Friday Squid Blogging: Evolution of the Vampire Squid

Short article on the evolution of the vampire squid.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Posted on July 29, 2022 at 4:19 PM92 Comments


vas pup July 29, 2022 5:57 PM

How Myanmar’s junta is using Chinese facial recognition technology

“In March, Human Rights Watch (HRW) released a report on Myanmar’s use of the Chinese-made facial recognition systems, warning of a “serious threat” to human rights.

HRW said hundreds of cameras were installed in townships around the capital Naypyidaw in December 2020, before the military took power in a coup, in the first phase of a security initiative called “safe city.” Cameras were also installed in Myanmar’s largest city, Yangon.

Experts and activists on the ground fear that the military’s increased access to this technology could have consequences for the safety of anyone opposing the junta.

The cameras, sourced from Chinese tech conglomerates Huawei, Dahua and Hikvision, are equipped with artificial intelligence technology that automatically scans faces and vehicle license
plates in public places and alerts authorities to those on a wanted list.

By controlling the biggest telecommunication company in Myanmar, Telenor, the junta has restricted internet access and censored online content. There have also been reports that the
junta has installed spyware on telecom services and internet providers to further monitor and
combat online “traitors.”

vas pup July 29, 2022 6:00 PM

US-Israel fund launches cybersecurity program for critical infrastructure protection New BIRD initiative to grant $1.5 million per project for joint work on securing supply chains, airports and seaports, and enterprises

“The program will be led by BIRD Cyber, a joint cooperation between the Israel-US Binational Industrial Research and Development (BIRD) Foundation together with the US Department of
Homeland Security’s Science and Technology Directorate and the Israel National Cyber Directorate (INCD), according to an official announcement Tuesday.”

Henry July 29, 2022 6:22 PM

Has anyone disassembled this NSO spyware and explaind how/why the phone makers have not been able to block it?

SpaceLifeForm July 29, 2022 9:21 PM

@ Henry, Leon

You may want to start here.

try g(pegasus ForcedEntry)

Or not try. There are rabbit holes.

SpaceLifeForm July 29, 2022 10:02 PM

@ john

We are at an inflection point. Right now. Seriously. It is a Friday.

GS (the thumb of the invisble hand of the marketplace) is going to learn that hammers hurt.

It will not just be a flesh wound.

The Hammer is coming down.

SpaceLifeForm July 30, 2022 12:50 AM

@ Leon, Clive, ALL

An interesting typo I did, just the ‘i’.


Last time I was there was defintely over
15 years ago.

I did mention CERN recently.

Winter July 30, 2022 7:21 AM


Western filth will not overthrow the government of Myanmar.

There is a branch of politics/religion that looks positive upon killing people if that prevents them from letting the peacefully do what they want.

David Rudling July 30, 2022 1:26 PM

Embedding an EXE inside a .REG file with automatic execution


Clive Robinson July 30, 2022 2:37 PM

@ David Rudling,

“Embedding an EXE inside a .REG file with automatic execution”

You can do very similar with graphics files that use a “Turing Complete Engine”(TCE) to display them (postscript, PDF etc).

Fun fact back in the olden days 😉 Microsoft had an issue with “text files”

As far as the OS was concerned the file size was recorded in the “File Alocation Table”(FAT) record.

But as far as the editor and other text file manipulation was concerned the text ended at a control Z (Ctrl-Z) character.

So you could hide quite a bit of binary data at the end of a text file by putting in a little text then a control Z then the binary data.

Or executable… As it turns out an old fashioned XXXX.cmd “command file” is simply a file that gets loaded into memory with a simple offset… It does not take much thinking to work out how to make a small text file a command file… In fact this sort of thing was done with early malware.

SpaceLifeForm July 30, 2022 5:12 PM

@ David Rudling, Clive

I find this one more interesting, because the concept could be applied to any OS.


ResearcherZero July 30, 2022 11:10 PM


I kind of remember Australia having a long relationship selling weapons to Myanmar’s junta, which appeared to be a long ongoing effort to prop them up.
But it could have been a secret plan to bore them to death, by subjecting them to the jokes and ramblings of our bureaucrats and politicians at the local embassy building, while securing those arms sales.

An Australian man who sparked a worldwide investigation into spyware he allegedly created and sold to domestic violence perpetrators and other criminals, has been charged by the Australian Federal Police (AFP).

The 24-year-old from Frankston, in Victoria, was just 15 years old when he allegedly developed the Remote Access Trojan (RAT).

One of the purchasers was also registered on the Child Sex Offender Register.

The RAT cost about $35 and was allegedly advertised on a forum dedicated to hacking.

The AFP believes the number of victims globally was in the tens of thousands, with 44 victims identified in Australia.

His 42-year-old mother has also been charged with dealing with the proceeds of crime.

A funny story about gas and penguins?

“The federal environment minister announces government approval for a large-scale penguin farm near Alice Springs. It will produce 300,000 penguins each year for the high-end feather market in Europe.”

“Penguin feathers are also, in this make-believe world, proven superconductors that could provide an alternative to lithium for renewable energy batteries. The $40 million farming project promises to create jobs and growth in regional Australia.”

“To any informed reader, the idea of farming cold-ocean seabirds in the Australian desert is mind-numbingly silly. But this hypothetical idea helps us better understand how environmental governance in Australia has gone badly wrong.”

credits have been issued for emissions reductions that were not real or additional, such as:

protecting forests that were never going to be cleared
growing trees that were already there
growing forests in places that will never sustain them permanently
large landfills operating electricity generators that would have operated anyway.

May 4, 2020

“Gas and gas transmission networks already play an essential role in energy reliability, but gas has even more potential as a resource to produce and transmit hydrogen,” said Energy and Emissions Reduction Minister Angus Taylor.

The announcement of the Advancing Hydrogen Fund follows a crash in the global oil market crash. The fall has flowed on to lower gas prices, which Mr Taylor said “provides us with an opportunity for strategic economic stimulus”.

New regulations could allow ARENA (Australian Renewable Energy Agency) to fund developments that use CCS such as the development of “blue” hydrogen made with gas.

“These changes are supported by a broad cross section of peak bodies and industry groups,”

January 8, 2021

Asian spot prices for liquefied natural gas (LNG) jumped nearly 50% this week to a record high

July 7, 2022

In 2020 and 2021, Asia had been the main destination for US LNG exports, accounting for almost half of the nation’s cargoes, according to EIA. But during the first four months of 2022, U.S. LNG exports to Asia declined by 51%, averaging 2.3 Bcf/d compared with the 4.6 Bcf/d average in 2021.

“When Europe’s dependence on gas from Russia didn’t go well, it impacted almost everyone in Asia”

July 28, 2022

European wholesale gas prices closed at €204.85 (£172.08) per megawatt hour – the third highest price on record. The all-time high was achieved on 8 March when prices closed at €210.50 (£176.76) per megawatt hour, according to analysts Icis.

However, this time last year the wholesale gas price in Europe was at just above €37 (£31.08) per megawatt hour.

“Secret documents detail a government regulator scrambling after then-energy minister Angus Taylor decided to effectively rip up decades-long contracts for carbon credits, gifting windfall profits of potentially billions of dollars to some private companies.”

Financial institutions overseas have pumped $AUD36.7 billion into Australian fossil fuel projects…

“the Morrison Government is deliberately preventing efforts to turn off the tap for this type of overseas financing by playing a blocking role at international negotiations at the OECD”

Of the $36.7bn, $28.07bn went to LNG projects in Australia, including $9.67bn to the Ichthys LNG development in north-west Australia and $7.76bn for Australia Pacific LNG in Queensland.
The research says the total figure is likely to be higher because many public financial institutions do not publish detailed records of their transactions.

Senior energy market analyst and director of Climate Energy Finance Tim Buckley said fossil fuels were behind the huge interest in wholesale electricity prices.

“It is the unreliability of ageing coal power plants and the gouging of eastern Australian consumers by the gas cartel that are the two key factors.”

“Australia is at a pivotal point. There is a tidal wave of disruption on the way, and it’s critical we take steps now to get ahead of it,”

“The next wave of digital innovation will generate $10–15 trillion globally.

