Comments

gordo May 18, 2018 5:12 PM

WATCH: SHOSHANA ZUBOFF ‘THE AGE OF SURVEILLANCE CAPITALISM’
January 3, 2018 | Announcement | Event | Surveillance Studies Centre

See the public lecture of Shoshana Zuboff, Charles Edward Wilson Professor of Business Administration at the Harvard Business School, from her Principal’s Developement Fund visit to Queen’s University on Thursday, November 9, 2017. The video of the public lecture is now available here (link is external). For more information about the event, see here.

http://www.sscqueens.org/news/watch-shoshana-zuboff-the-age-of-surveillance-capitalism

[video length: 01:16:05; event starts at: 01:22]

a blue guitar yet ourselves May 18, 2018 8:09 PM

Is this really only a research exercise as the article suggests ? “Selfish Ledger” imput for the Eggers novel “The Circle” ?

Winston Smith May 18, 2018 8:14 PM

A website flaw at a California company that gathers real-time data on cellular wireless devices could have allowed anyone to pinpoint the location of any AT&T, Verizon, Sprint or T-Mobile cellphone in the United States to within hundreds of yards, a security researcher said.

The LocationSmart flaw was first reported by independent journalist Brian Krebs. It’s the latest case to underscore how easily wireless carriers can share or sell consumers’ geolocation information without their consent.

https://www.mercurynews.com/2018/05/18/website-flaw-exposed-most-u-s-cellphones-real-time-locations/

Looking more and more like the only way to win is to not play at all. Dump the phones, live off the grid, etc. Not really practical.

Winston Smith May 18, 2018 8:38 PM

@ Blue Guitar

Personally, I think Google is performing damage control by spinning these revelations as an “exercise”. Indeed, the article exposes a few data points on their roadmap. All entities– governments, multinational corporations, etc.– end in attempts to amass as much control and power as possible. It’s the human way… more is always better, absolute power corrupts, blah, blah.

The best we mere mortals can hope for is to have a pleasant journey between here and our demise before something really, really big devolves, implodes, or explodes. Cheers.

Thoth May 18, 2018 9:18 PM

@Clive Robinson

Is “Physically Unclonable Function” a good way to do attestation of devices and crypto keys ?

Czerno May 19, 2018 6:02 AM

@RockLobster :
Natalya Kasperky claimed that ” Satoshi Nakamoto, who is credited with creating the currency, was in fact the codename for a collective of US cryptographers. ”

Hmmm ! Are there indications @Bruce Schneier would have participated in that operation ? At the very least Bruce should know if there is some truth to Ms Kaspersky’s assertions. Was “Bitcoin” a US secret services operation ? Who hides under the name of Satoshi Nakamoto ?…
I wonder if our host would like to share his thoughts with us, his followers …

Clive Robinson May 19, 2018 7:06 AM

@ Thoth,

Is “Physically Unclonable Function” a good way to do attestation of devices and crypto keys ?

Personally I give even the idea of many PUFs a wide curve…

There are a wide number of PUFs ranging from patches of clear epoxy or nail polish with either small pieces of choped fiberglass or gliter respectively through to trying to measure some physical property with “slop” on a chip such as delay in a line or capacitance between two metallized tracks…

https://en.m.wikipedia.org/wiki/Types_of_physical_unclonable_function

They all boil down to,

1, An assumption of randomness.
2, An assumption ot reliable measurment.

As I’ve pointed out in the past randomness comes in multiple levels from “unknown to you” through to “unknown to everyone” through various levels of unpredictibility. As for “reliable measurment” don’t get me started on that 😉

Further the majority of PUFs are desired to be used as,

3, Random serial numbers.

That is you somehow have a random process that you can then freeze and thus repeatably read out the same value reliably. People actually do say that with a straight face when talking about things very close to the quantum level of structures and measurment…

For instance you will find claims of “on chip ring oscillators” being used as sources of “True entropy” for RNGs whilst others claim the same circuit is a PUF… The fact that the reality is it’s neither one or the other should cause an eye brow to twitch, at just what sort of tricks can be achived along the line that joins the two end states.

Which brings us to the notion of “hidden knowledge” let us say a major CPU manufacturer decides to add both an AES circuit and a ring oscillator as a TRNG to the CPU chips they make. As noted that ring oscillator could be a TRNG or a fixed serial number or some point in between. If you were one of the chip designers the actual function of that circuit is down to you… Thus a few little tricks could make a PUF with a tiny amount of entropy, that then gets fed through the AES circuit using the actuall PUF as the key… The result to an observer would be indistinguishable from a TRNG. However to an insider it would be predictable if just one further piece of information is available.

It is this “hidden knowledge” by the chip manufacturer, and the fact they do not provide ways for you to actually test their TRNG that makes me want to avoid them straight of because you can not establish “trust”.

But there is also another asspect. Some PUFs are based on things like metastability, capacitance and inductance, all of which can be effected to some extrnt by external to the chip influances.

To see why that might be of concern, a few years ago a couple of researchers at the UK Cambridge Computer Labs published a paper detailing how they subjected an IBM 32bit TRNG to a simple CW EM source and brought the entropy down from over 2^32 to less than 2^7. Which brought a “key search” attack down from difficult at best down to trivial. As I’ve mentioned before back in the 1980’s I had independently discoverd various EM fault injection attacks, ranging from simple CW attacks through using complex modulation techniques to get around various shielding techniques and actually predictably change the functioning of computer code at selected points and times.

So while PUFs of various types do indeed serve a purpose, as with the 1970’s USSR-US SALT agrement fiberglass strands in clear epoxy PUFs used on nukes etc and Simmons side channel attacks you have to treat all PUFs with distinct caution and a great deal of background knowledge in some quite archaic etc subjects and methods.

echo May 19, 2018 9:41 AM

Isn’t somebody as we speak working on a 3D printer thingy to replicate PUFs?

My glitter nail varnish arrived! So if I paint my nails with this my laptop will be totally secure? Wow. This security thing is easy!

Clive Robinson May 19, 2018 10:32 AM

@ echo,

My glitter nail varnish arrived! So if I paint my nails with this my laptop will be totally secure? Wow. This security thing is easy!

For some reason I can not see you doing the “girly wave and huff and puff” to get your nails dry 😉

On a more serious note, the secret is knowing how to use such PUFs properly. They were first seriously discussed as far as I can remember back as part of the first Strategic Arms Limitation Talks (SALT) back when even I was a tads on the smaller side…

However half a lifetime later people are still getting the usage of Optical PUFs wrong in many ways.

So they are only not “magic thinking” rocks when you have a rabbit whole to plug, in the ground or wall or when you see that darn varmint chewing on your salad veg and can throw the rock accurately enough to brain the beast and pop it in the stew pot, where you will get benifit from it… At all other times the rock is likely to do more harm to you when you stub your toe on it or it gravity assists onto your toe etc.

Who? May 19, 2018 10:35 AM

@ echo

Isn’t somebody as we speak working on a 3D printer thingy to replicate PUFs?

I would say you have too much confidence on our current 3D-printing technology.

Who? May 19, 2018 10:47 AM

On our dickensian Christmas Carol technological nightmare.

Next monday will end the first delay given to Intel for the visit of the Ghost of Christmas Past, this time in the form of eight new spectre variants. Will we see some announcement or at least an ETA for microcode updates? I guess no. How much microarchitectures will receive these updates? How will them impact on performance and power consumption?

Alyer Babtu May 19, 2018 11:02 AM

@echo @Clive Robinson

Is it even possible/how would one measure the entropy of things like dabs of glitter etc., and are there published attempts of such measures? Presumably one would want such estimates to have some assurance the thing is really PUF in the limits of what is physically possible, and is not just PUFfery (couldn’t resist).

RockLobster May 19, 2018 12:56 PM

@Czerno As far as I know Natalya Kaspersky has not given any indication as to who the group of cryptographers were so my guess would be, as we know already the NSA have competent cryptographers and cryptanalysis capabilities, if bitcoin was a secret project for the intelligence services they would be likely to have worked on it.
I think Natalya Kaspersky is probably accurate, it makes sense, just as the internet and tor were designed as a communications channel for the intelligence services while allowing public access to obfuscate the traffic, Bitcoin as a covert funds transfer mechanism also using the general public to obfuscate the transactions of the intelligence services sounds plausible.
Hence the other link I posted.

k15 May 19, 2018 1:29 PM

It is 2018. The web has been around for more than 20 years. Why do the default fonts for web browsers still allow two different strings to look identical? Has nobody been thinking, all this time, or do I misunderstand?

albert May 19, 2018 5:25 PM

@k15,
“…Why do the default fonts for web browsers still allow two different strings to look identical?…”

The answer is ‘yes’ to both questions:)

Microsoft is probably the main culprit. Sans serif fonts were introduced in Windows. They do allow the squeezing of characters closer together; fine for advertising, but not for computerized business use. It came back to bite ’em when some folks started taking advantage of the ‘.dll’ extension for use in malware.

