Schneier on Security

Clive Robinson • May 22, 2022 3:47 AM

@ ALL,

Re : Putin and XP

Two questions to consider,

1, Does it matter what OS Putin runs?

2, And if so why?

Think about XP and what it can do, and perhaps more importantly what it can not do… Especially as it crossed a watershed at MS.

As I’ve mentioned before I run several pre-1995 computers that do not have USB, WiFi, Flash ROM, microphones, WebCams, and so much other hardware that you get “built in” these days, that is a direct security threat “by design”. Every MS OS beyond XP has real nasties built in in terms of kernel, drivers etc, that you just can not pull out any longer.

Have a look at the history of USB support it being one such security disaster.

If you know where to look you can find documents on line that tell you how to “gut XP” of many nasties such as background services you don’t want or need. You could do it on XP fairly painlessly, because at that point MS had not built them in as required large binary blobs.

Also Win XP is from a user perspective not just comfortable to use, it does not have a whole load of junk in it that MS started to build in that made your life slow and inconvenient.

But there are a lot of people still running XP that are not aware of it. Hospitals for instance have it built into medical equipment, they still use. Lots of older high end electronics test equipment likewise. Even your local garage may have engine diagnostic kit that runs XP.

XP was also kind of the last place most DOS software especially some early games would run without issue.

I still regularly use a “net-book” stand alone, that has a reduced version of XP and Microsoft Office, also WordStar and several older programing language systems with those early IDE’s that Borland made popular, and a lot of my own software, that runs in DOS including a C-Compiler I wrote.

It nicely “dual-boots” with a much much more recent 32bit Linux…

There are many valid reasons to still run XP and earlier MS software one is to still be able to run other software you just can not get to run on later OS’s and that the developers either never upgraded or for various reasons are nolonger in business, but you still need to run the software (some “reverse engineers” may remember IDA-Pro and Win2K issues).

The fact the ICT industry works on an 36-54month to obsolescence lifetime model does not mean the end users do. Some authors and script writers still use the DOS version of Word Perfect, and I still use WordStar 4… It’s the same reason emacs and vi are still used.

I own and use test instruments that are over half a century old. Some like the AVO’s because they have the advantage of “no batteries required” that corrode etc, others because of their real analogue displays. Most of which I can not just maintain but importantly repair. I’ve a couple of Oscilloscopes made by HP, one of which is a,

https://www.oscilloscopemuseum.org/oscilloscope-hp-1201a-s1331a01633.html

The other it’s big brother an analogue storage four channel 100MHz that was “a gift” from the UK’s National Physics Laboratory back in the 1980’s.

I also have a couple of “tube”/”valve” scopes on trolleys that are very probably EMP proof by the way they were designed. So might be usefull in the not to distant future 😉

Remember “new is not always better”, often it is worse a lot lot worse especially when it involves security.

Clive Robinson • May 25, 2022 1:10 AM

@ SpaceLifeForm,

Re : As long as the barcode scans…

Another fine example of what Douglas Adams wrote about toothpicks and it causing “Wonko the sane” to build the inside out Asylum house[1]… I mentioned just a week or so ago.

I was chatting to a friend over the weekend about an issue of “house work”. It had started with a phone call from their grown up twenty-something child about how to wash clothes…

Apparently their washing machine had broken down and could not be fixed in a reasonable time (parts and the new supply chain issues[2]). So they had to go use somebody elses washing machine that had different controls that alowed you to select several types of pre-wash, main-wash, rinse-cycles and drying-cycles… Rather than just a dial with “40 degrees wash”… It turns out that the “confident young adult in charge of others in the office” had never ever in her life actually “washed clothes” by hand, so actually had no real idea how to use a washing machine either (which is why theirs had probably broken[2]).

We are turning into a “push button society” where the simplest of life skills are now “automated away” behind the push of a button or touch screen… As a result we have no idea how to actually do something as “It’s all done in the box”…

We used to joke about “Kids setting the VCR for their parents” now it would appear the shoe is on the other foot…

But we are loosing basic everyday skills, because ask yourself what happens when mum/dad don’t know, so can not be asked?