ResearcherZero July 30, 2022 11:30 PM

The boss of WhatsApp says it will not “lower the security” of its messenger service. Government plans to detect child sex-abuse images include the possible scanning of private messages.

Mr Cathcart said WhatsApp already detected hundreds of thousands of child sex-abuse images.

“There are techniques that are very effective and that have not been adopted by the industry and do not require us sacrificing everyone’s security,” he said. “We report more than almost any other internet service in the world.”

“Client-side scanning cannot work in practice,” Mr Cathcart said. “What’s being proposed is that we – either directly or indirectly through software – read everyone’s messages,” Mr Cathcart said. “I don’t think people want that.”

Ella Jakubowska, policy adviser at campaign group European Digital Rights, said: “Client-side scanning is almost like putting spyware on every person’s phone. It also creates a backdoor for malicious actors to have a way in to be able to see your messages.”

Nobby July 31, 2022 12:42 AM

an old fashioned XXXX.cmd “command file” is simply a file that gets loaded into memory with a simple offset

Haven’t you mixed up *.cmd command file, which is merely a windows shell script aka bat-file, and *.com command file, which was relocation-less x86 executable? Long ago it was…

Clive Robinson July 31, 2022 12:56 AM

@ SpaceLifeForm,

I tried posting a reply to you but it got the “held for moderation” that we know as the “Kiss of death”.

So in parts…

Part 1,

Re : Audio Networking

You might remember I’ve mentioned many years ago (early 90’s) I was designing cordless phones for the “Fast Moving Consumer Electronics Market”(FMCE) and a decade or so prior to that the use of audio for storing data on audio tape and for device to device “networking” to transfer files and also a “Piccolo Modem” for sending 5bit teleprinter codes across HF links. So I’ve a little bit of experience in this area.

Clive Robinson July 31, 2022 12:58 AM

@ SpaceLifeForm,

Part 2,

There are a few basic ways you can detect an audio tone,

1, Resonator with integrator
2, Direct conversion
3, Phase Locked Loop (PLL)
4, Goertzel algorithm
5, Discrete Fourier Trans(DFT)
6, Fast Fourier Trans(FFT)

The first three are hardware the last mathmatical. However all the hardware ones can be easily converted to software.

But detecting a tone, is just a small part, what you are realy doing is detecting a wanted tone from a composite signal that is mostly unwanted tones combined as “noise” across the full bandwidth.

Clive Robinson July 31, 2022 12:59 AM

@ SpaceLifeForm,

Part 3,

So an essential part is filtering out or rejecting the unwanted signals. The usual trick is to use “narrow bandwidth acceptance”. However make the bandwidth two small and you will significantly effect the speed of operation of the circuits / algorithms thus communications data rate…

There are two basic ways with resonator circuits, a simple tuned circuit which is inherently narrow band, or coupled tuned circuits that are filters that are highpass, lowpass, or bandpass, and you can tailor their frequency characteristics to suit your needs.

What you do is “load” or “quench” the resonator which changes it’s Q or “quality factor” and use a peak detector, or envelope detector, followed by an integrator. A simple example of this being a TRF or “Crystal Radio”. A way more sensitive circuit being a super regenerative receiver[1].

Clive Robinson July 31, 2022 1:01 AM

@ SpaceLifeForm,

Part 4,

In essence the resonators act like a pendulum, if you give them a tap then they swing at their natural frequency untill the energy of the tap is lost to the environment. Tap at the same frequency and phase, and the pendulum will swing in larger and larger swings as more energy builds up. The “load” or loss to the environment is often nonlinear thus the pendulum will reach a steady state in the arc of it’s swing.

If however the resonator is “lossless” as a mathmatical resonator would be, the energy would build indefinitely. Which is the principle used in the “Piccolo Modem”[2].

It is known by many that an “RF Mixer” can be used to effectively take two input frequencies and “beat them together” and produce at the output “the sum and difference” frequencies. What is less well known is that phase coherence is maintained. So the use of two mixers driven by an input frequency, and each having a local oscillator frequency that is the same but in phase quadriture makes an “IQ Demodulator” the outputs of which can be used to find the input signal true amplitude and phase, as well as diferentiate between positive and negative frequencies. If the input and local oscillator frequencies are the same the difference beat frequency is zero or “DC” which alows the modulation to be recovered directly, hence it’s called a “Direct Conversion” receiver.

Even less well known even though I mention it from time to time you can use D Type latches and XOR gates to do the equivalent of frequency mixing. In fact the XOR gate can be used as the butterfly in a “Discrete Walsh Transform”(DWT).

Clive Robinson July 31, 2022 1:03 AM

@ SpaceLifeForm,

Part 5,

Because you can get the phase output as well as if the frequency is positive or negative, you can use DC Receiver, D Type, or XOR as a “frequency/phase detector” the output of which can be used to drive a “voltage controled oscillator”(VCO) to track the input frequency. The control voltage is thus directly proportional to input frequency and can give a very fast indication of trequency. It’s why the circuit is used in many things RF including Data Modems. In software you can make the equivalent of a VCO by implementing a “Direct Digital Synthesizer”(DDS) or “Numrical Oscilator”. In essence these are just a lookup table of a sinewave, driven by a counter, where you change the count step size to control the frequency. You can make the frequency resolution as fine as you like, in fact better than can be measured by instruments. I’ve designed systems for “seismic use” that have frequency step sizes of less than 10^-6 Hz.

The DC receiver is also the direct equivalent of the “Discrete Fourier Transform”(DFT) or “Fast Fourier Transform”(FFT) “butterfly”.

Whilst the DFT is about as efficient for one frequency as you can get, a more efficient algorithm for a small set of frequencies like DTMF detection is the “Goertzel algorithm” that can be efficiently implemented in software[3].

Clive Robinson July 31, 2022 1:05 AM

@ SpaceLifeForm,

Part 6,

I won’t go into DFT’s and FFT’s there’s bucket loads of information available via google, and as for software there are hundreds of “libraries” covering nearly all popular programing languages. Even Intel providess a highly optomized library set for the IAx86 and later families.

What is quite a bit harder to find is info on DWT and FWT’s and Walsh Transforms in general. They have a lot of advantages, one of which is you do not need slow arithmetic like multiply and add, thus the FWT can be blindingly fast. Importantly the DWT does not detect “frequency” as such but “sequency” I won’t go into it other than to say if you want to get seriously into cryptanalysis then sequency analysis should be on your knowledge list.

Clive Robinson July 31, 2022 1:47 AM

@ SpaceLifeForm,

Part 7,

Knowing about tone detection and recovering any modulation is fairly essential knowledge for anyone doing Data Communications. Importantly as the world is going to “software defined” now fast “Analog to Digital”(A2D) parts are in the consumer price bracket knowing how to convert hardware circuits into software equivalents is an essential skill.

If you want to play around in this area “GNU Radio” is one tool that many use for prototyping their ideas.

Clive Robinson July 31, 2022 1:52 AM

@ SpaceLifeForm,

Part 9,

[2] The UK “Diplomatic Wireless Service”(DWS) was an interesting organisation and had a very interesting technical history, probably more interesting than that of Bletchly Park. Unlike BP which became part of what was eventually GCHQ the DWP survived as a seperate entity for a lot longer. In the mid to late 1980’s when I had some involvment with the DWS it was still doing leading edge technical developments in both radio and crypto equipment. Unfortunatle little of this ever came to public notice,

However the design ideas behind the Piccolo HF teletype modem did get published,

Clive Robinson July 31, 2022 1:55 AM

@ SpaceLifeForm,

Part 10,

[3] The Goertzel algorithm was originaly described by Gerald Goertzel in the late 1950’s. But it became of real interest in the 1980’s as it alowed software on 8bit CPU’s like the Z80 and later single chip microcontrolers to be used to do DTMF and similar multi tone decoding,

Clive Robinson July 31, 2022 2:03 AM

@ SpaceLifeForm,

Part 12,


Clive Robinson July 31, 2022 2:09 AM

@ SpaceLifeForm,

Part 14,

For some reason this link is causing the blog input problems, so I’ve split it up


Clive Robinson July 31, 2022 2:17 AM

@ Nobby, ALL,

Re : mea culpa

“Haven’t you mixed up *.cmd command file, which is merely a windows shell script aka bat-file, and *.com command file,”

Yes it should have been “.com” in my post not “.cmd”

I’ll blaim unseasonaly “hot and humid weather” for the UK and a “tired brain” 😉

Winter July 31, 2022 3:29 AM


A funny story about gas and penguins?

