Recent Comments

Note: new comments may take a few minutes to appear on this page.

May 22, 2015 7:55 PM

MarkH on The Logjam (and Another) Vulnerability against Diffie-Hellman Key Exchange:

Also @Hanno:

No expert has yet weighed in, responding to your important question whether ECC has the same vulnerability to using "known" mathematical groups. So, as a tyro in the subject, here is my very non-expert perspective:

1. As far as I have discovered, Pollard's rho algorithm is the fastest known algorithm for solving discrete logs in elliptic curve groups. The rho algorithm has higher computational cost than the sieve algorithms applicable to non-ECC public key cryptography, which is perhaps one reason why ECC is considered to offer equivalent security at smaller key sizes.

2. As far as I understand Pollard's rho algorithm, the values computed while working toward a solution depend on the argument (that is, the value whose discrete log is to be found). Accordingly, there would seem to be no opportunity for pre-computation.

I would welcome the views of anybody who understands these matters beyond my very superficial understanding!

May 22, 2015 7:30 PM

Thoth on Friday Squid Blogging: Giant Squid Washes Up in New Zealand:

@Nick P
Continuing off from the previous Squid post comments regarding Type-1/High Assurance equipment.

It is not going to be easy to find an equipment not of European/USA/Russia/China in origin. These are big powerhouses in technology and budgets in a way.

Considering the reach of UKUSA influences, it is unlikely there are much variants of these sort of stuff and from the recent revelations of BND/Germany needing to obey NSA's orders to send back selectors to target European targets in exchange for certain equipment or technology, we can tell that Germany may not be on the cutting edge of those technologies in the military field ?

The other big semi-conductor and electronics company we all know would be NXP/Phillips working for the Dutch and they are in contact and collaboration with NSA so that would be assumed to be using UKUSA technology. Back to square 1 ?

Russia/China/India probably follow other routes but we all know they are good at copying products they captured via espionage or on the field although they may have their innovations somewhere.

These are all my guesswork.

The quantum encryption that Quintessence Lab uses might simply be assumed that keystreams are securely transported wrapped in symmetric keys or by some conventional ways and already present at destination location.

It's qCrypt-xStream product (essentially it's HSM since it's a Key Manager product) in it's PDF white paper ( states that it has an "Encrypted keystore with TPM root of trust" which means you need this thing (essentially a HSM to store and manage OTP keystream mats) at your "secure facilities" so that you can somehow decrypt the "miraculously" secured device in transit on the field.

What I can imagine is a set of keystreams container assigned to a device and if it got captured, they simply marked it so no one would reuse that particular container of keystreams.

I would prefer to think that the academics and industry are way ahead in designs and similar as you theorized, the military is simply good at piecing the COTS materials and slamming down the NDA/Official Secrets Act/Hush Hush hammer and reinforce secrecy even if the knowledge might benefit more people (over-classification) and as we can see, the COTS suppliers like General Dynamics and the likes are very good at keeping their relations with their cash supplier (NSA).

Regarding an open source FPGA security chip or security appliance totally open sourced.

It needs to:
- Can be fully audit-able of the process of manufacturing and the chip (very hard).
- Open blueprint (very easy).
- Non-patentable and to be in public domain (medium difficulty).
- Immune to subversion from HSAs/Nation Warhawks (very hard. Look at pt #1).
- Immune to patent threats (very hard. Look at pt #2, 3).

What can be done:
- Manufacturing of chip, designing and setting of mask to be done in permissive countries (Iceland & Swiss only).
- Use open patent protection pools if exist. Something similar to patent protection pools to supposedly protect Android.
- Distribution centers of security products should not be hindered by crypto laws (Iceland & Swiss only again).

The rest cannot be done effectively.

May 22, 2015 7:10 PM

Billy Munny on More on Chris Roberts and Avionics Security:

There'd too much bragging and bunk from the defendant, and the Feds are falling for it.

First, there's no EICAS on the Boeing 737NG. It has an older type of master caution / warning system.

Next, the flight management computer, thrust management computer, electronic engine controls, and other vital goodies are NOT interconnected to the IFE (inflight entertainment system). They are separate systems, for goodness' sake.

As for Airbus, well, they air gap their systems too...

May 22, 2015 6:48 PM

Luiz Carvalho on Quantum Attack on Public-Key Algorithm:

The Supersingular Isogeny Key Exchange seems like a good post quantum replacement for Elliptic Curve Diffie-Hellman we spent 20 years studying the mathematics of elliptic curves and the academic community seems to have a lot of confidence in understanding their security. The only problem is that elliptic curve diffie-hellman doesn't hold up against a quantum computer. The isogeny key exchange builds on that knowledge base and code base and provides the needed boost to security.

The lattice based post quantum schemes seem too unproven to trust for the next 5 to 10 years. They may be secure but they may fall apart with the next improvement in doing lattice attacks. At the moment the elliptic curve isogeny approach seems pretty sound.

May 22, 2015 6:45 PM

Nick P on Friday Squid Blogging: NASA's Squid Rover:

@ name.withheld

My discussions with RobertT indicated that owning or even running the fab itself wouldn't buy you much. I agree that the location is important. Preferably a country that protects *data* rather than *exploitation.* Past that, the whole process is a series of black boxes involving so much esoterica that verification isn't that meaningful. With his help, I identified that the main risks were the hand-off of the design to the maskmakers, the maskmaker itself (with equipment), the hand-off of the mask to the fab, and whether the fab used the mask. The fab's modification opportunities at that point were in a narrow range. Hence, the security should focus on the mask and ensuring that it was used.

I have conceptual schemes to handle both. I'm not ready to publish them yet. Doing both takes a considerable amount of money. Yet, the schemes handle security for as many fabs as you want while costing no more than a single, older fab plus some overhead for each fab added. I also have ways to verify the optical, correction algorithm implementations without sharing them.

May 22, 2015 6:44 PM

Harry Johnston on USPS Tracking Queries to Its Package Tracking Website:

Heck, I'm fairly sure our web site (departmental website in a University) tracks IP numbers and requests. I don't think we've ever needed it, but Apache logs everything by default.

Also, if I remember correctly, our information security standards document (based on industry standards) mandates such logging - if you discover that your servers have been hacked, how are you going to investigate without logs?

May 22, 2015 6:21 PM

name,withheld.for.obvious.reasons on Friday Squid Blogging: NASA's Squid Rover:

@ Nick P

There's definitely black boxes. That open-source synthesis exists and academics continue cranking out partial solutions indicates we can eliminate these with an open FPGA.

This is near what I suggested with open source fabrication facility with domestic basing. For example, a global open source hardware fabrication consortium that supports (technically; specifications and standards) local facilities; a European body/group, an Asian, and America's could go a long way to bring trust to the industry. The hard part is getting some organization to fund the organization to the degree that was done with the SEMI group (a consortium of hardware fabs). The hardware group should have the following charter:

1.) Technical and Financial Support to Locally Licensed Facilities
2.) Standards Group (adoption and operational)
3.) Secured Open Standards (Toolchains, Modeling, Synthesis)
4.) Certification, Verification, Testing, and Compliance

The group would not need to execute on these elements, more over act as a governing body that could attract both investors and technologists.

May 22, 2015 6:09 PM

Clive Robinson on Friday Squid Blogging: Giant Squid Washes Up in New Zealand:

@ albert,

The military has a couple of problems when it comes to "cyber-warriors.

Firstly the actual aptitude and intelligence required and secondly a worthwhile career structure to retain those with ability. Oh and there is also the "burr under the blanket" issue of medals...

There are three basic types required, "button stabbers", "admin/managment" and "creatives".

You can regard the "button stabbers" as "script followers" be it offensive or defencive, the amount of "analytics" involved is not that high, whilst not "monkey see monkey do" you would expect anyone who had graduated from college to be able to do it, but quickly find it uninspiring. The "creatives" are a problem whilst you can teach the basics over a period of years it's still very much a "gift", thus they are not common. The admin and managment types are much like they are in other branches of the military.