BTW, did you ever see developers use sans serif fonts? I used Courier, but there are good fixed-pitch fonts available now. For a laugh, check out ‘C’ code in the MS system font.

Try changing your browsers default font to a variable pitch serif. In Firefox, it’s Preferences, Fonts & Colors, Advanced.

. .. . .. — ….

justinacolmena May 19, 2018 6:44 PM

@k15,albert

fine for advertising

Like the https://en.wiktionary.org/wiki/greengrocer%27s_apostrophe — Advertising is always somewhat subliminal. It’s not intended to be too technically correct. Something might be a little bit off deliberately to cause you to stop a little bit, think about it, and perhaps make a purchase you would otherwise have passed on.

And by and by the first three letters of “Illinois” are indistinguishable.

Microsoft is probably the main culprit. Sans serif fonts were introduced in Windows.

Not really. Quite a few dead tree books were printed in sans serif in the 1970s, the sort with with poor quality full-color reproductions and glued rather than sewn binding. There were certain technical reasons. The serifs tended to fill up with lint and ink in those cheap linotype printing presses, which would blur and smudge the letters on paper, leaving them no more readable than sans serif. Serifs are fine details, and more technically demanding to print cleanly and crisply on paper or display properly on screens with poor resolution.

Businesses cut costs and they collude to prevent their competitors from looking any better than themselves.

Clive Robinson May 19, 2018 7:46 PM

@ Alyer Babtu,

Is it even possible/how would one measure the entropy of things like dabs of glitter etc.

Yes it’s not only possible but sounds almost trivial when you explain.

You start off by working out the uniform density from measuring volume of epoxy to volume of glitter, to get a baseline.

You then “assume” a uniform distribution and alignment of glitter. That is as though they were atoms in a crystal structure.

You then have to decide where you are going to have a zero-zero-zero refrence point and put in place measures refrence for vector analysise and . Which will be fairly arbitrary much as the earths zero-zero is selegted. Then the rotational refrences for each piece of glitter…

You can actually measure all of this with a low power laser, this is repeatable providing you scratch a positional refrence for it to go on.

Thoth May 19, 2018 8:08 PM

@Clive Robinson

Regarding measuring impedance as a way to derive PUF based secret keys to do digital signatures, I was reading some papers that they try to measure “distance” or “impedance” ebtween SRAM cell gates and then average it out with some glorified algorithm to get a more stable reading and with a selected period of start and stop positions so that it would not be an endless ‘stream of 1s and 0s’ but a repeatable step.

The idea is that manufacturing of chips will always create differences in how a cell’s gates are since no two cells are form exactly the same, the manufacturing variations are used to derive 1s and 0s.

I was contemplating on how to attack the PUF in a semi-trusted model after reading recent papers on PUFs.

A semi-trusted model takes assumption that a manufacturer is given a blueprint (i.e. RISC V blueprints) and follow the blueprints to build an open source chip and the chip maybe audited either by decapping it or whatever means available and the process of the chip manufacturing maybe inspected by third parties without hindrances.

I have not read on papers regarding attacking PUFs and I am just beginning to look into PUFs since NXP and other big chip makers of smartcard chips keep touting their capability of using PUFs in their marketing brochures and that got me curious.

So assuming that anyone is allowed to inspect a chip on demand (somehow) and the manufacturer is interested to force a hardware backdoor into the chip without allowing others take notice of the hardware backdoor during their routine inspection, I am wondering if my following description is do-able in chip manufacturing arena to insert a covert and deniable PUF based backdoor.

My idea might already exist and I maybe repeating someone else work since I am only just getting started looking into it.

Since cell gates in SRAM, EEPROM and some paths are used to measure and derive a random looking 1s and 0s, then is it possible to deliberate create some sort of alteration on the nano-scale level (~7 to 10 nm or even 5 nm) so that the derived impedance is always within the control of the manufacturer thus the PUF derived stream of 1s and 0s under the nano-scale manipulation of the manufacturer becomes wholly deterministic but from someone inspecting, they would not take notice of slight physical alteration that look random but maybe used to control the impedance in a way the derived keys are deterministic and unobservable by looking under a microscope ?

Also the above scheme can be defeated by measuring the impedance and comparing to batches of chips and realizing their randomness are as you described, terrible and makes the key breakable pretty easily.

Alyer Babtu May 19, 2018 11:34 PM

@Clive Robinson

So then it can be verified that the glitter pieces do not have some unexpected “lining up” habit, and the various coordinates of position and orientation of the particles can be measured with an exactitude that comfortably exceeds available positioning methods that could be used to attempt to replicate the distribution ?

Alien Jerky May 20, 2018 12:41 AM

Well if the glitter security protocol falls off while flying in an airplane that is passing through a cloud, does that make the cloud is secure? Seems that the National Weather Service should be responsible for securing the clouds.

Volt May 20, 2018 5:12 AM

If the nation is to be clouded in confusion, at least let it be securely clouded in confusion.

Clive Robinson May 20, 2018 5:53 AM

@ RockLobster, Czerno,

I think Natalya Kaspersky is probably accurate, it makes sense, just as the internet and tor were designed as a communications channel for the intelligence services while allowing public access to obfuscate the traffic,

There is a third parameter you have to think through, which is “The NOBUS Advantage”.

Both the Internet and Tor have a NOBUS Advantage you can see in their design if you look at them the right way…

The original design of what would eventually become the Internet was Gordon Welchman who worked at Bletchley Park during WWII and he was intemently aquainted with Traffic Analysis and other “indistrial surveillance” techniques having either invented them or promoted their use. People talk abou Alan Turing in awed tones, but Gorden Welchman was a step or two up from him, and he went on to become fairly senior consultant wise to the US Dept of Defence and ARPA through his job at Rand. Rand was somewhat like “operation paperclip” in purpose which was to get the best of the best science and technology wise from the beligerants in Europe post WWII to give the US another form of NOBUS advantage. Whilst paperclip was designed to get German and other non allies personnel, Rand was a choice bait offering better jobs and better standards of living to get allied personnel.

The main military radio network system still in use was also designed by Gordon Welchman whilst working at RAND. If you can get to see some of the design info you will see great similarity to the Internet but also some important differences. The first Iraq war revealed the fact that the original ideas behind both systems were problematic when they got into the hands of opposing beligerants, which is one reason the Internet in effect got “toned down” on some of it’s more interesting survivability capabilities (which is one reason why certain types of DDoS attack work on one network but not the other).

The main point to notice about the Internet is that whilst the lower layers have survivability still there higher level protocols such as DNS are actually quite centralised –in the US– easily surveiled –in the US and Five Eye choke points– and even when encrypted easily susceptable to quite basic traffic analysis by those who have the center and choke points instrumented.

When you look at Tor it at first looks great, but you will notice that whilst it can give content security to packets inside the network that is lost when you are a client or server which by design are connected to known gateways with plaintext in and out at the server connected gateway. Even if encryption is used into the server the traffic is still easily subject to traffic analysis, especially if you control Tor design and choke points via instrumentation.

There is a very large misconception about the Internet and the way it is physically routed and controlled on the “backbone” side via the Border Gateway Protocol (BGP) etc.

On the physical side if you actually map all the interconnects out to physical locations on maps you will see that the US is at the center. Likewise for most traffic by far the majority of nodes it passes through –which act as choke points to be easily instrumented– are in areas easily visable to Five Eyes nations. Both directly and indirectly be it by subsea cable or satellite link. Other traffic can get “diverted” just by minor tweaks to BGP information

Thus one of Tor’s Achilles heals which is a great NOBUS Advantage is it’s mixing function traffic all gets to be snagged at the instrumented choke points. Because Tor is “a known network” its traffic is very susceptable to traffic analysis if the mixnet is setup incorrectly. Which in Tor’s case it is, as it goes for low latency and has no traffic or channel padding or store and forward…

Thus whilst the US and Five Eyes can map Tor traffic from the user’s connection to the Tor gateway and cross correlate it to the traffic at the server connection to a gateway to remove the mix-net obsfication, they can also see the size of the data being sent/received that alows them to cross correlate with other users to map out first and second communicating parties or groups.

The same trick works with all web based services including email and shared edit spaces facebook walls etc, and the mapping software works just as well by watching Signaling System Seven (SS7) traffic passively so snags all phone calls… Which is basically all the electronic communications available to most people…

Oh and one of the reasons Google got upset with the NSA grabbing their unencrypted backhaul traffic was the realisation as to what was going on. However just as with Tor’s mix-net obsfication being stripped by Traffic Analysis the NSA will still be mapping traffic on those back hauls and identifying first and second party users and any groups they might form and chucking it all into the same mapping software…

After a moments thought you will realise that whilst the US and FiveEyes etc have that NOBUS Advantage, other Super Powers and nations do not… Though we know China has “accidently” sent BGP commands that caused traffic from other countries to get routed through China unsuprisingly it was picked up very rapidly… Supprise supprise the US likewise manipulates BGP but it does not get picked up in the same way, thus few talk about it and it does not get into the public consciousness.