What always amazes me is how alike the Anglo-Saxon countries are in their politics and public delusions. AU, UK, and USA/CA are on opposite parts of the globe, but their people still continue to fall for the same ruses.

I have to admit the old proverb is true [1]:

Mundus vult decipi, ergo decipiatur,

[The world wants to be deceived, so let it be deceived]

[1] ‘,_ergo_decipiatur

see also

Why do states bother to deceive? Managing trust at home and abroad

PDF: ‘

SpaceLifeForm July 31, 2022 3:37 AM

@ Clive

Good stuff. I observe two missing double digit primes less than 15.

I’ve never heard of Goertzel algorithm or Walsh Transforms.

So, thanks for the rabbit holes. I think. 🙂

SpaceLifeForm July 31, 2022 4:58 AM


re: Musk v Twitter

Popcorn. More popcorn.

I recommend you read this for the observations. Which I have noticed.


SpaceLifeForm July 31, 2022 5:48 AM


re: Bio-metrics can fail


Clive Robinson July 31, 2022 7:21 AM

@ SpaceLifeForm, ALL,

Re : mea culpa

Sorry folks, parts 11 and 13 are not missing.

I incremented the count when trying to post another “attempt” that when it failed I did not decrement so incremented again on a later attempt (of which there were many[1])

Proves one thing though, I’m not upto the “idiot savant” capabilities of a computer, well maybe halfway there 😉

[1] I’ve no idea what is wrong with that URL, but I think I’m going to try a binary chop next time rather than just breaking into two paragraph sized pieces.

Clive Robinson July 31, 2022 7:38 AM

@ SpaceLifeForm,

In the UK when bodies end up on the railway tracks, there is an unoficial TLA of “JFP” for “Jumped, Fell, or Pushed”.

From the reports the young man exited the aircraft around 3,500ft which is a low altitude, and atleast thirty miles from an airport.

Apparantly the aircraft reported loosing it’s right wheel…

I’ve no idea what type of aircraft it was, but in smaller aircraft with fixed undercarriage often used by people parachuting, opening the side door is normal and you usually get a good view of the undercarriage. So if the two pilots had felt the wheel detach they might well have lost hight and one tried to get a better visual inspection of what the damage was.

Clive Robinson July 31, 2022 7:49 AM

@ SpaceLifeForm,

Re: Bio-metrics can fail

In this case I suspect it’s a hardware failing on the Google Pixel 6a which does not bode well (especially with the level of discounting you can get on it).

The logic is,

1, Only a very few 6a phones have this fault, if it were software you would expect many more.

2, Importantly the fault is to do with “recording and comparing” finger prints. So lets say a faulty sensor gives a very low resolution that gets recorded and all future reads will be as low a resolution in the same way so are much more likely to match due to the lack of fidelity.

If it is hardware, it’s going to be both a major headache for Google and a major expense…

Clive Robinson July 31, 2022 8:02 AM

@ SpaceLifeForm,

Re: Musk v Twitter

Yup this is getting as exciting as an Agatha Christie, maybe we should call it,

“The case of the missing traffic”

Quite a few users have noted obvious changes and a significant down turn in what they see since this started.

This suggests a lot more than a 5% downward change in traffic.

So are twitter carrying out more bans of legitimate users?


Are the Teitter board trying to dig themselves out of the legal hole they dug for themselves with those highly questionable SEC filings?

Time to heat up some more oil, and chuck in another half cup of corn and finely grated hard cheese and then throw in a pinch or two of dried and ground jalapeno chillies and deeply smoked paprika into the mix…

Winter July 31, 2022 9:11 AM


Yup this is getting as exciting as an Agatha Christie, maybe we should call it,
“The case of the missing traffic”

I think it is more a Sherlock Holmes’ quote [1] (from Silver Blaze):

Holmes: “To the curious incident of the dog in the night-time.” “The dog did nothing in the night time.” “That was the curious incident,” remarked Sherlock Holmes.

JonKnowsNothing July 31, 2022 11:37 AM


re: 2020 Beirut Port Explosion & Grain Silos finally collapse

A small MSM article & video described how the giant grain silos at the port of Beirut have finally collapsed 2 yrs after the port explosion.

A few things to note:

  • The silos were left standing
  • The grain was left as-is after the explosion
  • The grain was exposed to not only rodents but to the elements
  • The grain began to ferment from effects of 2 years of weather (1)
  • The grain fermentation process created enough heat to spontaneously combust
  • The local fire brigade was unable to put out the fire and smoldering (2)
  • The same principle technique used by renaissance sappers applied to the standing towers (3)
  • The towers collapsed
  • Huge waves of bad-for-you smoke rolled across the city

I have no idea why the damaged silos and contaminated grain was allowed to remain and left in place since 2020 and the article didn’t explain why it wasn’t cleaned up as a Public Health Hazard.

It does highlight some of the problems with long term grain and other commodity storage. The stuff sitting in ports is a major hazard (eg UKRvRU), it’s not only a humanitarian issue but it’s extremely dangerous to have stored for long periods. Such storage is meant for in-transit storage.


1) Deliberately fermented grains and grass is called Silage. It is commonly fed to cattle. A very large pile of feed is stacked or chopped up and sprayed into long plastic tubes where fermentation takes place. The density of the fodder pack determines the nutrient characteristics. It’s like sauerkraut for animals.

2) Low level smoldering of fires is a common problem with many over packed materials. Coal Seam fires and landfill automobile tire depots fires can run decades or longer.

Coal-seam fire
Tire fire

3) Sapper / The word “sapper” comes from the French word sapeur, itself being derived from the verb saper (to undermine, to dig under a wall or building to cause its collapse).

Clive Robinson July 31, 2022 1:00 PM

@ JonKnowsNothing, ALL,

Re :

I have no idea why the damaged silos and contaminated grain was allowed to remain and left in place since 2020

Due to the actions of the West, the country is bankrupt.

Thus resourcess have to be triaged.

Another problem was the whole site and everything in it had become “toxic waste” and nobody wants that going down their road. So “store in place” would have been easier.

Then there are the on going legal issues with the ship that started the whole problem in the first place, then insurance, then… Such things are often never ending.

lurker July 31, 2022 8:28 PM

biometrics can be forged

There was recent discussion here on this (search-fu low today) where some guys at Cambridge showed how to persuade iOS some specially crafted garbage was the real owner’s finger.

I can’t use those systems: my current day job renders my fingers unreliable.

SpaceLifeForm July 31, 2022 11:06 PM

@ Clive, ALL

The TLS certificate for expired just over 2 hours ago. Not likely to re-rolled immediately.

Also, while chasing this down, I realized that my desktop FF (Debian Stable) during recent updates at some point, had enabled DoH.

I disabled it, partly for debugging reasons, but also because it was using CloudFlare to get the DNS info. When debugging, you want consistent views of DNS when using different tools.

In this case, it was not a DNS problem.

Using wget and curl, they both said expired certificate.

You can not work-around this by using plain http because the server is forcing a 301 redirect to https.

Confirmed with:




Says everything is great, but apparently does not check expire timestamp.

Winter August 1, 2022 1:06 AM

If this were a TV show, we would dismiss it as “Alarmist nonsense”. Read the articles and guess what the punishment and reparations to the victims are.

Double-double tracking: How Tim Hortons knows where you sleep, work and vacation
Tim Hortons is logging detailed location data of customers through its app — and many may not realize it’s happening at all

Using Places, Radar generated a JSON batch when the app thought I was at one of Tim Hortons’ competitors. There are snippets in the JSON code that read “event_name: user.entered_place,” and, a couple lines down, “place_chain_name: Starbucks.”

