the wrong sort of people… So MAGA will not fall from heaven, thus milk will not flow nor will there be honey all because… But never let the truth get in the way of a good marketing campaign Microsoft never did or will.
[1] We realy need to drop the “z” spelling for the “s” spelling on that one.
Fake • June 15, 2021 3:16 AM
@name,
In reference to the Microsoft way of life bud,
Maybe I should read you in,
Bill Gates has been cloned
@all,
2g definitely stinks, like rotten eggs. But, if you want to send a message it certainly gets the job done.
Double entendre entendre
Clive Robinson • June 15, 2021 5:11 AM
@ Curious,
I think Fermat’s last theorem has to be wrong, in thiking that cannot be an infinite amount of primes, but ofc I am no mathematician so I can’t prove this with a calculator.
Primes are a proper subset of integers, so if integers are infinate then most intuitively would think incorrectly that a proper subset could not be infinate…
Are you aware of Cantor’s diagonal argument where he proved that infinities had infinities (used by Turing as part of his argument about the halting problem)?
Thus it can be said that between every integer there is an infinity of real numbers some of which are rational but mostly irrational. Thus as the axis of a graph produce a frame within each square an infinite plane exists, which is usefull when you are trying to keep things out of sight.
Now are you aware of Factorials? If intergers are infinate then factorials must be infinate as well.
Now we come to the notion of “Twin Primes” that is three numbers in succession, a Prime an even number and another Prime.
Now something not many are aware of that I spotted before I was a teenager.
Twin Primes can be found either side of factorials or partialy degenerate factorials. More interestingly they are also found either side of the Prime’s equivalent of Factorials.
That is 3! is 6, 5 and 7 are it’s twin primes, 30 is 2x3x5 29 and 31 are it’s twin primes.
Knowing this you can make a way better Prime sieve especially with very large Primes than the “Sieve of Eratosthenes” you would have been taught in high school[1].
Thus the expectation is that twin primes of this form must be likewise infinite… But are they, that’s the question but more importantly is what I’ve said so far a proof?
Whilst it might be the start of reasoning out a proof, we know it’s not a proof because there are known exceptions to the general rules.
That is 4! is 24 flanked by 23 and 25 and we know 25 is not Prime but a Prime squared.
I won’t go into any further into the maths detail other than to say the Prime Factorials are a proper subset of Factorials and as with Primes and Integers the same relations are expected to hold thus are expected to be infinite. Which in turn implies that those Twin Primes that hug them are very probably infinite as well.
Why? Well intuitively think of Primes as “waves crossing the X axis” they form patterns of reflection around those Prime factorials. If you actually draw them out the structure realy hits you in the eye. It’s also a beautiful structure, whilst the artists assertion regards “Beauty is truth” is an unprovable statment at best, there is a germ of truth in it as any engineer, scientist or mathmatician will tell you “If it looks ugly it’s probably wrong or you are looking at it wrong”[3]. Which begs the question is it a fundemental to the universe or just to humans, where pattern recognition and various forms of symmetry recognition are survival traits?
[1] But… I should give a “health hazard” warning at this point with regards cryptography. Knowing this means that there is now a whole class of Primes you should avoid in cryptography. That is finding a very very large Prime Factorial is fairly trivial when you know a few mathmatical tricks with serieses[2]. Then using that as a point to reflect around to sieve around is likewise trivial by using a pre-generated look up table. Thus using such Primes is something that should best be avoided…
[2] There are a lot of such tricks but one very simple one you night find of use when doing mental arithmatic, to start you thinking about the others. And more importantly why they are highly sort after by mathmaticians and such a danger to cryptography…
Take a long string of sequential integers that is even in length of N integers. Cut it in half and write the second half in reverse order under the first then add them together. So for the first ten digits 0..9
01234
98765
99999
You get a constant of which there are N/2, that constant is simply “first digit plus last digit”. Thus to add up all the digits one by one to get 45 is hard work compared to calculating 10/2=5, 0+9=9 and 9×5=45 which most can do in their head fairly rapidly.
[3] I think many would agree that “the software industry” clearly did notvget the memo…
MarkH • June 15, 2021 5:16 AM
@Curious:
I’m in no condition to follow the train of thought you’ve been presenting …
However, that there must be infinitely many primes has been proved in various ways.
Some of the proofs will make sense to anybody who understands what a prime number is.
One of these basic proofs is about 2,300 years old.
htohT • June 15, 2021 5:39 AM
@Clive Robinson
https://github.com/thotheolh/HydraMultiKeySystem/blob/master/Hydra%20Multi-Key%20System.md
Have fun 🙂
Bye.
Curious • June 15, 2021 5:56 AM
I won’t claim to understand the reasoning by Cantor and my interest in having a debate here is limited, I can check out that Cantor stuff sometime later, but I just wanted to clarity here my understanding of “infinities” and how I think they can and cannot be meaningful concepts, as relations in math and for metrics in physics:
‘Metrics’ and ‘relation’s would be two inherently different things. One is linearity, the other is the inverse of being linear, more like a required difference. I suspect that, generally speaking if trivially mixing these two, the consistency of linearity, and something inverse to linearity, that mix becomes in inherently inconsistent. An infinitely long line is really no longer being infinite when thought to having a parallel line being also thought as being infinitely long. So, what is and is not ‘a space with an infinity’ would get confused with what is ‘a space without an infinity’ if one is used as a metric of the other. As I imagine, only an inverse relation can make the mix work, but then, you can only use a single metric to infinitely many dimensional spaces with infinities.
Re.
“Are you aware of Cantor’s diagonal argument where he proved that infinities had infinities”
I think there has to be made a critical distinction between what is a ‘metric’ and what is a ‘true dimension’ that can be infinite. A self similar dimension would then not be truly infinite, like x axis relating to an orthogonal y axis in the same diagram. Any relation from that can as I see it, never be truly ‘infinite’, because now the two were just metrics, not ‘true dimensions’ being an infinity in itself.
So, an idea of ‘an infinity’ itself” having infinities” I think must be nonsensical if one wants to maintain a linear relation, which afaik must be what makes up any metric, and indirectly makes up any ‘true dimension’ as such. So, instead I think that it makes good sense to instead think of ‘a metric’ making up a ‘true dimension’, but not if making the dimension self similar by relying on just that one metric for measurements, then a metric in that one dimension is just a scale, but that scale cannot be a space that is infinite if referring to itself, in this self similar way, because once you set a length in that scale, it must be obvious that there can be no meaningful infinity on either side of that length segment. What makes a scale infinite, would be infinite numbers as a scale, not the the idea of any length of the scale, which would require two points on the scale.
I think, in thinking of “infinities” as an abstract, one would want to avoid abstracts that are unrelated to linearity, such abstracts like, nonsensical relations, or more importantly, nonsensical relations being nonsensical when something thought of as being “a dimension’ is just ‘a metric’, a scale being used in some self similar way. The idea is that, ‘a single point’ either has zero dimensions, or, infinitely many dimensions, depending on your point of view on or outside the point. The point’s lack of a metric, is paradoxially what makes it a metric, when included in a dimension with a scale, like a scale of numbers that also includes a single zero, however the point’s lack of a metric, also implies infinite dimensions when having a zero value as I see it. What maintains infinity in this way between the concept of a metric and dimensions, are infinite inverse relations.
I cooked up a relativistic theory for physics over the last week or so, so I’ve had some time to think about such things. 🙂 I am no physicist, but I think it all makes good sense.
I don’t want to discuss this further today, because I have been writing about this a lot the last week, so I want a break. Damnit. 🙂
Clive Robinson • June 15, 2021 6:12 AM
@ GNU,
Restating Goats question @Clive what do you think about stallman?
That is a very loaded question.
And whilst I’m not a politician, I’m also wary of both walking on uncertain ground and needlessly playing Russian Roulette, even if it’s only using my feet for target practice.
So what can be said that is “unemotive” and “factual” from a more distant view point?
Well there is a very clearly visable political process going on that is bigger than Stallman, which he has been unfortunately caught up in. Likewise there is clearly “alternative facts” being thrown around by people nobody remembers anything about or of them saying anything back then decades ago…
What can be said of Stallman is he is “Non neuro-typical” and in some ways lacks what is called “emotional intelligence” which is now treated as a life long disability. It’s considered very bad form to kick somebody about just because they have a disability, or just are different it’s one of many “isms” that are not acceptable in modern society, and never should be. Which is why practicing quite a number of “isms” is actually a criminal offence in it’s own right.
A visable side effect of non neuro-typical reasoning is the need to both drill down and explain as the person reasons their way through a complex problem to find answers, looking for evidence as they go. But importantly their viewpoint changes as the process progresses. Likewise they do it without putting on “conceptual filters” as that would be at a minimum intellectually dishonest, worse “pre-conceptions” are often the root of many evils not just “isms” in the world.
However others for some reason regard such filters as “essential” or “God Given truths” which they most definately are not, presuambly because they do not have to thibk or reason and find false comfort and stability with them. A form of intellectual limitation, which usually results in significant cognative bias, as we have seen over the last year in wider society with the likes of Qanon and Anti-vax and a lot worse (institutional murder of Blue-on-Black etc).
Those with cognative bias will rarely if ever change their view point, it is as though they have been religiously indoctrinated and thus ride off to their chosen “Holy Land” to slaughter those they see as “Heritics”. They believe without evidence of any kind they are “Morally Right” and generally they form the core of what is a boat anchore on society moving forward. Thus even though apparently “radical ” the reality they are mainly uconservative and unthinking, thus fairly easy pickings for those with political agendas who do think a little, even though it is that of Machiavelli’s ploting and scheming (see the “Dark Triad” for motivations).
Thus you have a compleatly stupid “We are the Good guys” mentality that uses the excuse of “For the common good” to enforce “might is right” by “mob rule” and trite mantras, going to war. They are the modern day Don Quixote’s tilting at giants only they can see, whilst others see the productive machinery of windmills being destroyed. Are they any different from “ludites” throwing their clohs/sabots into the machinery?
The best thing to do with such people is to give them a wide berth and let the inevitable infighting commence that will eventually deal with their education / evolution / demise. History shows many examples perhaps the most commonly known is the French Revolition, though there are many others that are a better fit.
So knowing what the likely out comes are going to be, I’m going to exit quietly stage left and let them get on with it.
Clive Robinson • June 15, 2021 6:42 AM
@ htohT, SpaceLifeForm, Wael,
Have fun
Thanks, I suspect others here will be quite interested as well.
Fake • June 15, 2021 7:10 AM
If you like visuals
can be stacktraced from
The state of the Linux kernel security (2020) (github.com/ossf)
https://news.ycombinator.com/item?id=27513149
https://github.com/ossf/wg-securing-critical-projects/blob/main/presentations/The_state_of_the_Linux_kernel_security.pdf
mind you, i don’t click pdf’s and a very very large percentage of url’s
yahoo should get a mention here, who else throws sand in their users faces?
Z.Lozinski • June 15, 2021 9:34 AM
@Clive,
2G – everyone in the industry wants to shut down 2G networks and re-farm the spectrum for 5G because it is more efficient (bits/sec/Hertz/USD). The problem is the use of 2G by embedded devices. In the US there is now a court case trying to block the closing of 2G ..
5G – the issues around the decreasing number of vendors in the telecom industry have been around since the early 2000s. The first time I came across Huawei was when they bid for an ADSL deployment in Eastern Europe at 30% of the accepted price, and their stuff worked. (Because of lower development engineering cost and lower manufacturing cost). The accepted wisdom in the financial markets in the 2000s was that the world didn’t need multiple network equipment vendors. (The same argument from c.2010 that there was no need for wafer fabs outside TSMC …)
6G – The economics of the mobile industry is that you get a new technology generation every 10 years. A new G is when you change the air interface between the mobile device and the network. Among other things it takes 7 years to just deploy/upgrade the individual cell sites. You are limited by number of people available to work at height, equipment supply and capital. And by consumers replacing their devices.
There is a current wave of interest in software-based radio access networks (RAN) under the general heading of Open RAN. Vodafone just announced they would replace 2500 cell sites in the UK which use Huawei gear with Open RAN from multiple vendors.
The security of software based / cloud-based networks will be critical. One of the observations around the Telecommunications Security Bill currently going through the UK Parliament is that a smaller number of major operators and cloud providers have the potential to increase security, compared to a very large number of networks treating security as an undesirable cost (c.f. the Talk-Talk breach).
Goat • June 15, 2021 10:14 AM
@Gnu , Clive
My question wasn’t so much about stallman himself but more so about the handling of the issue. I don’t like the way our friends at tor project and eff are tackling the issue and Oh god! I have not seen the free software commitment(veganism as some call it) that stallman displays.
RMS is not just a person mincing words he does “believe” in free software. Other “open source Proponents” seem to be content running on a DRM choked Mac in their fancy glass office..
I can’t say about his personality or ethical background, what Clive says seems reasonable to me but “maybe” he isn’t a good person.. still would we want to boycott fsf board? Will we forget about “free software ethics”? Will we corporatise the open source world to the free rider issues swallowing the community? Will we die living Stalin’s Dream?
Maybe we don’t like Stallman’s behaviour but we do like Stalin’s Dream!!
Clive Robinson • June 15, 2021 10:20 AM
@ Z.Lozinski,
As you know I’ve put forward the vary same arguments in the past but with one exception[1].
However they do not get said often enough or loud enough to over come the mantras of certain parties…
So keep saying them at every opportunity loudly and authoratively and brook no counter factual arguments 😉
[1] The argument that I do not agree with is,
is that a smaller number of major operators and cloud providers have the potential to increase security, compared to a very large number of networks treating security as an undesirable cost
The neo-con mantra of “don’t leave money on the table” will always win if there is any free choice. Thus you have to go against “Free Market” mantra about “deregulation”. Lets be honest we tried it in the 1980’s and it quickly thereafter started going down hill giving us disaster after disaster and rampent inequality thus in reality outside of engineered bubbles a shrinking economy. However in industries with independent oversight and good regulation the opposit tended to happen. That is “regulation” is a rising tide that lifts all sound vessels, if a vessel is not sound it’s not safe thus should be repaired or removed/scrapped. The neo-con mantra only encorages unsound vessels, where the inevitavle happens.
Clive Robinson • June 15, 2021 12:24 PM
@ Goat,
I can’t say about his personality or ethical background, what Clive says seems reasonable to me but “maybe” he isn’t a good person
My personality and my ethical backgroind like those of other people have two parts, the inate and the learned. It’s why people can change one way or the other.
But am I good or bad, that’s not upto me, it’s how others see me. That is if you hold a viewpoint and I agree with it you might believe me to be good, however if I do not agree with your view point you might believe me bad. You could also see me as basically good bit just disagre with the topic under discussion or the way I present it. But is how you or anyone else views me actually relavent[1]?
What is important is the argument I make, the reason I make it, and can I justify my position in an honest and what would be considered a trustworthy way?
It’s then upto the person who hears my argument to decide if my argument is reasonable. Based on what can currently be established, and what it is reasonable for me to know the two are not the same[2] and the party hearing my argument may know things I do not and vice versa.
But then we come to a real thorny problem. Is the person who hears my argument open to changing their own point of view?
If they are not open to change, what does that make them? What does it say about any view they might express about me rather than the argument I present?
The original reason I did not reply, was a deficit of information on my part. I’ve had an opportunity to look into some of it and now my reason has changed. I realise this is not something I realy want to get into for the reasons I outlined above.
You are free to look at my argument and decide on what you know if it’s realy an area you want to get into yourself.
Because even if you limit your scope very narowly, others will not let you do so. You will be pushed proded and accused by those who have already made their minds up and are not going to change it. Further they will not care if you are a good or bad person, they will just see you asva target to attack in any which way they can.