Worse even the likes of the FBI now have ways to get at Tor traffic thanks to a certain university and it’s researchers. Which must be of some annoyance to the SigInt agencies as it intrudes on their NOBUS Advantage.

As our host and other respected security researchers have pointed out NOBUS Advantage will always fail and others will get an increasing share of the “Advantage”.

Is there anything you can do as an individual against this level of surveillance advantage. Probably not unless you know sufficient about covert radio communications and the OpSec involved with their use.

A modern update to the OpSec is to keep a carefull eye on Automatic Dependent Surveillance — Broadcast (ADS–B) traffic and know how to do passive “offset radar reception”[1] with the likes of home computers and Software Defined Radio equipment that can be as little as 10USD each. Thus proving that a supposed NOBUS Advantage by “technology gap” is likewise quickly eroded.

The need to update the OpSec is due to the smaller versions of Boeing’s RC-135V/W RIVET JOINT surveillance aircraft flying around looking for low power covert communications. Some “air spotting” enthusiasts have proved reasonably adept at spotting their flight patterns and tracking them down to airfields and front companies for certain Intel agencies…

When you combine ADS-B signals info with radar returns you gain an extra dimension of information. Thus if the aricraft does not have ADS-B or has it turned off to try to be a little more stealthy… The results of comparing the data kind of acts as a big red flag, actually drawing more attention to them…

As I occasionaly mention “technology is agnostic to use”, the IC and SigInt agencies have for years “backdoored standards” for their purposes via faux “health and safety” arguments. It is kind of ironic that technology with a very real safety purpose can be used to “out” some of the agencies surveillance activities by “hobbyists” and very very loe cost tech and the Internet…

[1] The idea of passively receiving radar signals has been around for some time now with various radar signals. Oddly perhaps it’s the same age more or less as cracking the encryption on cable and early satellite television, and “van Eck” monitor image reconstruction. Because these “hobbies” share a lot of electronic circuits and ideas. For radar in the simple case you have a pulse transmitter and a rotating antenna shared with the receiver. Because the antenna is shared sync signals for thr receiver display can be pulled from a simple angular encoder on the antenna. The simplest of which is a micro switch at the “0 degree” point and a simple saw tooth oscillator triggered by it giving the CRT defection signals. If you know where the radar transmitter is located and you have a direct path signal from it you can with a little processing treat that as your trigger signal. From this you can work out what direction the radar antenna is pointing as accurately as the radar system it’s self. Thus you can use a moderate gain antenna to receive not just the radar outwards pulse, but also the reflected return pulse from aircraft. Thus with a little simple trig you can calculate where the aircraft is almost as easily as the radar. If you can see multiple radars or you have multiple offset receivers connected to gether you can get quite an advantage via “synthetic appature” techniques, which are also used in the likes of astronomy on “Very Long Baseline” radio telescopes and now MIMO type WiFi systems. If you want a modernish view of such radar techniques,

https://patents.google.com/patent/US20140049423

But you can also find in the archives of “Wirless World” a circuit level implementation from the last century. Or you can go direct to an article on hoe to do it with a cheap SDR,

https://www.rtl-sdr.com/building-a-passive-radar-system-with-an-rtl-sdr/

Oh guess what using more than two receivers you do not need the radar transmitter, you could use the omnidirectional pulsed signals from a WiFi access point to map out your home and people moving in it…

Alain May 20, 2018 9:51 AM

Hi

Is 7-zip encryption (still) considered save?

I’m considering encrypting several thousand files from 2-4Gb each with the same password. (Each containing up to 20-50 files.)

The main reason is that it works from the command-line and can combine a nr of files)

I’m thinking of veracrypt also, but I find the possible loss of a TB container a bit scary for the indented use.

albert May 20, 2018 12:29 PM

@justinacolmena,

Sans serif fonts existed back in the 1800s. High resolution displays have been around for decades now. There’s no reason to keep the existing sans serif fonts in computer OSs.

Additionally, there are only a few instances* where SS fonts are troublesome. They could easily be corrected. Just apply a little common sense. Yet this hasn’t been done. Why? Is because of the font ‘designers’?

I expect information I read to be clear and concise. I shouldn’t have to resort to context to interpret a letter. (See the .dll issue)

I can remember ever seeing a book printed in a SS font.

I composed this in Courier, and view everything on my browser in a serif font.

*I’m including the ‘O’ versus ‘0’ problem here.
. .. . .. — ….

echo May 20, 2018 3:47 PM

@Alain

I have been wondering similar. Once my network is finally organised and I’m happy with Unison file synchronising I want to investigate open source encrypted backup for the cloud. My Swiss cheese security model is happy fending off casual snooping. I have nothing to store which GCHQ et al don’t already know or suspect. Even my personal diary is hideously boring.

According to their web site 7-Zip uses AES-256.

https://www.7-zip.org/7z.html

Clive Robinson May 20, 2018 4:57 PM

@ Alain, echo,

Is 7-zip encryption (still) considered save?

From the web page linked to,

    To create that key 7-Zip uses derivation function based on SHA-256 hash algorithm. A key derivation function produces a derived key from text password defined by user. For increasing the cost of exhaustive search for passwords 7-Zip uses big number of iterations to produce cipher key from text password.

On the assumption they have used a crypto library, AES256 will with a good key and correct mode choice and usage give reasonable protection Only when the data is at rest (due to the likes of time based side channels(.

Likewise the hash function if it’s from a library.

The real problem is how you get from the “user text password” to the “derived key” there is not realy anything said about the “key derivation function”, which is very easy to get wrong thus reduce the security massively.

As for “For increasing the cost of exhaustive search for passwords 7-Zip uses big number of iterations to produce cipher key” I guess the developer must of forgoten the likes of “dictionary attacks” and the creation of “rainbow tables” that started being put together from common password lists etc.

There are a few other things raise my “think cautiously” flag thus as it’s apparently available via Open Source, if you can read and understand code I would suggest you download it and audit the source…

Clive Robinson May 20, 2018 5:27 PM

@ Thoth,

I am wondering if my following description is do-able in chip manufacturing arena to insert a covert and deniable PUF based backdoor.

I’m still having a think on it.

But from previous conversations with people who have had to deal with amongst other things meyastability issues in chips the answer would be that it is possible to make a PUF that can be backdoored but would get through most inspections.

From my point of view if I can not effectively verify such circuits, I have to ask what use they are to me? Currently I see no compelling use case for PUFs as an end user. Which makes me wonder why some manufacturers are so keen on them. That is what compelling use case is there for them to fit such circuits?

I think you can guess where that thought took me 😉

John Bonham May 20, 2018 7:41 PM

Repo Men Scan Billions of License Plates — For the Government
https://www.washingtonpost.com/business/economy/the-surprising-return-of-the-repo-man/2018/05/15/26fcd30e-4d5a-11e8-af46-b1d6dc0d9bfe_story.html

The Washington Post notes the billions of license plate scans coming from modern repo men “able to use big data to find targets” — including one who drives “a beat-up Ford Crown Victoria sedan.” It had four small cameras mounted on the trunk and a laptop bolted to the dash. The high-speed cameras captured every passing license plate. The computer contained a growing list of hundreds of thousands of vehicles with seriously late loans. The system could spot a repossession in an instant. Even better, it could keep tabs on a car long before the loan went bad… Repo agents are the unpopular foot soldiers in the nation’s $1.2 trillion auto loan market… they are the closest most people come to a faceless, sophisticated financial system that can upend their lives…

Thoth May 20, 2018 7:41 PM

@Clive Robinson

I was thinking of a way to backdoor a PUF (as usual always busy on finding ways to backdoor something interesting) and my previous thoughts of controlling the SRAM cell gate production in a way that they emit the 1s and 0s as predicted by the semi-trusted manufacturer would be detected if someone manages to get a whole bunch of the chips and test them all and find that the output are almost consistent between the batch of chips.

So a more covert way is to derive a chip level backdoor key by issuing an ID to a chip which most chips have a serial number printed on it’s silicon anyway already and using a manufacturer master key, does a HMAC hash to a chip serial number that produces a unique chip key for each chip and then adjust the SRAM cell gates according to the chip key.

The only problem now is that they will only produce 1s and 0s to a certain amount of steps until the chip key would be read finished assuming the chip key is a 256 bits backdoor key that means one can only read 256 bits of 1s and 0s but most PUF games used will deliberately switch on the oscillator on the PUF circuitry and read them at a random so the backdoor key output have to be in an endless loop to work it’s magic.

Hmmm ….