[1] https://hitchhikers.fandom.com/wiki/Wonko_the_Sane

[2] It had broken down “under warranty” and the repair-person had told them it was a “drum replacnent” job as the drum shaft had bent… What many people apparently do not know is you just can not stuff a front load washing machine full with clothes any old how, you have to lay them in so you do not create a massive “off balance load” that wrecks the bearings and shaft.

Clive Robinson • May 25, 2022 6:48 AM

@ SpaceLifeForm,

Re : wringer washer

I might actually be younger than that SpeedQueen by a half decade or so 😉

I also remember my grandma’s (born in 1800’s) wash-tub, wash-board, and mangle (wringer) and during the 1970’s when we had the “black-outs” they were draged out of the –white asbestos– garage and we “youngsters” were given the physical part of turning the mangle with it’s wooden rollers, and heavy enamel paint cast iron gear wheels S shaped arm and large two hand wooden handle. The interesting thing about the wash-board is unlike most people think, it was made of heavy glass with the ripples cast in.

If people listen carefully to the video you link to, they will learn some important leasons about using not just the water but a few other things…

One thing people do not realy realise is that “washing” in all it’s forms is a “dilution and settling” process the soaps and detergents do make the gung that is dead bio-matter and other hydro-carbons (lipids) more attractive to water, but you still need enough water to dilute it… Speaking of “chemistry” don’t forget the usefulness of “white table salt” in washing[1].

@ Winter,

Re : Auto balance

If just “chucked in the drum” the cloaths need to be at most 1/3rd of the drum hight. Howrver if you fold them into “logs” that lay parallel to the axis with heavy stuff put in first then work up to lighter then you can fill to halfway up the drum. Also the folded logs also wash better than just “pushed in the drum”.

Way to many people just “ram it in” till the drum is full, then wonder why,

1, Their cloths don’t wash well.
2, Their machine breaks down very quickly.

[1] I’m not going to go into the why, but… also urine was once used in washing and “bluing agents” were once very finely ground blue stone. You can make laundry soap with the white ashes from a very hot hardwood fire converted into a weak lye of mixed carvonates that you filter concentrate and precipitate out unwanted contaminates,

https://cavemanchemistry.com/oldcave/projects/potash/

The resulting liquid is boild up with hard ox or pig fat/grease to make the soap.

However it works better for making some soaps if you convert one caustic to another, and makes a harder longer lasting bar if you add salt to it. Yes before abyone asks I have practical experiance of doing this. One advantage of such soaps is they do not lather very much, oh and provided you’ve used up all the lye, tend not to cause allergic reactions as they do not have all those nasties in them.

Clive Robinson • May 25, 2022 1:49 PM

@ Ted, Winter,

Re : The NYT’s article had this stat.

Note it is missing to other very important stats,

1, Police shootings.
2, US forces,”friendly fire”[1].

The make a significant difference to the usual quoted figures of “mass shootings” and alleged “self defence” killings.

Some things are just too controversial even for the NYT to publish.

[1] Without naming names, there are stories about a US commander so sick of blue-on-blue he threatend to do a 180 with his forces and attack the US Air Force… Then there are others about the US Air Force killing the most senior US commander in the field… I know of some who only half hartedly joke that the reason the US drone pilots are stationed outside Las Vagas, is so they are out of range of US ground forces…

Clive Robinson • May 25, 2022 7:03 PM

@ JonKnowsNothing, SpaceLifeForm, Winter,

I was expected to use a wash board and bar soap and freezing cold water from a well to clean up both my clothes and for showers.

Ahh well water for washing yourself… Not my favourit activity especially when you have to put a big heavy rock in the bucket, an “pull up and drop” several times to smash through the ice, at 0500…

I learnt to heat ~20 fluid Ounce (imperial pint) to boiling use half of it to make a mug of tea, the other half to mix bit by bit with well water an ounce or two at a time to wash “the cracks, crevices, n pits” as well as wash out a pair of socks and “undercrackers”…

Then shave as “Her Maj’s orders” required and present my self with a nice shiny clean face and hands to do “garbage duty” at the “cook house” (better than latrine dury). But it was not a house in reality it was a couple of ponchos buttoned together with a rope support under which was a ditch dug down about 18inch in which a fearsom beast of a preasurised petrol cooker was used to make all sorts of strange things that had three saving graces,

1, It was hot
2, It was sweet or savoury
3, It stuck to your ribs.