According to these batches, Tim Hortons was using the Radar service [1] to track me every time it thought I might have entered a Starbucks, Second Cup, McDonald’s, Pizza Pizza, A&W, KFC or Subway.

Notably, those fast-food outlets appear to be competition for Tim Hortons, as well as Burger King and Popeyes Louisiana Kitchen, two other fast-food chains owned by RBI.

Tim Hortons app violated privacy laws in collection of ‘vast amounts’ of sensitive location data

People who downloaded the Tim Hortons app had their movements tracked and recorded every few minutes of every day, even when their app was not open, in violation of Canadian privacy laws, a joint investigation by federal and provincial privacy authorities has found.

[1] From The Privacy Commissioner of Canada:

While Tim Hortons stopped continually tracking users’ location in 2020, after the investigation was launched, that decision did not eliminate the risk of surveillance. The investigation found that Tim Hortons’ contract with an American third-party location services supplier [Radar] contained language so vague and permissive that it would have allowed the company to sell “de-identified” location data for its own purposes.
There is a real risk that de-identified geolocation data could be re-identified. A research report by the Office of the Privacy Commissioner of Canada underscored how easily people can be identified by their movements.

Answer to punishment Tim Hortons and damages paid:
Tim Hortons to offer free coffee, doughnut to app users involved in privacy lawsuit

Winter August 1, 2022 1:18 AM

Nichelle Nichols, groundbreaking ‘Star Trek’ actor, dead at 89
Nichols and her “Star Trek” character Uhura broke barriers as one of the first Black female leads on television.

I was a fan of Start Trek [1] when I was a boy. I never noticed she was black then, or rather, that was not something worth noticing among Asian and Russian crew members, or a Vulcan. But I did not live in the USA and those where different times.

[1] and before that, the Thunderbirds, I am that old

ResearcherZero August 1, 2022 1:46 AM


I might possibly have some Star Trek episodes on cassette, may have engaged in the odd ‘Star Trek Night’ with a good bottle of Irish whiskey, but don’t tell the captain.

How to graduate from geek to creep.

In 2012, a developer, “Shockwave™”, registered the domain imminentmethods[.]info, and in April 2013 started selling his “Imminent Monitor” RAT on online forums and at his site, which later changed to imminentmethods[.]net. Earlier in 2012, he had offered a Distributed Denial of Service (DDoS) tool, “Shockwave™Booter,” but seemed to drop that project in favor of his new RAT.

He proudly claimed “the fastest remote administration tool ever created using new socket technology that has never been used before.”

In 2014, Imminent Monitor started supporting third-party plugins. The first of these offered the ability to turn the webcam light off while monitoring. Shockwave™ wrote: “Hey, good job on being the first to release a plugin for Imminent Monitor.” – a plugin with an obviously illegitimate intent.

Legitimate remote access tools don’t need to hide and encrypt their logs. A crypter, allowing a “Fully UnDetectable” (FUD) client, only has one purpose: to attempt to evade antivirus detection.

“The keylogger: The logs are hidden, and encrypted, fast transfer of the logs aswell, with progress indicating how much of the log is downloaded”…
“The crypter: The crypter is really just a bonus feature, not always FUD but I try and do my best to keep it FUD.” [Sic]

Big Data and Health

Millions of smartphone users confess their most intimate secrets to apps, including when they want to work on their belly fat or the price of the house they checked out last weekend. Other apps know users’ body weight, blood pressure, menstrual cycles or pregnancy status.

Unbeknown to most people, in many cases that data is being shared with someone else: Facebook.

The social-media giant collects intensely personal information from many popular smartphone apps just seconds after users enter it, even if the user has no connection to Facebook. The Federal Trade Commission has taken an interest in cases in which data sharing deviates widely from what users might expect, particularly if any explanation was hard for users to find.

As Heartbeat International says on its webpage marketing its data management system: “Big data is revolutionizing all sorts of industries. Why shouldn’t it do the same for a critical ministry like ours?”

The Meta Pixel is a piece of code that can be injected into any website to aid with visitor profiling, data collection, and targeted advertising.

It takes up the space of a single pixel, hence the name and stealthiness, and helps collect data such as button clicks, scrolling patterns, data entered in forms, IP addresses, and more.

Meta, Facebook’s parent company, prohibits websites and apps that use Facebook’s advertising technology from sending Facebook “sexual and reproductive health” data.

Facebook does not have an incentive to crack down on violations of its advertising policies, said Serge Egelman, research director of the Usable Security & Privacy Group at UC Berkeley’s International Computer Science Institute. “That costs them money to do. As long as they’re not legally obligated to do so, why would they expend any resources to fix this?”

Meta is already collecting data about people who visit the websites of hundreds of crisis pregnancy centers, which are quasi-health clinics, mostly run by religiously aligned organizations whose mission is to persuade people to choose an option other than abortion.

Using Blacklight, a Markup tool that detects cookies, keyloggers, and other types of user-tracking technology on websites, Reveal analyzed the sites of nearly 2,500 crisis pregnancy centers—with data provided by the University of Georgia—and found that at least 294 shared visitor information with Facebook.

Meta’s tracking code is present on 33 websites of the top 100 hospitals in the United States, and in seven cases, the code runs beyond password-protected patient portals.
According to the complaint, the 33 hospitals found to have the Meta Pixel collectively admitted over 26 million patients and outpatient visits in 2020 alone.

“Healthcare Defendants do not have the legal right to use or share Plaintiffs’ and Class members data, as this information is protected by the Health Insurance Portability and Accountability Act of 1996’s (“HIPAA”) Privacy Rule, which protects all electronically protected health information a covered entity like Healthcare Defendants “create[], receive[], maintain[], or transmit[]” in electronic form.”

Prior to the digital revolution, the information that a business could, as a practical matter, collect about consumers was limited and, generally speaking, relatively obvious to the consumer. That has changed dramatically in an age when consumers are using the Internet, mobile applications, and social media platforms to facilitate interactions throughout their daily lives.

According to the WSJ Article, data being sent to Facebook included information such as users’ heart rates, blood pressure readings, menstrual cycles, and even pregnancy statuses. In one such case, Flo Health, Inc. (“Flo”), a menstruation and fertility-tracking app used by more than 100 million consumers, sent Facebook data every time a user logged a period or told the app that she intended to get pregnant. The app would also send data whenever it was opened, apprising Facebook of where the user was in her menstrual cycle — noting “ordinary” or “period” to “ovulation” or “pregnant.”

…it is painfully obvious that laws and regulations in this area have plainly not kept up with technological advancement, and even with respect to categories of data that any reasonable person would deem extremely private and out of bounds, consumers currently are not adequately protected.

The generally applicable laws that constitute the current legal framework for the regulation of social media giants and their data analytics divisions are blatantly insufficient.

ResearcherZero August 1, 2022 2:01 AM


“I implore Michigan residents to read the fine print in the user agreements for phone applications and programs because their registration often gives companies the right to sell personal information to other companies.”

“Be aware that your information may be sold to entities for other uses.”

Privacy International (PI) investigated more than 100 mental health websites in France, Germany and the UK.

It found many shared user data with third parties, including advertisers and large technology companies.

The way information was being sold was “neither transparent nor fair and often lacked a clear legal basis”

Big Tech has flirted with health care for years. Amazon’s direct entry into primary health care is a turning point. It will increase the perils of surveillance capitalism, with implications for everyone.

In an information civilization our lives are rendered as and mediated by information. But what is the quality of this information? Who knows this information? Who decides who knows? Who decides who decides who knows?

When human data are the hunted prey, a great deal of bait must continuously fill the traps. The bait was also part of the big taking, including all the web pages, the books, the music, the bodies, cars, shops, homes, classrooms, hospitals, maps of all territories, streets, buildings, houses… and all the news. The more bait, the more engagement, the more data extraction, the more predictions, the more revenues.

The giants and their ecosystems now own all the data about all the people, the data science and the scientists, the cables, computers, and clouds. They control the global market in knowledge production known as artificial intelligence and machine learning. They decide what becomes knowledge, who knows it, and to what purpose.