Worse if you are seen to win the argument by others, they will not acknowledge that they will either become more dogmatic if not rabid and if that fails and others support you they will simply slink away to somewhere else they can self justify bad mouthing you to others.
If you doubt this, all I can say is so far you’ve been lucky in life. Don’t change your luck now it’s not worth the price you will end up paying.
[1] Good men can make bad argument for all sorts of reasons and the opposit is also true.
[2] I can not be expected to argue for or against information I’m not party to, but I can make argument for the future based on knowledge of the past in general not specific terms.
SpaceLifeForm • June 15, 2021 3:19 PM
@ Curious
Since you are lazy or something, here is the old simple proof that there are an infinte number of primes.
The proof is indirect.
Assume you have identified the largest prime, let’s call it Q.
We now create N=2x3x5x7x11x13x17x19x…x
Q + 1
Note that N is odd because we added one to the large product of ALL of the primes up to and including Q, the alleged last prime.
We have two cases:
N is a prime that is larger than Q which immediately contradicts your assumption that Q is the largest prime.
Or N is a composite which must contain a factor P that must be greater than Q.
To, see why, note that N is congruent to one mod ANY of the primes up to and including Q.
If N is NOT prime, the N must have a prime factor P that is not used in the product of the primes used to create N.
Q.E.D.
You should have learned this before you were old enough to drive.
Wael • June 15, 2021 4:26 PM
@Clive Robinson,
Thanks, I suspect others here will be quite interested as well.
I’m still alive ;– my neighbor isn’t, he’s under the sod at a 101.
What does that have to do with double encryption? I have no clue.
MarkH • June 15, 2021 4:39 PM
@SpaceLifeForm:
Lazy? Our esteemed interlocutor Curious, “cooked up a relativistic theory for physics over the last week or so”
I can assure you that such an accomplishment requires an extraordinary quantity of energy … or more accurately, mass-energy.
It’s good fun to use sophisticated jargon without worrying about the precise definition of the words, or comprehending the underlying concepts.
An attendee of a public talk by Buckminster Fuller (who was in fact an inventor of great originality) recalled that it was more inspiring than any presentation he had experienced: energetic, forward-looking, imaginative, laced with Fuller’s coined vocabulary and accented by vast, sweeping arm gestures. This person also recalled that no one who saw the talk, could explain what Bucky had said, or make any sense of it.
Genius comes in varied forms
Clive Robinson • June 15, 2021 4:40 PM
@ SpaceLifeForm, Curious,
We now create N=2x3x5x7x11x13x17x19x…
Another “Prime Factorial”.
Oh maths trivia “Prime Factorials” were given the name Primorial by Harvey Dubner[1], who drew the analogy to primes similar to the way the name “factorial” relates to factors… The symbol used for Factorials as most know is the “Shriek” ! And very much less well known is the symbol for Primorials which is the “Hash” or what some call the pound symbol of #
And… You have “Primorial Primes” which are those Prime numbers I talked about as being the potential Twin Primes stradling a factorial or as we now have the term Primorials.
Thus your,
We now create N=2x3x5x7x11x13x17x19x…x
Q + 1
Which is the upper Primorial Prime of Q# (ie Q#+1).
@ Curious,
If your head is spining a little bit don’t worry it usually all makes sense rather sudenly, and then you wonder why it seemed so daunting.
[1] Harvey Dubner coined the name Primorial back in the 1980’s if memory servee correctly, in the arly 90’s he was the discover of more than half the then known “large primes” and he was an electronics engineer and he and his son built “filters” using DSP components that out performed state of the art super computers at the time. Though he later moved to using FFT’s… So if you ever wondered why both the NSA and GCHQ advertised for specialists in these areas you probably now have an answer. He is also the author of what is known as the Dunbar Conjecture,
https://en.m.wikipedia.org/wiki/Dubner%27s_conjecture
Which is still an open problem. If somebody solves it, it will have some interesting concequences both theoretically and practically. Probably the least of which is it will answer the “Twin Primes” conjecture that they are in fact infinite. Sadly he died back in 2019, but he has left a rich legacy behind.
SpaceLifeForm • June 15, 2021 4:58 PM
@ MarkH, Clive
Lazy? Our esteemed interlocutor Curious, “cooked up a relativistic theory for physics over the last week or so”
I should have bolded the ‘or something’.
I hope Curious creates this unit circle coin and rolls it along the elliptic curve of choice.
Curious can choose the curve of choice and diameter of the coin.
And then try different coins. Or different curves.
Happy rolling!
Weather • June 15, 2021 5:08 PM
@slf
Give me a hash, I’ll tell you the group, but you don’t do it, what Weather! Is not a password. Yes I know the weakness in the parser stage, but you don’t.
Clive Robinson • June 15, 2021 5:09 PM
@ Wael,
I’m still alive ;– my neighbor isn’t, he’s under the sod at a 101.
I’m glad to hear the former but it’s sad to hear the latter. I hope it was both quick and painless, as 101 is not a bad innings even these days, it’s two decades more than the average where I live which is,supposed to be one of the UK’s high averages… It would be slightly higher but with two Higher Education Establishments pulling in around a third of the actual population count in a five year age range centered on ~20, enough of them do silly things that they effect the over all figures.
Mind you just 15miles away at most in East London there is one of the worst for average,age of mortality at 51years. That’s third world territory.
All of which as you note,
What does that have to do with double encryption?
On the face of it not a lot but hey I’ve always been a little suspicious of chain encryption where the same algorithm is used, there’s usually good reasons to avoid simple chains and using the algorithm twice in a non chain structure usually gets you more bang for your buck…
Speaking of bangs and bucks, I’ve not seen the nearly creamed one around I hope where every he is life is treating him kindly. Hopefully early retirment with his feet up somewhere warm with gentle fragrent breezes watching the world go buy over the rim of a glass of good mint tea with maybe just a few crushed rose petals.
echo • June 15, 2021 5:16 PM
Daniel Morgan report: Met Police denies ‘institutional corruption’ and says Cressida Dick won’t resign.
The de Menezes shooting.
Burying Russia investigations.
Burying Brexit investigations.
Burying investigation into £1 Billion Bribe of DUP by Prime Minister May.
Burying the Accuri investigation into misuse of public funds by Johnson.
Breaking of lockdown restrictions and PPE advice for publicity purposes.
Police handling of the Sarah Everards vigil.
Resistance to social policy led policing.
One comment I read is that Cressida Dick is trying too hard to be “one of the boys” and cannot handle pressure. I’m curious why she was promoted after the de Menezes shooting. Arguably it wasn’t all her fault as police were physically unfit and not trained to the task and line of sight with the target was lost hence misindentification but she was the commander on the day. I’m sure “taking one for the team” played a role in her promotion but I’m really not persusaded her loyalty to the police and smoothing over the waters is appropriate.
I remember an earlier now mostly forgotten scandal where the police blatantly lied to Doreen Lawrence on Newsnight. I felt something wasn’t right about their assertions and the police officer handpicked for “fireside chat” presentation purposes struck me as being a bit too carefully chosen to be true.
I have found police lie or bend the law at all levels to get out of doing work (not just statute but the law as practiced which is more about what they can get away with with investigators looking the other way and asleep at the wheel lawyers), and their colleagues have a nasty habit of covering it up. A large part is mostly mediocority and negligence but it does go on and has a distorting effect on justice and democracy even if it is just no criming or bungling cases.
SpaceLifeForm • June 15, 2021 6:23 PM
@ Clive, Curious
I am quite certain that Dubner’s conjecture is correct.
I’m quite certain that there are infinite quad primes (back-to-back twins) based upon my research.
But, they thin out quickly.
At a lower boundary than 4208, any even number can be expressed as a sum of two t-primes, but the two t-primes are not married.
It’s actually obvious this must happen, but yes, the proof is in the pudding.
Weird stuff happens in the land of small numbers. Patterns are not obvious.
But, I’m certain there are an infinite set of even numbers that can be expressed MORE THAN TWO WAYS with actual non-married t-primes.
In fact, as the even number gets larger, the count of the ways this can occur actually increases.
I conjecture, there is an infinite set of even numbers of the form N=12X+6 where 6X-1, 6X+1, 6X+5, and 6X+7 are all prime.
Fake • June 15, 2021 7:22 PM
on the subject of ‘primes’,
Maybe I’m off key here, but I don’t think us not having all the answers is mirror threatre.
Every last one of us walk the planck.
Maybe our math is wrong?
Maybe that’s the trick, the humility to both know and accept when we are wrong.
It could be in the grand artists great 4d++ painting that our imagination limits us to what is but a cold fraction of the true mathematics behind the scenes.
What we call whole numbers might just be points in the field that breach the planck limits of human thought.
Can we disprove that without external confirmation?
MEH.
comm unity
build, back, better.
there’s a difference
being wrong is a tropism
IT’S OKAY
just get it right next time 🙂
I get stuff wrong all the time, that’s what cool about this little corner of the internet.
MarkH • June 15, 2021 7:25 PM
@SpaceLifeForm, Clive:
I’m indebted once again to Mr Robinson for a contribution to my education. I suspect that my rate of forgetting is smoothly approaching my rate of learning, but I’m pretty sure I hadn’t seen Dubner’s Conjecture before … that constant would have made it memorable.
Interesting that it subsumes Goldbach, which has lain unresolved for so many generations.
The diabolical character of some of these conjectures is that they seem so obviously true: the more you look into them the more confident you feel!
Noone can find a counterexample, or offer a good theoretical case why such should exist.
If the proof is in the pudding, it’d be nice if somebody found that pudding and looked inside.
Goat • June 15, 2021 10:44 PM
@Clive “his” referred to stall an in the sentence would have to work on my language skills 😉
Goat • June 15, 2021 10:45 PM
Edited to add: I meant even if stallman isn’t a good person does he deserve this?
Winter • June 16, 2021 12:56 AM
@Goat
“I meant even if stallman isn’t a good person does he deserve this?”
That is a question that cannot be answered.
The man is obviously socially challenged, non-neurotypical as Clive wrote. Furthermore, as far as I know, he has not done anything wrong, the events are a response to his words only.
RMS gave an opinion on the behavior of a minor who claimed that her intercourse with an older man was non-consensual.
It is always a bad idea to express strong opinions about events that took place in private between people you never met. Especially if one is a poor minor and the other a middle aged billionaire with a history of accusations of misbehaving towards minors.
All this was added to a history of similar controversies about opinions that RMS expressed about issues that are unrelated to software freedom. It is clear that RMS has become a liability to the cause of the FSF and Free Software. Purely from a PR and marketing standpoint.
Where things went awfully wrong is when RMS could not see that he had become a problem for his own cause. If he had stepped down “for the good of the cause”, there would not be a controversy. He could have played a non-public role to help the cause.
However, RMS has no other life outside of what he has done for many decades. So I totally can understand his unwillingness, if not panic, to leave.
No person has a “right” to lead a movement. That is only for the members to decide. RMS leading the Free Software movement depends on the willingness of the members and member organizations to be lead by him.
If you are the figurehead of a large and important movement and your presence suddenly becomes an existential threat to different parts of that movement, there will be a very strong pressure for you to move out. If you then fight to keep your position, people will get “hurt” and damaged. Trying to stay in power, so to say, is always a dirty job
So, does he deserve this treatment? I think that this question is unanswerable.
But if RMS thinks the Free Software cause is best served by him staying in the lead while many, or even most, think it is not, he cannot expect anything else than a very painful fight.
In that sense, the whole affair seems to be a classic tragedy unfolding inevitably to the downfall of all involved.
SpaceLifeForm • June 16, 2021 12:59 AM
@ MarkH, Fake, Clive, Curious
So, I pull up source code that I’ve not looked at in years…
Damn programmers. They never comment their code well.
(looks in mirror)
Looking for my comments (there actually are many, but could use more), I come upon the function called mgc. I forgot what mgc means. (bangs head on mirror)
I always write code upside down.
Upon further reading, I find the connection via a comment that probably should at least be replicated at the body of the function.
Ah yes, mgc. Modified Goldbach Conjecture.
How could I forget a name that I came up with?
Anyway, I will beat on this code some more, and document my findings further.
That means, I will comment more in the code. And report the highlights here.
MGC (Modified Goldbach Conjecture) – The prime number 3 is not required as one of the primes, both primes being t-primes but not necessarily married.
Will verify, but (per the comments in the code if you can trust who wrote them), if the even N is greater than 350, MGC appears always true.
name.withheld.for.obvious.reasons • June 16, 2021 2:23 AM
16 JUN 2021 — Florida: From the Frying Pan into the Fire?
FLORIDA 7-DAY MOVING AVERAGE POSITIVITY RATE — 0.0%
In order to develop a better understanding between COVID-19 related affects and the data about the events surrounding the pandemic within the United States, Florida stands out as an interesting outlier. I suspect that this is more prevalent than just Florida[1]. And a preliminary review of the data suggests as much, but for the moment the focus is on Florida. Two alarming developments, case reporting has ceased and other metrics have been eliminated or unstated (reported as “detected” by JHU, see last two paragraphs below[2]).
First, Florida reporting of new cases is significantly down (or zero) both in raw numbers in the trends over the last several weeks. The last two weeks have almost no reported cases, the hysteresis limits on the data are exceeded almost daily. Nearly every day reported in the last three months, as represented on the bar graph is limited to values of 44k new cases. Per day ranges from 44k to +80k across the data set while the graph is nearly a flat, truncated set of bars. WOW, is this skewed.
Mid-March to Jun — +90% of data clipped to maximum (skewed hysteresis)
26 May 2021, 50,000 new cases (hysteresis high mark 44k)
27 May 2021, 53,000 new cases (same)
28 May 2021, 60,000 new cases (same)
29-31 May, 0 new cases (holiday report?) see 1 Jun
1 Jun 2021, 145,000 new cases (same)
2 Jun 2021, 27,000 new cases (delta visible)
3 Jun 2021, 45,000 new cases (same)
4-15 Jun 2021, 0 new cases (not visible, and what delta)
What is most interesting though and not directly related to COVID-19, Florida is showing an alarming rate of ICU occupancy levels. A handful of counties are reporting up to 100%, some at 93% to 100%. Averages for ICU occupancy across the state is higher than most states. If I were in Florida right now, I’d be very concerned.
[1] General Statement from the JHU CoronaVirus Resource Center
Declines in U.S. cases and deaths that appear in the Coronavirus Resource Center’s data on Mondays are the result of several states and territories not reporting the information over the weekend. Those states and territories are: Alabama, Alaska, Connecticut, District of Columbia, Florida, Guam, Idaho, Kansas, Louisiana, Michigan, Mississippi, Montana, Nebraska, Nevada, New Mexico, North Carolina, Northern Mariana Islands, Oklahoma, Rhode Island, South Dakota, Tennessee, Vermont, Washington, West Virginia, Wisconsin, Wyoming, and Virgin Islands.
[2] From Johns Hopkins University CoronaVirus Resource Center: Florida
On 26 March 2021, Johns Hopkins detected that Florida was no longer reporting ‘testing encounters’ (test_encounters_total), which served as a denominator in our ‘testing positivity’ calculation.
On 7 June 2021, Johns Hopkins released information about cases and deaths in the U.S.;
NOTE: quoted from the website 16 Jun 2021 2 AM EDT:
Winter • June 16, 2021 2:35 AM
@name.withheld.for.obvious.reasons
“If I were in Florida right now, I’d be very concerned.”