The problem is "career structure", button stabbers are by and large not much above NCO level and the brass know this, thus there is not realy a career path to follow. The creative types are not traditional officer material but expect pay grades up in the more senior officer renumeration rates or they will move out to industry.

The hidden problem is "fit to fight" the military tend to have an age cut off based on rank, and don't keep the lower ranks much over thirty and even senior non commissioned are generally shown the door in their forties. Which means any expertiese goes with them.

Arguably to be good at security you need a depth and bredth of experience that's uncommon even in thirty year olds and you are still "improving" in your fifties and sixties, long after all but the most senior of officers have been put out to grass.

The traditional way of keeping expertise in technical subjects in the military is, early in their careers they move out into industry and become consultants. This works because the consultants are not filling "combat roles". The problem with cyber-warriors is that the military wants them as combat roles even if some are more akin to consultant roles. Part of the reason for this appears to be related to the thorny issue of medals, the top brass have already put their foot right in it with drone pilots and crews. The biggest risk they face is a car crash driving home after a shift, nobody shoots at them and they don't do anything "heroic" by the usual standard used for medals. There have been jokes in the more normal military about the cyber-warriors REMFs getting "purple hearts for tripping over power cords"...

It's a "brave new world" or rather it isn't and it's causing issues before it's got started.

May 22, 2015 5:56 PM

Jonathan Wilson on Friday Squid Blogging: Giant Squid Washes Up in New Zealand:

The Australian government has introduced new rules regarding the export of "dual-use goods" (which includes cryptography) and it could have a big effect on open source software, research, discussion, academic teaching and more. is one article I found.

If you are an Australian, you should be concerned about this. I for one am most likely going to write my local MP about this (as soon as I can figure out the best way to do so that is)

I have written (and write) software that features cryptography and am concerned what this might mean for me.

May 22, 2015 5:23 PM

Nick P on Friday Squid Blogging: NASA's Squid Rover:

@ name.withheld

"My concern is at two levels in FPGA's; one is the fabric and the other is the tool chain/synthesis component."

There's definitely black boxes. That open-source synthesis exists and academics continue cranking out partial solutions indicates we can eliminate these with an open FPGA. There's even pieces of how to do that in academia and documentation on production FPGA's. I think that, with the right structure, the open FPGA company could avoid the patent issues. Might even make the default EDA toolset a Xilinx toolchain with them making the money on it. Open, but for-profit, toolchain that the open company licenses. Maybe dual-licensed (eg Trolltech Qt) with any contributions being similarly dual-licensed. Academics are encouraged to contribute to it with funding available through government grants or the company's own money.

Also, we need one that's flash, one that's antifuse, and both easy to port to S-ASIC. Can build them in that order. Hell, maybe get a rich fatcat to buy a company such as eASIC then change licensing and open-ness where possible. Sell it as a public benefit investment bringing blah to the masses. Also, could license an architecture from a company such as Achronix (my favorite) with promise that it will be used on lower process nodes and avoid direct competition. Need a high-level synthesis tool from FPGA or EDA vendor regardless for uptake.

Far as online tools, that is a *real* concern. I always thought the whole concept was ridiculous. If I were them, I'd offer the benefits of that with a differentiator being some I.P. protection technique and contractual promise to always use one. Might be as simple as making my EDA/IP tools a VM image and/or hardware appliance sitting behind a verifiable* guard. It only receives binary data from outside (updates/features), allows ack's in careful way (see Pump), and with an administrative console sending textual requests for whatever is sent. We use text for the latter so they can verify those interactions. Optional, inexpensive, VPN for link between supplier and consumer companies.

This gives most of the benefits of moving tools offsite with optional verification of I.P. protection. Whole thing would cost almost nothing on top of existing tooling costs. Especially if EDA/IP vendor's side of things combined cheap servers with FPGA acceleration. I imagine that could be done at cost for four companies in particular. ;)

* Our software, their compatible hardware.

May 22, 2015 4:54 PM

Animedude5555 on Mujahideen Secrets 2:

For those who aren't familiar with encryption, there are 2 types, symmetric and asymmetric.

The simplest type is symmetric. It usually uses a 128 or 256bit key. The key is the same for both encrypting and decrypting. AES (also known as Rijndael) is currently the best symmetric encryption algorithm, and is used even in the US military for protecting classified information.

The more complex type is asymmetric. It uses a key length between 1024 and 4096 bits. There are 2 keys involved, called "public" and "private". The private key is generated first, and the public key is calculated from that. It's a fairly quick process to calculate the public key from a private key, but it is extremely slow to calculate the private key from a public key. Because of the mathematical relation of the public and private keys, and the algorithms used for encrypting and decrypting data, data that is encrypted with the public key must be decrypted with the private key. Because of the way that public and private keys are used in the Usually though, data isn't directly encrypted with the public key. Instead data is usually encrypted with a symmetric encryption, and then the key for the symmetric encryption is itself encrypted with asymmetric encryption, using the public key. The symmetrically encrypted data, along with the asymmetrically encrypted symmetric key is then sent to the owner of the private key that corresponds to the used public key. That private key owner can then decrypt symmetric key with his asymmetric private key, and use the decrypted symmetric key to decrypt the symmetrically encrypted data. The most common asymmetric encryption type is RSA. It is the basis for a huge number of different types of encrypted online communications including email, and even encrypted websites (HTTPS). As for why the keys for asymmetric encryption are much longer than those of symmetric encryption, the fact is that with symmetric encryption, the only guarantied attack is a brute force attack. To make that ineffective, you only need a 256bit key. However, with asymmetric encryption, because of the way the algorithm works, and how the public and private keys are related to each other mathematically, a much faster attack method exists, known as factoring. As such, the keys for asymmetric encryption must be much longer than those of symmetric encryption, in order to guaranty the same level of security.

There are a number of mistakes in this news article. The first is to imply that they changed their algorithm from AES to RSA. The truth is that they didn't change the encryption algorithm in version 2 of this software, they simply added a layer of asymmetric encryption on top of the already existing symmetric encryption. This gives the advantage that you never have to meet someone in person and tell them your password (symmetric key) prior to sending them messages. All they need is your public key (which is completely safe to publicly posted on the net), which will asymmetrically encrypt a symmetric encryption key (which will be unique for each message sent) so that it can be can be safely transmitted over the internet without any spies being able to decrypt it. As for the bit length of the key, they didn't increase it from 256bits to 2048bits. Those bit lengths aren't even for the same key. 256bits is for the symmetric key, and 2048bits is for the public and private asymmetric keys. And yes, both bit lengths are used, because both types of keys are used.

And by the way, it takes several minutes to generate a 2048bit key. Using another freeware program called GPG4Win it takes only a couple seconds to generate a 2048bit key. It also supports the even more secure 4096bit keys, which take between maybe 30 to 60 seconds to generate. It's much faster, has no connection to terrorism, and is the Windows version of the open source encryption software called GPG (Gnu Privacy Guard, which is itself an implementation of the well known OpenPGP specification), so you can tell if anybody has tried to bug its source code. Whereas there's some speculation as to if Mujahideen Secrets is really made by terrorists, or by the US with intentional built-in flaws to spy on terrorists, there is no speculation about GPG4Win. GPG4Win, GPG, and OpenPGP are well known to the security community as a safe and secure way to send messages (and even files) using asymmetric encryption.

You can download GPG4Win from its official website

May 22, 2015 4:49 PM

name.withheld.for.obvious.reasons on Friday Squid Blogging: Giant Squid Washes Up in New Zealand:

Comey is on the push; overstating the "largest risk" being social media and encrypted communications emphasizing the agenda that the IC community sees as paramount. This is not a formal risk-based analysis of issues that represent national security interests. The way I see it, the IC and governments are engaged in establishing state-based protection rackets. It is obvious when one looks at what bank regulations want to do with the expansion of SWIFT and asset forfeiture. What happened to due process?