Rumour had it, it was made with all natural products… But then so is rodent poo =O

Then it was out doing the rounds of the fields along the boarder…

Supposadly happy days from fourty one and a bit years ago doing a “field excercise” in the “early spring” when you found places so cold that even snow dared not go there…

Worse though was when it warmed up and rain came in from the sea… Where no matter what you did, the damp got in all those important little places you would rather be dry…

Clive Robinson • May 26, 2022 1:29 PM

@ SpaceLifeForm,

Re : Burthub.eu

Appart from a few specifics, it’s effectively the same talk I give over and over, as do one or two others who have come into ICTsec in Industrial Control Systems(ICS) via the less traveled route…

But of such talks, blog posts, papers, etc, few hear, or read, let alone take on board, anything but the conclusions…

Which is actually where the author and I differ. So lets pull them up in the two paragraphs they are given in.

Firstly,

“When formalising a partnership, be sure to mandate that suppliers undertake to install security updates in a timely fashion, or where they can’t do so, make sure to disconnect systems from the outside world (entirely).”

My view is firstly “segregate” by design, which rarely if ever happens. Then and only then, when that is not just achieved, but ensured moving forward, do you consider the entirely seperate “maintainence” issues of “patching”, “updating”, “upgrading” and how you support, moving forward.

In between the design of “segregation” and design for “maintainence” there are a number of other considerations, just one of which is the required communications of “data into and “data out-of” the system as no practical system works in issolation.

Which brings us onto,

Secondly,

“In addition, be aware that devices like data diodes are available to export data from otherwise isolated networks. These too can be mandated in legal agreements.”

As I mention from time to time “Data Diodes” are very very rarely “one way” as most assume. They are almost always “bi-directional” in some mostly infrequently or unconsiderd way.

This Data Diode bi-directionality is due to trying to achive “reliability”, “availability”, and “efficiency” in the face of the more obvious forward “errors”, and “exceptions”. All of which normally require some form of fast “feedback” signaling channels. Such signaling channels are actually a “communications path” from the “insecure side” of the data diode into the “secure side”. Which are normally left wide “open”, “uncontroled”, and “unmonitored” thus potentially a significant security risk.

But moving on in both the first and second paragraphs we see weasel wording of “formalising” and “legal agreements”, which are effectively the same and are actually “remediation actions”. In part this is due to them being presented atva “Lae Seminar”.

But even legal Folks, need to remember that starting with “formalising” is a little like jumping into things half way through. There is a lot that goes before[1] in a project, and even more before that which is fundemental to the process.

Because the design of “effective systems” is not the same as “efficient systems”, “fast systems”, “low cost systems”, etc it is about knowing past and present “sweet spots” and predicting future sweet spots and desigbing for them as they change.

I guess it should go witgout saying but, almost always the real sweet spots, are not where an industry goes, unless sufficiently regulated to do so. The fact that most unregulated markets end up in “A race to the bottom” downward spiral, an unlawfull behaviour spiral, or both, should realy be a “wake up call” to the legal folks in particular.

Especially when you see what the “efficiency for profit” mantra did to wreck, and is still wrecking, supply chains and creating real hardship, economic instability, actual harm and death (Abbott infant formular being but just one of many).

There is a sigbificant underlying problem behind this, and it’s something that especially in the ICT industry we need to realise and come to terms with, before we cause further “hardship, economic instability, actual harm and death”.

Back in the first banking crisis, it became clear that there were three effects in play,

1, Focus only on “Up-side”.
2, Play “Follow the leader”.
3, Ignore “Down-Side” or “Contradictory” warnings.

I won’t go into the game theory behind it but note that, whilst high risks “can” produce high reward, significant harm is more probable. But, if everyone takes the same high risks, then both the rewards and harms are spread equally.

So if you are playing with others money, then the “follow the leader” mentality works out best. As it’s a very short term herd mentality of “we all do well or we all do badly” but we get payed either way as we all look like winers… when in fact we are in reality, all just followers. Whilst for an individual playing with their own money, the best longterm aproach is to do the down-side analysis and not ignore the contradictory warnings…

The ICT industry that coincidently actually lacks objective measures by which it can be measured, has fallen into not just “Up-side” but increasingly very “short-term” strategies with a resulting boom/bust behaviour.