I would use the site below for the best estimates:
ht tps://covid19.healthdata.org/united-states-of-america/florida?view=infections-testing&tab=trend&test=infections
Daily infections for Florida are ~8,000, with over 400 ICU beds in use. Around 30 people are dying from COVID-19 daily.
name.withheld.for.obvious.reasons • June 16, 2021 2:45 AM
@ Clive
Just to let you know we are on the same page. You and I have, in the past, received or have been on the receiving end of meritless claims of a misogynistic, racist, or of some other set of poor behaviors. Your cause as I understand it is more to humanism then away from it. We have both understood that there is a past behavior that; a) we are not responsible for nor have engaged in, and, b) do not apologize for. And, we cannot alter the past, or dismiss it–as some seem to claim is possible. Remember the Skeptical debacle? Not too dissimilar.
I recognize your struggle, share it, and will answer anyone that makes claims to facts which are worse than benign upon the truth.
Let us all be clear, and Clive has stated this on many occasions in his own words, here are mine;
“Come in peace and the willingness to engage” — me
and
“Make it so, number one!” — Piccard, ST-NG.
Clive Robinson • June 16, 2021 3:13 AM
@ Goat, Winter, ALL,
Edited to add: I meant even if stallman isn’t a good person does he deserve this?
I urge you to look beyond just RMS.
He is not the first to be attacked in this way in the Open Source movment, nor the first in STEM to be attacked over a failed political plot involving a restaurant without a basement, that got entangled with the claimed behaviours of a Billionair and others in public facing domains.
Then start asking the question of why? By examining those making allegations, accusations or doseminating them, and who they are connected with and what the result of their “15 minutes of fame” are for others.
But aleays,remember “Public Opinion” is a Beast that is awoken by rummors, allegations and accusations that are vague / damaging but have little or no substatiating evidence. The Beast once roused needs to be fed blood to be satiated thus go back to sleep. We used to call it vigilantism, but these days it’s become “A Sport” for spectators to invest further emmotions in.
But remember the Beast of Public Opinion must be satiated because it has been invested in by thousands who neither think nor reason just do. Thus the raw power and energy built up by such investment becomes unpredictable and earths out like lightning where ever it can causing much damage and mostly the where or who is only obvious with hindsight.
But is it random? I would argue increasingly not these days as where there is power to be manipulated there are those who will do so.
As I’ve noted before there are thre basic “types” of racist, but it’s more generally true as well,
1, Those who are basicaly failiures in their own lives or who feel they are in some way, thus use tribalism to vent.
2, Those who have been harmed by some one of a recognisable group thus blaim all in that group / tribe[1].
3, Those who profit by tribalism who stir it up one way or another for money, power, status, or some combination.
The first type are often Bob Altemeyer’s Authoritarian followers who all to frequently form the nexus of “Guard Labour” or “make work” jobs, where the only reward is “faux status”[2].
Their “faux status” is due to a “trickledown” effect from those who form the third group, who subscribe to Joseph Stalin’s view of “useful idiots” or similar such as “Any fool can be a Tool”, “Use’m, Abuse’m, Destroy’m” all on the “Wash, Rinse, Repeate” cycle principle.
Between the second and third group is an interesting group, who took money or enabled others to be recipients of money whilst turning a blind eye, and when it went bad as it was very probably going to. So to protect themselves they scapegoat others thus maintain their cosy little makework positions. You would be surprised at just how many “Administrative” decisions are made this way, as the “seat stuffers” close ranks for “herd protection”. Such behaviours but closer to the third type are “seat stuffers” closing ranks for for “herd protection” in Politics, as they “protect leaders” and the like “For the good of the tribe”.
So take a good look for who benifits most for bringing down “figureheads” both in the short term (journalists) and longer term (competitors) and just how cheeply such defenestration or decapitation brings the third type rich rewards without them getting their hands dirty.
For an ineptly done example have a look at Microsoft’s past behaviours especially in the repeating SCO case.
As I’ve said you need to be aware there is a broader context involved and the Beast is not yet satiated, thus there is the potential for it to earth out close to you.
[1] I use “tribe” as a “collective noun” that is a group of individuals who chose to collect together for a shared reason. I could use “club”, “gang”, “troop”, or other collective nouns such as “gaggle” or “squable”. However which ever I use others will ascribe additional purjative meaning that I most definately do not intend. However even if they do not give voice they will implicitly assume I have “Bad Faith Intentions”. Tribe however is a recognised term that gives rise to other words with specific meaning such as “tribalism” which other collective nouns do not have, thus arguably it is the correct term to use.
[2] http://iclinstitute.com/The_Authoritarians_–_Short_Synopsis.pdf
name.withheld.for.obvious.reasons • June 16, 2021 3:18 AM
@ Winter
The information I provided is a clue, a look at what is happening to states and their health status and what it may mean for their citizens.
It is troubling, that states are engaged in mass deception and with public health information no less, what could go wrong? They’re not doing a very good job of hiding their malfeasance, or are they? My bet is the former.
Winter • June 16, 2021 3:32 AM
@Name
“It is troubling, that states are engaged in mass deception and with public health information no less,”
We are dealing with a political party that has staged a failed coup-d’etat and is working hard at a second try. A political party that tries to stop honest and fair elections from taking place in the USA ever again.
Why do you think they will stop at anything?
Clive Robinson • June 16, 2021 3:49 AM
@ SpaceLifeForm,
Damn programmers. They never comment their code well.
They are actively discouraged from doing so…
I’m at heart an “as close to the metal” programer as you can get truth tables and state machines are almost my comments. But whilst accurate they carry no context, thus lack the important meta-data that turns data into knowledge and by meta-meta-data into understanding.
If you look at much of my assembler level work, the actual source code is scant in comparison to the comments.
Even when writing in higher level languages where more expressive lables and names can be used, I fully document the “Interface Contract” which often can be as long as the subroutine (I adhere to the subs code must be less than two screens/pages in length and compounded statments on single lines avoided). Likewise “bag of bits” containers such as structures and Abstract Data Types get fully documented.
Yes I get complaints from machismo programers and pushy managment types. But then they are not the ones who have to do the maintainance where the “documentation” was either never written or has subsequently been trashed in some way (remember the better your code the more likely it is seperate documentation will get trashed/lost).
I also believe that “comments are code for the mind” that is reading them should in effect run the program in your head the same way the source code does on the hardware. Also “Comments are the checksum of reality” if the comments and source do not 100% align then there is an error that has to be corrected, no ifs, no iffs, no buts, and no maybes ever.
But importantly also remember well written comments are more “reusable” than source code ever can be, because if you treat them as the “true source” writing “source code” in any language to fit them is just a mechanical process.
It’s something older assembler level programers from the 1970’s through 90’s knew, because 8bit CPU’s were over priced thus changing them frequently and at short notice saved considerable amounts of money.
Thus you might start writing for a 6502, move to a 6800 or 6900 or 8080 or Z80 etc etc or have to go back to an 1802 because that’s the only part qualified to “get off the ground”.
Thus you learn two lessons,
1, Truth tables and logic are the only constant tools with no hardeare or programing language constraints.
2, Comments are “the one true source”.
Everything else is fluff or illusion, thus should be treated as at best dental floss.
MarkH • June 16, 2021 4:04 AM
@SpaceLifeForm:
I always write code upside down.
From the rafters … like a bat?
I write less than half as many comments as my conscience says I should, and perhaps one tenth as many as some guidelines or standards call for.
It’s my habit to use really long and explicit indentifiers, so that lines of code can read a little like natural language.
Most of the time, I can “reverse engineer” what I was doing, though I often wish I had written more comments explaining why I decided to go down one road rather than an alternative.
For serious projects, I typically write lots of notes in a word processing document, which can help me piece together both software and hardware I designed.
I’ve made some reference to C source code for a Python ‘long’ type implementation, which uses Karatsuba multiplication (for speed) when the numbers are big enough.
The main Karatsuba multiply function in that module has a comment of more than 40 lines, explaining why one variable which holds intermediate results has enough bits.
Clive Robinson • June 16, 2021 4:47 AM
@ Winter, Name.withheld…, ALL,
Daily infections for Florida are ~8,000, with over 400 ICU beds in use. Around 30 people are dying from COVID-19 daily.
Even those figures are not self consistant thus do not make sense in a supposadly improving situation of a disease of quantified characteristics…
Reports in the UK indicate that despite warnings, that were very very clear the politicians quite deliberately did nothing and alowed the “Delta” or India VoC into the UK, if not actively encoraged it in.
New figures suggest an R0 of 8 (yes think about that) and for hospitalisations it’s over 60% more infectious than other VoC strains like “Alpha” UK VoC, as well as bringing in younger age groups.
But also it has a much higher severity which is still being calculated and could have a CFR of twice that of earlier VoCs.
Which leaves the entirely unknown currently IFR in the general population groups of those,
1, Neither infected or vacinated.
2, Infected but not vacinated.
3, Infected but vaccinated with one injection
4, Infected, but fully vaccinated.
5, Vaccinated with one injection.
6, Fully vaccinated.
7, With inate immunity to one or more varrients.
By “age group” etc
By “Vaccine type”.
What appears to be the case is the Delta varient very very rapidly becomes the dominant strain, and despite the fact we are out of the “respiritory disease season” it is very very likely to cause a significant “Third Wave” unless lockdown can bring it under control.
But the polititians are pandering to lobbyists with sob sob stories about peoples disrupted social events[1]. Thus are actually “easing up” on lockdown, instead of doing the rational thing which is tightening up.
So most likely “Third wave here it comes” look out it might be way to big to ride thus “Wipeout” is sure to happen for some.
Oh and for those that still think “Vaccination” is going to make SARS-2 extinct, that looks incteasingly unlikely, because the logist delays are alowing incrrasing infections thus mutations, which are getting both more infectious and more severe.
What we realy need is to stop infections now, not in five or ten years or more likely never. The mutations will sooner rather than later evade vaccines. Thus we need to rapidly halt infections. The sensible way to do that is to stop the ability of the virus to find new hosts…
We only know of one way currently that has proven effective and that is quarantine, not just of the infected but of the healthy by localised, regional and global lockdown on movment.
If we don’t do it what we had will be extinct not the virus.
[1] Yes I know it’s someones “special day” but modern celebrations are the product of a money hungry industry pushing for highly profitable mass gatherings that can only happen with “modern global travel”. A phenomenon that is barely half a century old, and more importantly the primary cause of the spread of this dreadful disease and pilling up of corpses. So to be very very blunt, I see no reason why their selfishness should threaten my or many many other peoples lives. If as many had said on this blog lobbyists had not been pandered to and mass travel stopped then this dieseas would have be extinct in as little as 5weeks and both the economy and social lifes would have been long back to normal. The gact that MSM like Rupert Murdoch’s News International are pushing counyerfactual naratives and the truth of the matter is not getting out says much about him and his geriatric desires to regain his “King Maker” power and status and how politicians through their own cupidity and total inability to lead.
Weather • June 16, 2021 5:32 AM
Shà256 update, there was two bugs, one was not zeroing a var before possible been set, the other was wrong array on the parser, updated the parser so you can select the range.
Figures
25/28. 172/255. 0 loop
16/28. 153/255. 1 loop
17/28. 160/255. 5 loop
18/28. 153/255. 10 loop
Apart from the initial drop multiple loops aren’t fixing the issue. Trying a new combination that should prove the signal it space ever 0x10 +- 5 which should stop the program getting double hits.
If dropping min to 100 group 0 loop shows 17/28 at 123/255 .
The program is almost ready to be sent, but the parser can be updated with out effecting a run because of rtable.
Summary sha256 is leaking input to output.
Winter • June 16, 2021 5:45 AM
@Clive
“Even those figures are not self consistant thus do not make sense in a supposadly improving situation of a disease of quantified characteristics…”
The numbers at all are from:
ht tps://covid19.healthdata.org/united-states-of-america/florida?view=infections-testing&tab=trend&test=infections
I do not think you can find better estimates. The only thing important is the divergence between official numbers and best estimates.
@Clive
“New figures suggest an R0 of 8 (yes think about that) and for hospitalisations it’s over 60% more infectious than other VoC strains like “Alpha” UK VoC, as well as bringing in younger age groups.”
The bet is to vaccinate enough people before the next wave hits. As it looks now, current vaccines are effective against all known strains and immunity is long lasting.
But this is still a bet. If the next wave hits too early, or too many remain unvaccinated, or a new strain breaks immunity, then things will go south again.
Clive Robinson • June 16, 2021 6:05 AM
@ name.withheld…, ALL,
Just to let you know we are on the same page. You and I have, in the past, received or have been on the receiving end of meritless claims of a misogynistic, racist, or of some other set of poor behaviors. Your cause as I understand it is more to humanism then away from it.
Yes I believe in humanity, not vengeful or otherwise inventions of those whose cupidity and basic lack of morals lead them to prey off of others who just wish to survive and with a little luck be both happy and thrive.
It also means that I have to be accepting of peoples mistakes and accidents, which in theory could be avoided but in our practical reality can not.
I’ve been told I have an open mind, by the same person who once quiped,
“The trouble with having an open mind, of course, is that people will insist on coming along and trying to put things in it.”
My parents tried to bring me up to be responsible, not just to myself but others as well, sadly I was orphaned before they had got beyond the foundations, thus never saw it they had succeeded or not.
Life as an orphan is not to be recommended, it’s difficult to build on uncertain ground and being preyed upon by others almost a given. Some call it “The University of hard knocks” but the reality that most do not realise is that you do not graduate, because it’s “Life Long Learning”.
Making things easier for people to learn has always been one of my primary drivers, and sounding cautionary notes from history is part of that.
Whilst Sir Isaac Newton was being very rude with his “standing on the shoulders…” comment, the truth is we stand on the successe and failures of those who have been befor us.
Thus we actually have more to learn from failure than we do from success.
Success can be by chance or planning, but few ever see the usually way less than perfect planning only the trappings of the success.
Analysing failure by testing it and finding out why it happened teaches us way way more.
Our host has pointed out in the past that to be able to design good crypto/security you first have to become expert at breaking it.
Security design is one of the hardest forms of design there is. For most designers they, like insurance assessors, work with statistical averages of effectively non determanistic causes with predictable effects.
In security design you also have to deal very much with the opposit. That is very non average, very determanistic causes, usually with highly unpredictable results.
Thus as again our host has pointed out “You have to think hinky” to many “hinky thinking” apprars like some kind of “sixth sense” the reality is in the general not specific attackers are predictable thus you get to see patterns and these can guide you. Examining why things fail and adopting good “Testing Techniques” makes the process more exacting and also broader in scope thus further reaching especially towards likely specifics.
Few tricks are new, but new variations thus new “instances” pop up all the time. The secret to the design is not just recognising the underlying trick, but collecting it together with other tricks with common properties, thus forming “classes”. You then design against the class not the instance.
There are two good reasons ICTsec is in the mess it is and why it has become a “Red Queens Race”,
1, ICTsec as an industry does not learn from history.
2, All the time is spent fighting instances not classes.
Unless we learn that failure is to be not just expected but learned from neither of those is going to change. I think many know from their high school education what happens when a species does not change in the face of a changing environment.
What is true for ICTsec is actually true for Society in general.
Because one of the most important parts of society as we know it is,
“The Freedom that Privacy gives us”
Without that Freedom we can not experiment, learn, understand and grow. Anything that stops that process has only one eventual outcome.
Privacy is only possible through security, thus security is fundemental to our existance.
Those of concervative view fight change thus growth, those that religiously or similar stop the spread of knowledge fight learning and thus understanding, and those that are totalitarian in view fight privacy thus stop freedom and are the ultimate human existential threat.
It’s this we see behind nearly every injustice in society. But importantly as has oft been poinyed out “No man is an island” we all live in society even when we think we do not, thus whilst society has responsability to see we all get treated fairly and with understanding, the individual has to realise they have a responsability to society and all within it.
Unfortunately when it comes to “Personal Rights -v- Societal Responsability” some thing they have entitlement to the former without the latter. That can only ever end badly for all, because we all grow as society grows.