Oh and most people in the academia and open community are still resisting backdoors ? No problem, the silicon industry would take on the job and put pervasive and silent backdoor designs via tainted PUF circuitries that are seemingly random but are deliberately bias. Why ? Most people are interested in that funny RISC V project and are betting their dollars and staking their reputations on it and they think they can get away with a open source chip design that can be easily verified by asking @Ross Anderson to do it again and pop a couple of factory churned RISC V chips under his Cambridge Uni microscope in his office ? Oh, and with his microscopes and lasers, he still wouldn’t realize that the open source RISC V designs actually has a bias and backdoored PUF that is tainting all the RNG magic there is 🙂 . The ALUs for the chip can be deliberately made slower when it comes to churning out the XORs and ANDs and NORs and force the people to use on-chip SHA256 “backdoored” hashing circuitry and forcing them to use the magically made CS-TRNG 🙂 .

Ops … spilled too much beans … but check that 32-bit MCU next time anyone thinks it’s secure enough to pop a few into hardware crypto wallets and claim they are capable of protecting secrets from snoops and hackers to be used as air-gaps.

If I am not wrong, the IP portfolio for PUFs are probably not just confined to smartcard chips et. al. but are probably much more pervasive and much more common in plain sight than we thought. A look at most modern ARM 32-bit MCUs sold by chip makers will have “TRNG suitable for crypto” on their brochures for general purpose MCUs and that’s what that is interesting. These stuff might be placed into every MCUs in market and we don’t even know it’s there and have no way to check for it for now.

Patriot May 20, 2018 9:17 PM

Absolute security failures that embarrass people are often not talked about until they must be–after someone got evidence and people outside of the main stream media publish it.

A helmet-cam video has come to light from the U.S. Special Forces debacle in Niger. One can see how unprepared the soldiers were, how they made poor tactical decisions–which ended in running away–and how a real asymmetrical fight can be lost by the “powerful” side. Ad hoc security plans lead to disaster.

Warning: it’s an extremely harrowing video, especially at the end, not at all for children.

https://www.youtube.com/watch?v=haellfhNVD0

Patriot May 21, 2018 12:29 AM

@ Alain

7-Zip does not use any salt in its KDF, even though it appears to be able to use it. What does that tell you?

/*
STDMETHODIMP CEncoder::ResetSalt()
{
_key.SaltSize = 4;
g_RandomGenerator.Generate(_key.Salt, _key.SaltSize);
return S_OK;
}
*/

Commercially available encryption products for Tom, Dick, Harry, Alice, and Bob, tend to be subverted, especially if they were made in the U.S.A. Doubt it not. Although, to use a phrase from Mr. Schneier, they do offer a type of cryptography that will stop your little sister.

Go with Veracrypt. And while you are at it, create a hidden partition and bury your files in a cascade–TWOFISH-AES will do nicely–using a hash function that was not cooked up in Maryland; namely, Whirlpool, which gives a 512-bit message digest.

Generate a truly random password that uses at least 92 of the characters available on your keyboard, and make it at least 37 characters long.

Anonym Anonymovich Anonymovsky May 21, 2018 2:22 AM

Trello usernames, passwords, everything wide exposed without any kind of actual hacking. You don’t need actual Hungarian knowledge to understand the post.

Clive Robinson May 21, 2018 3:17 AM

@ Thoth,

my previous thoughts of controlling the SRAM cell gate production in a way that they emit the 1s and 0s as predicted by the semi-trusted manufacturer would be detected if someone manages to get a whole bunch of the chips and test them all and find that the output are almost consistent between the batch of chips.

SRAM cells have always been fairly predictable in start up value when new, and they can also suffer a form of “burn in” over time if they hold the same value for long enough.

A couple of decades ago back last century I was involved with the design of Fast Moving Consumer Electronics (FMCE) in the mobile communications markets. The company I was working for covered from childrens walkie-talkie toys through CB, Amateur radio, Private Mobile Radio, Mil/Pol/Gov rugidized, specialised packet radios for utility companies, and the whole range of radio phones with ranges from 50meters to 5000meters HF to UHF analogue “cordless” through digital such as DECT and celular/mobile phones and satellite and maritime units.

Basicaly if you had a finger to press a PTT or dial with, we had something to fit in your communications requirments, and we even had products for those with no fingers or other disabilities or infirmities including dementia and rescue beacons.

We used to ship so many items we were far from joking when talking about “shipping by weight” not “by numbers of units”. Thus a ton of phones to the UK would be say 600 units and those in the post production shipping side would talk weight on pallets more than they would units and you had to talk the same way to them… Thus a lot of effort was made to reduce weight of the equipment and packaging as weight had a significant cost and time penalty measured in a significant fractions of the per unit BOM price. I still remember the jaw dropped shocked look on a British Telecom project managers face when he was told the cost of changing shipping carton size from six units down to five units to make “stock control” in their warehouse easier. In effect they were getting the sixth unit virtually free as the cost difference between a nonstandard sized carton of five units and a standard sized carton with six units was just tens of cents.

Every one of those units had a microprocessor in it… So we used to get to see very good customer service from one of the worlds largest chip manufacturers at the time, especially when we discovered “silicon errors” which we did from time to time.

On the phone and high end product side each and every unit had an electronic serial number, that back then was set by “cutting diodes” on a far east production line. This was thousands of hours per month wasted production time and had a high “rework rate” both of which were highly undesirable. It was still “the done way” because “that’s the way we’ve always done it” syndrome.

The company was split into several parts and did design in various countries around the world. But solving problems caused by their “problem solving” often came the UK office way, and I would get a note on a box on my desk to greet me first thing or just a note to call someone before it was late in some other time zone half way around the globe… Although nobody actually put a ticking stop watch on my desk with a note you knew there was one running somewhere on such problems (I even got a call from the big boss to help his daughter with her maths degree project, which was kind of scary). Thus quite a chunk of my work in this area produced not just patentable but very valuable trade secret wise ideas (sadly they decided not to patent and the culture in other offices and even customers like British Telecom led to the ideas being “given away” to others, which might be one of the reasons the company has gone).

Any way in one of the far east design offices they were designing a cordless phone for the French market and the French regulators had decided 16bit IDs were insufficient they should be a minimum of 20bits with 24bits being looked on favourably… The production cost would take a major blow with that many diodes, it was time to change the “thats the way we’ve always done it” syndrome, and in a hurry (which is never good with such fundemental changes).

So an engineer in that far eastetn office came up with the idea of generating the ID randomly the first time the unit was powered up, by reading a bunch of uninitialised SRAM locations in the microcontroler and mixing them up. So a kind of precursor to on chip PUFs of the sort you are describing.

The engineer obviously did –understandably– insufficient testing because rather than a simple linear mixing function they did some hair brained nonlinear mix. Put simply they had found a lack of randomness in the SRAM from chip to chip on the production line and had rapidly built some wierd algorithm to correct their deficient test results as the unit had been halted in production… Unfortunatly it did not work hence the call not a note from the big boss…

The problem is if you do read out a bunch of uninitialized SRAM locations from a single microcontroler they do look cell to cell quite random (more detailed analysis shows they partially reflect internal layout structure). Likewise when you test chips from different steppings they might not have correlations. As the engineer was working with a new chip their test parts were from different steppings and some had had the chips zaped by rework tools on the metallization layers etc. Thus their initial test results looked suitably random…

However when the masked programed parts arrived for production they were not only all from the same stepping but also the same mask programing machine. Nearly all of that “randomness” had vanished like morning mist after sunrise…

The engineer’s panicked quick nonlinear mixing fix with hindsight was not going to work so a compleate rework had to be done. Worse no changes could be made to the PCBs etc and any code change had to fit in the same space or smaller than that the engineer had used… Oh and I had around four hours to diagnose the problem and come up with a proposed solution and cut the code blind and if green lighted get it sent off to the chip manufacturer who was holding open staff and machines, so no preasure then…

With hindsight my solution sounds easy if not trivial, but it was actually not for various reasons.

As you may be aware a good source of randomness is the time between pressing buttons by an “untrained” human, the faster the timer runs the more random it’s lower bits will be (roulet wheel effect). The problem is on a production line the operators quickly get into a rhythm and their responses are thus “trained” and the randomness shrinks away as they become like automotons.

Thus the hard part was “disrupting the rhythm or training” which ment making them operators do multiple key presses in response to a randomish stimulus, with lockouts to prevent cheating etc… This product had no LCD just a couple of LEDs. I came up with a solution involving three button presses and a diagnostic code for the LEDs which was actually longer than the timer setup, reading and mixing function code. Then dashed out a three page report on what was wrong with the existing system and a four page report with mix diagram and highly commented source code to replace the old. Dropped it under the big bosses nose and a copy and list of fax numbers to his personal assistant to get the ball rolling. Five minutes later (the boss was a fast reader) phone calls were made by him to five different time zones whilst his PA was faxing and I loaded the source code to a dial in “bulletin board” (the Internet was still to get out of the west back then). After just enough time to get a fresh cup of tea a short phone conference was held. The unfortunate engineer was asked questions about if the code was loaded into a prototype and ready to be tested they responded yes. Other engineers including one from the chip manufacture gave me a short grilling on the code then as you see in those movies about NASA mission control for a launch, a “go / no go” call was made and the ball started to roll. Within an hour or two a hundred EPROM parts were blown and put through production and extended test. Things were as expected and the first few thousand phones rolled off with EPROM parts untill the fresh masked parts were hand carried into the factory from the chip manufacturer… All things worked out and product got shipped on time. Which considering it was a “Just In Time” production and ship process was a miracle.