ResearcherZero August 1, 2022 2:17 AM

“This report does not paint a pretty picture of the status of information technology acquisition and management by the Administrative Office of the U.S. Courts,”

“It is telling that the AOUSC refused to agree to implement any of the 18 recommendations GAO has included in its report, and these will be an intense focus of continued Congressional oversight. We will also expect the AOUSC to work with us to establish in statute [the] position of Chief Information Officer for the AOUSC as GAO recommended in its report.”

As long as they can get our names and addresses correct, then we are all in good hands, right? At least the right person appeared in the court, they did check that didn’t they?

ResearcherZero August 1, 2022 5:05 AM

Across the globe, governments are using social media surveillance tools to collect and analyse vast amounts of data on their own citizens.

“lack of transparency in government practices in terms of data-based surveillance has kept ASEAN citizens in the dark on how their information is being retrieved or how governments are blocking, distorting, and manipulating the information they receive.”

“The scope of the government’s intrusion is far larger than we ever imagined. It’s quite literally large-scale espionage,”

1,584,547 phone lines were bugged in 2021, representing over 20 percent of Telefónica’s customers in Venezuela. Government entities also requested metadata of 997,679 accounts, or 13 percent of users. …interception requests in Venezuela bypass judicial orders and are instead made by Conatel on behalf of the nation’s military, police and intelligence agencies, as well as the Experimental Security University, which trains police and security forces.

The true extent of the government’s surveillance remains widely unknown — after all, Telefónica is only one of Venezuela’s telecommunications providers…

“Cell carriers, staffed with special law enforcement liaison teams, charge police departments from a few hundred dollars for locating a phone to more than $2,200 for a full-scale wiretap of a suspect.”

“Law enforcement tracking of cellphones, once the province mainly of federal agents, has become a powerful and widely used surveillance tool for local police officials, with hundreds of departments, large and small, often using it aggressively with little or no court oversight.”

“in the context of big data, individual events are meaningless”

The mobile network/ SIM-card operators themselves have the ability to intercept and record all of the data about visited websites, who called or sent SMS to whom, when, and what they said.

Your Wi-Fi internet provider offers DNS as part of your service, which means your provider can also log your DNS traffic — in essence, recording your entire browsing history.

Any mobile network operator can also precisely calculate where a particular subscriber’s phone is located whenever the phone is powered on and registered with the network. The ability to do this is called triangulation.

Dirt Boxes

“The boxes used by the program allow planes to pose as the nearest cell phone tower, which prompts cell phones under surveillance to disclose their location and identity information, even if a legitimate tower is closer than the plane overhead.”

Cessna aircrafts fly from at least five airports near major cities, effectively allowing them to surveil most Americans.


DHS has paid a government contractor named Venntel nearly half a million dollars for access to a commercial database containing location data mined from applications on millions of Americans’ mobile phones.


“Veraset refuses to reveal even how they get their data or which apps they purchase it from, and I think that’s because if anyone realized that the app you’re using” also “opts you into having your location data sold on the open market, people would be angry and creeped out.”


PenLink’s trade is in collecting and organizing that information for police as it streams in from the likes of Facebook and Google.

The contract requires PenLink, at a minimum, to help wiretap a large number of providers, including AT&T, Iridium Satellite, Sprint, Verizon, T-Mobile, Cricket, Cablevision, Comcast, Time Warner, Cox, Skype, Vonage, Virgin Mobile and what the government calls “social media and advertising websites” such as Facebook and WhatsApp.

ResearcherZero August 1, 2022 5:19 AM

“in the context of big data, individual events are meaningless”

It’s your behavior that is suspicious…

“Sharp Eyes is one of a number of overlapping and intersecting technological surveillance projects built by the Chinese government over the last two decades. Projects like the Golden Shield Project, Safe Cities, SkyNet, Smart Cities, and now Sharp Eyes mean that there are more than 200 million public and private security cameras installed across China.”

“In 2013, the local government in Pingyi County began installing tens of thousands of security cameras across urban and rural areas — more than 28,500 in total by 2016. Even the smallest villages had at least six security cameras installed, according to state media.”

“Those cameras weren’t just monitored by police and automated facial recognition algorithms. Through special TV boxes installed in their homes, local residents could watch live security footage and press a button to summon police if they saw anything amiss. The security footage could also be viewed on smartphones.”

That guy is running, and it looks suspicious to me…

The National Computing Power Network

China seeks to become the global leader in technologies emerging from advancements in artificial intelligence (AI) and data analytics. This strategy has the dual objectives of accelerating the transformation of China’s own economy and building the nation into a cyber power.

The purpose of China’s Nationally Integrated System of Big Data Centers is to generate computing power; in fact, the system is sometimes simply called the “national computing power network.” When complete, it will process lots of data, fast. All the data.

First, Eastern Data Western Computing provides top-level design for China’s Computing Power Network. Eastern Data Western Computing will eliminate redundancies and inefficiencies in the overall national computing power layout. In particular, the plan improves the “imbalance in data center supply and demand” by transferring data from China’s more developed eastern region where most data resides to its less developed but energy-rich western region where it will be processed.

Second, China is positioned to construct the world’s leading ultra-large-scale market for data. With China’s immense set of data resources, Eastern Data Western Computing will help drive the “marketized” allocation of data elements and better reveal the value of data as a productive resource. The goal is not just simply a national market for data, it is the “world’s leading” ultra-large-scale data market (一体化超大规模数据要素市场) with national and global reach.

Third, global competition will be increasingly focused on data. As the most important factor of production in the digital age, data is comprehensively reconstructing global production, distribution, and consumption and is “becoming the high ground in the competition between major countries (成为大国间竞相争夺的制高点).”

Fourth, computing power joins data, algorithms, and application software as the key resources of a digital economy. China’s future international competitiveness is dependent on its digital economy. And the future of China’s digital economy is dependent on the development of this economy’s key resources (computing power, data, algorithms, and applications) as well as the coordinated governance and control of these resources through a Nationally Integrated System of Big Data Centers.

Eastern Data Western Computing is just the latest announcement in China’s accelerating drive for Digital China “to win the future.”

China’s current “in-advance” policy of digital infrastructure construction (build the infrastructure first and the other key digital economy resources will follow) characterizes this thinking in concrete terms.

Leaders in Beijing wanted to urge economic officials, directors of various research bodies and tech entrepreneurs to join their efforts in implementing the “state big data strategy”.

“The CCP [has used] technology to make its Gordian knot of political control inseparable from China’s social and economic development.”

Clive Robinson August 1, 2022 7:02 AM

@ Bruce, ALL,

Re : Break PQC SIKEp434 in an hour.

An efficient key recovery attack on SIDH

Not had time to digest this yet, but it is interesting.

“We present an efficient key recovery attack on the Supersingular Isogeny Diffie-Hellman protocol (SIDH), based on a “glue-and-split” theorem due to Kani. Our attack exploits the existence of a small non-scalar endomorphism on the starting curve, and it also relies on the auxiliary torsion point information that Alice and Bob share during the protocol. Our Magma implementation breaks the instantiation SIKEp434, which aims at security level 1 of the Post-Quantum Cryptography standardization process currently ran by NIST, in about one hour on a single core. This is a preliminary version of a longer article in preparation.”

The 15page pre-print,


SpaceLifeForm August 1, 2022 7:23 AM

@ Bruce, Clive, ALL

Re : Break PQC SIKEp434 in an hour.

I thought I mentioned this over a week ago, but maybe it was a slightly different attack.

I would not chase the Quantum Crypto Ghost thru the swamp unless you like to bleed.

Clive Robinson August 1, 2022 8:15 AM

@ SpaceLifeForm,

Re : Break PQC SIKEp434 in an hour.

“I thought I mentioned this over a week ago, but maybe it was a slightly different attack.”

The IACR site gives,

“2022-07-30: received”

Which is less than a week ago, are we talking about the same thing?

To be honest these attacks are not coming through as thick and fast as I was expecting… After all for many this will be the “one shot” of launching their name thus career up a league or two.