I would rather be a nonentity with what modern society has made available to me, than live in times past where I might have high status but a short, nasty, brutal and in reality impoverished life of near now groth and fudal explotation.
Yet we see modern day War Lords living short, nasty, brutal and very impoverished lives. You realy have to ask Why? And What is wrong with them?
But it’s not just War Lords it’s many pushing for empty status that actually harms them not just others and can only have one inevitable outcome as history shows on nearly every page.
Goat • June 16, 2021 7:14 AM
@Clive +1 to add this cancel culture happens even in non stem disciplines..
@All, I would say as a mere scripting person(not a real programmer, 😉 I use vim) I find many python librries over commented and confusing
Clive Robinson • June 16, 2021 7:22 AM
@ JonKnowsNothing, Winter, ALL,
Re:
Be mindful that the USA has just declared “we’ve won the war on COVID-19”
My viewpoint is,
“We’ve not even won the first skirmish, in the Northern Hemisphere and we know our battle plan is a loosing one”
Which viewpoint you are closer to is upto you.
But look at it this way, even if you have been infected and recovered or are fully vaccinated the disease mutatation rate is linked to the current infection rate that we know is rising against expectations.
Thus at some point any immunity any one currently has is going to be of diminished effectiveness.
Thus there is a probabilistic risk.
The thing about such risks is we know that given sufficient time the probabilities become closer and closer to unity. Where a risk ceases to be a maybe but a probably or definately unless other risk diminishing activities are under taken.
We should all know by now what those risk diminishing activities are.
So I’ll just say keep doing and stay safe.
It’s what I am doing, hopefully my risk will stay lower thsn maybe 😉
Winter • June 16, 2021 7:29 AM
@Clive, Jon, All
State of COVID-19
The bet is that vaccination will protect against COVID-19,the disease. Then infection numbers do not matter in the public eye.
For this to work, almost everyone must be vaccinated. What counts is what fraction of the unvaccinated will get COVID-19 and end up in hospital.
There are models taking that into account (see my link).
However, every government that wanted to go for herd immunity earlier (“dying for the economy”) will use this excuse.
I would not be surprised if we will see a surge of stricter policies in September, when there will be a new wave of COVID-19 under unvaccinated people.
JonKnowsNothing • June 16, 2021 8:12 AM
@Clive Winter All
re: Then infection numbers do not matter in the public eye.
While the local news may no longer report the daily dead counts, it also means that the numbers that roll up the hill to the CDC et al may not be reliable either.
We do have reporting requirements: official and mandated, but that does not mean they are accurate particularly given that publicly we have seen the reclassification of many aspects of COVID-19 in the USA, such as the Who Died From COVID? re-re-recounts.
Just a caution that if you have access to the non-public sphere of data, your data may or may not be worth the digital ink on your screen.
Infection numbers may not matter now but “if and when” the hospitals get overrun with COVID-Mut-NN then we will have to rescind our declaration of victory as that is based not on vaccination, not on elimination, somewhat on suppression but mostly on hospital and ICU capacity.
In the hot, dry and water less part of California, we still run 40-60 persons per day in hospital and ICU; local deaths are running 10-20 people per week. There are somewhere between 1,500-3,000 active COVID-19 cases locally. State wise we have triaged patients flowing into the active Surge Hospitals.
What numbers will the State of Vermont plans to report on COVID in their state? Vermont has declare victory because they have “herd immunity from vaccination”… Herd Immunity from Recovery didn’t save the people in Manaus, Brazil.
We won but as Clive has indicated in his post: For How Long?
===
ht tps://www.theguardian.com/us-news/2021/jun/15/vermont-covid-coronavirus-restrictions-vaccination-goal
(url fractured to prevent autorun)
Fake • June 16, 2021 8:21 AM
@Goat,
Don’t discount rapid readiness
Script may not be hardcore but with the right education and tools it can be utilized like a chain saw or dredge.
Very effective in the right hands for adaptability and availability.
Winter • June 16, 2021 8:36 AM
@JonKnows
“We do have reporting requirements: official and mandated, but that does not mean they are accurate particularly given that publicly we have seen the reclassification of many aspects of COVID-19 in the USA, such as the Who Died From COVID? re-re-recounts.”
I am sorry to say, but the USA is not the leading, or even most important, country. Things are seeming to be got under control there. But what happens in the USA is rather irrelevant in the larger scope of things (even the vaccines were mainly developed outside of the USA, Pfizer/BioNTex in München (DE), Astra Zenica in Oxford (UK), Johnsen&Johnson in Leiden (NL), Sputnik in Moscow (RU), and there are 2 Chinese vaccines).
What counts are the developments in Eurasia (pop 4.6B), Africa (pop 1.3B), and South America (pop 0.7B). Things look rather bleak for most of these, I have to say. Games with reporting are difficult to hide in most of these areas, as India and Brazil found out the hard way.
Clive Robinson • June 16, 2021 8:36 AM
@ Winter, JonKnowsNothing, ALL,
For this to work, almost everyone must be vaccinated.
The evidence for that is not in, nor is it likely to be for years to come at best if ever, mean while people are dying needlessly in their thousands daily.
The reason is as I keep saying and people fail to take on board is
“Time to vaccinate is to long with respect to time for mutation”
It’s an issue that can not be avoided and not talking about it will just continue the otherwise easily avoided mass deaths, which will continue as long as it is continued to be ignored.
What there is multiple cases of evidence for is quarantine at the personal, local regional and national level. It not only works it works quickly and saves all those avoidable mass deaths.
More importantly the effect on the economy of “half hearted” open up now is also a compleate disaster and it very much sounds as though bot the UK and US are going to have another go at proving that…
Yet those with sensible quarantine have proved you can have near normality within the quarantine zone.
It’s something that is not realy arguable against where the quarantine are can be effectively controled. Which both the UK and US could if they so wished do, and not as expensively as trying to increase the vacination rate.
Oh and then there is the “It’s my Right not to be jabbed” politics in play, vaccination may never reach a sufficient level…
Winter • June 16, 2021 8:42 AM
@Clive
“Time to vaccinate is to long with respect to time for mutation”
I think you are much too pessimistic.
All the data points to the opposite. Every country that got vaccination underway saw its hospitalized population decrease fast. There has still not emerged a variant that is not covered by the vaccines. It can appear tomorrow, but it still has not appeared.
MarkH • June 16, 2021 1:27 PM
@Clive et al:
Since you posted your question, I keep looking at my multi-precision archives.
One specimen I downloaded for study was GNU gpg (old vintage, early noughties). I don’t think I spent much time on it; the big number code is rather large, in many modules, partly in assembly and hard to read until you work out their system.
gpg add uses full-word arithmetic, handling carry by two word-compare operations, one for incoming and one for outgoing.
My add uses carry as a Boolean; one of two word compares (to generate outgoing carry) is selected based on incoming. I suppose that for many architectures, the two methods are close in CPU cycles.
Clive Robinson • June 16, 2021 2:36 PM
@ MarkH, ALL,
Since you posted your question, I keep looking at my multi-precision archives.
Yeh, for what should be a simple issue there sure as heck is a lot of different ways people do it.
In assembler you would expect different ways with different processor classes that is you would expect CISC and RISC to be different even if all modern CISC von Neuman machines are realy RISC Harvard machines internally.
But when it comes to high level languages, so many are basically writen in C with a smidgen of ASM you’ld expect a basic “standard way” to emerge, yet it appears it has not which is odd.
As I said I can not help but feel it’s down to the difference between how people view primitives.
Most programmers thing in terms of uniary(+,-) and binary (+,-,*,/…) whilst those dowing DSP or certain types of maths or ADT’s think of just the single trinary MAD operator. I can’t help thinking it’s those who think in terms of the trinary MAD where using only half a register width makes sense for the multiplication that makes the difference.
I’m probably wrong, in that they probably all came from high level language backgrounds and read Knuth on multi-precision and others coppied them without realising or thinking there might be a better faster more memory efficient way to do it. Asembler background programners more used to having to do their own pointer arithmetic and the like would know there were better ways. But then you’ld expect them to drop straight into assembler rather than try doining multiprecision in just about any high level language as they are ill suited to it due to not having direct acces to the flags register.
As a friend of mine often says,
“A bit of a doozy that one!”
SpaceLifeForm • June 16, 2021 3:41 PM
@ Clive, MarkH
The code is was referring to that could use more comments, was written by me, so I have no one to blame.
So, I read thru the Dubner’s_conjecture wikipedia link, and I see that my exceptions do not match what Dubner found. I have fewer. I must have a bug in my code. More debugging.
Weird that we were both looking at same theory at same time.
vas pup • June 16, 2021 4:01 PM
German industry could win big with new quantum computer
https://www.dw.com/en/german-industry-could-win-big-with-new-quantum-computer/a-57920916
“A new quantum age could be on the horizon in Germany. The country wants to catch up with industry leaders China and the US in the realm of quantum computing, a technology that could offer huge strategic advantages to the economies that master it.
On Tuesday, American tech company IBM and the Munich-based Fraunhofer Institute unveiled a quantum computing collaboration ==>centered on the new IBM Quantum System One computer, nowthe most powerful quantum computer in Europe.
Why is Germany doing this?
China and the US hold far more patents on quantum computing technology than Germany does, despite the European country being home to a little-known but highly active research environment in the field.”
Read the whole article and as usually two short but good videos inside.
Fake • June 16, 2021 5:36 PM
@winter,
i’m obstaining from responding to the claims you’re making about the reality of the both the effectiveness of the vaccine response and of it’s deployment.
i just don’t think it’s responsible to claim it’s been a cure-all, you’re flouting alot of reality to toe that line in my book.
i’ll keep my p100’s and continue to advise people to use masks if they have children or vulnerable family and friends
Fake • June 16, 2021 5:43 PM
something i found myself wondering earlier,
has anybody done research to see if covid can be transferred by mosquitoes
?
Fake • June 16, 2021 5:54 PM
to answer my own question about mosquitoes,
no, or… not yet 😛
https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public/myth-busters
https://www.verywellhealth.com/coronavirus-and-mosquitoes-5073115
^^^
” To ensure that the mosquitoes became infected with SARS-CoV-2, the researchers used an intrathoracic inoculation, meaning they injected the virus directly into the cavity containing circulatory fluid. For a virus to be transmissible by a mosquito, it must be able to travel through the circulatory system and replicate. This allows the viruses to find and infect the salivary gland, which is the final step in the process before the infection is passed to the host.
Researchers observed that there were no traces of COVID-19 virus within the insects after 24 hours. This means the virus was unable to replicate within the mosquitoes and was eventually eliminated by natural defenses.”
echo • June 16, 2021 6:42 PM
@vas pup
“We need our own hardware in Germany, hardware that we develop ourselves, not hardware that we let someone talk us into buying from afar,” he argued.
“For it to go forward, there also has to be a corresponding market that stimulates the development of these devices. And that’s where the industry can do a lot, of course.”
Aside from the EU Horizons project it appears Germany at least has learned from the 1980’s and the closure of Meiko the transputer supercomputer company among other things. Meanwhile the UK under the ghastly post-Brexit Johnson regime is arguing about sausages and the NI border.
I’ve always found the desire to solve a problem tends to create invention and the German car industry seems to have plenty of innovations it wants to make with attendent problems to solve. Of course arch Brexiters Ratcliffe and Dyson bottled it. Ratcliffe shuffled off to Monoco and decided to build his much promised new car factory in France. Dyson disappeared off to Singapore and folded his car project. ICL and Apricot died off years ago.
MarkH • June 16, 2021 8:11 PM
@Fake:
You seem to say that Winter made some “claim [Covid vaccines have] been a cure-all”.
Where did Winter (or anybody else here) say that?
Here’s what DATA are showing:
Infection and hospitalization rates are in fact declining in countries with high vaccination rates.
In the U.S., where we now run continuing experiments in organized mass ignorance, there are large regional discrepancies in vaccination rates. In regions with high vaccination rates, Covid infection rates are falling. In regions with low vaccination rates, infection rates are rising.
Studies of U.S. “breakthrough” cases (Covid in vaccinated persons) show two interesting results:
• symptomatic Covid case rates are very low among the vaccinated
• the genomic distribution of breakthrough infections is quite similar to the distribution in the unvaccinated population, suggesting that the vaccines are about equally effective against all of the variants circulating in the U.S. as of a few weeks ago
None of the above information is incontrovertible proof. All of it is consistent with the hypothesis that the Western vaccines are working, and sickness can be reduced by a large factor if enough people are vaccinated.
MarkH • June 16, 2021 8:39 PM
@Clive:
As I think I wrote above, the notion of doing less than full-word arithmetic wouldn’t even have occurred to me.
The first computer I programmed had instruction times of several microseconds (we’re talking kHz), and a modest amount of very expensive “magnetic donut” RAM. It might have been as much as 32K bytes, but probably it was only 16K … ’twas long ago.
The FORTRAN compiler was divided into many incremental steps (27 or thereabouts). Each would be loaded from the disk, massage the data which started as the source text and ended up as the object code, and then give way to the next pass.
Probably rather like you, I not long after “graduated” to microprocessors which had even less storage and were often at least as slow.
Nowadays, I’m happy to let high-level languages burn up resources, but when it comes to speed-critical or storage-intensive operations, I still have a reflexive horror of throwing away bits and cycles.
========================
On a distinct matter, but perhaps of interest to computation geeks here, the first version of my big integer code was for a GHz-range 32-bit processor.
For an embedded application, I needed to adapt it for a 16-bit processor in which the execution time for modular exponentiation (so central to public-key crypto) increased by a factor of about 600.
Looking back at the old code, I see that the 32-bit version processed 4 exponent bits at a time. This is a simple speed up, in which the function pre-computes powers of the base from zero through 15, and multiplies each in based on the next 4-bit slice of the exponent.
In the 16-bit version, I got a dramatic speed-up by switching to Montgomery representation, but left the code doing one exponent bit at a time (the classic square-and-multiply algorithm).
I know I wanted to combine Montgomery and applying the exponent in slices, but ran into some trouble. Apparently I never solved this; I wish I had kept better notes.
One tricky point is that in my 32-bit code, I simply skipped the multiplication if the exponent slice was 0000 (the 0th power being unity) … but (as I recall) you can’t do that in Montgomery representation, because you must actually multiply by the Montgomery reduction of unity, which is definitely not one.
I’m tempted to revisit this code and see if I can get both speed-ups working together.
Fake • June 16, 2021 9:05 PM
Countries, as far as I know… Outside of china specifically… that have high vaccination rates had failed or roughly failed lockdowns.
I didn’t notice immediately that I am not the only one leaning on proper quarantine as the antithema of any evidence we are being presented.
As time goes the vaccine signal will present itself but are we yet at a point where we can separate poor existing infection resistance eg antibodies and vaccination based antibodies?
I think exposure has been very much underdocumented and all these loose numbers are being attributed to the good grace of medical companies.
I’m not playing that game, if you want to that’s your business but I don’t think some adhoc Hollywood numerology is going to make things better.
Where I live, we had the chance for a proper lockdown/quarantine… Many of you in various parts of a mainland had almost zero chance.
Stay away from people who are drunks, stay away from places that sell lottery, stay away from closet sized spaces and people who want to make you feel safe.
I saw first hand what a slight fever and a over eager willingness to go on the lamb with a mouth full of covid-19 could cause.
The only thing vaccines are going to do short of a lockdown is create carriers not canaries.
We have to slow down the mutation rate if you don’t want a persistent global infection, but it’s likely already too late… Those vaccines, the current ones are modeled after covid-19 not covid-21…
I’m not buying, besides the technology phizer is using is based on DARPA technology, see China’s reference to Maryland and NC. There is an multispike vaccine under development, you didn’t see the Reuters article about az/ph/etc stock options?