My reward… I got to do the software for the next French phone that was all singing and dancing with LCD display and multiple cordless handsets… Which when it went to market got a “best product award” from the premiere French consumer product test magazine…

Anyway the long term lesson I took away from it which is relevant to security, is just how “unrandom” uninitialized SRAM in chips can be when they are from the same stepping and production batch.

@RobertT found similar problems with on chip TRNGS having only a few bits of entropy, if you look far enough back in this blog.

Which in the case of PUFs and their close cousins TRNGs means the chip manufacture is mixing in some “secret sauce” somewhere at the very bottom of the computing stack at the FAB plant.

As I’ve noted occasionaly –prior to Intel’s Xmass special– the further down the computing stack a security vunerability is the more devastating the resulting attacks will be due to the bubbling up effect. Worse the lower it is the more difficult it is to find under test. But also as you approach the device physics level the number of people who could spot it is rapidly diminishing…

@Nick P tried thinking up a way to control a chip production process to stop backdoors getting put in by SigInT and other IC entities but he dropped it. He might have some choice comments and suggestions to make if you ask.

Patriot May 21, 2018 5:51 AM

@ Clive Robinson

“…tried thinking up a way to control a chip production process to stop backdoors getting put in by SigInT and other IC entities but he dropped it.”

 As far as defeating SIGINT goes, the best solution for the person with the radio is very simple:  lose it.  

 There is another solution.  Use a radio--of whatever type--to send encrypted messages digitally, encrypted with one-time pads that the user generated himself.  For a short message of 200 characters it is quite easy to do.  Sending encrypted radio messages is illegal in Great Britain, from what I understand.  The main reason that it is illegal is that it can work very well indeed.  There are countries where it is not illegal.

 I firmly believe that the best way forward in real defense, of whatever type, is to look back on what really works and what is actually intelligible to the average person.  This also gives people a sense of confidence and security, which is quite rare these days. What does that look like?  Pay with cash, only encrypt files and store files off-line, use unweakened PGP that is not "modest" in its security goals of authentication and confidentiality. Yes, use one-time pads.  Why?  Because they work if used properly.

 Stopping back doors, stopping standardization that is designed to enforce subverted encryption, stopping kleptography, stopping the Internet of Things from becoming just another collection platform--it is just a hopeless wish.  Let the subverted encryption, kleptography, IoT collection platform, and fake PGP only touch ciphertext that cannot be broken.

vas pup May 21, 2018 9:34 AM

Article related to root cause of mass shootings – violence:
To make our streets safer, efforts are underway to devise new treatments for repeatedly violent offenders:
http://www.bbc.com/future/story/20180518-can-you-ever-change-a-violent-psychopaths-mind
“Though this story is fictional, it serves to illustrate the difference between two types of violent offenders in our prisons. The characteristics that Tony shows are those of a psychopath: cold, calculating, superficially charming, and remorseless. “The violent act is thought through in advance, and the individual may derive much excitement and satisfaction from engaging in it,” says Stephen Blumenthal, a consultant clinical psychologist and psychoanalyst who works with violent offenders at the Portman Clinic, a specialist NHS outpatient psychotherapy clinic in London.
Pete, on the other hand, exhibits symptoms of antisocial personality disorder: a condition characterized by impulsivity and aggression. “The typical violence of the antisocial, non-psychopathic individual is driven by strong emotions and is impulsive or reactive,” Blumenthal says.”
Two violent men, two very different motivations – but our criminal justice system often treats them as one and the same. Although both are violent and therefore pose a risk to society, with high rates of reoffending, this may be a mistake. Studies increasingly suggest that their brains work in very different ways. This could mean that they require different types of rehabilitation if they’re to be safely released back onto our streets.

echo May 21, 2018 11:12 AM

I wondered if 7-Zip had a salt. Apparently not.

I’m still working on an issue I need to progress. I have contacted a journalist and politician and have things organised to a point but like Thoth my radar is already sending me alert signals. as Clive said in his comment on engineering practice “the way things have always been done” can be a problem. Familiar patterns keep reoccuring.

I need to backdoor the beaurocratic system. I have been following a case in the media and have background knowledge and expertise on how the police fitted someone up. Some of this expertise is basically not available outside perhaps a dozen academics and experts in the UK. (I say a dozen. I’m being generous calling some of them experts.) I contacted an involved agency and plan to visit their office perhaps this week. I’m hoping their knowledge and profile can also provide leverage which I need to overcome and expose instititional inertia.

It took me some effort to obtain knowledge held by academics, and within the police force about their training and operations. What the police forget is intelligience tools work in both directions. (Yes, I can go undercover too. Acting dim and a short skirt work wonders.) None of this is secret. It’s just they don’t talk about it. I still need to obtain the transcripts. and to the best of my knowledge none of this came up in the court case. The judge based their opinion on this i.e. they saw what the police wanted them to see and was a little too ready to lap it up which I’m fairly sure the police primarily and prosecution lawyers planned.

I have never forgotten the fit up on Newsnight when the police gaslighted Doreen Lawrence and withheld critical information for which they were later done for.

echo May 21, 2018 11:23 AM

@vas pup

Thanks! I just noticed this. Yes, there are huge problems within UK law enforcment and healthcare instititions of the kind you describe. There is also a similarly huge problem identifying aggression versus defence. There is relevant policy and case law in this area but this and evidence collection and decision making can be and sometimes is very flawed. These organisations can stereotype a lot or just be inadequate and can be years behind academic research sometimes deliberately so. It’s sad that it all to often requires someone to die or a miscarriage of justice to be exposed before the lethargic state learns any positive lessons (or only learn how to shirk responsibility and head off prosecution if this happens again). Statistical averages and rules of thumb can hide a lot of ineptitude.

echo May 21, 2018 12:49 PM

@Alyer Babtu

VMS had a user authentication bug in it for years. Pretty much the entire UK government private network was vulnerable. There was definately an opportunity for fraud or insider trading given some of the available data.

Oddly, the police refused to prosecute one state organisation for fraud in the “public interest”. As for the blatant money laundering by City banks screaming out in the data?… This was statistically massaged to make it disappear from the published reports. I know because I discussed this with the Whitehall civil servant responsible for this data and the admin officer who discovered it at the time. It took right up to the financial crisis and questions began to be asked about money laundering that something was (partially) done about this. The City and authorties now have smoothed the waters over and re-crated the appearance of nothing wrong so I guess this is all fixed now? (Really?!???)

Tatütata May 21, 2018 2:34 PM

@Alain:

Instead of guessing as to what 7-zip might or might not do, you might want to look into other solutions, such as combining plain zip with gpg.

The first advantage, if you’re working under *nix, is that the current distributed versions support ZIP64 and output files larger than 4GB. AFAIK, you still don’t have under Windows by default.

The advantage of using gpg is that you have a choice of crypto algorithms, and will therefore know exactly what you’re using. You can also have public key cryptography. The entropy used for generating the key pair is probably superior to whatever passphrase you could come up with.

That way, the machine that acquires the data and performs the encryption needn’t keep a private key which would allow decryption, unlike a passphrase which has to be present for both operations. Thus, if that machine is compromised, only the currently visible clear text would be lost.

You would also have to make sure that the source data is properly wiped after encryption. Easier said than done.

For the amount of data you have, you might want to look into bzip2, which is great for text-like data.

Ideally you should use pipes between programs, for speed, and possibly security. But apparently neither zip nor tar can write to stdout. gpg has compression options. So rolling your own solution would need some effort.

Tatütata May 21, 2018 2:58 PM

@Alyer Babtu

My first love, the PDP-11/23, didn’t have stylish blinkenlights of that sort, but a console connected to terminal 0.

When the thing crashed, it issued a cryptic “@” prompt on terminal 0, to which the only generally acceptable answer was to type the address of the bootstrap loader followed by the “GO” verb: “773000G”. About a minute or two later you could log into the system again. I was quite good at retrieving user files that got clobbered in the process with a sector editor. This included translating and locating RAD50 encoded names.

A childish prank was to send a message to terminal 0 with a control-sequence to lock the keyboard, and a display of “@”. I think I can confess now, the statute of limitation kicked it.

IIRC, you could change the drive IDs (and the boot device) by exchanging the identifying plastic caps on the front panels. Cute.

