Schneier on Security

Clive Robinson • November 12, 2021 11:45 AM

@ Bruce,

China is, of course, the obvious suspect, given the victims.

Yes but one oddity,

“… “identical” to an exploit previously found by cybersecurity research group Pangu Lab, Huntley said. Pangu Lab’s researchers presented the exploit at a security conference in China in April of this year, a few months before hackers used it …”

Why use a publicly known vulnarability?

At the very least it is likely to get fairly quickly patched.

But there is also the “bluff, double bluff” aspect.

Using the “zero-day” exploit in the hacking campaign against Hong Kong activists, is shall we say “a little obvious”.

After a few moments thought it will be realised that the exploit was not realy a “zero-day” because of that “security conference in China” where it was presented. So it would have been “Known” to all the major SigInt and other IC entities very very shortly there after if not a little before (or even a lot before).

We know the CIA has “False Flag Operation” tools that can make any malware look like it has come from somewhere else because of the daft way attribution is decided in the US. It is also a fair assumption that all the Super-Powers, all Western, first-world, and quite a few second-world and corporate entities have such tools as well, and just about anyone else who grabed a copy of that CIA tool set and could re-engineer it.

So the code could have come from anywhere.

Which begs a whole bunch of questions, one of which is,

1, Was it a false flag operation that was ment to be found, look like China, thus China gets blaimed / embarrassed.

We know it’s possible like we also know there is a very long que of entities that would gain from such an operation. Nearly all nations around the South China seas where China is extending it’s sphere of influence would be at the front of that que.

But…

2, Was it China giving it’s self “plausable deniability”.

That is use it assuming it will be found but giving themselves lots of finger pointing room…

The fact is that “atribution” without real “boots on the ground” HumInt is at best more miss than hit.

For instance the world mostly saw stuxnet as an attack on Iran, even though there was clear evidence at the time it was aimed at the Far East, especially North Korea. Some identified it as such even before the North Koreans made it abundantly clear they had significant reason to believe they were the target. The various organisations who examined the code all fell into line that it was aimed at Iran. Eventually it came out that yes for the US the target of stuxnet was North Korea. For some of us “no surprises there”.

Speaking of which, the South Korean Olympics. We know that both the NSA and CIA are all over a host nations telecommunications, even if the host nation does not in any way “want such help”. So South Korea would have been effectively “owned by them”, yet a major cyber-attack happened… The US just “knee jerk” attributed it to North Korea, even though North Korea was on the frendliest of terms with South Korea for many years. I guess it realy astounded the Russian’s who had carried out the attacks quite overtly to send a message to the IOA over Russia being baned due to “dopping scandles”…

So it the alledged experts realy can not do attribution so badly, it leaves open so many opportunities for bluff and double bluff etc.

Whilst I would not in the slitest rule China out, I would role quite a few nations in as well, and quite a few of those low life corporations.

In fact, I would not be surprised to hear eventually it was someone like the NSO Group or other Israeli “Cyber-weapons-4-All” shop, or similar backed by UK “seed money” organisation.

As normall we need mor information to evaluate / analyse, which we don’t realy have.

Clive Robinson • November 13, 2021 5:43 AM

@ Ted,

China would not be someone I would want taking an active interest in the backdoor in my phone.

Unless you live there or in any nation surrounding the South China Seas you are probably OK.

However visit, or taken an interest in certain lets call them “cultural Asspects” then you become more of an interest.

Oh for US Citizens having been in the OPM database even as a lowest grade janitor (Q-Clearance) would make you a “Person of Interest”.

But…

I just hope the government never does anything so head-scratching that I would furrow my brow.