I have a 6 month old in my midst who is an absolute miracle, I was starting to think it wasn’t possible considering my age.
Believe what you will, but I am going to keep my girl as safe as I can for as long as I can and I don’t care if I’m some sort of mask Nazi either.
Keep shaming people for not wearing masks, I don’t give a damn if it’s the president of the united States the only way out of this is too slow it down and the only way you do that is with airgaps.
To Melissa, I Love You.
Fake • June 16, 2021 9:14 PM
Edit, poor should read pre
Fake • June 16, 2021 9:54 PM
China had lockdowns and digital thermometers, it took you how many months to get out of the vaccination gate and how many more months to buy off what percent of what percent of the total global population?
I’ll wait, some of you may have reasoning not to and I understand… But I’m going to wait I don’t want last year’s model.
My family needs something better than last year’s model that was targeted with 95% confidence. This year’s model is what? 40%
Ps. I was spraying my vehicle down with a pump sprayer full of methanol wore concrete galoshes and over long clothing so you can eat my shorts because I’m a civilian and had things nurses couldn’t get and I’m not a prepper.
It’s not airborne, and you were willing to take that risk too weren’t you?
There’s a very real chance that two or more definitive families will develop, an anti vaccine virus and an anti natural immunity virus they’re just going to keep circulating and recombining with each other and every other coronavirus they can parallel infect human minks otters dogs big cats small cats and recombining like Voltron on polypeptides…
How many different base pairs is that?
How many new and old reservoirs?
Go ahead, let your guard down
Here, let’s share with you a quote from the front lines…
It’s only the sniffles
First it’s one person, then it’s three, then people are sweating… People can’t maintain a conversation their voices crack.. I had that figured out before MITs AI voice mining…
Or how about, “warm weather will kill it”.
Explain Iran where 1/2 of the population is female and wears masks in the heat of the sun?
If you still feel safe that’s on you, I have a 6mo old I don’t have that luxury right now there might be others out there that need to understand the purpose of a canary and how epidemics actually work.
It’s the flu lol, I’ve got a cold, I have allergies…
I have a mask and an infant and a family to feed, you want risk? Let someone else do your thinking for you.
Personally, I’d like to see some of the information that’s popped up here from time to time and then been politely removed. At least leave a reason more than just ‘disinformation’, prove it show me I’m here to read about security and share things that I think improve the various fields under said umbrella.
Anyways I was really trying to avoid doing some random bullet inexpressible covid rant that might illustrate just how crazy and useless I am.
Just please beae in mind, I am not your speaker i promise you. Better yet? Someone here may have buried a hopeful signal or a truely important piece of information in their quest for a quiet place.
Some of us have awk curl nc wget cut paste find and friends to balance out any problems
If you look at the page source everybody is sequestered into identifiable tags so quit whining about links and start directly contesting any information you don’t believe to be accurate, that’s specifically what and how I remember the afore mentioned disappearance.
Unfortunately, it took A LOT of work from one very special voice here to scale it back but it worked and I still think we’re worse off because honestly I liked both parties involved.
People got shot in my neighborhood over this stuff, people are still being shot over this stuff.
Mask up.
it’s your right to embrace masks think of all the security cameras you’re going to be putting out of a job.
Fake • June 16, 2021 10:09 PM
bear, spammer,
and
donate my vaccine to a third world country, i want a 2021 or a 2022
vietnam is another good example of potentially successful quarantine.
do you have a bathroom?
Clive Robinson • June 16, 2021 10:32 PM
@ SpaceLifeForm, MarkH,
Weird that we were both looking at same theory at same time.
Some call it sychronicity[1]… Professionaly I call it something else[2].
The simplest solution is thus probably not the Jungian one but one similar to Huygens pendulum observations revealed.
That is a simple series of events that two or more people are aware of subconciously which sets off similar thought patterns. It’s why we have the expression about events, ideas or inventions “Comming of age” and the likes of very similar Academic Papers getting written in different apparently unreated places and people at very nearly the same time.
When you dig into synchronicity as a concept you “go down a rabbit hole” that even Alice would have been surprised at, White Rabbit with fob watch or not. Also you discover it has rather more dark corners than most would like.
Over the years people have come up with some very irrational ideas. They might sound beguiling to those who do not think, reason and apply logic, but they are nether the less a nonsense. Often as with certain types of managment they are an invention to justify an already made decision that is neither rational or sensible just desired[3].
As I’ve noted before “Managment want solutions not problems” if you give them problems then they have to take ownership of them which is a career killer for those incapable of thinking and reasoning logically who basically have advance by chance beyond their point of actual job competence. Where as if you give them solutions they do not have to take responsability, just say “Make it so”[4] if it goes wrong they do after all have you as the supposed domain expert to scapegoat as they “acted under advisement”.
So remember never give “a solution” give “several potential solutions” with pros and cons couched in very broad terms and be neutral about recomendation. Use expressions like “given most attention” but not the reason why. It sounds like it’s a recommdation but is easily later argued as being cautionary. In the corporate work place there are two basic survival tactics,
1, Not be noticed.
2, Set your boss up as a scape goat before he does it to you.
Oh and never enter into a “conspiracy” to scape goat your boss, otherwise either they will tell your boss, or they will later hold it over you, or cut your throat with it. Oh and kill any conversation that some one starts going that way ambiguously with a little dark humour… Such as “Are you suggesting a little fast lead poisoning between the eyes?” they then have a problem and you should walk away chuckling before they reply.
[1] Human Synchronicity arose out of the conceptual thinking of Swiss analytical psychologist Carl Gustav Jung to,
“Describe circumstances that appear meaningfully related yet lack a causal connection.”
Jung unsuprisingly for the times knitted a woolly theory together into what he considered whole cloth, then cut it to suit which way the wind blew…
Amongst other things he held the viewpoint that,
“To ascribe meaning to certain acausal coincidences can be a healthy, even necessary, function of the human mind”.
Sorry but if like a lot of people for good reason you don’t believe in coincidences, you take a rational view point then they can not be “acausal”.
Jung then went on, some say to invest too much meaning in the more famous Swiss Cuckoo Clocks with,
“The pendulum of the mind swings between sense and nonsense, not right or wrong.”
Yes… OK… Go sit in the corner… it’s probably why some think that was very introspective, thus self descriptive of Jung.
[2] One of the earliest of modern clock designers Christion Huygens who more than two centuries before Jung was troubled by the observation of “synchronicity of pendulums”. That is where over time they can be observed comming into alignment in period in some way. Huygens was no slouch and he investigated it in quite experimentally advanced ways for the time with a beam of light so as not to disturb the pendulums. Effectively the first thing of note he found was the strongest or most dominent pendulum actually determines the pace that the less dominant pendulums align with, a strong indicator of a direct causal effect. He then worked out from there it was a form of weak coupling via beams or supports the pendulums were mounted on they had in common. Thus the principle of “entrainment” was established and is found all over the place in engineering biology and more recently in certain types of chemical reactions, then there is chaos to consider…
You fairly quickly find that it seems to apply to most periodic or rhythmic systems. In electronics we call such synchronicity or entrainment “Loose locked oscillation” and it can be very very very anoying when you are trying to create the likes of True Random Bit Generators (TRBG/TRNG) using multiple “supposadly independent sources” (something you rarely read about when people talk of rendom sources in computers).
[3] Backwards thinking from effect to cause is very unscientific but very human. People want to be rich but they have no clue nor in most cases capability as to how to achieve it. Thus they think you just have to grab it… It’s the idea behind much criminal behaviour and the “American Dream”. It is actually quite sociopathic in origin and when taught by mantra to the young becomes as dangerous as religion and blood feuds and often a lot nastier.
When you realise this it makes a nonsense of the “lone actor precipitator of change” idea that many espouse. Likewise the concequent nutty theory that will follow it as justification for action/policy that is unreasoned.
One of the worst of such ideas is the original “Single bullet that will change time” justifications of “We are the good guys”, “for the common good” for what is little more than the bullies “Might is Right” argument. It was subscribed to by the Dulles brothers in the US administration one of whom Allen in effect ran the CIA. The idea was triggered by the events that precipitated WWI, where Arch Duke Ferdinan was assassinated and a cascade of events led inevitably to war. The argument that the Dulles brothers promulgated was if the assasination had been prevented by someone assasinating the assasin before hand, WWI would not have happened, thus a single bullet could have saved the world from war and simillarly the argument about Hittler not dying when he was shot in a beer celler the concequences of which it is argued was WWII… Similar arguments have been made about Arab Spring. The reality is that those events happened as a concequence of much broader events that made some protest inevitable and unavoidable, much as an over heated preasure vessel without a safety valve, the reality is things will blow up. Thus if not the assasination or self immolation it would have been something else that acted as a trigger or cause celeb to tip people over into explosive action.
[4] The “Make it so” catch phrase from StarTrek Next Gen, was a dialog trick to alow a plot line to be voiced by an actor and then not enter into what would normally be extended dialog that does not move the plot along. Oh and a natural break point to slip another advert in. Unfortunately it looks authorative and decisive to people who have no real idea what those actually entail, thus life style and managment gurus and similar charlatons grabbed the concept with both hands and sold it widely… Yes sometimes leaders do have to be authoritative and issue orders without knowledge to base them on, it’s what keeps a squad alive when ambushed and the like. But the reality is it’s based on a lot of training based on experience of survivors of previous unplaned enemy contact. Remember “Officers are trained, ORs are drilled, but the experience lies in the senior NCO’s” on the battle field. Good managers, usually do not get unexpectedly ambushed, they see something comming and make broad contingency plans, but there are limits on what you can plan for just as there are limits on what you can legaly, honestly and morally do, unless you are not normal.
lurker • June 16, 2021 11:13 PM
@Fake:
The success of lockdowns appears to be proportional to the respect the population have for the rule of law, and the amount of visible enforcement the government supplies.
The most spectacular failures of lockdown are still going on, where neither the governors or the governed have any clue what a lockdown should acheive, nor how to do it.
Clive Robinson • June 16, 2021 11:22 PM
@ Fake,
For a virus to be transmissible by a mosquito, it must be able to travel through the circulatory system and replicate.
Err either very badly worded or not fully factualy correct.
Look more closely at how mosquito’s actually feed. Like many insects the first inject the host prior to injesting. This can involve not just numbing and anti clotting agents the mosquito makes in the salivary glands, but blood cells from a previous recent host and pathogens one heck of a lot bigger than viruses can be transfered this way.
The risk of this infection path is usually considered a lot less than through the mosquitoes salivary glands which is very high risk (malaria is one of the worlds number one killers). In part this is because it is currently to difficult to reliably test in laboratory conditions. The point though it is still a viable inoculation thus potential infection route. So even though the level of inoculumb may be very small it is still an acknowledged risk especially for those who’s immune system is compromised.
On another note, enjoy your daughter whilst you can, children grow up all to quickly and you look back and feel regret you did not do more at the time.
Weather • June 17, 2021 1:28 AM
Tried the input 11,1f,26,2b,3a,3f,41,4f,55,5f,63,66,7a,7f,8a,97,b1,bf,CE,cf,d4,da,e6,dd,e0,e6,f1,fa
Got 22/28 from 182/255 0 loops
It doesn’t quite get 100% found,I’m not sure weather that is good odds for 22/28 from 182?
Winter • June 17, 2021 1:37 AM
@Fake
“I didn’t notice immediately that I am not the only one leaning on proper quarantine as the antithema of any evidence we are being presented.”
First, as you have a daughter (congratulations), so I assume you are relatively young. This means that your risks of developing serious symptoms from a SARS2 infection are small. I would not worry too much about your own health. You might have older relatives who are more at risk. You might want to avoid direct contact with them as you could infect them with dire consequences.
However, I think you misunderstand the function of the lockdown. SARS2 is a new virus. Eventually, everybody will get infected. There is absolutely nothing you can do about this short of never ever coming in contact again with other people. In the end, everybody will develop immunity (antibodies) against SARS2, one way or another.
There is still no cure for COVID-19. About 5% of those infected get sick and 1% will die, if there is enough oxygen and the ICUs are still functioning. These numbers do not change by a lockdown, they are just spread out over a longer time period. This is no different from measles in the past. Those old enough to remember know, before vaccination, everybody got measles, without exception.
The lockdown was not aimed at preventing infection, it was aimed at buying time and slowing down the rate at which people get into hospital to keep the health care system from collapsing while waiting for a cure or a vaccine.
There are only two ways to prevent 1% of the population to die from COVID-19, a cure and vaccination. Vaccination prevents disease, a cure limits the damage. Make your pick.
Do vaccinations work? They did with smallpox, polio, and measles, to name a few. Do cures work? We still have none for the flu or Ebola. It is anybodies guess whether there will be a cure for COVID-19. But until then, vaccination is the only way out to prevent 1% of the human population to die from COVID-19.
If you stay in quarantine until the rest of the world has developed immunity, by infection or vaccination, you might escape the virus. That is the infamous herd immunity. Else, you will get it and see what the effects are.
Clive Robinson • June 17, 2021 3:11 AM
@ Winter,
There are only two ways to prevent 1% of the population to die from COVID-19, a cure and vaccination. Vaccination prevents disease, a cure limits the damage. Make your pick.
It’s interesting that you do not talk about the % of the population that will die during the prolonged period it will take to vaccinate people.
Or how the virus will mutate during that time.
We’ve had atlrast 4 Varients of Concern in a year that are considerably worse than the original two strains that were identified in China.
You only have to look.at the appaling death rate in India which could have topped 100,000 a day some believe likely (India has minimal to no effective health care outside of major towns and cities thus deaths do not even get recorded in some cases).
China got the infection under control by strong quarantine measures, they have no where near vaccinated their population yet economically and socially they are near back to normal.
Australia and New Zeland had area wide lockdowns and likewise got their economies and sociall lives back to near normal well before they started vaccination.
I’m sorry but there is quite a bit of evidence stacked up against the way you present things.
Whilst,
1, There is no medical cure.
2, There are apparently no effective medical theraputics (unless in pattent by big phama, but they appear at best minimally effective by independent observation and clinical trials and are eye wateringly expensive).
3, Currently medically only vaccination provides some protection and reduces your chances of going to hospital or dying.
But as I keep saying with the best will in the world, of which there appears very little politically, it’s going to take years not months to vaccinate even just the more accessable parts of the world that have nominally functional health care.
Thus we have to look at non medical limitations to the spread of the disease,
4, PPE and hands, face, space ventilate, is known to have stopped and some believe compleatly eradicated a fairly nasty flu varient this past “respiritory disrase season” in the Northern Hemisphere.
5, Personal quarantine for those at significant risk untill they could be vaccinated has by simple statistics been proved to work.
6, Local area lockdown has been proved to stop community spread in various countries and regional lockdow proved to work beyond reasonable doubt in Australia and their economy and social lives are back to near normal with hospitalisations and deaths from COVID down in single digit numbers and actual deaths below pre-COVID five year averages for infectious disease.
7, National lockdown of boarders has proved effective in many countries and their economies and social lives are back to near normal with death rates lower than pre COVID averages for infectious diseases.
8, Very wide area lockdown in China has stopped COVID and socially and economically they appear back to normall.
Thus quarantine in one form or another is very effective be it petsonal, local or regional.
So it appears quarantine in it’s various forms is the only evidenced based way we have currently to limit the spread of SARS-2, stop infections thus the attendent mutations, and bring society and the economy back to near normal, all whilst limmiting the horredus numbers of needless deaths, where such measures are not in place.