Winter August 1, 2022 9:33 AM


You might be aware of the problem, but it’s only going to get worse,

What I see there has nothing to do with Google, and everything with the third world nature of US public/government services.

That poor people cannot access social security or government services is the sole and only responsibility of the US local, state, and federal institutions that supply these services.

If Americans want to believe in smaller and less government, this is exactly what that means.

&ers August 1, 2022 1:33 PM


This time i need your help.
I’m planning to leave my country,
things are getting bad here. Initial destination : UK.
Can you please suggest me any good infosec company
in UK to connect with? Before leaving i need a job there.

Clive Robinson August 1, 2022 2:42 PM

@ &ers,

“Initial destination : UK.”

First thing if you do decide to come to the UK, is to travel direct, do not travel via any other country (international law requirement).

The next problem is even if you are recognised as a “refugee”, you very probably will not be able to work when you get here or draw benifits. As that is the prevailing attitude of the current political incumbents, even though we have a tech skills shortage in the UK.

Apparently the UK Governments current plan believe it or not is to still ship anyone and everyone, especially single males who are almost always,treated as illegal economic migrants, not refugees back out to another country first stripping them of any valuables etc.

The chosen destination being Rwanda… Apparently the East African nation which saw terrible civil insurection and slaughter not so long ago has agreed a £120million deal. Unlike Albania and Ghana who were both previously aproached and said no.

Whilst there are supposadly legal ways in via work visas, apparantly they currently are impossible to obtain for several reasons. One being “Ukranian refugee families” are blocking up the system…

There is also another issue which is “sponsorship”. Somebody has to not just sponsor you but pay many thousands of pounds. You also have to pay significant sums as well.

What all the current rules are I’ve no real idea any more, just that you need a legal specialist to avoid very large fines and similar for getting even the tiniest thing wrong…

Clive Robinson August 1, 2022 3:41 PM

@ &ers,

One way in with minimal requirments is via an “inovators visa” (See UK Gov website),

One approved “Sponsoring Organisation” is

Basically pitch a cyber-security idea and get start-up funding.

There is also a Robotics for the likes of industry and transportation “sponsoring organisation”.

Otherwise you are looking for either a “global talent visa” as a researcher,

Or a “Skilled Worker Visa”,

There is another way if you want to get into the UK, that is via the CTA which long predates the UK membership of the EU. Basically where you are a citizen of Ireland, Isle of Man, or Channel islands.

I’m told by someone who got Irish Citizenship quite a few years ago who was from an East European nation then outside of the EU that it was the “easier route” likewise some people with dual South American – Portuguese/Spanish nationality.

SpaceLifeForm August 1, 2022 6:35 PM

@ Clive

Re : Down spin of Intel.

Yes, good comments. Intel is definitely bleeding. They probably lost their path in the Go-Faster Forrest.

Look at it this way, most people do not need lots of cpu cores with high clock rates, and a simpler RISC cpu that uses less power is sufficient.

So, their market these days is probably going to cloud. And I would not count on that being a growing, profitable market.
One way for Intel to regain some respect from the marketplace would be to start seriously addressing the problems in microcode. And backfix old kit.

Because those problems are a disincentive to use Intel kit from a security perspective.

lurker August 1, 2022 6:55 PM

@Winter, Tim Hortons app violated privacy laws . . .

There’s an app for that? Why?

SpaceLifeForm August 1, 2022 8:01 PM

@ Clive

Re : Break PQC SIKEp434 in an hour

I know I read about it on Twitter, but I can not find the specific article I earlier read.

This is close enough. SIKE and SIDH.

Do not chase the Quantum Crypto Ghost thru the swamp.

Get as much of your infrastructure you can to use ECC with a SafeCurve.


  1. Does it break ECC?

No. The attack assumes the degree of the isogeny is known, and that is exactly the secret key in ECC. There is no particular reason to think attacks on SIDH lead to attacks on ECC.

  1. Implications for PQ crypto

There is no doubt that this result will reduce confidence in isogenies. The sudden appearance of an attack this powerful shows that the field is not yet mature. The relatively recent attack by Ward Beullens on Rainbow has a similar impact on multivariate crypto.

Also see the comments here


Winter August 2, 2022 1:47 AM


There’s an app for that? Why?

My partial understanding is that the location has to do with ordering coffee and knowing to which Hortons it should be send. But that sounds idiotic to me too, so that might not be the whole story. Maybe some kind of loyalty card stuff?

However, the point is that the app shows Hortons has no concept of privacy at all. Clients to Horton are not better than whales are to a whaler.

SpaceLifeForm August 2, 2022 2:21 AM


ANOM source code


Clive Robinson August 2, 2022 6:11 AM

@ SpaceLifeForm, ALL,

Re : PQC Breaking

I think we can take it as read that it’s not just going to be SIKE/SIDH.

Which is part of the reasoning behind your,

“Get as much of your infrastructure you can to use ECC with a SafeCurve.”

But we need to think a little more generally or with broader brush strokes, if we are to avoid the “Hamster Wheel of Pain”. That is what crypto is it that QC threatens and by how much overly broadly (for simple listing 20,000ft view),

1, Asymetric – full break.
2, Symetric block – weakening.
3, Provably secure – not at all.

Which means no change required for OTP or similar where the unicity distance is as great as the ciphertext length.

Due to the equivalent of the “birthday attack’ symmetric crypto needs to square the keyspace for equivalent security. Which is effectively double the number of bits.

Symmetric crypto, using QC vulnerable maths we basically need to replace with something else.

Two problems,

1, We are not sure what math is and is not secure against QC.

2, The applications we mainly use asymmetric crypto for, are in effect only possible with because of that math.

Loosely the math concerned so far is a subset of “One Way Functions”(OWF) with secure “Trap Door Functions”(TDF).

The two main uses are,

1, Key negotiation and exchange systems for other crypto.
2, Authentication of digital assets via signing.

If QC breaks the maths, so we can nolonger do Key Exchange or “Bag of Bits”(BoB) signing would it actually matter?

Well we were exchanging secret keys and signing information hadndreds if not thousands of years before the math…

Logic therefore says we can, all be it differently, still do them.

So maybe we should consider that there is no such thing as a QC proof OWF with TDF and design our systems and processes accordingly…

Clive Robinson August 2, 2022 7:20 AM

@ SpaceLifeForm,

Re : Nitter Behaviours

Via Observation, I suspect the prior 90 day TLS Certificate was MITM-ed.

That I can not say… as the primary behaviour I was seeing was indicatiors the site was getting overloaded in several ways such that resources were being well and truly exhausted or load balancing was kaput…

JonKnowsNothing August 2, 2022 8:03 AM

@ Clive , @ &ers,

BHTM v2 t3 P1

re: First thing if you do decide to come to the UK, is to travel direct, do not travel via any other country (international law requirement).

This is really important point; if people have any hope at all of getting a visa or permit to stay. Many countries have a similar policy that the USA calls “First Safe Third Country”.

  • “Under the agreement, persons seeking refugee status must make their claim in the first country in which they arrive.”

If you transit through or via any country before you hit the USA borders, you may not be allowed to remain or get a visa and can be permanently barred from retry. It’s a nasty business designed to prevent anyone that is not on the “official list” from entry.

There are 4 travel paths to USA: Canada, Mexico, Oceans and Air. If you travel into Canada and/or Mexico and then attempt to cross the US Border from those points, you will be denied entry because both Canada and Mexico are considered “safe” for this purpose.

There are “come ons” that will tout access via enlistment in US Armed Services or via working for USA government institutions overseas (consulates, translation services) but these are highly variable and a good number of people either are “left behind” or at the end of their military service period are deported due to “you forgot to file the paperwork” or using any of the current “bad character” exclusions. The US military will wait until you complete your enlistment before handing you over to ICE because “you stole an apple when you were 10”.

It should be noted that anyone who is a “Naturalized US Citizen” is subject to the application of these “bad character” actions. This means stripping you of US Citizenship and Deporting you to any country that will take you. You do not need to have any contacts, history, support system or speak the language(s) in the selected destination.