Comey stated that idiots would write down their plots--he claims that criminals are now using "digital literacy" as a form of a threat vector (my words, paraphrasing). I guess he is claiming that the IC relied on stupidity to gain the advantage--and now the tables are turned? Comey is indirectly stating that the IC community is populated with idiots. This is the first time I believe Comey has exercised intellectually honesty...

May 22, 2015 4:46 PM

name,withheld.for.obvious.reasons on Friday Squid Blogging: NASA's Squid Rover:

@ Nick P

Holy shit

My concern is at two levels in FPGA's; one is the fabric and the other is the tool chain/synthesis component.

First, fabrics on many FPGA (pick your own OEM) include proprietary "boot strapping" code. Some of these behavior is described by the manufacturer, some is not, but for the most part the vendor "controls" this behavior. Replacing or circumventing the "boot" phase is oft times supported but is no guarantee as very few can examine the RTL and the actual masks/gate/PLD.

The tool chain is another issue that I have covered in the past so I won't repeat it--just to say that this can be as problematic (many of the vendors have gone to "always on-line" version of their IP databases).

May 22, 2015 4:42 PM

tyr on Why the Current Section 215 Reform Debate Doesn't Matter Much:

If you give up before the fight starts you have already lost
the fight. The most effective place to curb excessive forms
of government is cut the budget. That's why you see all the
focus on any place debate or opinion forming takes place,
they really do fear the budget cuts. You see the same thing
in the military, leadership is intensely focused on money
flow to the detriment of accomplishing the tasks assigned.

A good place to start is with the doom cryers and their
fiscal cliffs, if the economics are that bad maybe a 50%
reduction in the intelligence budget is the place to start
cutting. Every assessment of the giant data stack has made
it clear that it is a waste because it makes doing the
assigned job harder. It only makes influencing politicians
easier and they control the purse strings.

If we need new law, how about this one. No government Agency
shall share its collected information with a foreign power.
Business proceeds as usual, the IC has to work with what
they have internally and their worldwide empire of crooked
deals falls apart.

History has shown clearly that these regimes fall and they fall
hard, usually to the guillotine or by hanging the leadership
from trees. Painting the current excesses as unchangeable is
just encouraging them in illegal behaviors.

One rule of thumb that might help is to realize if it is against
the law for you to do it, it is also against the law for anyone
in government to do.

We are never going to make a heaven on earth, but we don't have
to live in a man-made hell.

May 22, 2015 4:33 PM

name.withheld.for.obvious.reasons on Why the Current Section 215 Reform Debate Doesn't Matter Much:

There is an effect, individuals have expressed their disgust in mass to representatives and the press. Whether it is covered in the general media, NY Times, Post, Herald, etc. the notion that the government(s) are out of control is known. The level of trust between the citizenry and their government(s) is at an all time low. It used to be said "How do you know he is lying? He's lips are moving." and now it is "How do you know is lying? He's still alive."

In the past I have been hypercritical of the intelligentsia--largely absent for the debate or have turned cheerleader for fear of being labeled "with the terrorists"--it will be a matter of time when "they" realize that seeking the cover of fascist systems will ultimately fail. Once the chicken hawks are dragged out into the streets and exposed to the sunlight, we, the people, will have made substantive progress in returning to the rule of law.

May 22, 2015 4:30 PM

The Boss on Telephone Monitoring While on Hold:

When I call customer service and the call are so-called "recorded" in a one party notification the other party also has the explicit right to record as well. The bottom line is, if you do not want your calls recorded just hang up. To me what gives the customer service or companies that want to record conversation the right to record in the first place?

May 22, 2015 4:02 PM

Sam on The Logjam (and Another) Vulnerability against Diffie-Hellman Key Exchange:

According to the weakdh server test site, this server ( "uses a commonly-shared 1024-bit Diffie-Hellman group, and might be in range of being broken by a nation-state. It might be a good idea to generate a unique, 2048-bit group for the site".

Sure this is mostly a cosmetic issue for public sites that don't handle sensitive information, but I would think the site of a security professional would have a better image if it was as secure as reasonably possible.

May 22, 2015 3:35 PM

moo on USPS Tracking Queries to Its Package Tracking Website:

I'm surprised that anybody would be surprised by this. They would need to keep logs for various business-related reasons (lost/damaged package claims, mail fraud, customer service patterns, etc). Of course they would comply when law-enforcement asks them for IP addresses after they've identified something fishy about a package.

It probably works the other way around too, where law enforcement knows the IP address(es) and demands info about any package(s) shipped or queried from those IP addresses.

May 22, 2015 3:29 PM

Not you again on Why the Current Section 215 Reform Debate Doesn't Matter Much:

@rgaff I think this is not the only open forum, that attracts people who would like to lead opinions, either out of a need for attention, click-bait, or because they are getting paid for it. The Chinese government is known for its online commentators.
On another note, Ai Waiwai conducted a great interview with one of them

There is one guy who keeps posting his nonsense on under various aliases, trying to discourage people from using basics like for instance built in full disk encryption on OSX and Windows, because he wants others to think it is too complicated. He always starts his comments with "even with a degree in computer science and a certification in computer security, I find (...) nearly impossible to do correctly."

I have seen others write similar things on other forums and mailing lists.

Whatever the motivation for troll talk is, I am personally over-saturated. It totally absolutely and ultimately bores me to read the s.o.s., the same old phrases, the same destructiveness and negativity, the same fallacies, put in different words. Or sometimes people do not even bother to use their own words, but just copy&paste stuff they read elsewhere. It bores me to such a degree, that I just can not continue reading, if I sense any kind of trolling.

Ceterum censeo: take things apart, evaluate, and take decisions based on the reality we live in! Connect with others who do the same. A good time to start is now.

May 22, 2015 3:14 PM

Another Justin on USPS Tracking Queries to Its Package Tracking Website:

I don't see anything surprising about this. So they keep server logs and maybe even filter out requests for package tracking info for later possible use eg someone claims a package never arrived but an IP address frequently associated with them (especially if they have a free USPS signin/account such as to buy postage, order supplies etc) made frequent tracking requests implying that they were aware of the USPS-supplied expected delivery time and delivery status. Seems like good business sense. Mail fraud is an actual problem. I would be disappointed if UPS, Fedex etc did not do something similar.

On the other hand, Google allows you to search the tracking number and will automatically figure out the carrier (USPS, Fedex, UPS at the least), send the request to the carrier and return the results to you as the search result. So unless you want your tracking search saved by Google it's best to go to the carrier website.

May 22, 2015 3:02 PM

Spaceman Spiff on USPS Tracking Queries to Its Package Tracking Website:

So he sends drugs via the postal service, who has drug sniffing dogs or whatever. They get a hit, and then the feds (sending contraband via the USPS is a federal crime) monitor for hits on that package... Bingo! Brain dead drug dealer is busted! Of course, it may not have been dogs, but the sender may have been a known dealer... Same result.

May 22, 2015 2:58 PM

Some Dude on USPS Tracking Queries to Its Package Tracking Website:

During the days of the original silk road, I heard people were warned not to track their packages using TOR. Apparently that increased the likelihood of the package being intercepted substantially.

Not sure if it was/is true, but it shows that there have been allegations of this sort of behavior for a long time.

May 22, 2015 2:28 PM

Nick P on Friday Squid Blogging: NASA's Squid Rover:

(Darnit, the comment I submitted last night didn't go through. Round 2.)

@ Jacob

My last search included North American, Nordic, European, and Israeli companies' products. Only a few appeard to have strong security. They weren't available for civilians. The only one's I haven't checked are Asian, esp Russian and Chinese. At the time, they were in the threat model and their stuff had high likelihood of backdoors. Heck, I figured it probably wouldn't even be in English. However, for combatting NSA, I'd be interested in any Asian (esp Russian and Chinese) products that look as assured as General Dynamics, Harris, etc.

@ all

Anyone from Asia that knows of military-grade communications, networking, or storage gear that appears to have strong crypto?