What we do know is certain “capatilist nations” in the Northern Hemisphere have only played at lockdown, supposadly to protect the economy… But that has failed absolutly massively, all to predictably (and was predicted on this blog as you know as you actually were involved with the predictions).
All that has realy happened is that vast sums of money have been transferred into a very limmited numbers of hands and they are busy using it to buy up assets to form an even larger “rent seeking” economy that only they benifit from.
The debt from this transfere is going to be paid by the ordinary citizens for the next four generations at least if not a lot longer. In fact it is likely in the US there will be nobody who is currently alive who will still be alive if the debt ever does get payed off.
Why you now ignore this and rail against some of the actuall evidence and avoid even talking about it is somewhat puzzeling. Not just to me but to one or two other long term posters.
Yes I appreciate you’ve been attacked by certain people who have political or financial axes to grind but denying documented evidence is actually playing into their hands, and they know this.
Winter • June 17, 2021 3:54 AM
@Clive
“It’s interesting that you do not talk about the % of the population that will die during the prolonged period it will take to vaccinate people.”
You seem to think I want the quarantines lifted. That is very far from what I would advocate. If we could, the quarantines as used in Australia, New Zealand, South Korea and China would be best. But I see around me that these are simply not enforceable here, and I suppose elsewhere. If people refuse to follow the rules, there is only so much you can do.
As I wrote, the lockdown and quarantine are to buy time for taking steps to prevent people from dying. As everybody will eventually get infected, even if we prolong the lockdown for decades (there is no way the virus can be eradicated), something has to be done to prevent people from dying.
There are only two ways to prevent people from dying of COVID-19: A cure, and vaccination. There is no cure in sight, and prevention is better than curing, so we are left with vaccination.
And indeed, people will get sick and die waiting for vaccination. The lockdowns and quarantines were intended to minimize that death toll.
@Clive
“Or how the virus will mutate during that time.”
So we make new vaccines when that happens. We do that all the time for the flu, we did it for pertussis. That is not a big deal.
Until someone comes up with a better solution that saves more lives, this is what is available.
@Clive
“Thus quarantine in one form or another is very effective be it petsonal, local or regional.”
Indeed, but you will be unable to enforce a lockdown for another 50 years just because you do not like vaccination.
@Clive
“So it appears quarantine in it’s various forms is the only evidenced based way we have currently to limit the spread of SARS-2, stop infections thus the attendent mutations, and bring society and the economy back to near normal, all whilst limmiting the horredus numbers of needless deaths, where such measures are not in place.”
It does not stop the spread of SARS-2, it just slows it. We already see it coming back in waves every few months. But even if we can slow it enough to prevent waves, everybody will get infected eventually and 1% will still die, not this year, but this decade.
And quarantine is difficult to square with “normal economy”. It works now as we have a lot of reserves (economically and socially) to go on. But that will not last forever.
Quarantine is just a way to buy time to vaccinate. If you do not vaccinate, or find a cure, the same people will still die, but now somewhat later.
@Clive
“All that has realy happened is that vast sums of money have been transferred into a very limmited numbers of hands and they are busy using it to buy up assets to form an even larger “rent seeking” economy that only they benifit from.”
That is where revolutions come in. Ownership is not sacred, whatever right wing politicians and ideologists might tell you. If the distribution of wealth is seen as unjust, people can simply redistribute the wealth. That has been done before. I just hope it can be done peacefully this time.
@Clive
“Why you now ignore this and rail against some of the actuall evidence and avoid even talking about it is somewhat puzzeling. Not just to me but to one or two other long term posters.”
I do not ignore this. And I do not advocate lifting the quarantines. The basic fact is that everybody will get infected with SARS-2 eventually. There is nothing that can be done to stop that. SARS-2 will not go away. Either we find a cure or get vaccinated, or the same people will die eventually. Or people who are now not in danger will grow old enough to die from COVID-19.
And if you want to do something about inequality, read Thomas Piketty and join a movement to do something about it. SARS-2 is not the right target for that.
@Clive
“Yes I appreciate you’ve been attacked by certain people who have political or financial axes to grind but denying documented evidence is actually playing into their hands, and they know this.”
That is something I really, really do not care about. The documented evidence since the 18th century is that vaccinations stop pandemics. Quarantines only delay them.
The word “Quarantine” comes from the 40 days ships were kept isolated during the plagues. They did not stop the medieval plague. The black death plagues stopped when enough people had become immune to the pest bacteria.
Clive Robinson • June 17, 2021 6:19 AM
@ Winter,
Indeed, but you will be unable to enforce a lockdown for another 50 years just because you do not like vaccination.
I’m pro-vacconation, especially the more traditional well understood methods of making them.
As for 50years I certainly hope not, in the UK we have an expression “stop gap measure” it basically means you have to do something to minimise harm whilst you bring an actual solution on line.
people will get sick and die waiting for vaccination. The lockdowns and quarantines were intended to minimize that death toll.
Which is my point and they are certainly working in many places and appart from long distance travel for short term reasons life has returned to more or less normal in those places. As for long distance travel for short term reasons it’s something that’s kind of just about half a century old at best and is in no way a necessity in life. It’s certainly not a right, in fact for political reasons our freedom to travel has been diminishing this century.
It does not stop the spread of SARS-2, it just slows it. We already see it coming back in waves every few months. But even if we can slow it enough to prevent waves, everybody will get infected eventually and 1% will still die, not this year, but this decade.
I think at this point you need to split things along what are eco-political lines. The reason it keeps comming back in waves in some places is the cupidity of politians on the take from lobyists in certain industries.
If the politicians had actually kept lock down on hard just under a year and a quater ago, for five weeks we would only have had a minor blip that would have died out and may well have made SARS-2 extinct as we did with SARS-1. But the cupidity of politicians in the whole of North America, UK, Continental Europe, right through Russia and the Stans along the Silk Road ruined that opportunity and there was absolutly no excuse for such behaviour. It’s condemed much of the World to Infection.
China on the other hand behaved in a way that Western Politicians would actively avoid. That is draconian as it appeared the got ontop of the infections and eliminated it from China in a relatively short time.
They went down the “Social Responsability” route even though it was harshly enforced at times.
The West especially the America’s for purely political reasons pushed the,”Individual Rights” agenda, and we can see just how much harm that has caused, and is continuing to cause as they head into what is probably a Third Wave potentially from a new way more infectious and harmful mutation. Which is coupled to political nonsense about “winning” that just is not true, but is in time for the Summer Holiday season to encorage ill afvised behaviours. Together they could easily make a third wave worse than the second wave. I hope not but you’ve seen what has happened in Brasil and India, the Americas could well see it happen to them especially as the UK figures suggest the Delta or Ondian Varient has an R0 of 6-8 with it more likely to be 8 now.
Oh and as Manus Brazil showed having been previously infected won’t of necesity stop you being infected again by a new varient.
Based on politics and neo-con economic driving, it’s not exactly difficult to predict where the worst hit places will be…
Vaccination will not stop the Delta / Indian varient becomming dominent or sweeping through populations that inyermingle freely. A lesson some are going to learn very much the hard way. Viruses care not a jot for politicians and their cupidity, but the next host they can infect. That will cause the virus to mutate into previously low risk groups and it’s a flip of the coin not evolution with this virus that decides just how harmful each mutation is.
Do we have a vaccine for the Delta varient, not as such and the existing ones are not as effective as they were. How long it would take to come up with a new vaccine is not realy development time dependent but getting manufactiring ramped up then getting the supply out and potentially revaccinating every body before a sizable petcentage of the population has evem had their first vaccine shot…
So potentially another half million US citizens in a bad way, with hospitals still close to capacity in many places.
Winter • June 17, 2021 6:47 AM
@Clive
“Do we have a vaccine for the Delta varient, not as such and the existing ones are not as effective as they were.”
Yes, current vaccines do still work. But you do really need to take the two doses of Pfizer to be protected (~80%). But we will have to change the vaccination strategies an, likely, the vaccines too.
ht tps://www.webmd.com/vaccines/covid-19-vaccine/news/20210610/delta-variant-and-covid-19-vaccines-what-to-know
ht tps://www.euronews.com/2021/06/14/delta-variant-having-huge-impact-on-vaccine-effectiveness-says-expert
Winter • June 17, 2021 6:49 AM
@Clive
“So potentially another half million US citizens in a bad way, with hospitals still close to capacity in many places.”
There is no cure against stupidity.
JonKnowsNothing • June 17, 2021 8:30 AM
@Clive @Winter @All
re: COVID Muts and Vaxes
There are a good lot of vaccines and treatments under research. Last count was about 50-60 good potentials. However, as already indicated the Muts are changing faster than the trials and so far, the vaunted mRNA vaccines are not able to be tweaked fast enough to handle the COVID Muts.
The GlaxoSmithKline and Sanofi re-do-over vaccine is in trials again and early reports are it is doing better than their first go round version and might be useful as a booster shot which we will all need soon. (05 17 2021)
The vaccine problem still runs on 3 fronts:
1 Development
2 Distribution
3 Re-Vaccination or Boosters
We aren’t doing all that well on any of these 3 aspects.
In addition, the Symptom List of the COVID Muts is changing and this has some public health impacts.
Currently, people have been looking for Loss of Smell which was the hallmark of D614G. The Delta Variant (Delta B.1.617.2) the primary presentation is Runny Nose and Sore Throat. Lots of people have the Delta variant and think they have a Summer Cold and continue to go and about their daily interactions.
Another aspect that has been tracked through the quarantine breakouts is that a good number of people are Asymptomatic but are Infectious. The reports indicate this is not just the 3-7 days pre-Symptom phase but maybe true Asymptomatic Carriers.
Long term virus and/or virus particle shedding is clouding up some of the research and track-N-trace. The longest shedding period I have notes for is 154 days. Shedding old virus particles may not be as important to vaccine development but is a factor in Long-COVID and the various debilitating conditions associated with “post-recovery” of a primary COVID-19 infection and continuing illness 4+ months or longer.
As was recently noted in an interview with a former COVID advisor, in the more-or-less vaccinated countries the outbreaks will be in pools rather than across the general population. Because people hang out with like-minded folks, pools of vaccinated and non-vaccinated populations will coalesce separately. It is clear what happens to the non-vaccinated group by observing other non-vaccinated groups. What will be more challenging for the Pubic Health System is that these vulnerable pools are going to flare faster, than outbreaks of vaccine failure in the other group.
note: There appear to be gaps in some of the thread exchanges, one might presume this is part of the grounds cleanup or it maybe that my PC is borked…
===
ht tps://www.theguardian.com/world/2021/jun/14/delta-variant-covid-symptoms-include-headaches-sore-throat-and-runny-nose
(url fractured to prevent autorun)
Z.Lozinski • June 17, 2021 8:34 AM
@vas pup,
“the German car industry seems to have plenty of innovations it wants to make …”
Current quantum computers (NISQs) seem to be well-suited for the simulation of simple, quantum-based systems. Daimler has already published papers on simulating Lithium-Sulphur battery technology using a quantum computer. If you are switching to electric vehicles then battery technology is critical to your future.
Germany also has a major chemical industry, and current quantum computers can simulate quantum chemistry well. It’s probably not a co-incidence for the Kanzlerin’s enthusiasm that her doctorate is in quantum chemistry.
NISQ: noisy, intermediate-scale, quantum computer. Term for machines with up to 100 qubits, and no error correction. All current quantum computers are NISQs and this will be true for at least another 2-3 years. Quantum computers today are where digital computers were around 1945-55. Building skills, and hands-on experience is critical.
Full disclosure: I may be biased, Clive can tell you who I work for 😉
Fake • June 17, 2021 8:56 AM
So we were wearing junk cloth masks that trapped shrapnel from being expelled from our lungs, we’ll call that a 5.
Now we have a mutant baby of a pair of mutant parents that may be an 8 on the ‘i like porosity’ scale.
Pfizer was bragging about their technology, about how quickly they can adapt it. Practically overnight from the way I understand the mixing process and the engineering involved, maybe upwards of a couple days but that’s about it once distribution starts to increase the ramp.
Well, that and testing. Why aren’t they changing this protein so readily? There’s something very suspicious about these spikes…
I think the mDNA vaccines are a bad ass game changer, every vaccine out there seems to be having problems of the same symptom on smaller scales than the virus itself.
Something is peculiar about both the synthetic and the natural spike proteins.
The vaccine is not a cure until you slow down the mutation rate or find a more effective target. If vaccinated individuals can become contagious, albeit rarely there is something very serious to be examined about how the bodies uptake is handling taking up breaking down and excreting these spikes.
We are in great danger individually and as a society and the only thing we seem to be able to do about it is misdirect.
There is most absolutely a cure for stupidity, but just like a drunk driver you hope and you pray that when their time comes… They don’t take others out with them.
But this stuff, results are 2 weeks behind the decision making process and most of us… Well, you already know we prefer instantly gratifying au gratin potatoes.
We developed this vaccine against a 4-5 with 95% confidence, now we have a 7-8 @ 40%.
Tell me 4-5 and 7-8 aren’t fujita scale.
Mutations are a factor of both time and space.
We understand the vaccines to a point, we understand our immune system to a point and we understand it’s response to a point.
Vaccines in our current situation without border controls and quarantine are not going to stop this, we shook the bottle and now we are trying to slowly reopen the cap.
By the time we get this gnarley wave rode out there will be two more children of children licking at our dragging heals.
Give me a mask and something better than 40% against an EF0.
Put a complete stop to ingress.
Clive Robinson • June 17, 2021 8:57 AM
@ Z.Lozinski, vas pup,
Clive can tell you who I work for
I shall just sing ELO’s Mr Blue Sky, that should be enough of a clue 😉
As for “I may be biased”
Well just reading most large company house journals can give you a different out look, especially if they do domain R&D but is it realy biased… Probably not in many peoples view.
I must admit I’ve realy lost interest in Quantum Computing, I just don’t think it’s going anywhere any time soon except in very niche areas. Like AI it’s also fracturing into different technology type groups and lessons learnt in one group do not appear to be transfered onto other groups so the “square wheel” keeps appearing.
As somebody noted “The technology has potential, but when is the question…”
Winter • June 17, 2021 9:05 AM
@Fake
“The vaccine is not a cure until you slow down the mutation rate or find a more effective target. If vaccinated individuals can become contagious, albeit rarely there is something very serious to be examined about how the bodies uptake is handling taking up breaking down and excreting these spikes.”
Vaccines have been in use for more than 2 centuries now. Nothing out of the ordinary is happening. If you want to wait for the perfect cure, you will be dead before it arrives.
Vaccinated people are doing better than unvaccinated people, go and ask anyone having to care for COVID-19 patients. And if/when we need a new vaccine, we will simply make a new one.
Since the start of the pandemic I have heard the same lament, producing a vaccine will take 10 years. One year later, we have 6 working vaccines. The the lament is, they will not work against new variants, but they still work. Now the lament is, there will be new variants that will not be stopped by the vaccines. Yeah, that is a problem we will have to solve then. And it is most certainly no reason to not get vaccinated now, and protect yourself and everyone you meet.
Meanwhile, if you want to isolate yourself from all human contact to stay safe, nobody is stopping you.
echo • June 17, 2021 9:09 AM
@Z.Lozinski
Full disclosure: I may be biased, Clive can tell you who I work for
My comments elsewhere to treat the UK regime as a hostile force and not believe a single word they say has proven to be correct. I’m generally pleased with the line the EU is taking on this.
There are many in the UK who support rejoin and the EU taking a hard line. While the establishment did not take all measures necessary I managed to persuade someone to get the German government to press the issue of the legality of Brexit uder constitutional law. Sadly the “go to” academic in the UK is an idiot and coupled with a nod along Supreme Court up its own legal backside and a less than independent Attorney General it went nowhere. An ECJ case was still possible but the ECJ don’t know enough about English law to know when they are being hoodwinked. Post EU parliament vote the door seemed to have closed. I’m not completely convinced but then the UK badly needs root and branch reform in any case.