Getting legal assistance and getting immigration paperwork completed, is not easy and not cheap. For people leaving their home countries under duress, it’s nearly impossible to obtain in a timely manner. The expense is astronomical, 10s of thousands of dollars per application, for every application or reapplication or submission and for every renewal of permit.

As Clive pointed out, being able to work or being able to use social services or health care is excluded from these permits. “No social services, No work income, No burden” are demands of the system. If you are at all successful, you will need a bank account with $250,000+ USD as proof of independence. If you can pledge $350,000+ USD for any business development, you will be eligible for an easier visa path.

iirc The UK laws, AU laws, NZ laws are similar. Places like Poland and the Eastern Edge of the EU have more draconian versions.

JonKnowsNothing August 2, 2022 8:06 AM

@ Clive , @ &ers,

BHTM v2 t4 P2

Search Terms


  • Majority of asylum claims in the United States fail or are rejected.

JonKnowsNothing August 2, 2022 8:09 AM

@ Clive , @ &ers,

BHTM v2 t6 P3

Canada–United States Safe Third Country Agreement

  • persons seeking refugee status must make their claim in the first country in which they arrive, between either the United States or Canada, unless they qualify for an exception. For example, refugee claimants who are citizens of a country other than the United States who arrive from the US at the Canada–United States land border can only pursue their refugee claims in Canada if they meet an exception under the Safe Third Country Agreement.

JonKnowsNothing August 2, 2022 8:14 AM

@ Clive , @ &ers,

BHTM v2 t8 P4 Road Rash.

It is just a definition of one of the words in the post.

Leon Theremin August 2, 2022 9:01 AM

Here is a report of an anti-terrorism activist having “computer issues”.

  • browser windows closed automatically.
  • browser did not start again.
  • internet connection did not work at all.
  • suddenly, airplane mode was turned on.
  • Even after unplugging and again plugging the WiFi adapter, nothing worked.
  • Restarting the computer did not help.
  • LinkedIn suddenly showed the registration page instead of the login page.
  • When pressing the return key to start certain website services, the respective window closed.

Which kind of malware could this be? BadBIOS I say. Agree?

lurker August 2, 2022 1:35 PM

@Leon Theremin, “Which kind of malware could this be?”

Linkedin? Considered by some to be malware at least half as bad as FB. Why do we continue to see stories of XXX activists who persist in visiting sites with a history of leaking, and not using any sandbox or airgap?

lurker August 2, 2022 1:45 PM


IIRC it was St Steve who said “There’s an app for that” for some trivial function. I was once shown an “app” by a proud student: it was nothing more than a database including pictures and sound. The whole thing could have been done server-side, SQL-PHP-CSS.

Loyalty cards and location awareness are peripheral. Once there’s an app running on your device it’s game over.

Winter August 2, 2022 1:51 PM


Loyalty cards and location awareness are peripheral.

The loyalty card is just some trinket to get it installed. Loyalty cards themselves are invented to track clients. An app is just a better tracker.

SpaceLifeForm August 2, 2022 7:09 PM

@ Leon Theremin, lurker

Just reading the bullet points, and seeing the domain mentioned. Yes, about the same as FB, Both are bad.

If one avoids both, less issues.

Kangaroos can be Brutal.

If still not clear, try Windex.

Clive Robinson August 2, 2022 9:32 PM

@ SpaceLifeForm,

“If still not clear, try Windex.”

That ammonia based, thus both poisonous and corrosive product[1], is not available in a number of places outside the US. So unless people living in such places have seen “My Big Fat Greek Wedding” where Gus thinks it cures all evils so tells everyone to “Put Windex on it”[2]…

In fact Windex and many organic chemicals do not play well when it comes to your wellbeing[3].

[1] Strangely there are a number of cocktail drinks named on/after Windex. One uses liberal amounts of 40% “blue lable” vodka from the freezer and Blue Curacao over ice… Best not to get them mixed up… Though I’d consider both “Harmful to health and wellbeing”…

[2] Please do not get Windex on any part of you at any time, those words “Poisonous” and “Corrosive” have real meaning. Apparently one use of Windex is killing ant/termites and all manner of other insects that come crawling into your house, then breaking their corpses down….

[3] Never mix Windex and other cleaning products together. Especially those containing bleach. Remember Windex like many other glass de-greasers uses Ammonia. The gas given off “chloramine” has “Toxicological disadvantages” or if you prefer “kills people”. Even in very low concentrations it can make your eyes burn. See more at,

SpaceLifeForm August 2, 2022 9:35 PM

@ Clive, ALL

Re : Nitter Behaviours

It always gets slow at times. That is a given because nitter does not have lots of network infrastructure, and there are many users.

But, there were two other behaviours that, so far, seem to have disappeared.

One was 429 (rate limited).

The other was that a twitter user had no posts, even though I knew they did.

Those two symptoms seem to have disappeared. For now.

Note/Hint: The entire chain of trust regarding the TLS Certificate are all using RSA, none are ECC.


Also, the reason I prefer nitter even though I am only reading, is that twitter will nag you to signup, which is a workflow disruption.

Twitter trying to force engagement is actually discouraging engagement. I do not believe they have thought thru the UX. Or, maybe that is the point. They want to collect your PII. They want suckers to sign up.

Forcing engagement is what FaceBook and LinkedIn also try to do. To collect PII.

Oh! A squirrel

Turnip truck rolls on.

SpaceLifeForm August 2, 2022 10:32 PM

@ Clive, ALL

Yogi: It’s deja vu all over again

So, I turn on this channel, and this is on:


Net quarterly loss of $1.062 billion compared with a loss of $299.3 million in the same quarter of last year. The quarterly loss is almost exactly twice the company’s revenue in the last 12 months. As of June 30, the carrying value of the company’s 129,699 Bitcoins was $1.988 billion, the company said, reflecting the cumulative impairment loss of $1.989 billion. The cumulative amount is now more than Bitcoin on the company’s balance sheet.

Yep, it is about cryptocurrency money laundering.

There is a link at top of article. Me, thinking this a sitcom that I believe I may have seen before, I guess that I know where the link points to.

Sure enough, I was correct. [Redacted]

Yogi: It is amazing what you can observe just by watching.

Intel: Popcorn please.

Yogi: When you come to the fork in the road near Tysons Corner, take it.

SpaceLifeForm August 2, 2022 11:21 PM

@ Clive

Re : PQC Breaking

Ars comment, page 3 from handle “sqrt(-1)”


I suspect they were paranoid about insider attack. Drive cloning.

Something about root of trust.

SpaceLifeForm August 3, 2022 12:52 AM


If you just reject Software Patents, metric gigatons of nonsense disappears.

Society: No, Entity X, you do not get a software patent.

Society: Any foreign software patents are inapplicable here.

Lawyers: Not fair! We need billable hours!


Clive Robinson August 3, 2022 3:35 AM

@ SpaceLifeForm,

Re: Something about root of trust.

I’d need to know more to say…

But I suspect we are talking about “Red_Pike” not “Rambutin” from CESG. Both eneded up getting used in the failed NHS Spine “World’s Largest ICT Disaster” project[1].

Our host, and UK Cambridge labs Ross J. Anderson, and Markus Kuhn have written about it.

From a basic description, Red_Pike,

“64bit… uses the same basic operations as RC5 and “has no look-up tables, virtually no key schedule and requires only five lines of code” With “the influence of each key bit quickly cascades” and “each encryption involves of the order of 100 operations”.”

Hearing it works only with “add, XOR, and left shift” you would expect the cipher is going to be quite linear on a per operation basis, hence you would not expect it to be particularly strong even with a lot of operations.

With all these “software” implementations being the way described by sqrt(-1) it’s realy obfuscation, so it was not surprising what appears to be the algorithm got posted to the Cypherpunk mailing list.

I’ve not looked at the alledged code yet, so have no comment to make on the cipher it’s self.

But I suspect that Red_Pike was cooked up by/for CESG as a “let them eat cake” solution, rather than as serious crypto.