Clive Robinson May 21, 2018 3:06 PM

@ Patriot,

Sending encrypted radio messages is illegal in Great Britain

Err that depends on your licence requirments not the law as such (though RIPA and subsequent acts of legislation make things messy).

Amateur radio operatots are not supposed to send encrypted communications but they can send encoded communications if “the code is public”. Thus it is quite OK to use a compression code or similar, including self modifing codes such as the LZ type.

In fact morse code is a compression code and the likes of PSK31 use a similar compression code.

Further not only is Morse a compression code based on letter frequency, morse operators use further compressed phrase codes on top usually called “Q codes”.

Whilst a One Time Pad is encryption a One Time Phrase is a code so where as the Pad is not “plaintext” the Phrase is “plaintext”…

With regards,

There are countries where it is not illegal.

Supprisingly very few these days, due oddly to the likes of “terrorists” and how they effect the very broad “national security” issue. Which brings us onto “commercial licences” quite a number alow for full encryption to protect “services” so utilities, transport and delivery services are alowed to use encryption as are those involved in other ways with activities coverd by “national security” which has a very broad definition. Thus HF comms to “teams in the field” out in a jungle somewhere or out at sea doing surveying for energy or other resources are alowed to use quite high security encryption. Likewise those with a duty of privacy or privilege such as Drs, Clergymen and lawyers can and should use encryption for “privileged” information.

It’s only “joe public” doing hobbies that gets hit with the no encryption rule on much older none phone type communications when they need to be licenced. The likes of Type approved ISM licence free equipment such as WiFi can carry whatever level of encryption you so desire… For not much money you can get “digital video senders” that are IoT type devices, that can easily carry voice and other traffic, some of these have upwards of 10Km ranges.

So in the UK licensing is somewhat complicated and extrodinarily messy when it comes to secret codes and ciphers…

I have in the past talked about SecCom and the OpSec that goes behind it. As a rough rule of thumb SecCom comes in two flavers with radio nets/comms Low Probability of Intercept (LPI) and proof againsy Traffic analysis. Whilst traditional LPI based around various Spread Spectrum and similar techniques are seen as “dead ducks” for various reasons, the nrwer MIMO systems are set to replace them. On the Internet Tor tried to be the digital equivalent of LPI which realy does not work, thus failed miserably at what was required to make Tor Traffic Analysis proof… They were told what needed to be done, but they have chosen not to hear it. So I’ve repeated the advice here a number of times.

I’ve also described what “online” and “offline” means in OpSec terms amd why we should stop thinking of “air-gaps” but “energy-gaps”. I’ve describrd how to build two types of SCIF one overt like an “RF Cage” that is energy-gapprd and one covert that is only air-gappef but can be quickly assembled from items you would expect to find in a home.

So yes I’ve been riding in this rodeo/derby for some years…

Alyer Babtu May 21, 2018 6:04 PM

@ omnibus glitterati – you know who you are –

… with this my laptop will be totally secure …

… as though they were atoms in a crystal structure …

… make the cloud is secure …

Now I see what you are hinting at ! Following

https://en.m.wikipedia.org/wiki/There%27s_Plenty_of_Room_at_the_Bottom

you mean the particles of glitter are computers, together forming a powerful distributed network, the existence of which no-one suspects !!

Bob May 21, 2018 6:57 PM

@Tatütata

But apparently neither zip nor tar can write to stdout. gpg has compression options. So rolling your own solution would need some effort.

Tar is perfectly able to write to stdout. Use a single dash as the filename. This works just as well for reading from stdin. Likewise, check your options for zip as it has similar functionality.

When I want to get an idea of the compression ratios to expect for a collection of files I often do something like this:

tar cf - some_path_to_directory | gzip | wc -c

Ratio May 21, 2018 8:00 PM

Sweden distributes ‘be prepared for war’ leaflet to all 4.8m homes:

The 20-page pamphlet, illustrated with pictures of sirens, warplanes and families fleeing their homes, also prepares the population for dangers such as cyber and terror attacks and climate change, and includes a page on identifying fake news.

[…]

The publication comes as the debate on security – and the possibility of joining Nato – has intensified in Sweden in the wake of Russia’s annexation of Crimea in 2014 and recent incursions into Swedish airspace and territorial waters by Russian planes and submarines.

The country has begun reversing military spending cuts and last year staged its biggest military exercises in nearly a quarter of a century, as well as voting to reintroduce conscription and unveiling joint plans with Denmark to counter Russian cyber-attacks and disinformation.

[…]

Sweden has not been at war with another country for more than 200 years. If it is attacked, the leaflet says, “we will never give up. All information to the effect that resistance is to cease is false.”

TIL: after the liberation of Crimea, unsuspecting Russian planes and submarines of peace have repeatedly been subjected to brutal assaults from Swedish air and water.

Ratio May 22, 2018 12:00 AM

‘Too inconvenient’: Trump goes rogue on phone security:

The president uses at least two iPhones, according to one of the [senior administration] officials. The phones — one capable only of making calls, the other equipped only with the Twitter app and preloaded with a handful of news sites — are issued by White House Information Technology and the White House Communications Agency, an office staffed by military personnel that oversees White House telecommunications.

While aides have urged the president to swap out the Twitter phone on a monthly basis, Trump has resisted their entreaties, telling them it was “too inconvenient,” the same administration official said.

The president has gone as long as five months without having the phone checked by security experts. It is unclear how often Trump’s call-capable phones, which are essentially used as burner phones, are swapped out.

[…]

Trump’s call-capable cellphone has a camera and microphone, unlike the White House-issued cellphones used by Obama. Keeping those components creates a risk that hackers could use them to access the phone and monitor the president’s movements. The GPS location tracker, however — which can be used to track the president’s whereabouts — is disabled on Trump’s devices.

Looks like Trump playing 4D OPSEC to me. ¯_(ツ)_/¯

Wesley Parish May 22, 2018 1:39 AM

Nobody else seems to have mentioned this, so here goes:

via slashdot

https://it.slashdot.org/story/18/05/21/2140241/google-and-microsoft-disclose-new-cpu-flaw-and-the-fix-can-slow-machines-down

https://www.theverge.com/2018/5/21/17377994/google-microsoft-cpu-vulnerability-speculative-store-bypass-variant-4

https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/

I suspect this may be just the tip of the iceberg. I’d rather they were just bergy bits, but I doubt we have that luxury.

Wesley Parish May 22, 2018 3:49 AM

News on the EU and cybersecurity, from our friends at The Register:

http://www.theregister.co.uk/2018/05/22/global_commission_on_the_stability_for_cyberspace_in_eu_drafts/

The GCSC’s norms suggest that core internet protocols like DNS, border gateway protocol and IPv6, and the infrastructure that keeps them running, should be off-limits during cyber-conflict because of the likely unpleasant effects on civilians.

Which is a logical follow-on from the Hague Conventions on Neutrality in Wartime and the right and obligations of Neutral Powers. It also follows on from various Nucleaar-Weapon-Free legislation and treaties around the world, in declaring certain aspects of “cyberspace” effectively neutral.

CallMeLateForSupper May 22, 2018 7:24 AM

#Alyer Babtu

Thanks for the memory. 🙂

I lived one town away from Maynard, MA, and DEC in the 70’s. It seemed that every other person I met worked at DEC.

My department had only one computer, a Hewlett Packard mini, but many other labs in my facility used PDPs. They sure were pretty… some might say sexy. To this day, when I hear “PDP” I think “PDP eleven oh three”. (I don’t know why.)

JG4 May 22, 2018 8:21 AM

A long time ago, I suggested a side-channel probe to detect toggling of CPUs into “undocumented states.” That is a form of system identification, as is side-channel monitoring in general. The problem with total surveillance is that a business can never develop sustainable competitive advantage in the presence of bad actors in the monitoring agencies.

https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/

Expecting that this category of side-channel exploits would be no different, one of the steps we took earlier this year was expanding our bug bounty program to support and accelerate the identification of new methods. The response to that program has been encouraging, and we are thankful for the continued partnership we have with the research community.

https://www.schneier.com/blog/archives/2015/10/friday_squid_bl_499.html#c6709471

The two recommendations that I have for exploring these possible cell phone behaviors are to use an RF receiver like the one described in Melissa’s DEFCON (14?) talk, and to use ultrasonic microphones in proximity to cell phones to observe undocumented emissions of ultrasonic coding.

Approaching peak irony. This multichannel receiver probably can do what Clive suggests with WiFi sources. It also could be used to monitor emissions from a CPU using a ferrite/copper array in close proximity.