@ Thoth

re JackPair

Oops. I guess I stopped reading on first part of JackPair post. The 1 phone and JackPair concept is the one to focus on. Anything with too much hardware or difficulty will straight up not be used.

re Type 1 restrictions

That's part of it. The main reason is that the devices contain hardware, firmware, and software that eliminates all kinds of vulnerability. The reverse engineering of such tech would teach talented opponents a lot. The second benefit is obfuscation of any flaws those products have. Strong engineering plus obfuscation is a proven approach to defeating High Strength Attackers. For a while, anyway.

re static methods of defense

The strongest COMSEC gear appears to combine preventative methods, simple circuitry for tamper-detection/response, and recovery methods. They're mostly static but effective against most attacks. A HSA with a few dozen of them will eventually bypass the security. Might happen more quickly where much COTS hardware or methods are used. Imho, academia and commercial sector (cutting edge) have long exceeded the NSA et al in both preventative and tamper-detection technologies. NSA and defense contractors are just good at combining tech that works into products with good security. Almost any COTS offering, outside smartcard industry, leaves stuff off for various reasons. That's why Type 1 and other high assurance equipment are more interesting than commercial products.

re Huawei kernel

A SKPP, separation kernel usually takes 9-12kloc to do a few simple functions with high assurance. Given all it does, I doubt it comes close or can even be made to. Two of these... " zero configuration, auto-discovery, and auto-networking..." sound like PhD projects for INFOSEC students. Auto-networking, depending on what it includes, might take several Ph.D.'s and years of work. Supporting this is that one researcher at NRL spent considerable time implementing the simpler protocols in separation kernel form.

re Type 1 FPGA

Holy shit, you're right: they did pass with this FPGA. Might be backdoored given how close Xilinx and probably Altera are to NSA. Yet, would be great against other threats combined with the right I.P.. The problem: the XQ models aren't available from any of the FPGA board vendors' websites. The only Xilinx distributor that recognized the product has zero stock, a 144-day lead time, and unknown minimum volume at $300+ each. Price is nice, though, given what defense grade usually costs. Of course, you'll need to add the cost of a custom board and its components.

So, maybe we need to contact sales to see if (a) they sell to non-military, (b) at what volume, and (c) if there's partners that will handle the boards + logistics at what cost. My guess is this product is out of individual budget.

re quantum encryption

That's one of the older labs doing quantum encryption. Most of their stuff probably does what it says it does to who knows what quality or security. The only thing I find questionable is their OTP encryption where it's encrypted, the key is zeroized, and then it recovers it somehow. How do they do that without a copy of the key? Does it all reduce to a symmetric cipher or trusted storage at some point? Too many questions on that. More interesting is their optical ASIC research. More research needs to be done in general on leveraging optical tech for security in ways that reduce risk vs electronic. eg side channels

The one thing that's for sure is the risk of backdoors given they're Australian (Five Eyes). The other aspect applies to all these quantum encryption and key distribution vendors: they focus on protecting the strongest link. Overall security will probably not be improved by those using this. Bruce has repeatedly called bullshit on these vendors' promises.

May 22, 2015 2:27 PM

rgaff on Why the Current Section 215 Reform Debate Doesn't Matter Much:

Here's a thought: Could many of the posters above whining about how useless it is to fight the system be paid shills by the government, to try to stop us from trying? Think psych tricks!

How do you fight a large many-tentacled monster trying to kill everyone? Well one tentacle at a time, of course! You just keep chopping and hacking until it's dead. Of course it takes a while, more than one short lifetime even. But you have to start somewhere. So start already!

May 22, 2015 2:16 PM

Not you again on Why the Current Section 215 Reform Debate Doesn't Matter Much:

Separation of Powers (executive/jurisdiction/legislative) and Human Rights (including the Freedom of Speech) date back more than 2000 years!

I am not worried about the intelligence community being involved with spying, although I do not believe it to be a sustainable way of doing things. What worries me is that they are out of any legal/political control. The separation of power and basic human rights are becoming wishy-washy concepts, as torture is being justified in the name of the "war on pretty much anybody", as Laura Poitras once put it, and by the purpose to which post 9/11 laws and other laws are being used. Intelligence agencies are part of the military, and the FBI is part of the executive, both should be supervised transparently. But to grant either of them overlapping powers can only result in blurred boundaries. This could go into a direction, where all animals are equal, but some are more equal than others.

It is time to take things apart again, evaluate, and take decisions based on the reality we live in, not some imaginary dark painted dystopian terrorist plot, that is convenient to the ones in power.

I will go with @65535, Section 215 is a good place to *start*!

May 22, 2015 1:02 PM

Jayson on USPS Tracking Queries to Its Package Tracking Website:

In October 2013, U.S. Postal Service (USPS) investigators opened a package in Hollywood, Florida that contained 500 grams of a "white crystal-like substance" that turned out to be the synthetic stimulant methylone.

That's how the background starts? What incredibly good luck the investigators had in opening packages that day...

May 22, 2015 11:24 AM

Clive Robinson on Why the Current Section 215 Reform Debate Doesn't Matter Much:

Whilst the way electronic communications gets hovered up in a multitude of ways, we also need to consider other communications.

Back in the Victorian era telephones and other communications were not available or much wanted by "the common clay", they had other less expensive ways, many of which were not amenable to surveillance then or for that matter now.

The methods included "word of mouth", a note via "the butchers boy", even runners, horse drawn taxis and "messenger boys" and a reliable postal system. However there was also less obvious ways such as notes left in shops, and for covert "lovers trists" even classifieds ads in newspapers. The latter were often in code or simple cipher of some form, which provided the likes of Babage and Wheatstone with entertainment not just decrypting but also replying with false messages.

Some of these methods are more than viable today and I suspect some people if not already using them will consider using them in the future to avoid the NSA and Federal authorities hovering up process.

Which begs the question of what the Federal auhorities are doing about these non electronic methods. It would begger belief that they are not aware of them, thus it is likely they have legislation secret or otherwise in place. But have they for all methods? How about shop windows for instance, is every shop required to log who places the messages and provide this and copies to the Fedral authorities, this would curently appear to not be happening. The next question would I guess be "But for how much longer"...

May 22, 2015 10:49 AM

GameOverMan on Why the Current Section 215 Reform Debate Doesn't Matter Much:

By the time the truth comes out, by definition when *you* understand how illegal, immoral, ruthless, robotic, and routine these 'honing of tools of great power' have become, well then it's already too late now isn't it?

As stated above, it's the total disregard for the law, every time all the time. You will never regain control. Read the first few sentences:

Think you can change things? How you gonna do that? Vote? Remember, the NSA spyed on then Senator Obama.

All this talk about key lengths, side-channel attacks, etc. It's just talk! The poster above is right, there needs to be punitive responses. Eventually, and soon, these powers that be are gonna realize that their best directed most efficient use of force/time will NOT be more computing power to spy on, understand and pattern and predict and control you! No, they will wake up to the realization that LEGAL power is much more direct and cost effective. What will you do when encryption is outlawed? When all privacy is lost, both physical and intangible? As you can see, already this very day, several politions are calling for just these things!

The people in charge don't represent you, they are not you, they don't even think about 'you' in a specific sense. To them, the 1%, the eternal rich, those whose security clearences show them the unredacted truth, you are cattle, plain and simple. How to harness your economic cattle energy is the name of the game, and you can never stop playing because you already lost! (Rolling boulders uphill for infinity remind you of anyplace?)

Nuke it from orbit, it's the only way to be sure.

May 22, 2015 10:36 AM

Jayson on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

It's puzzling to me how these large stores of private data (like the aforementioned Penn State) can exist, be poorly protected and then breached and there is absolutely zero liability for those who hold the data. In many cases, late or no information is given to those whose privacy was violated.

I wonder why they are not liable for not only loss of data, but every subsequent use of the data (eg. years of email phishing and identity theft attempts).

May 22, 2015 10:13 AM

65535 on Why the Current Section 215 Reform Debate Doesn't Matter Much:

There are many tentacles to this monster and Section 215 is one of the bigger ones. I say shut it down!