They all do… The UK/US are known to have “bugged” European Cryptographers some years back. Oh and at one point when being a university student and “not flying” got you bumped onto the next watch list…

But hey the Good Old USA IC & SigInt agencies used to help the House of Saud put not just a third of their population under surveillance they also put most who visited “Holy Sites” from abroad under surveillance… It had just started comming out as Ex US personnel started saying that things were very wrong, when a Rich Man’s Son got the chop… Not long after that supposadly the richest guy in IT had an alledged affair outed, and it all got traced back to the House of Saud and those lessons US IC & SigInt agency had taught the for allegedly “anti-terrorist” operations… I guess the US have different views on what constitutes a terrorist from a journalist. But oh wait… You have to be a “certain type of journalist” otherwise you are a terrorist or worse communicating with whistleblowers…

But it’s not just the US on that score the UK, well lets just say “Keeping up with the Jones’s” has had a rather different meaning so far this century and even the judiciary are showing their fealty to the Johnson’s.,This might be of interest in that respect,

https://thegrayzone.com/2021/07/31/craig-murrays-jailing-national-security-state-independent-journalism/

https://dissenter.substack.com/p/craig-murray-8-months-prison-sentence

Note the similar behaviour of disdaine by the Judge to the defense evidence as has been shown by the judge in the Assange extradition proceadings… Oh and Murray’s Judge is a very firm proponant of the idea that only judges such as herself can syand in judgment juries are a definate “No No” in her book, along with judgment very much out of sight behind closed doors. All things legal experts say will increase the numbers of miscarriages of justice…

Oh and note her false attention to legal minutiae, and illogic. Law is about “justice shown to be fair, balanced, proportionate, and humain in public” so it can be trusted. She’s failed on all of that and has brought the Scottish legal system into significant question if not utter disrepute. Is the harm she has wort for what I assume is personal gain measurable or immeasurabl? As the links above show those that should know are favouring the latter view.

Clive Robinson • November 13, 2021 5:22 PM

@ lurker,

Wasn’t Magna Carta supposed to take arbitrary judicial capriciousness out of the Monarch’s hands?

Which one?

There have been if memory serves correctly eleven “Grand Charters”.

The first was “sealed” on an island in the river Thames, and was the Barrons puting the “reverse screw” on the King who due to poor aliances had to grovel to Pope Innocent III. The charter lasted no time at all, neither the King nor Barrons did what they had sigbed up to do. But the king sent a message to the Pope who promptly annulled it. Basically the very bloodthirsty power mad Pope Innocent III had claimed spiritual domain of the world, and all Kings, Princes were thus subservient to him, and in return he gave them temporal authority over there kingdoms. But the Pope had say on all church matters, so being king was realy only a token position as far as the Pope was concerned he was boss. So Pope Innocent III annulled the charter about two and a half months later in part because it intruded into his power domain, not because he particularly cared who sat on the throne in “england” which actually was not that big a place at the time.

But… there are quite a number of differing views about why the Pope did not just get rid of the king. One of which is as noted the Pope was a bloodthirsty individual who was planning mass genocide that he would lead, but need troops etc which he would have got from not just King John but other kings and princes.

But it did not work out for the king, he died of dysentry and got replaced the incensed Barrons went to war over the next couple of years and Pope Innocent III’s grand plans to lead a genocide of religious cleansing never realy happened…

Various Magna Carta poped up over the years 1216, 1217 1225 being the most notable with the successors based on the,1225 version. These occured as power strugles between the kings and church and Barons.

Of the clauses only three remain in effect but superseded via other legislation by act of Parliment. The last of them was by the 1998 Human Rights Act.

Sadly the most important clause still relevant today but sadly watered down is,

“No free man shall be seized or imprisoned, or stripped of his rights or possessions, or outlawed or exiled, or deprived of his standing in any other way, nor will we proceed with force against him, or send others to do so, except by the lawful judgement of his equals or by the law of the land. To no one will we sell, to no one deny or delay right or justice.”

(The point about “free man” is lost on most people as they assume incorectly that all are free… Lets just say that Slavery of various forms remaind in the UK in my lifetime, and in some ways it still does. It’s why we have laws regarding emancipation that still occasionally get used and why I add esquire to some of my corespondence. One way of gaining emancipation is by being accreddited an advanced degree or professional qualification).

Clive Robinson • November 14, 2021 7:23 AM

@ Ted,

On a happier note,

Sometimes when I think of a backdoor, I think of someone who is watching me do stupid things all day.

This might set that mood,

https://m.youtube.com/watch?v=Aae_RHRptRg