Vayyar’s 72-Transceiver Radar Chip Sees Just Enough But Not Too Much
https://www.spectrum.ieee.org/tech-talk/semiconductors/devices/vayyars-72transciever-radar-chip-sees-just-enough-but-not-too-much
Key applications include privacy-preserving home monitoring
By Samuel K. Moore 7 May 2018 | 17:30 GMT
…[there are some great quotes in the article]

More of the usual.

https://www.nakedcapitalism.com/2018/05/links-5-22-18.html

Big Brother Is Watching You Watch

Big Brother Goes Digital NYRB

Princeton Dialogues of AI and Ethics: Launching case studies Freedom to Tinker. “This [assessment] is essential in order to identify the positive opportunities presented by AI and unleash these technologies’ capabilities in the most socially advantageous way possible while being mindful of potential harms.” Lol no.

Artificial intelligence takes jobs from Chinese web censors FT. Code is law….

Tatütata May 22, 2018 9:34 AM

Re: ‘Too inconvenient’: Trump goes rogue on phone security

I guess it would be about time to develop a standard for the orderly cohabitation of malware and spyware on smartphones, with a fair resource allocation for each payload (CN, KP, FR, DE, GB, RU, SA, QT, UA, IL, IR, CA, MX, Mueller, etc., etc., …)

A solution might be to have the presidential ego extender locked to a phake access point acting as a firewall. The nuckular football would be ideally suited: it’s always within reach, and it has enough room for electronics and a power source. You could make room by putting those codes out of children’s reach. Talk about killing two birds with one stone!

vas pup May 22, 2018 9:59 AM

@echo and @Bruce:
You may find very interesting the recent book on risk assessment ‘Assessing Risk” by Blumenthal. It has as main subject violence, but looks like could have mapping approach in other security areas.

Nick P May 22, 2018 11:21 AM

@ Clive Robinson

“@Nick P tried thinking up a way to control a chip production process to stop backdoors getting put in by SigInT and other IC entities but he dropped it. He might have some choice comments and suggestions to make if you ask.”

I didn’t drop it. I even met a guy who had and published the same concept I devised of using a mix of human-inspectable and deep sub-micron nodes. One controls and/or checks the other. This is similar to proof checkers where what drives the operations can be untrusted but the checker has to be trusted. It can be simpler. Its operations are also parallizable. The only thing I can’t figure out… don’t have the knowledge to figure out… is how to address the analog and RF leaks that can happen. Researching electromagnetic compatibility and various isolation mechanisms makes me think a lot of analog-level stuff can be addressed. The RF remains where the untrusted chip might read secrets from or interfere with trusted chip, esp if in same SoC. So, my temporary solution is going back to them stored in separate cages, safes, etc with optical connections. Probably different racks working together.

I’ve been inching more toward implementing my Brute-Force Assurance concept held up mostly by work and an activist project. The central thing in BFA is how to represent the form of the program that will be converted to other forms (esp languages). I keep thinking back on a subset of Racket scheme that’s like C language. That means people with C background wanting to understand and contribute could just read one or two of its famous books: How to Design Programs and Beautiful Racket. Also looking at Nim or non-parenthetical style keeping in mind some crowd won’t learn a Scheme at all just over syntax. 😉

My research has found a ton of stuff that I mostly post on Lobste.rs here since they like CompSci but I haven’t even posted all of it. My favorite find was this paper that did one better than emulating C in Scheme: they created a C++ variant in Scheme that compiles to C. Took just two people to do it with all the benefits that brings vs whatever C++ itself took to build in mix of C, old C++, and new C++. My concept would do something similar except the high-level language has to be easy to analyze and iterate on by itself. Then, it’s translated into C, Rust, Java, and/or SPARK to run their best tools. The results are fixed in the original. Something similar for protocols in Statecharts using TLA+, Spin, pi-calculus, etc each finding what others couldn’t.

If prototyped in live coding environment, one also gets the productivity/debugging benefits only possesed by LISP’s, Smalltalk’s, and Forth’s. Prototype it like dynamic language for personal understanding followed by contracts, static types, and so on to drive automated analyses. Since I’d need intermediate deliverables, I’m looking at maybe just doing C first with an integrated combo of static/dynamic analyzers, abstract interpretation, model-checking, property-based testing, and fuzzing. I have lists of tools for each plus some empirical studies to justify them. I particularly like SPARK Ada’s approach of running a prover for about 2 minutes per module. Similarly, a dedicated server or cluster of efficient machines run all of the tools simultaneously, merge with the tool spotting duplicate bugs, and give report to user. Given tooling available, the C code could actually be more trustworthy than safe languages.

Two other issues. First, the tools that find lots of bugs find lots of false positives. The tools precise enough for little to no false positives find few bugs. I hypothesized that we can throw every analyzer at a module that’s imprecise, use precise analyzers on just the modules the other tools claim has a bug, and suppress whatever bugs didn’t fit in precise model. Should reduce false positives. I saw a group do this independently with just two tools.

Second, the compilers eff things up. CompCert is obvious solution but probably five digits. KCC and C0 exist but who knows how usable the build process or interface is. The certified ones aren’t optimized either. There are tools for algebraic and test-based equivalence checks between to versions of same assembly. My first idea was superoptimizing output of KCC or C0 which John Regehr proposed for CompCert. My next idea, inspired by Borger’s Abstract State Machine work, was to extract an ASM model of the code, extract one of LLVM’s O3 assembly, and use equivalence check them with automated methods. Then again, CASM was looking like it could itself be my high-level, common language with some modification. In any case, either super-optimize results of certified compilers or do spec equivalence on code and results of optimized compilers. That’s after they’ve gone through every analyzer on earth via a verification cluster. Also, verification clusters are what the hardware people do if one is wanting precedents.

On a side note for bootstrapping and empirically-backed formal methods, I was working on how to make the interpreters, provers, checkers, etc “obviously correct” in a way that carried both mathematical and empirical weight. Inspired by expert systems, LALR, and META-II, I decided to go with term-rewriting, single-threaded, state machine, and all on a few primitives in terms of data structures and functions. It would be rule driven with each rule having an obviously-correct checker. Fuzz the heck out of it checked against widely-used implementations of same algorithms or structures. I sketched out the design. Later, I did unrelated search on alternative models of computation. I found the algorithm I invented albeit slightly different form. I guess I should be proud of inventing a model of computation but that guy did it with about no prior work to go on. I bet his work even partly inspired the work I used to reinvent his work. Brilliant dude. So, even if not first, I at least know it’s a good idea that might work for the little job I had for it. 🙂

Humdee May 22, 2018 1:40 PM

RE: Bitcoin

Not much a fan of conspiracy theories but one aspect of Bitcoin has always seemed suspicious to me: why has the inventor never cashed out? Supposedly there are hundreds of millions of dollars in bitcoin the inventor holds and to have never touched a penny of that money? Seems very weird to me. It seems to me that only someone with access to lots of money, like a three letter agency, could afford to pass up that wealth. So I don’t consider the idea totally crazy that the NSA invented it,

echo May 22, 2018 2:10 PM

@vas pup

Thanks for the book recommendation. I don’t like doctors at the best of times because the profession itself has ‘medical practice issues’. Excuse my grinding an axe. The authors themselves certainly have professional black holes in their understanding with respect to bad science (and sometimes academic fraud) and poor patient care among some of their colleagues not too far down the corridor.

Clive Robinson May 23, 2018 6:24 AM

@ Nick P,

If prototyped in live coding environment, one also gets the productivity/debugging benefits only possesed by LISP’s, Smalltalk’s, and Forth’s.

You forgot *nix shell scripting 😉

On a more serious note,

Second, the compilers eff things up.

The main reason given for that is “optomisation to ISA”.

However that hides the real issues behind a curtain.

Firstly ISA’s change in all sorts of ways to get more efficient utilisation of the CPU to memory databus thus reflect the internals of the CPU that are “bad to the bone” and give us those below CPU level in the computing stack vulnarabilities that “bubble up” such as specter, meltdown and rowhammer. These can only be solved by major archetecture changes that will necesitate either massive changes to the ISA or a massive increase in emulation, which would open up more bad to the bone vectors.

But the ISA hides another problem, which is the limitation of humans. The complexities of even using C efficiently taxes the abilities of most programners, as for C++ well what can I say. When you throw away all the code reuse stuff like libraries you are left with just the core programing language. In the case of C it is quite simplistic even though many fail to master it. Even 8bit ISA’s were more complex. In fact when you analyse it C only needs five ALU functions (add, or, and, xor, right shift) and one flag status operator (jump over next instruction) to function… The reason for this is that it was a minimal subset of the existing ISA’s of the time, or more simply the lowest common denominator… To try and make up for this and to hide other lowest common denominator issues we got “pointer math” which is a compleate and utter mess for a number of issues (including the wrong opperator prescidence).

Thus the job the compiler has to do is try and take that C minimal ISA and rearange it such that it is a closer match to modern CPU ISAs whilst trying to get the best efficiency out of the CPU and it’s ISA thus memory bus. Hence the massive optimization issues…

It’s why in the past I’ve talked of that “vast gulf” between ASM and C and I do not regard C as being even a meta assembler of any note…

The ISA to C gulf is true for most high level languages. That is the ISA reflects the way the hardware functions, whilst the high level languages try and fail to reflect the way humans think (or more correctly don’t).