We have to start some place. Section 215 is a good place to start because it shields the telecoms from lawsuits. Section 215 is worthless and causes complete damage to the Fourth Amendment. Once it is gone the lawsuits will hit hard causing the telecoms to think about their financial position.

Then start chopping away at the others like 702, EO 12333 and section 213. Start with Section 215 then chop the others one at a time.

May 22, 2015 9:57 AM

Dick Mills on Why the Current Section 215 Reform Debate Doesn't Matter Much:

They don't even mention data laundering. NSA acknowledges that they share bulk colledtion raw data with allies. A US government employee can request access to a CCHQ terminal in England (locally or remotely) and using that terminal query all the data while totally bypassing NSA minimization procedures.

May 22, 2015 9:53 AM

Snarki, child of Loki on Why the Current Section 215 Reform Debate Doesn't Matter Much:

What Lathrop said.

If the new, improved restrictions on the NSA do not include punitive provisions,
they will be worthless.

Punitive probably has to be stated in terms of megaton yield over Ft. Meade, to be effective.

May 22, 2015 9:42 AM

MarkH on The Logjam (and Another) Vulnerability against Diffie-Hellman Key Exchange:


For the sake of clarity ...

By my reading, an accessory to the triple handshake vulnerability was not the use of "arbitrary primes", but rather of composite values for parameter p. It isn't a matter of bad primes, though Sophie Germain primes are considered the safest.

Accordingly, it would be more correct to say "arbitrary p values" than "arbitrary primes".

Of course, this doesn't change the essence of the problem: an attacker can use a bad value for p.

One way to respond to the problem, would be to require Sophie Germain primes. These can be dependably checked using pseudoprimality testing. So a checking process might look like:

(1) Is this p either published, or one we have validated from a different party? If so, reject.

(2) Is p a Sophie Germain prime? If not, reject.

Unfortunately, the testing costs significant CPU time (several times more than the DH key agreement protocol). However, once such a value has been checked, it could be safely re-used in future DH agreements between the two parties.

May 22, 2015 8:40 AM

Winter on Why the Current Section 215 Reform Debate Doesn't Matter Much:

"All these mass surveillance programs are very expensive. To the tune of multiples of NASA budget. We could probably fund Mars base with these fund."

There is a big question mark over all this data collection. We know that Facebook, Google, et al live by user data. But it seems to be almost impossible to get any reasonable numbers on what the real worth is of all these data.

We could have a debate on whether users who trade personal information for "Free online services" get value for money. But we little about how much these data are worth.

But we could start to make some estimates based on guesswork. Facebook has $10B revenue and $2.9B profits. That runs about $7 revenue and $2 profit for each of its 1.39B active users.

These are not unreasonable numbers.

So, using these numbers, the most comprehensive collector of personal data gets only some $7 per year out of an active user at a cost of roughly $5 per user.

The NSA budget seems to be around the same as Facebook's revenue. So if we assume the NSA works like Facebook in mostly passive spying 1-2B people, that would not be overly expensive.

Where did I go wrong? After word 1 or later?

May 22, 2015 8:21 AM

Lathrop on Why the Current Section 215 Reform Debate Doesn't Matter Much:

Textual "Law" is only part of the game -- enforcing the law is the hard part.

NSA/FBI/CIA/etc routinely have ... and will in the future ... ignore or work around any statutory legal restrictions that they don't like. There is no accountability -- nobody goes to jail, nor even gets a serious reprimand.
Such legal restrictions are a joke.

Therefore it's silly to agonize over what the Patriot Act or FISA laws do... or might say, if modified.

Tyrannical Surveillance is merely a sub-issue --- Rule-of-Law itself has been lost here... the U.S. Government itself operates outside the rule of law.

Citizens can't defeat the Game if they don't recognize what game is being played against them.

May 22, 2015 8:09 AM

K.S. on Why the Current Section 215 Reform Debate Doesn't Matter Much:

All these mass surveillance programs are very expensive. To the tune of multiples of NASA budget. We could probably fund Mars base with these fund.

What really boggles my mind is how apparently ineffective this surveillance is. All we hear about are obvious entrapment schemes by FBI, where mentally damaged people are hand-walked by paid informants in engaging in "terrorist activities".

In my mind the key question, could these abuses and pervasive surveillance be ever justified by non-absolutist observer, or are they just abuse of power by entrenched "military-industrial" complex?

May 22, 2015 7:07 AM

Andrew Wallace on More on Chris Roberts and Avionics Security:


Paul Security Weekly interview was conducted before we knew he had taken control of the aircraft per FBI warrant.

At the time of the interview the industry only knew of the OXYGEN ON tweet.


May 22, 2015 6:32 AM

Clive Robinson on Friday Squid Blogging: NASA's Squid Rover:

@ Figureitout,

Finding a good noise source is hard though, that can't be tampered w/. Generating a digital signal w/ analog noise, just an ADC correct?--They're kinda tricky to initialize. T

Hmm where to start ;-)

I guess the best thing is to actually work backwards and figure out what it is you are actually measuring to produce your raw digital output.

For instance is it amplitude, time/frequency/phase or even sequency of your analog signal. Then try and ensure you have as near a flat charecteristic as you can of that measure.

Look at it this way, let us assume you have a WGN source, that you then examine with a spectrum analyser. You will see that the energy in each frequency block is the same, thus the average amplitude of the signal. But what about the "rate of change"?

Logic dictates that at twice the frequency you have twice the number of cycles, thus the rate of change is twice as well. If what you are measuring is in any way based on the rate of change then you are going to get more changes in the high frequency content not the low frequency content... You can see this by using an oscilloscope and a narrow band tunable filter. Put the raw signal into one channel, and into the filter, take the output from the filter and display it on another channel and watch.

Similar issues arise for all measures, thus at some point you have to have measure dependent equalization in the system. Not fun but can be done.

But how do you actually measure the analog signal, whilst all can be regarded as some type of ADC what do you actually mean. For instance a "zero crossing detector" actually measures an aproximation of the analog signal and is without care is both amplitude and frequency selective and tends towards higher energy lower frequency signals. Similar issues arise with all amplitude measuring devices with a single determaning point, such as slicers, also Schmit triggers, window comparitors etc.

One way around this issue is to use the analog signal to frequency modulate a high frequency oscillator via the likes of a varicap diode. The oscillator output is then compressed / limited and put into a mixer down converter and the output then used either directly as a digital signal or put through a zero crossing detector etc to produce a digital signal. However their are issues to do with the anolog signal to frequency linearity, also the frequency of the down convertor oscillator as it ages effecting how frequencies are converted. Then there is the issue of "microphonics" in the VFO tank circuit, powersupply noise rejection etc... before you consider if an attacker can get some control by injection locking the oscillator via an active EM attack.

Likewise the actual noise source... do you take it's output as a single ended signal or differential signal. How do you deal with DC offsets and galvanic isolation without imposing unwanted frequency/amplitude filtering effects, opto couplers look good only from some perspectives... the list goes on.

As RobertT observed TRNG's are very difficult to design and harder to test and most would fail the Diehard or Dieharder tests. Which is why most "on chip" RNGs are not directly available, only after they have had some "magic pixie dust" treatment via a couple of crypto functions.

Which brings us to the sailient question of "are you testing the source or the crypto?" If it's the crypto --and it usually is-- then why bother mucking about with the TRNG at all, use a couple of CS-PRNGs mixed together in some manner. Which is a conclusion I came to back last century, I ended up using a free runing micro controler with two fast stream ciphers running as fast as they could, the user computer would raise an interupt on the micro controler which would output the current mixed value to the host. In effect this "roulette wheel" behaviour gave sufficient True Random Input to the microcontroler...

As has been observed, "sometimes there are easier ways to skin a cat than by puting your hand down it's throat, to grab the tip of it's tail and shake it out".

May 22, 2015 6:30 AM

Lukas on More on Chris Roberts and Avionics Security:

"Experimenting on a live aircraft full of passengers when you cannot be sure of the consequence is endangering an aircraft."