It is only my opinion but I trust Musk as far as I can throw him. He is not opening battery factories in Germany because he is your friend. He wants to create a supply chain monopoly and stop you entering the business.
Germany and Japan helped save what little car industry existed for a time. I do not forget who my friends are.
P.S. I like traditional analogue clocks and instrumentation on Rolls Royces and Bentley’s. Can you lot stop slapping a computer screen on everything?
Winter • June 17, 2021 10:30 AM
@echo
“There are many in the UK who support rejoin and the EU taking a hard line. ”
There are serious doubts in Europe whether we want the UK to rejoin. If half the people hate you with a vengeance, why let them be part of the club? The whole UK membership has been partly a prolonged attempt to destroy the EU.
See the famous “Yes Minister” clip, which was fiction true to reality and widely studied in the then EEC.
ht tps://vimeo.com/85914510
Sir Humphrey: Minister, Britain has had the same foreign policy objective for at least the last five hundred years: to create a disunited Europe. In that cause we have fought with the Dutch against the Spanish, with the Germans against the French, with the French and Italians against the Germans, and with the French against the Germans and Italians. Divide and rule, you see. Why should we change now, when it’s worked so well?
Hacker: That’s all ancient history, surely?
Sir Humphrey: Yes, and current policy. We had to break the whole thing [the EEC] up, so we had to get inside. We tried to break it up from the outside, but that wouldn’t work. Now that we’re inside we can make a complete pig’s breakfast of the whole thing — set the Germans against the French, the French against the Italians, the Italians against the Dutch… The Foreign Office is terribly pleased; it’s just like old times.
Hacker: But surely we’re all committed to the European ideal?
Sir Humphrey: [chuckles] Really, Minister.
Hacker: If not, why are we pushing for an increase in the membership?
Sir Humphrey: Well, for the same reason. It’s just like the United Nations, in fact; the more members it has, the more arguments it can stir up, the more futile and impotent it becomes.
Hacker: What appalling cynicism.
Sir Humphrey: Yes… We call it diplomacy, Minister.
echo • June 17, 2021 11:18 AM
@Winter
There are serious doubts in Europe whether we want the UK to rejoin. If half the people hate you with a vengeance, why let them be part of the club? The whole UK membership has been partly a prolonged attempt to destroy the EU.
Like I said the UK needs serious root and branch reform. The top of the agenda is a modern social democratic written constitution with no business as usual loopholes. Then there’s all the policy and policy delivery issues. I’d hold out for Shengen, the Euro, and Social Chapter in full. A lot of UK problems are historical and go back centuries. The monarchs “royal prerogative” and “parliamentary sovereignity” and charter which gives special rights to the City and first past the post voting system are problems which lead to infantilising of the electorate, power tripping, and an unbalanced economy. Then there’s excessive secrecy and a weak FOI act not forgetting the legal system and all the fun and games which go on there.
While “Yes, Minister” contains a great deal of truth you have to bear in mind in the UK “the establishment” pretty much run the show at all levels whether directly or indirectly but they are not the only opinion in town. Don’t believe everything you see on television.
If you’re just going to **** on people you’re not helping. But then you’re not the only voice in Europe and your personality flaws do not a policy make so I’ll skip right past you on that one.
Fake • June 17, 2021 11:23 AM
i live in an area where a measurable percentage of nurses think or thought covid is and was fake, maybe you should look at some of the socioeconomic factors behind entering into the ‘lower end’ of the medical field.
believe me, i had many many many occasions to interview nurses doctors management etc very early on during both the ‘first’ and ‘second’ wave due to my possession of ppe as a “front line” worker in the face of unequipped ‘too late’ front line workers.
you wouldn’t believe how many people who made fun of you a month prior will stop and ask you, “where’d you get that?”
i was giving them out while i could afford to, i purchased ppe for friends family and various other people with public facing jobs.
i didn’t express the issue of it being some sort of deadly disease, i’d present it as can you afford to take 3 weeks off work?
it’s not worth the risk
ppe is hard though, look at that poor ‘nurse’ who wore ppe at work but wanted to go clubbing and got publicly shamed. how many of those people exist?
the crazies you see on tv are at all of levels of the medical establishment, don’t think for a second that because you see a fanatic anti-vaccine doctor that she’s the only one. don’t think for a second that because you see a fanatic pro-vaccine doctor that he’s the only one. think, for a second… that just like the election you need to be concerned about the percentage of quiet reserved ones that could go either way.
the pro-vaccine people serve a purpose but don’t get over-confident, books can and will be cooked. there are legitimate anti-2019-vaccine concerns out there.
i would advocate, if you’re not going to get a vaccine try to time getting sick with a low saturation point in the hospitals.
i would advocate wearing a mask, promoting others to do so even after being vaccinated as there’s so much we still do not know.
push push push
pop
i wasn’t going to take that risk and i still don’t feel that the medical community is being 100% to the public OR itself.
go pat yourself on the back, job well done.
this post has been edited, it may appear fractured in places.
other things to consider are legal,
if you accept the vaccine now can you be refused emplyment in two years if you can’t afford the non-free version?
how about in 10 years?
i’m looking down the road as far as i absolutely can, not everybody has medical insurance. these are all discussions that have been covered elsewhere on this site over say the last 12-14 years i’m sure.
another thing to consider is if we accept the vaccine are we accepting gain-of-function experiments?
think long and hard, one size does not fit all.
I am A blood, I smoke, my wife is AB, she smokes
i have many many many diabetics in my family and may suffer from hypertension and hypoglacemia already
what does that make my child?
i wake up in the morning and my fingers are curled tightly together, it takes me an hour to get my legs moving comfortably before i start to move for the day
everybody was claiming it affected the african american population and hispanic populations due to some sort of genetic disposition, i think it has more to do with food deserts and transportation/economic issues.
food deserts be damned, elderly people who have kids or grandkids who smoke weed with others and have no choice but to wait for an hour in a line at speedway or save-a-lot with others because of the financial incentives of funneling customers through https://www.smartdraw.com/planogram/
there’s some very hardcore psychology that goes into product placement and exit-time strategies in funneled marketing like this but they escape me for the moment as i’m not as sharp as i was 10 years ago.
if i stay safe, my customers stay safe. with google and yahoo targeting ads and suggestions to all of us incentivized by click revenue not a single one of us can trust the information we are devouring from whatever trough is provided free and kind
the same people that told you masks don’t work told you that face shields do
think about the volume of exposure vs eyes and lungs
the air doesn’t even have to be saturated for you to understand the difference between drawing volume in or having volume drift by or land on
does that sound like a well thought out professional opinion to you or some off-handed arm chair remark gone public from some rich-kid who’s parents could afford to pay-to-play harvard cricket?
someone who’s trained in numbers can cook numbers all day long, someone who’s trained in cryptography can scuttle out a couple bits of a key every day or so from a system without the rest of you being none the bit wiser.
someone who’s trained in virology or epidemiology should know how to handle this stuff, but can they be trusted with potential livelihoods at stake?
what i believe we are witnessing, is a middle ground.
again, eat my sars soaked shorts.
it’s good for you, it promotes a healthy immune system – just try to time it with low overhead at the now wide eyed hospitals.
the hospitals aren’t the front line, they’re the rear of the front.
understand the difference
i’ve got a feeling that it’s one giant front front front front front.
HEAVE! HO!
https://www.amazon.com/Control-Communicable-Diseases-Abram-Benenson/dp/087553077X
no more covid from me i promise, i think i’ve covered everything
winter • June 17, 2021 12:04 PM
@echo
“If you’re just going to **** on people you’re not helping. But then you’re not the only voice in Europe ”
I was very disappointed tthat he UK left the EU. I consider it a disastrous decision brought about by a dysfunctional political system for all the reasons you mentioned.
But if the UK would rejoin, how would the British public respond? A very large portion of them would still hate us even more.
echo • June 17, 2021 2:10 PM
I was very disappointed tthat he UK left the EU. I consider it a disastrous decision brought about by a dysfunctional political system for all the reasons you mentioned.
But if the UK would rejoin, how would the British public respond? A very large portion of them would still hate us even more.
I’m very much out of my depth with respect to dealing with the various vested interests and public who are inflamed by the whole Brexiter nonsense. Myself I feel the British (the English especially) have been institutionalised and disempowered and misinformed. The UK has never fully gotten the need for a written constitution and when it has there are plenty who will undermine or kick that discussion into the long grass. However, a growing number are now more loudly articulating that a system based on unrestrained common law and influence has passed its sell-by date. A solution may require measured steps. A progressive alliance supporting proportional representation is one such step.
The newest government backed propoganda channel GB News isn’t having everything its own way. Some advertisers have pulled out and will be having words with their agencies. People are boycotting their advertisers. Government support for GB News is being exposed. The arguments pushed by right wing “market forces” and “free speech” dogmatists are being exposed for what they are which is simply a door to push propaganda and undermine human rights without conseqences.
Judges are now openly questioning the behaviour of goverment ministers.
OFCOM which regulates the media is under scrutiny. The need for Levenson II and press reform hasn’t gone away.
Far right dark money has been exposed.
More judicial reviews are under way.
Brexit is falling apart as the EU is keeping a hard line on the agreement and not letting the regime get away with bluffing their way through.
Police failure and cover-ups are being exposed.
The fact the current regime is giving license to extremists is putting wind in their sails and I agree it is a difficult problem to deal with but at the same time we know how they are. We know what they say. We know what they do. And as some are saying “We are keeping the receipts”. Perhaps the experiences of continental Europeans post WWII can help inform discussion? Governance and de-Nazification and moving on was an issue back then. Poland and Hungary are still reeling from their Soviet experiences. I expect the EU and members states are learning a lot from this. I know some agencies are taking a robust and pre-emptive line on various forces of darkness. Lots of people are now watching DW News instead of the usual mainstream channels. European newspapers are by and large better quality. Perhaps there are opportunities here? European manufacturers and retailers and suppliers can exert influence in the UK. Up to 10% of the working population is from mainland Europe. The way I see it is it isn’t over yet until I say so and by God and all the saints I’m not the only Remainer who wants the last word! lol
Clive Robinson • June 17, 2021 2:55 PM
@ Winter,
But if the UK would rejoin, how would the British public respond? A very large portion of them would still hate us even more.
But what portion?
What does not help is US President Biden thinking he’s Irish, and the US State Dept sticking it’s oar in when most EU diplomats know their policy is “To destroy Europe” as quickly and thoroughly as possible.
Like many EU politicians Biden realy has no clue as to what goes on in the isle of Ireland. To say it is delicately balanced is an understatment.
Thus you have the Catholics in the South and some in the North. And in the North you have Protestents that are realy rather right wing Scots descendants.
Scottish Politicians are a joke, but the one thing they appear clear on is they do not want the Protestants of the North of Ireland “coming home” especially their politicians. Though in general the people of both Northern Ireland and Scotland wanted to remain in the EU (the Welsh did not, even though they were doing the best out of the EU… So go figure that one) the problem is as nearly always the English Parliment in London.
Thus you have an interesting situation the Northern Irish Protestants who are realy Scots descendants pretending to be Dutch, want to be sort of English, and the English apparently do not want to be a part of the EU. The catholics in Northern Ireland want to be united with the South and presuambly also want to stay in the EU because they did not do to baddly out of the EU. The Scots if their politicians actually did something other than vacillate want to be out of the Union as well. As for the Welsh well where they want to be nobody is altogether sure including them selves.
Well at the G7 conferance things got a little unpleasant nobody appears sure what exactly the French President said but it’s been equated with saying that Northern Ireland is not part of the UK, which got him a fairly round rebuke even from his own diplomatic core.
Either he was trying to be cleaver and it failed or he was being a little ham fisted…
Geologicaly Northern Ireland and The South are indeed one island. Oddly perhaps part of Scotland is not part of the rest of Great Britain, nor is it part of Europe…
Now geo-politically the United Kingdom is not quite what people claim it is because of the “AND” Northern Ireland… Which does not make it a part of the United Kingdom but in effect a protectorate like the Channel Islands.
Any way Boris Johnson got all miffy about it and threw a few toys out of the pram…
Thus the US and France appear to many in England to want to “rekindle the troubles”… I’m fairly sure the EU does not want “Irish Terrorists” blowing up parts of Brussels, or Paris or even Berlin… But the US and France definately do appear to be trying to stear towards for the possibilitynt of making cheap political jibes/tricks.
Unless people wise up it is going to get messy, how messy is anyones guess and to be honest I don’t want to find out…
But as with Trump not being welcome in Scotland, Biden is rapidly making himself unwelcome in Ireland.
As for French leader Macron, he is not doing himself any favours anywhere currently. As for the lunacy of the North South Irish EU trade barrier it’s not going to work and never was, it’s best to chuck it out and go for a more rational approach. The EU not anyone else wants the barrier, so if they want it they better stump up the half billion or so Euros to get it working but then they are never going to do that, so a majpr festering sore is going to open up…
echo • June 17, 2021 3:42 PM
I don’t agee with 90%+ of Clive’s take on the issue. I’m wondering if it’s a fake Clive posting because most of what is written is nonsense.
5 aye's • June 17, 2021 4:27 PM
When Graphs Are a Matter of Life and Death
https://www.newyorker.com/magazine/2021/06/21/when-graphs-are-a-matter-of-life-and-death
SpaceLifeForm • June 17, 2021 5:25 PM
@ ALL
Stop the planes!
If you want to stop this virus (and others), we need a global lockdown every year surrounding the Summer Solistice. Say from June 1 until July 10.
A Global Holiday.
You can go outside, but you do not travel.
Otherwise, just keep flying.
Darwin is watching.
JonKnowsNothing • June 17, 2021 7:44 PM
@SpaceLifeForm
re: Global Holiday
Most of Europe already gets a 30 day uninterrupted vacation option in June, July, or August. Which is why Paris maybe sizzling in the summer but is also empty on along the Champs-Élysées.
COVID-19 doesn’t seem to have dented European Wanderlust any.
re: Darwin
Darwin is writing a new chapter.
Most species do not actively seek their own demise. Generally the ecology changes and they take too long to make the migration to newer pastures or the pathways are blocked so they are not able to find a suitable place.
Fencing Out is the flip side to Fencing In.
Humans seem to be actively working on their last chapters and have done for quite some time. COVID-19 just added another gear to the clockworks.
===
ht tps://en.wikipedia.org/wiki/Serengeti#Great_migration
ht tps://en.wikipedia.org/wiki/Doomsday_Clock
100 seconds (1 minute 40 seconds) before midnight
The Doomsday Clock is a symbol that represents the likelihood of a man-made global catastrophe. Maintained since 1947 by the members of the Bulletin of the Atomic Scientists, the clock is a metaphor for threats to humanity from unchecked scientific and technical advances. The clock represents the hypothetical global catastrophe as midnight and the Bulletin’s opinion on how close the world is to a global catastrophe as a number of minutes or seconds to midnight, assessed in January of each year. The main factors influencing the clock are nuclear risk and climate change. The Bulletin’s Science and Security Board monitors new developments in the life sciences and technology that could inflict irrevocable harm to humanity.
The clock’s original setting in 1947 was seven minutes to midnight. It has been set backward and forward 24 times since, the largest-ever number of minutes to midnight being 17 in 1991, and the smallest 100 seconds in 2020 and 2021.
(url fractured to prevent autorun)
SpaceLifeForm • June 17, 2021 11:24 PM
@ Clive, ALL
You may have heard of Room Rater, hxtps://twitter.com/ratemyskyperoom
The link below is a graphic that contains two different pictures.