This is not the way you go about designing reliable, let alone secure systems. You want, or more importantly need, to have robustness, availability, reliability, and longevity.

These are especially essential for what are infrastructure systems, be they “utility”, “raw stock”, “feed stock” ICS, and logistics systems. They are all essential to the “Supply Chain” not just finished goods, but the supply chains of all the steps in every process.

Anyway I’ve said this over and over for more time than this blog goes back for, so you’ve heard the rest of it before.

[1] I’ve mentioned before that there are steps that need to be in place before any project ever gets started, in fact fully functional before you even know there is a need for a project. These steps can be lumped together as the “Quality Processes” in design, manufacture and maintainance. Most think “QA” when they hear “Quality Processes” but it is just one of many which also includes “security”, and another “safety” that frequently go unrealised in the ICT industry. But the reality is all the design quality processes are built on other more fundemental processes. Perhaps the most fundemental are,

1.1, If it’s not written down it never happened.
1.2, Backups are memories, not just snapshots and tapes.

From the first you start to realise the importance of record keeping[2]. From the second, you should realise that it’s not just “what’s in the computer”… In fact it’s what you “see”, “hear”, “do”, and importantly “think”, along with probably most importabtly “why”, that need to be recorded[3] as well. Unfortunately of more recent times it’s become obvious that the leagl folks see them as “amunition left for the enemy” rather than “seed corn for the future”. With all to often the predictable results we see over and over…

[2] Record keeping in the modern age appears very odd to many. We have at one end the industrialised “Record it All” of the intelligence agencies, and increasingly corporations, and more recently law enforcment agencies, who grab at all our electronic communications and records. At the other end the “record nothing” not just of lazy behaviour, but the paranoia behind “deniability”. Which as it establishes, behind which unlawful behaviour of all sorts is attracted and hides.

Life and human progress are not “all or nothing”, it’s said “We are the product of our experiences” but actually “We are the product of history and what knowledge we take forward into the future”. Hence the old saying “Those that fail to learn from history are condemned to relive it”. A failing the ICT industry and ICTsec in particular, appears to specialise in.

This lack of carrying forward of knowledge, especially in most project files is not just lamentable but harmfull. With even those few, in the ICT industry, who ever write project “History Files”, generally confining themselves to little more than “When, Who, What” entries in a sequential log of some kind. Much valuable and expensively earned information is lost so rapidly, to outsiders it must appear like some collective amnesia.

[3] One thing both scientists and engineers used to get told during their early training is you need to develop certain good habits[1.1/2]is that you need five things at hand at all times[4], to even have a chance to function effectively,

3.1, A Diary.
3.2, A log book.

And you “write, draw and note in them” otherwise you “forget”.

But to do this you also need,

3.3, A watch (with second hand and date)
3.4, A pencil (several and an eraser).
3.5, A ruler (actually a slide rule).

Importantly all of which work by human power, not unreliable electricity or electronics.

[4] I’ve also found a few basic hand tools on the belt, or in the pocket to be usefull over much of my life including “chalk”, “cordage” and “fuse wire”. Sadly whilst this was common and unremarkable into the 1980’s, in less than an adult lifetime it has been vilified and turned into a suspicious behaviour or crime…

Clive Robinson • May 27, 2022 1:26 PM

@ All,

Re : Cede territory to end the war

This notion is a nonsense and should be shot down as such.

History shows that “rewarding an agressor” just has deleterious outcomes. Not least it just encorages the agressor to continue over and over.

Eventually people wake up to the fact they have to give the agressor a message, which basically means not just heavy sanctions but decapitation of the agressor government.

People who think you can pacify an Empire hungry dictator/tyrant are not living in the world of reality.

The West needs to realise that there is now only one way to deal with Putin, and that is be not just removal of him and his clique but also significant reparations to those attacked.

Clive Robinson • May 28, 2022 4:27 AM

@ Winter, SLF,

Re : Or maybe cowardice

Or…

A slavish devotion to training, by authoritarian followers.