The plane is already endangered if there are security issues like this one. If his behavior causes the companies to fix this problem, it's clearly a net-positive.

May 22, 2015 4:53 AM

Clive Robinson on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

@ Bob.S,

In times past some brave souls tried to tell us what was happening, but we simply were in a state of denial. In America, the government doesn't spy on us like the STASI or KGB, right? Corporations play fair and by the rules, right?

If you go back on this blog you will see the denial happening in the ITSec community as well.

Search back to pages on "BRUSA" or "UKUSA" and you will find people stating that the IC especially 5Eye had a policy of spying on each other and then handing over the details, so that Politicos could be told and thus repeate "We do not spy on our own people", along with other choice snipits. And you will always find people there responding saying "no that can not be so, they would not do that they've said the don't/won't"...

Even our host Bruce took a long long time coming around to the notion of "because it's possible they will", further like most the assumption was it would be "targeted" not "wholesale industrial". Have a look back on the discussions about storing voice data at the NSA hole in the ground in Bluffdale.

Bruce's original assumption was it was not possible or to difficult, then a few technical techniques were discussed and a lot of people started to realise that not only was it possible, it was comparatively trivial technically, it was just the industrial logistics of physical construction that appeared hard...

As for the TAO catalog people were saying it was a hoax etc, or some kind of magic, even when it was pointed out that many of the techniques were "common knowledge" and had been "public knowledge" for over thirty years...

The problem is people's thinking involves "hills and valleys" and tends to gravitate downwards to a comfortable position that just "goes with the flow" of other peoples thinking. In part because they don't want "to be seen to be different", also in part because "independent thought involes effort", as well as the big inhibitor of "accepting the responsability of acting upon the knowledge when you do know"...

However when people do realise they have been misslead, they make the effort and climb the hill, and as they go they get to see more of the landscape that has been hidden from them. And quite rightly they get upset and want to jump down on the heads and backs of those that have conned them and made them look like fools.

This can have consequences for those in power, and what they do next defines how much blood will be spilled... this is what history has taught us, oppression always gets overthrown one way or another, the only questions are "how" and "howlong"...

As I've pointed out in the past one of the most powerful tools against oppression is laughter, it's fine when people are laughing with you but disasterous when they are laughing at you. Because people in power crave dignity and respect, and you don't have that if people think you are at best a joke. Further those who support power don't want to be seen associating with a fool, so the fool loses their powerbase and resources. And if lucky the fool suffers only ignominy at worst they have an untimely for them demise.

May 22, 2015 3:33 AM

cinnamonblue on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

Hi everyone - I'm not a big tecchie so I don't come here often but I had a couple of things on my mind and wow - I think one dovetails with this thread somethat. First, a few replies:
@Peter Kronenberghs - thanks for that link; it is an issue to be quite concerned about.

@Greg - I agree 100% - Gilens & Page and Monsieur Piketty support you.

@Matthew Kearns - I am with @Benjamin Dover on this. I'm not sure what I can reasonably do. For example, even encrypting e-mail when none of my family does and most of my e-mails come from either family of a couple of e-mail lists.

@Bob S. - I am TOTALLY with you on unity. I started signing off on Intercept comments with: "Divided = Conquered, But United = Empowered!"

But what was really on my mind was this: I went to sign in to Google yesterday (I have blogs with Blogger)and it turns out they have this new two step sign-in system. That in itself may not be all bad but the way they've structured the thing, it was horrible. After you put in your e-mail, your full name and e-mail address was displayed on the screen and THEN you put in your password. I was really taken aback. My first thought was that if I were doing this in a public place I wouldn't want screen. Gov't notwithstanding, I would be very concerned that some cybercrook could look and get the paired name and e-mail address. Didn't make me feel secure at all and I only log into Google from home!

So you good folks are probably wondering why I even want to deal with Google at all. Well, I have 2 blogs and one was originally on WordPress. But I became increasingly dissatisfied with WordPress and have found the Blogger community to be much more helpful and friendly if I have a problem. The other reason is related to searching. I have tried both duckduckgo and startpage and found their results to be pretty poor. I used to like the Yahoo search but it's not nearly as good as it used to be, in my opinion.

So I ask - is there ANY wan to "pressure" Google to change their login procedure? Would a phone call even be worth it (I did call today but the wait to talk to a human was 20 minutes and I didn't have the time then to wait.

Well, I guess that's enough rambling for now. Would love to hear some thoughts from you folks...

May 22, 2015 3:17 AM

rgaff on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

I've done this before. Sending vendors explanations as to why I could not use their products, because it stored all my personal data in the cloud, which is not safe.... when they could have designed their product differently to keep it local and within my possession. I generally get one of the following kinds of responses:

1) Sympathetic. They agree with me. But, you know, takes time and effort and money to turn this train. Maybe a future product. As bad as it is, this is actually a positive interaction.

2) Callous. Canned response. Probably deathly afraid of saying the wrong thing and the press jumping down their throats. Sometimes these are rejecting what I'm saying outright, but often they are trying to erroneously claim they already do what I ask, or spin it into a positive, or make excuses, etc. This is a negative outcome, no heart, no soul, no realism.

3) Nothing. No response at all. Maybe they think I'm some nutjob and not even worthy of a canned rejection?

Regardless of the outcome, they need to hear the roar of people being dissatisfied with them. They need to know that the people who pay their bills think they suck, and hear it politely ringing in their ears frequently. This is a long term psychological warfare tactic. It may not look like much yet, but it does show results over time.

May 22, 2015 2:57 AM

rgaff on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:


I wasn't talking about things like banks and public surveillance cameras that we have to interact with if we use money and go outside... I'm talking about more optional things.

Money talks. I can say to a vendor, "do it this way, or I'm going to a competitor or simply doing without your gizmo until I find one that does".... and that's that. End of story. You do not need that latest phone that sends everything you say and your fingerprints off somewhere or thermostat that stores whether you are home or not in the cloud... these are dangerous, and TOTALLY OPTIONAL! So... opt out. And tell the vendors why you're opting out. Send them mails, they have contact forms on their web sites. They need to know that there really is a resistance to their bad practices, and there's no excuse, they could simply do things differently and it wouldn't be a problem.

Of course hardware still needs hardening in other ways, but that's a different rant. One at a time. For this rant just keep stuff off the cloud when you can.

May 22, 2015 2:14 AM

Curious on Friday Squid Blogging: NASA's Squid Rover:


I was thinking just now, well maybe the ceo's of those companies had heard somewhere that having "https" connections to their websites "really aren't that secure after all".

May 22, 2015 1:36 AM

Benni on Friday Squid Blogging: NASA's Squid Rover:

Here are the articles with the additional selector lists:

The number of selectors now stands by 8,2 million that target 1,267 million people and companies....

The bnd boss says he did not know anything about all that....

May 21, 2015 11:33 PM

Thoth on Friday Squid Blogging: NASA's Squid Rover:

A list of commonly known defense contractor websites not doing HTTPS:

* General Dynamics:
- (General Dynamic's AIM II brochure)

- ( AIM II website)

* Harris
- (Harris' Crypto Chip)

* Lockheed Martin
- (C4I website)

* Boeing
- (C4I website)

These are huge contractors ...

Now let's look at Thales ...

* Thales:

It does use HTTPS. At least there are some of them that uses HTTPS.

Is there a reason why they don't want to use HTTPS ? Maybe it's to allow NSA to figure whose going to whose site or to make visitors highly visible to both the contractor and NSA ?

Who knows.

May 21, 2015 11:10 PM

gordo on More on Chris Roberts and Avionics Security:

Paul's Security Weekly TV

Episode 417: Interview With Chris Roberts [35:00]
Published May 7, 2015

Regarded as one of the world’s foremost experts on counter threat intelligence within the cybersecurity industry, Roberts constructs and directs One World Labs’ comprehensive portfolio of cyber defense services designed to improve the physical and digital security posture of both its enterprise and government clients.