I will give the top one a plus point because of the plant in the window. But minus points because, well, it’s a window.
Now, look them over from a security angle. Be a technical Room Rater.
Can you spot which one survived longer?
hxtps://twitter.com/unpacker/status/1405326031871889409/photo/1
Can you spot the hints in the top picture?
SpaceLifeForm • June 18, 2021 1:46 AM
@ Clive, ALL
The plant in the window is visible in this video.
hxtps://www.youtube.com/watch?v=PqGaZgepNTE
Fallout from “Operation Ironside” ?
hxtps://www.reuters.com/world/asia-pacific/australian-police-arrest-over-200-after-cracking-underworld-messaging-app-2021-06-08/
AKA, Operation Trojan Shield
hxtps://www.reuters.com/world/how-an-informant-messaging-app-led-huge-global-crime-sting-2021-06-08/
I see from the last link that the op was terminated due to expiry of court order.
Whether accurate or not, I find it interesting.
SpaceLifeForm • June 18, 2021 3:07 AM
@ Curious
I hope you were not offended about the infinite prime proof. I was just surprised that you were not familiar with it.
That said, one of your other comments made me refresh on things, so you may have led me to an insight. So, it’s actually cool that you think outside the box, and free associate ideas. That is how progress is made, instead of sticking to dogma.
If you want a bit of a challenge, and to get you looking at other angles, consider this:
Prove that all three sides of a Pythagorean triangle can NOT simultaneously be square numbers.
Example: 3-4-5, well the 4 is a square, but the 3 and 5 are not.
It’s not trivial, but it will definitely exercise your mind.
Clive Robinson • June 18, 2021 3:50 AM
@ SpaceLifeForm,
It’s not trivial, but it will definitely exercise your mind.
Err it depends on the type of your proof…
You’ve got the choice of mathmatical or graphical…
Clive Robinson • June 18, 2021 4:12 AM
@ echo
I don’t agee with 90%+ of Clive’s take on the issue. I’m wondering if it’s a fake Clive posting because most of what is written is nonsense.
So actuall yoy don’t understand thus you just pulled a number out of the air…
Try reading it again, but try putting your orange tinted specs on first.
Clive Robinson • June 18, 2021 6:48 AM
@ Winter,
So, is it Odessa, Texas, or Odessa, Ukrain?
Apparently Ukrain.
But just been reading up a bit as it’s lunch time now,
According to one news report on the Internet, the Ukrainian authorities searched the first photo and 20 other properties only got six suspects and a small sum of money (apparently the criminals are supposed to have netted over a half billion dollars of which there is no sign).
But as to the others apparently it was a multiple forcrs multiple countries raid and although the number of people arrested has not been said, nor the number of places raided, what there was was full of perscription drugs, gold, bars, silver bars and many many uncased computers…
So as lunch is getting on for over further reading will have to wait till later, but both cases look fairly interesting…
JonKnowsNothing • June 18, 2021 6:59 AM
@All
A good cautionary story about being skeptical of published information.
MSM report on the Official Australian National Covid Aged Care Plan 7th Edition on the Australian government planned to deal with COVID-19 in care homes and other vulnerable venues titled:
The whole plan did not exist before Coalition published it in late 2020 and just to add insult to the already dead, there were NO editions 1-6.
So, if there are No Editions 1-6, where does the 7th Edition part come from?
In other words, the Aussi Government made it up because it looked good on the page and attempted to imply they had previously reviewed 6 disaster plans.
Really, the only thing that has been pre-approved universally, is SOFA Scoring.
===
ht tps://www.theguardian.com/australia-news/2021/jun/18/national-aged-care-plan-did-not-exist-before-coalition-published-7th-edition-in-late-2020
ht tps://en.wikipedia.org/wiki/SOFA_score
(url fractured to prevent autorun)
JonKnowsNothing • June 18, 2021 7:19 AM
@All
re: Acoustic attack against camera-based computer-vision system
MSM report on research using audio signals to disrupt camera imagining systems.
Autonomous vehicles increasingly exploit computer-vision based object detection systems to perceive environments and make critical driving decisions…
…system-level vulnerability resulting from the combination of the emerging image stabiliser hardware susceptible to acoustic manipulation and the object detection algorithms…
…uses audio to trigger the image stabilisation functions of the camera sensor and blur the image …
The blur caused by unnecessary motion compensation can change the outline, the size, and even the colour of an existing object or an image region without any objects…
PoC: a Samsung S20 smartphone was attached to a moving vehicle and an actual attack carried out. Results varied for object creation and alteration (40+%) and object hiding (98%).
===
ht tps://www.theregister.com/2021/06/18/poltergeist_autonomous_vehicles/
(url fractured to prevent autorun)
echo • June 18, 2021 8:15 AM
@Clive
So actuall yoy don’t understand thus you just pulled a number out of the air…
Try reading it again, but try putting your orange tinted specs on first.
I’m not being funny when I say this Clive but I think you’re just being an ass.
Freezing_in_Brazil • June 18, 2021 8:27 AM
everybody was claiming it affected the african american population and hispanic populations due to some sort of genetic disposition
‘Hispanic’ means many things. From the Celtic galicians to the Brazilians of Bantu/Sudanese descent. There’s no genetic maker for Hispanic. You might want to use a more precise term in this context.
Winter • June 18, 2021 8:52 AM
@Fake, Freezing
“everybody was claiming it affected the african american population and hispanic populations due to some sort of genetic disposition”
Poverty is a much better descriptor of the vulnerable populations. Whenever people invoke “genetic dispositions” without and extensive family history or genetic background analysis, it is used to divert attention from social inequality.
In short: “genetic dispositions” is often “blaming the victim”.
name.withheld.for.obvious.reasons • June 18, 2021 10:32 AM
From https://coronavirus.jhu.edu/region/us/florida
The chart of test positivity is the most interesting, either a lot of false positives, and I mean a lot, or there is something wrong (between 5 to 11%)
Positivity Testing Analysis and Reporting
https://coronavirus.jhu.edu/testing/differences-in-positivity-rates
Clive Robinson • June 18, 2021 11:08 AM
@ echo,
I’m not being funny when I say this Clive but I think you’re just being an ass.
I’m not the one just throwing accusations of sexism and other isms, byke shedding, gaslighting and several others at individuals.
But as you di direct comments at me, that are often personal and not related to subjects under discussion and have done so repeatedly over a number of years. It’s got beyond unsettling and is verging on “creepy stalker”.
I realy do not care what your think your issue is, I’ve ignored some of your pointed bards and when you did not stop politely asked you to cease and desist. But being ignored by me or when I’ve politely asked you to stop just appears not to be comprehended by you that your attention towards me directly or indirectly is neither warranted or wanted. Even telling you to “grow up” does not appear to get through to you.
So where are you taking your behaviour towards me as an individual?
Understand this though, I do not know you, or want to know you as an individual, and I most certainly do not want your attention, faux critiques, or critisims, along with all the other isms you’ve stated or implied.
I tried originally to make you welcome on this site as I do most people by being friendly and to a certain extent chit chatty, but that is now years in the past for reasons that were obvious at the time and not just to me.
As far as I’m concerned as long as our host and the moderator of this site are happy to let what you post that is not directed against other people on this blog stand, then exist in peace. But if you comment to me or about me, you presumably are trying to elicit some kind of response from me, if not then why make them?
Clive Robinson • June 18, 2021 1:04 PM
@ name.withheld…,
either a lot of false positives, and I mean a lot, or there is something wrong
To claim a war is over when the enemy has neither died or surrendered might likewise be considered that there is something wrong.
Like you I’ve seen where the figures are not matching those expected if other things are true.
Without wishingvto sound alarming the figures in the UK are not ehat would have been expected either
However the UK does a lot of genotyping per head of pipulation and the US does not. Thus we can explain the UK figures by the Delta (India) Varient of Concern that duevto having an R0 close to 8 has very very rapidly become the dominant strain and is probably near 2.4 times more infectious than earlier strains. Worse other information suggests it is closer to being vaccine avoident than other strains and more harmfull.
So those vaccinated are some what more likely to end up in hospital but unlikely to die, the partially or unvaccinated are not going to be as lucky.
But also the initial infrctious stage symptoms have changed and it has only the charecteristicsvyou would expect ofvthe summer sniffles or hayfever. That is what have been key symptomatic distinguishes such as loss of smell/taste, rash etc are not present so differential diagnosis is a lot harder and people who are infectious may just think it’s the summer sniffles and not get tested. It also appears to targetca younger age range as well.
But the R0 of nearly 8 is very worying it means community spread is very rapid (you infect 8 people on average). With the US “Opening up for Summer” a significant third wave could be on states like Florida before they even know it’s happening, with hospital saturation being the first but to late warning sign.
Over the next few weeks even if fully vaccinated I would still be somewhat retiring about being gregarious.
Simply because the cause for the apparently wrong numbers is currently unknown and waiting a short while is way lower risk than assuming they are just errors and puting it about.
Fake • June 18, 2021 5:15 PM
@freezing,
my apologies as i have family under the southern cross
paz e amor
Fake • June 18, 2021 5:27 PM
actually clive,
we don’t know what the odds of being unvaccinated and previously infected are either
assuming the vaccine is 100% based on the original spike it could just be a refresher or chaff training for an immune resonse
if delta is rooted in beta or w/e people who recently had beta may have more immunity as it’s a direct offshoot. we just don’t know due to a lack of genotyping, there’s been alot that has went undocumented
assume that variants
a,b,f and g are known
people could’ve been infected with a and c
b and f
d and f
a c and g
we just dont know what any given persons current immune status truly is
this is a matter of opinion from a non-virologist, non-epidemiologist
in fact, i’m not a doctor at all
the time/space scape this virus has escaped into is just too big for our lack of documentation to keep up
it’s just safer to assume if you don’t isolate, if you don’t vaccinate you may be in some serious trouble
but! without every person on the planet being sero and genotyped weekly there’s just not enough information.
Fake • June 18, 2021 5:30 PM
does anyone here have data on delta reinfecting known alpha/beta/gamma victims?
to close that loophole now
Fake • June 18, 2021 6:27 PM
If I was the CDC I would’ve been asking for volunteers to be exposed under controlled conditions to every conceivable mutant I had samples of for cross contagion and immune response purposes.
But then again, I’m no doctor.
JonKnowsNothing • June 18, 2021 6:33 PM
@Fake @Clive
re:COVID-19 reinfections
There is plenty of data on COVID-19 reinfections, cross infections, multiple infections, serial infections search on
You can also hunt in the archives of the blog, I’ve made a number of detailed posts on the topic or perhaps on the Way Back Machine (somethings change)
In the case of Delta B.1.617.2 vs Alpha B.1.1.7, that combo has not been around all that long.
Delta vaccine failures or breakthroughs is @10-20% in the UK. It varies on how the count is done whether people got 1 jab or 2 jabs or 1 of 2 jabs and which jabs people got.
Cross Infection, Serial Infection, Multiple Infection with P.1 and P.2, antibodies did not make much difference as the these have different Immune Escapes.
Japan’s native COVID-19 variant is nearly identical to P.1 from Brazil. They are currently experiencing a significant outbreak of Delta B.1.617.2. Again the immune escape mechanisms differ between variants.
Time-since-Vacination also impacts vaccine breakthroughs, at 4 weeks you have the best immune response and after 6 months not so good.
The immune escape mechanism in the 3 variants of the B.1.617.1/2/3 family are more favorable to the virus. While the Alpha variant B.1.1.7 has better immune escape mechanisms than earlier variants, the Delta B.1.617.1 and Kappa B.1.617.2 versions are progressing across Europe quite well even with their prior exposure to Alpha B.1.1.7.
Dr Jane Aceng, Uganda’s health minister (06 17 2021) :
[Uganda is] dealing with at least five variants with “very aggressive transmission”.
And more variants to come…
Clive Robinson • June 18, 2021 10:08 PM
@ SpaceLifeForm, Winter,
Look closer. Spot the printer.
The image quality I was looking at earlier today was not at all good.
It looked like there was a small fire extinguisher next to it butvalso a passport.
What was of more interest to me was the rolls of solder on the table in the lower picture but a soldering iron was not immediatly visable, when combined with what looked like blank mag stripe cards on the shelves avove, I kind of assumed it was actuallyva “carding gang” workshop at first despite the caption.
Oh as for the Cl0p raid, apparently they did not get any of the,ransomware gang or their equipment, they caught six people involved with “cashing out” basically money mules and the like.
It might explain why fancy cars but no infrastructure computers or just $30,000 in hundred dollar bills. Ie just “petty cash” in the office for running expenses or emergancies.
Kind of tiny and tight, the six suspects are probably not going to say very much if anything at all of any use, they probably do not know anything about “managment” just the lower down “donkeys”. What they probably also know is “managment is in Russia” free and clear and “managment know where their loved ones are etc” oh and managment probably know how to get to chat to a few ex Russian Military specialists who “Merc”.
Any way we’ve yet to hear your assesment.
SpaceLifeForm • June 19, 2021 12:58 AM
@ Clive, Winter
My assessment of Cl0p and Emotet is simple.
Emotet was around much, much longer.
Emotet was using old tech. Cl0p was using a printer that most certainly was WIFI capable.
Cl0p had bad opsec.
Two months old article
hxtps://www.vice.com/en/article/wx5eyx/meet-the-ransomware-gang-behind-one-of-the-biggest-supply-chain-hacks-ever
Clive Robinson • June 19, 2021 12:38 PM
@ SpaceLifeForm,
Cl0p had bad opsec.
Yes I commented on the EmSec issue, and at that remote low level of Cl0p (cash out operatives) it could have been the cause…
But the news items said 21 addresses raided and only six operatives who were at best Associate “Mule Handlers” $30,000 and a few cars impounded. But none of the infrastructure or actuall ransomware team caught, nor anything like the money they had obtained. Worse by the sound of it the real bods behind Cl0p are tucked up safe and warm in Russia, enjoying what they have and lying low for now.
As for Emotet, it looks like they got most of the gang, most of the infrastructure and millions if not more in bullion and enough high denomination currancy to fill a small shipping container. Then there were the other criminal activities involving drugs and carding, all swept into the same bag.
So from what has been publicaly said emotet is a compleat bust from top to bottom, Cl0p just a few hangers on and chump change…
Emotet is not coming back, but they might be replaced. Cl0p on the other hand is probably putting their feet up in a hotel etc assessing what went wrong and either disapearing into well funded retirment, or just having a little “me time” before comming back stronger than before…
I must admit if I was in the West and playing this game to win, instead of inane headline grabs, I would be doing “false flag” operations making it look like the Ransomware operatives were attacking Russian and Ex Russian Federation people, Companies and political etc targets like the oligarchs that Putin needs on board.
When they loose a few tens of billions of roubles and get embarrassed in a way the Russian Legal System can not ignore, the “shelter in place” Putin gives the Ransomware operatives will not look as useful to him, in fact quite embarrasing thus nolonger usefull.
Back in the 1960’s and 70’s there was a lot of aircraft hijacking that was effectively sponsored by both major super powers as part of the cold war proxie wars. What stopped it was when “it got to crapping on the door stop” and not in “some corner of a far distant field that was never going to be part of home” where it was supposed to stay but did not. 9/11 was actually a follow on from that hijack policy, comming home to roost. Something that should have been obvious from information that became public but some how never realy got in the main stream news…
The simple fact of 9/11 was it was “too successful” it became totally toxic to very many in awkward places on both sides. So every one with even half a brain wanted to “shut the cupboard door” and drop the cupboard in the deepest hole that could be found with all the skeletons left inside.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Fake • June 11, 2021 5:12 PM
What, how the heck did that happen?
I’ve heard about flash freezing mammoths Gamma ray burst maybe?