Most non educational training is actually about teaching the use of “plan based processes”. And is why there are sayings such as,

“Listen up folks, lets get this right, lets do it by the numbers.”

But… as the old military observation has it,

“No plan survives first contact with the enemy”

The reality of life is “play book” behaviour only works against “entities without agency” that behave in known ways. An entity with “agency” can if they know your “play book” play against it as a “counter play”.

To be able to deal with counter-play requires certain atributes. Firstly the ability to recognise the counter-play, then the independence of thought to “break with the plan” and be able to think up creative solutions on your feet, yet stay within certain rules.

That sort of “independent creativity” is not common in “guard labour” for various reasons.

Clive Robinson • May 28, 2022 7:49 AM

@ Winter,

Re : Mostly because of low pay and cost cutting

What you realy mean is they, Don’t have the brains to…

1, Earn a better living.
2, Get upset by the lack of humanity.
3, Get upset by the total mindlessness of the job.
4, …

They are in effect “Toy Soldiers” that you wind up to make them strut on a fixed plan “TikTok, TikTok”…

Clive Robinson • May 29, 2022 6:20 AM

@ SpaceLifeForm, ALL,

Re : Matt Blaze on Number stations.

There are some things said there that are more “mantra” than fact.

For instance,

“One time pads are a generally impractical encryption method”

Not true they might be labourious to use but have you ever tried doing a single block of AES or DES by hand?

But sadly there is one property few ever talk about, which is the “unicity distance”. Even then they talk about it in a way that hides one major advantage that the OTP has over the short key ciphers.

That is “deniability” no matter how long the message sent by OTP you have very easy deniability of the entire plain text message in part or whole. The deniability of short key or block ciphers is often as short as two or three blocks. Worse trying to come up with an alternative key with a meaningfull message is extreamly difficult bordering on impossible in a reasonable time/resource frame unlike that of the OTP which a child could do in minutes as a “game” with pencil and paper (and yes I’ve tested this with Scouts doing their “communicators badge”).

The only real complaint against the OTP is “Keying Material”(KeyMat) size. That is you have to send as much KeyMat securely in advance as the total length of messages you are going to send later or untill the next secure shipment arives. Whilst this was problematic with “paper pads” or “paper tapes” the advent of high density storage reduced this arguments validility. Because at the end of the day to be secure you still have to ship “random KeyMat” regularly. These days solid state technology can put terabytes in the palm of your hand as easily as a few AES or similar keys…

But one thing Matt said was not true, and is still mostly not true today,

“Second, while it’s easy to tell where they’re being sent FROM, there’s no way to tell (from any distance) who’s listening”

There are three basic types of radio receiver,

1, Tuned Radio Frequency (TRF)
2, Hetrodyne
3, Numerical

For various technical reasons and the basic laws of physics most Radio Receivers untill very recently used the “hetrodyne” principle which needs an oscillator tuned to a frequency that directly relates to the frequency being received. In effect the oscillator is a low power transmitter[1], and even microwatts of power can go almost unimaginable distances.

During WWII the German Radio Service could find and direction find an SOE suitcase radio set from several miles away. During the “Cold War” period the UK Inteligence Services used to fly light aircraft up and down the UK looking for signals from radio oscillators tuned to frequencies that indicated that the radio was tuned to the likes of Numbers Stations. Oh and not all “TV Licence Detector Vans” were looking for unlicenced televisions…

These days “Find, Fix, Finish” is both easier and harder.

You can now buy numerical based radios that use “Digital Signal Processing”(DSP) techniques some in part, some in whole. These are often but not always called “Software Defined Radio”(SDR) of which only a few do not radiate signals that indicate what frequency they are receiving.

However such recievers are very uncommon as “consumer receivers” and very expensive. Normally they are found either in Ham Transceivers or in devices that connect to computers.