[interview w/intro starts at: 03:45]

Early-on in the 'recent headlines' segment [04:57 - 15:37] there's this exchange:

Paul Asadoorian: So, did you actually plug in to something under your seat?

Chris Roberts: No. No I did not. ...

Interview segments:
- Intro [03;45]
- Recent headlines [04:57]
- Threat intelligence [15:37]
- Small-talk/chit-chat [19:20]
- Internet of Things [20:18]
- Speaking engagements [28:40]
- Segue to more chit-chat [29:10]
- Recent bill on security research [30:18]
- Playing five questions with security weekly [32:37]
- Outro [33:54]

May 21, 2015 10:37 PM

rgaff on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

@Bob S

Good speech.

One way we all can help is demand from vendors that our private data always be kept under our physical control whenever technically possible, and never be carted off into the cloud when technically unnecessary. This doesn't stop all our devices from being terrifically weak, but it drastically reduces the mass spying on the backbone. It's not the solution to everything but it's a really big start. And lots of "cloud services" violate this principle when there's no need to.

May 21, 2015 10:35 PM

Thoth on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

@Bob S
We nneed three things to reset the derailed path that the politicians have taken in a global fashion.

- Power. Someone or some of us with power and resources to propagate and influence decisions back.

- Knowledge. Without knowledge, we have no idea what is hitting us.

- Correct Motivation. Without motivation, nothing can move.

I did suggest this three points of approach before in my past posts some time ago. Knowledge and Motivation are already in our hands. We have smart people working on projects to protect personal privacy and personal security. What we lack is political power on our end to influence changes.

We can always be in our labs experimenting and publishing results and open designs and coding some softwares or attempting to sell more secured and assured hardware but the politicos would always find a way to attempt to disrupt, cease and desist and discourage truthful and open researches, publications, implementations, inventions and such ...

Political power backed by correct motive and knowledge is needed to counter-balance the corrupted political powers.

One of the first step I have mentioned is to educate knowledge and make available open source modules and designs of somewhat more assured and more secured hardware and software and also to make these sales as cheap as possible so that it becomes a lower hindering factor and lesser excuse NOT TO USE these cheaply available or freely available open modules and designs.

Wide spread easy to use security is what many of us are trying to do these days after the episode of Ed Snowden trying to teach Glenn Greenwald to properly operate GPG encryption and signing that was initially hard.

Mailpile email client entered Beta which helps putting GPG/PGP into emails in an easier to use fashion.

I am currently working on MailCard to put a very basic Email client engine with very restrictive set of TLS cipher suites into high powered smart card ( which is coming up along the way. It is under construction and not usable yet.

There are other new projects out there trying to make security usable and easy.

Besides providing these secured and assured products with proper education, politicos who are personal privacy and security orientated could also benefit from more support, knowledge and funding to help overwrite bad policies.

May 21, 2015 10:19 PM

anonymous coward on Research on Patch Deployment:

Ops, bucked up the wrong tree. I wonder who what are they incestigating?

May 21, 2015 9:59 PM

Andrew Wallace on More on Chris Roberts and Avionics Security:

This is a far bigger story outwidth the realm of the male who has inadvertedly uncovered a top secret programme of the FIVE EYES.

Usually you would need a SNOWDEN release to uncover this stuff but our male may have done so completely by accident.

NOW every spy agency and terrorist organisation outside of the FIVE EYES will be all over this to check out various theories.


May 21, 2015 9:31 PM

Andrew Wallace on More on Chris Roberts and Avionics Security:

"Roberts tried to hack IFE systems multiple times by direct physical interface also seems fantastical."

Unless there is a secret agreement between Boeing and NSA which the male has stumbled upon.

The IFE guys would be out of the loop wouldn't they?

Finding an implementation ment only for the 5 Eyes is not out of range of decent theory.

The male spoke of being able to watch traffic.

This could be an interface ment for the spy agencies at GCHQ Bude.


May 21, 2015 9:26 PM

Figureitout on Research on Patch Deployment:

Terry Cloth
--Goddamnit Terry!--You're right...guess who didn't read more than the blurp...Before long I'll be ranting like a blow hard how alcoholic security researchers name their tools after drinks!

Tudor Dumitras
--The problem is much bigger than can be fixed w/o painful redesigns and overhauls, that's what we're saying. There's exploits out there that can exchange binaries en route, the patching site needs to be secure, and the patches could break previous applications which they do again and again and again...

I have concerns of a patch environment being the way for attackers to "patch" your system w/ malware.

I do like "apt-get" though b/c it makes things very easy...maybe too easy...

Vulnerability Researcher
--Few things: 1) Do you understand what crippling anxiety feels like? I haven't had a panic attack in years, and I intend to keep it that way.
2) Don't expect good intel when your target knows something's up, and then the rookie-brigade marches in after the contracted pro's came in w/ legal carte-blanche and a good approach and OPSEC (which couldn't be sustained though so I caught a few of them too), infected all my PC's, set up shop in the neighborhood, and followed me once over 600 miles.
3) Tell your asshole friends to open their mouth all they want, I don't care.
4) If you wish to speak, put out an email to blabber on about OT things.
5) Get too arrogant, someone will breach you. Nothing worse then not knowing you're owned.
6) Tell the aliens I said 'hi' too.

May 21, 2015 9:25 PM

Bob S. on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

In my view the concept of "domestic mass surveillance" is relatively new to the American vocabulary and culture. We simply did not think anything like that could happen in the USA let alone was well underway. Ed Snowden turned on the lights decisively.

In times past some brave souls tried to tell us what was happening, but we simply were in a state of denial. In America, the government doesn't spy on us like the STASI or KGB, right? Corporations play fair and by the rules, right?

We have found out how wrong we were.

There are many defenders of police state mass surveillance. My experience is the vast majority, and especially the more vocal supporters, are involved in the surveillance industry to one degree or another. In short, they get paid to shill for government or corporate spies. Some are merely trolls looking for attention.

It's good to know more and more Americans are aware of the vast government and corporate intrusions into our formerly private lives. It's good to know people are worried about it, and want changes.

For awhile, I thought technology could overcome the onslaught. But, there are simply too many people and too much money involved for a few smart guys to unwind the whole thing with some trick hardware or software. Whatever defense is created, also creates a massive counter attack.

I used to think our elected officials would come to their senses, maybe take a minute to read the Bill of Rights again, listen to some experts or even a few of their constituents about oppressive intrusion. But, of course most all of them are only interested in is getting elected, or re-elected and where the bankroll is coming from for the next campaign. Meanwhile, the surveillance lobby has deep pockets. We can't expect much from the crooks and liars we elect anymore.

In the end, it will be the people themselves who take back their rights and freedom. It will take a long time, maybe decades now because it has gone on so far and is so deeply ingrained into our lives.

Everyone needs to stick together on this. What the government and corporations are doing is simply not right. We all know that. We can put a stop to it, too.

United we stand. Divided we fall.

Build unity!

May 21, 2015 9:00 PM

Buck on More on Chris Roberts and Avionics Security:

I really got a kick out of this:

In a post 9/11 world, the further claim that Roberts tried to hack IFE systems multiple times by direct physical interface also seems fantastical, says IFE industry consultant Michael Planey. "We have seen multiple instances of passengers being restrained by fellow passengers or flights diverted because a passenger is behaving abnormally. I find it nearly impossible to believe Roberts could have done this type of an act over a dozen times and never had a flight crew or fellow passenger notice - that part stretches the imagination..."
While it may indeed boggle the imagination of some engineers with a bit of terrorism-induced paranoia, most average Janes and Joes know what an Ethernet port is. They may have seen them at their workplace or university, or maybe even their own homes! It boggles my mind why there would even be Ethernet ports under every seat if they weren't meant to be used... I mean, some people prefer not to use WiFi, right..?

May 21, 2015 8:52 PM

Figureitout on Friday Squid Blogging: NASA's Squid Rover:

--No, but if xobs made it it's probably pretty good. It'd be great b/c live debugging in embedded is necessary.