[1] The idea was to connect up the entire UK Health System onto a computer network so your medical records could be availavable anywhere at any time, so a “best diagnosis” could be made in emergancies and such like. Obviously this involved Privacy of Records, which is what the crypto was used for. Because it had to be put on Win XP and lower MS OS machines a software cipher was required for end users systems.

[2] If the 100 Comments page is to be believed he was here yesterday asking a question, about an author relating to TEMPEST documents,

Clive Robinson August 3, 2022 7:01 AM

@ Moderator, SpaceLifeform,

I have just posted a response to @SpaceLifeForm, and it came back held for Moderation

Can you please get it through moderation as I can not see any reason at all for it to be held.

SpaceLifeForm August 3, 2022 7:09 AM

@ Clive, Markus Kuhn

re: Observation on recent 100

I’m kinda scratching my head wondering what rabbit hole he went down that led him back to that 2009-01-20 article.

I can understand if he started with the SIKE/SIDH news, but to chain back to the TEMPEST article is, well, interesting. Obviously, the tags would explain it, but for him to get back there, and have that specific question is interesting.

So, Dr. Kuhn, do you having any interesting dots to share that you found on your travels?

Clive Robinson August 3, 2022 7:46 AM

@ SpaceLifeForm, Markus Kuhn,

Re : Observation on recent 100

“I’m kinda scratching my head wondering what rabbit hole he went down that led him back to that 2009-01-20 article.”

I suspect you may not remember Dr Kuhn’s research speciality at Cambridge was “TEMPEST” related subjects, specifically minimising the signal energy towards or below the “noise floor”

Thus I suspect the answer will in effect be “area of research speciality” especially when seaking out information the NSA, GCHQ et al are still keeping hidden for some reason.

As our host @Bruce once said the way to keep digging, especially with FOI requests is to gather threads and pull on them.

The question Dr Kuhn is asking is based on finding an anomaly in what can be seen. This may indicate the start of a new thread to pull on.

That is if “Jeffrey Friedman” worked at the NSA as a researcher or historian, then the chances are good he has written other documents that are in the NSA archives. If such documents are either research or historical, they would almost certainly lift the corner of the curtain a little further.

SpaceLifeForm August 3, 2022 9:11 AM

@ Moderator, Clive, ALL

re: Held for Moderation

So I did some testing. Yeah, there I go again.

Clive, your comment would have been comment_id = 408538 or 408539 to post_id = 65677

I see them both as ‘held’. Did you try twice? If you only did it once, then someone else ran into the problem at nearly the same time.

I tested using variations of


That particular comment corresponds to


Which is visible.

But, using post_id=65677 (this article), and comment_id=408538 or 408539 says ‘held’. 408541 and 408542 are me and you, they are visible. 408540 is somewhere, but on a different article (post_id). I did not chase that down.

Here is what is interesting. If you come up with a nonsense post_id, it does not change the results.

For example, changing the post_id on the thankyou link does not effect the results. I tried it with a higher numbered post_id that does not exist yet but with a valid comment_id.

Having the post_id as a parameter on the thankyou link is useless.

But, it gets better. If you come up with a comment_id that does not exist yet, it still reports it as ‘held’.

So, if the blog software, for whatever reason, gets a No Rows Found condition on a SELECT, it defaults to lying thru it’s teeth and just reporting ‘held’.

Therefore, the next question is: Did it ever really get to committed to the database or not?

Because if there is a bug that prevents a database COMMIT in the first place, or the MariaDB software is so buggy that there exists silent failures, it will appear to the Observer that it was ‘held’.

I’m thinking about the malloc problems again, but it may also be that some parts of the blog software are just flat out not checking for errors properly.

You know the scoop. Hastily assembled code stack, missing error checking, lack of testing, horrible specifications, no way to bubble up error conditions thru the stack so that they become user visible and can be reported.

Just plain and simple Silent Failure.

My hunch is that comment_id = 408538 and comment_id = 408539 are NOT in the database.

They were silently lost. Immediately. Never survived to the database.

SpaceLifeForm August 3, 2022 10:07 AM

@ Moderator, Clive, ALL

re: Held for Moderation

Wow. This is some really messed up software.

Horrible stuff.

As I noted above, the post_id parameter to the thankyou page can be varied to be nonsensical and not related to the comment_id.

So, I test again, this time removing the parameter from the URL, because it apparently is being ignored.

But, no, we can’t have nice things.

Repeating for clarity:

This says ‘approved’.


That particular comment corresponds to


Changing post_id to a non-existent post_id

Also says ‘approved’.

So, the post_id has no bearing on the status of the comment.

Therefore, the post_id parameter means nothing, and therefore it is not needed to determine the status of a comment, right?


This comment_id in ‘approved’ status

Just says ‘Thank you for your comment’

This comment_id in ‘held’ status

Just says ‘Thank you for your comment’

Spot the difference?

You can not see the status of a comment unless you have a post_id parameter, even though it is ignored.

Non-existent comment says ‘held’

Non-existent comment says ‘thank you’

This is seriously [REDACTED].

Clive Robinson August 3, 2022 12:47 PM

@ SpaceLifeForm,

Re : This is seriously [REDACTED]

I’ve not dug into it due to UK legislation issues.

But I can see how such issues could arise with “long term development” with many release points.

Actually designing even simple blog software can quickly become messy as just a few features are added, that appear “simple” to a non expert eye are infact full of quite nasty traps for the unwary.

lurker August 3, 2022 3:41 PM

@SpaceLifeForm re Software Patents

The meetings . . raised important questions . . should [AI] algorithms be patentable?

This was all debated eloquently by the denizens of Groklaw more than ten years ago. Apropos the recent tendency to return to fundamental literalism, “art” had a specific meaning. The created object or idea had to be appreciable to a human observer.

I agree, the question will be decided on billable hours, not logic.

vas pup August 4, 2022 5:22 PM

OrganEx may save donor organs by ‘telling’ cells not to die

“The technology has two parts. One is a device that simulates the heart and lung function of a living mammal and pushes a mix of blood and a drug cocktail to the organs.

The other is the drug cocktail, or synthetic perfusate. This liquid is made up of 13 chemical compounds and contains drugs that are already in clinical use to target issues such as cell death and coagulation.

One hour post-death, the pigs, who had been anesthetized so they could not feel their hearts being stopped, were hooked up to the OrganEx machine. The machine has sensors that transmit information about metabolic and circulation parameters in real time. Then the system pumped the perfusate to the animal’s organs for six hours.”

Clive Robinson August 4, 2022 7:42 PM

@ SpaceLifeForm, ALL,

Re : TSCM, Cyber Security & China.

Following on from the Intel post the other day you are probably aware that TSCM has now apparently got greater revenues…

But you might not be aware the TSCM chairman has just had a chat with Nancy Pelosi who dropped in to Taiwan to meet various people[1].

One subject that almost certainly would have come up, is the supposed 2trillion USD “Chips Act”…

It’s said that 70% of chips used in US manufacturing come from TSCM fabs[2]. Further that the loss of those fabs should China invade Taiwan would bring the US economy not to a stand still, but major recession.

However it would probably be worse than that for the US consumer. The loss of TSCM would also have a very significant effect on China as well. Whilst TSCM only sell to China’s consumer industry, much of that output actually does not go to China, but in exported products to bring foreign currency into China (which it badly needs). A very big chunk of that export even now is to the US…

However China appears committed to ramping up aggression and has caused a number of significant Security issues including Cyber attacks over the past couple of days,

[1] Apparently “Anonymous” hacked a couple of Official State Chinese web sites upsetting the CCP by posting “Welcome Nancy” type messages and causing the sites to be taken down for a while.

[2] One report I heard is that every modern vehicle currently manufactured or assembled in the US uses atleast ten TSCM chips… So getting an old school non electronic car or motorbike for “restoring” in the garage might not be a bad idea…

SpaceLifeForm August 5, 2022 2:30 PM


re: Twitter v Musk v Twitter v ?

You know you need more popcorn when Twitter has to subpoena Twitter for legal evidentiary reasons.

This is not going to be resolved as soon as the Delaware Chancery Court thought.

This will take many years. The lawyers are happy.

SEC: More popcorn please



Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.