For obvious reasons a $10,000 ham transceiver is a bit of a “luxury item” and “stands out”. Of the devices that connect to computers whilst they do not radiate much if any signals that indicate what frequency they are tuned to, the same can not be said for the computer it is connected to…

One commentator makes the mistake of repeating the VHF mantra of short range which is unfortunate. As I’ve mentioned the radio line of sight horizon on a medium sized hobby drone is around 80km and you can put a gumstick SBC and USB SDR on them with a WiFi downlink, that gives you the capabilities of SigInt airplanes like Rivit-Joint that started in the early 1960’s based on the C-135 Stratolifter airframe and are still in service and being upgraded today.

The advantage of using hobby drones is not just cost or very small radar profile, but that the bulk of the computing power is out of range of conventional field weapons.

A lesson the Russian’s are learning the hard way.

[1] Actually the power of this oscillator can be up to +30dBm (1 Watt) or more in receivers with high dynamic range for “Strong Signal Handling” which is the desirable norm in most commercial HF receivers where “close in signal handeling performance” is important. As I’ve mentioned before 1/10th of a Watt from a VHF/UHF handheld radio will reliably get your signals into space and out to satellites in geo-stationary orbits depending on your modulation type and error correction methods. Remember the NASA Voyager spacecraft? Well it puts out a little over 20watts of power, but is now out at twenty light-hours or 22billion kilometers distance. I also mention the use of “Very Long Baseline”(VLB) receivers for picking very weak signals at much greater distances than most consider, well around a decade ago this kind of brought the two together,

https://www.nasa.gov/mission_pages/voyager/multimedia/pia17047.html

Remember that radio signals as they are radiant fall off at the square of distance, and as they also travel through an environment that absorbs or scatters signals there is a distance related antenuation as well.

Clive Robinson • May 29, 2022 5:47 PM

@ SpaceLifeForm,

This is why I have never entertained the Big Bang Theory.

Nor did Fred Hoyal, and why he coined the term as an insult…

But this sort of thing where physics gets re-written is not new, hence the line about teaching physics of,

“You get taught a series of lies each more accurate than the one before”

And we are over due a shake up any way. Most physicists are card carrying members of the “Shut up and calculate” club, and we are seeing increasing disparity so as the old line has it “Somethings gota give”.

Oh and why I say things have to be explainable by,

“The laws of physics as… We currently understand them…”

Clive Robinson • June 2, 2022 3:28 AM

@ SpaceLifeForm,

Re : Compton scattering

It is one of several ways a photon can loose energy there are others, and it is likeky others will be found in time hence the use of “currently”.

But as I said further above, as far as we currently know,

“But that they can not give up energy except by intetaction with either energy or mass as a vector or force.”

And I do not think that is likely to change. It’s one of the reasons “soft photons” as an idea make me a little uneasy, much as “rounding errors” do when performing certain maths functions.

Clive Robinson • June 3, 2022 9:39 AM

@ Winter, SpaceLifeForm,

If a photon loses energy due to Compton scattering, it also changes direction (exchanges momentum).

Not in all cases, but consider, that if it does change direction it will not actually arive at the sensor where as coherant waves will.

Such scattering will result in a decrease of the number of photons at the detector, not “blurred as in a fog”.

The very very few that will be off, will be down in the noise threshold, to the point of being imesurable from other “stray” photons.

Also not immediately obvious is that they will go down in frequency.

Take microwave energy it is EM photons of a very low frequency. They however cause OH molecules to vibrate, which in turn radiate EM photons in the IR range which is of significantly higher frequency.

You can derive a formular for this, but interestingly it ends up similar to that you get in laser systems.

As I understand it matter not just photons have a wave duality.

What the implications of this is yet to be determined.

As I said their are reasons for me saying “as we currently understand them” with regards the laws of nature.

But one thing for you to consider how do you tell the difference between an infinitely small original point of origin and an infinitely small hole acting as a pin-hole projector of energy?

That is how do you know if the “big bang” was singluar, or one arising from a “string of pearls” of big bangs followed by big crunches and so on?

One where the individual perls might only inherit part of the previous perls energy?

Therefore how would you know how far along the string we are?

The answer is we don’t and apparently probably can not. So arguing that our perl is somehow special because of some apparent constant becomes at best circular reasoning.

As I’ve indicated, I see not logic or reason in the arguments that are presented by both sides. What I see is a belief in being right… Well history suggests both sides are likely going to be disapointed, the dust and fur will settle and we will move on, to something altogether more curious.