I just saw that some of it could serve for the discussion.
--No it's very interesting, thanks. Same w/ asynchronous circuits, different way to do final goal.

RE: rng
--Finding a good noise source is hard though, that can't be tampered w/. Generating a digital signal w/ analog noise, just an ADC correct?--They're kinda tricky to initialize. There are other ways I'm sure, but they'll probably be silly.

May 21, 2015 8:18 PM

rgaff on Research on Patch Deployment:

The biggest real world problem against security also affects patching: that is, people gotta eat, so they're off working on the next product or customer or whatever rather than fixing existing ones... Unless they have to, of course, and that's expensive, and can cause bankruptcy if you spend too much time at it, and it helps the issue even less to go bankrupt!

May 21, 2015 7:47 PM

Thoth on Friday Squid Blogging: NASA's Squid Rover:

Who will be on the receiving end of the sentences if the German and European courts find BND guilty of treason and aiding foreign spies ? Will it be the BND chiefs and ex-chiefs ?

What will the sentences of treason be like in Germany and Europe if BND is found guilty ?

Will the BND be dismantled due to it's disgrace by the German parliament ?

I wonder how Germany and Europe are going to tighten their gripes on their spy agencies after this episode ?

For the infected German computers, they should think of a way to bring it off-line without causing national catastrophe and swap in more secure systems made directly under BSI control and validated by independent and also open reviews from external and internal security experts and groups. Once these newly made secure computers are made, they can replace the infected computers and the infected computers move to a secure Government lab for full analysis of every single strain / variant of malware and published online on their working internals openly without exception so that more defenses against nation state attacks can be formulated.

May 21, 2015 7:38 PM

Thoth on Friday Squid Blogging: NASA's Squid Rover:

@Jacob, Nick P, Clive Robinson

Good idea that Jacob have brought up. Why not look into those overseas Type-1 grade comms. Another thing is you can try to purchase from Xilinx's 7 Series FPGAs or Zynq-7000 AP SoCs that have red-black separation, passes NSA tests and have a unique design to load both red and black into the programmable FPGA transistors next to each other.


Altera has about the same design as Xilinx as well and passes NSA tests for use in Type-1 equipments similar to Xilinx.


Maybe you could try to cook up something with these Type-1 capable chips ?

May 21, 2015 7:33 PM

Zenzero on Research on Patch Deployment:

@ Tudor Dumitras

Thanks for the article, previous company had that that issue with patching but the current one has a completely different one /sigh

Please keep us updated as you gather more info

May 21, 2015 7:09 PM

Anira on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:


We have a choice between two packages of policies, package D and package R. We need to reduce a wide range of policy decisions to a binary choice, so that means we prioritize on what is the most important. So you can't really say that Americans voted for any specific policy. In this case, however, package R and package D both include mass surveillance of the public to complement their identical imperialistic foreign policy.

May 21, 2015 6:16 PM

Andrew Wallace on More on Chris Roberts and Avionics Security:

A secret agreement between Boeing and the NSA gives the agency unfettered access to any row and seat number on its next generation planes through the diagnostic data channel.

The agency hover up the data at a facility in England called GCHQ Bude.


May 21, 2015 5:53 PM

Sancho_P on More on Chris Roberts and Avionics Security:

@ Nick P

By far not a “semi-response” (?).

I repeat:
Award honest + successful hackers.
Honest capitalism would be the only chance to improve.
But that’s an oxymoron, I know.

May 21, 2015 5:42 PM

Anura on The Logjam (and Another) Vulnerability against Diffie-Hellman Key Exchange:


If they can break the 1024-bit primes generated on each server, then they can also break the 1024-bit RSA keys on each server (which are possibly one key for a group of servers). Either renders the protocol insecure. DH is still more secure because they actually have to break it, whereas with RSA they only need access to the server itself to gain the private key, allowing you to read all past messages, which is insecure regardless of key length. With 2048-bit DH keys, it is infeasible even for the NSA to break the keys, and the more likely attack would be that they would recover the RSA private keys to perform man-in-the middle attacks. By definition this is still perfect forward secrecy, as long as the primes are not breakable, even if the same prime is used everywhere.

May 21, 2015 5:30 PM

Anonymous Cow on New Pew Research Report on Americans' Attitudes on Privacy, Security, and Surveillance:

While everybody is rightly concerned with government surveillance and data retention these same surveys only touch on private data collectors/miners and their activities. The credit reporting bureaus are not the only ones doing this, but at least you can get copies from them to see what info's there and protest any mistake. Not so with other companies.

May 21, 2015 4:59 PM

Andrew Wallace on More on Chris Roberts and Avionics Security:

My theory is the NSA have all major airlines hard wired through the diagnostic data channel that goes to the Boeing data centres.

NSA had enabled his row number to listen into his conversation and electronic activities and hadn't realised that this had also enabled him to access flight navigation.

This has merely been a surveillance blunder.


May 21, 2015 4:50 PM

Buck on More on Chris Roberts and Avionics Security:


If I understand correctly the vulnerability you have proposed, the effect would be that the seat-back screens would stop showing their moving-map displays of the plane's position correctly.
Hopefully, but not necessarily... Your friend's statement: "if you can make a computer crash, you can break into it," seems true enough to me. If the data diode could be fried, it's also possible that its electrical/physical properties could be used to subvert the logical behavior of the hardware. (Like Hardware Bit-Flipping) Though, this is highly theoretical, and I seriously doubt any parties have both the desire and resources to pull that off... Well, maybe some defence contractors looking to market their own highly secure product..?

May 21, 2015 4:42 PM

Cassandra on The Logjam (and Another) Vulnerability against Diffie-Hellman Key Exchange:

Thank-you for pointing out the loss of Perfect Forward Secrecy. lily's point above is pertinent. I don't know which is better: to think you have perfect forward secrecy when in fact you don't, because you are compromised by a poor DH implementation, or to have no forward secrecy and take appropriate mitigating actions.

This is partly why I mentioned the difficulty of key management. If changing pre-shared keys were made easy you could arrange matters so that compromise of an individual key compromised the encrypted stream for an arbitrarily short interval.

But, I acknowledge, properly executed 2048 bit DH should be good enough for a while.

May 21, 2015 4:40 PM

Tudor Dumitras on Research on Patch Deployment:

I am one of the authors of this paper. I wanted to thank you all for your comments; I am generally interested in war stories about patching (or the lack thereof). In the paper we propose some ideas for mitigating some of these problems, but I would like to understand better what makes patching hard in practice. Now that we have a comprehensive set of measurements, we may be able to run some "what-if" scenarios and come up with better solutions. Drop me a note if you'd like to chat about this; my contact information is on the Web page linked from Bruce's post.

I want to clarify that WINE indeed stands for "Worldwide Intelligence Network Environment" (I did not choose the name). WINE is a data analytics platform with data collected on end hosts (not through network scanning). This platform allowed us to measure how quickly vulnerabilities were patched on ~8 million hosts worldwide. We compared the patch deployment process for 10 client-side applications, including both closed-source and open-source programs.

May 21, 2015 4:15 PM

Andrew Wallace on More on Chris Roberts and Avionics Security:

I've looked through the male's tweets @Sidragon1 and it looks like he is just trolling.

Very few of his tweets is technical discussion about his research or anything like that.

Does he have a web site where his technical papers can be downloaded?


May 21, 2015 4:11 PM

Jesse on The Logjam (and Another) Vulnerability against Diffie-Hellman Key Exchange:

@Cassandra: pre-shared keys cannot offer you perfect forward secrecy.

If you use a pre-shared key for a year, and then later somebody hacks one end of the connection they can get that key and decrypt all of your past conversations.

Ephemeral keys like those offered by carefully executed DH mean that 1> you don't have to store the keys actually used by the stream cipher to disk ever, so they should be next to impossible to ever recover in the future. 2> If one key does somehow magically get recovered, then only the data encrypted using that (for 10 minutes or however long) is breakable, while even the very next set of ephemeral keys are not compromised in turn.

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.