Assembler level programing will almost always better utilise the hardware with good assembler programers. The problem is most programmers make very bad assembler level programers, because they tend not to think in the right way (unsuprisingly engineers and scientists tend to make better assembler level programmers).

To make this worse Intel made the mistake of trying to get around the system bus issue by going “CISC Mad” the result is that their ISA is a compleate and utter mess and difficult for all but a few assembler level programers to master…

This “programer limitation” issue is one I identified long ago and was one of the reasons behind my Castle-v-Prison thinking.

The way hardware is going to go eventually is massively parallel, we have no choice on this unless we want to stagnate. The major obstacle to this is “programers” not “engineers”[1]. The known problems engineers have to deal with are the speed of light and heat death. We would already have CPUs running at 10GHz clock speeds if we would ditch the legacy junk of CISC and cache memory, and went down the RISC very local memory longword register route.

Another area we need to consider is that of ALU bit widths. How much of our code requires 8bit, 16bit, 32bit, 64bit or more widths for “arithmetical” instructions that are inhetently slow due to “carry issues”. Supprisingly when analysed most code does not need anything other than inc/dec/cmp and mostly not on very wide bit widths. The reason for 64bits on extetnal busses is to try to use parallelism to up data transfer per FSB clock cycle.

The real answer is we mostly do not need more than 8bit arithmetic such as add/sub because a lot of it is down to –invisable to most programers– manipulation of bytes which represent characters. The functions most programers use longer widths for are on integer counters that only use inc/dec/cmp that with a little trickery can ignore or remove the slowness of carry issues[2]. Likewise pointers are mainly inc/dec/cmp as they are being used as counters as well, or would be if it was not for stupid pointer arithmetic high level languages use, especially in badly formed structures (which objects realy are behind the sceens).

As has been shown with hardware forth machines even data stacks need not be very large, again easy tricks can make them as small as eight registers, which alows direct access via simple RISC instructions if required.

You don’t even need “return stacks” in a single task RAM only system which has other speed up advantages.

All of which can make a very very small 8bit CPU with local long register memory blindingly fast for most programing tasks.

I was hoping some Smart Card manufacturers would go down this route, but for reasons of momentry idiocy/pleasure/marketing they decided Java was the ISA to go with, which has had all sorts of undesirable side effects, not least of which is being slower than a one legged donkey, with a huge fat belly due to it’s consuming habits.

[1] Oh and the non technical problems that arise in Marketing and Managment, with issues mainly rooted around Corporate image and sunk costs, that shareholder behaviour causes the short term thinking bonus culture… All of which perhaps unsupprisingly do give huge “Technical debt”.

[2] There are two basic ways you can do a compare in hardware. The first is “A-B, ChkZ” which expands out to “A+1+(B xor -1), ChkZ”. The second is “A xor B, ChkZ”. The add and sub instructions use carry the xor does not. The Check for Zero instruction does use the whole width of the data, but unlike carry it is not bit sequential but bit parallel so about as fast as a logical function can get (as transmission line speed is the limiting issue). Thus ChkZ is much faster than an add or sub across even a two bit data width let alone 64bit.

Ratio May 23, 2018 6:30 AM

Who’s Afraid of Kaspersky?

Kaspersky Lab has been mired in an ongoing crisis. First, on the heels of the congressional inquiry into Russian meddling in the 2016 American presidential elections, the US government proposed and eventually passed a federal ban and purge on the use of Kaspersky Lab software across all government agencies. The British and Dutch governments ha[ve] since followed suit.

The government bans have also spilled over to the private sector. Best Buy stopped sales of the software, some of Kaspersky Lab’s financial customers dropped it, and more recently, Twitter banned the company from advertising on its platform.

Meanwhile, several news stories alleged that the company’s software helped Russian intelligence services steal highly classified documents from a US National Security Agency contractor. The company’s most recent move to show it’s independent from the Russian government has been to announce a new data center in Switzerland that will store information from customers in US, Europe, Japan, Korea, Singapore and Australia.

At the same time, Kaspersky Lab continues to have a good reputation in the industry. Its team of researchers is widely respected by its peers for its ability to find sophisticated government malware—regardless of where it’s from—and its software is considered one of the best to catch malware on your computer.

So what is Kaspersky Lab, really? Is the 20-year-old company behind one of the most popular antivirus programs in the world an arm of Vladimir Putin’s Kremlin? Or is the self-proclaimed “company to save the world” a victim of US government protectionist propaganda? Is [Kaspersky Lab’s] SAS [conference] simply a networking event with an open bar where the company shows off the latest work from its researchers, who are some of the most well-respected malware hunters in the world? Or is it a chance for the company to expose highly sensitive, ongoing American intelligence operations, and—as some in the cybersecurity world told me—perhaps a chance for spies to keep tabs on attendees?

vas pup May 23, 2018 9:09 AM

Amazon defends providing police facial recognition tech:
http://www.bbc.com/news/technology-44220037
In Oregon, the tech was powered by a 300,000-person database of mug shots that powered a mobile app. Officers could use the app to cross reference people’s faces with any criminal record. The emails also discussed the integration of this technology with body cameras used by police.
“Applying facial recognition to body cameras would absolutely transform those devices,” argued Matt Cagle, technology and civil liberties attorney for the ACLU in California, speaking to the BBC. He explained that the argument given for adopting body cameras was to make police offers more accountable for their actions.”This would turn those devices into surveillance machines aimed at the public,” he added.

My take: this technology could work in opposite direction as well. E.g. it is possible to have application that is sending any face image taken by smart phone camera owned by citizen, not LEO, to LEAs DB of face images:(1)convicted criminals (violent and/or sex offenders in particular) which will send back in return kind of alert/warning with convict REAL name;(2)LEAs DB of active officers and get back confirmation that person in uniform or flashing badge is real LEO, not fraudster.

bttb May 23, 2018 9:59 AM

Former Director of National Intelligence Clapper has a new book out and will be on Public Radio’s “1a” for an hour starting in a minute.

Wednesday, May 23 • 11 a.m. (ET)
“James Clapper On His Five Decades In Intelligence Operations

He served under three presidents, in a time when the intelligence community’s role in international affairs changed dramatically.”
https://the1a.org
https://the1a.org/stations ; for a possible Public Radio station near you

bttb May 23, 2018 4:05 PM

Let’s not give up on Net Neutrality yet.

How much time does the House of Representatives have to vote to try to Restore Net Neutrality? Leaving aside a potential Presidential veto (Trump claims to be a populist at times; maybe he cares what the masses think, especially if it’s cheap).

“Restore Net Neutrality
We’re taking this fight to the House.

We’ve fought tirelessly for Congress to save net neutrality – and our action is working. Now that the Senate has voted to reverse the FCC’s decision, the pressure is on the House. It’s clearer than ever that the vast majority of people in this country – regardless of political party – want an internet that’s fair, free, and open. So our representatives must decide: answer to the will of the people, or cave to the interests of Big Telecom.”
https://action.aclu.org/send-message/save-net-neutrality
&
“The Path to Victory on Net Neutrality in the House of Representatives and How You Can Help

The United States Senate has voted to overturn the FCC and restore net neutrality protections, the fate of that measure currently rests in the House of Representatives. While many will think that the uphill battle there makes it a lost cause, that is simply not true. Together, we have the power to win in the House of Representatives.

Now that the Senate has officially voted 52-47 to reverse the FCC’s so-called “Restoring Internet Freedom Order” under an expedited procedure known as the Congressional Review Act (CRA). It is now pending a vote in the House of Representatives. And while many will incorrectly assume since House Republican leadership has expressed their opposition to ever voting on net neutrality, nothing will come of it, the wishes of the leadership are frankly irrelevant.

What actually matters is whether 218 members of the House of Representatives from either party want to vote to protect net neutrality through a process called a “discharge petition.”
What is a Discharge Petition?
[…]
Congressman Mike Doyle (D-PA) initiated the discharge process on May 17, the day after the bill passed the Senate. More than 160 House of Representatives have pre-committed to supporting reversing the FCC before that discharge process even started, leaving us with a concrete goal of now pressuring the remaining Democrats and Republicans to support the petition. EFF has been tracking the public statements of support and opposition of House members here and has made it easy to call your representative by going here.

We have a lot of work ahead of us, but together we can keep the Internet free and open.”
https://www.eff.org/deeplinks/2018/05/path-victory-net-neutrality-house-representatives-and-how-you-can-help
https://checkyourreps.org/ ; see where your Representative stands
https://checkyourreps.org/scores ; all Representatives
https://act.eff.org/action/tell-congress-to-reinstate-the-open-internet-order

Finally, the Main Stream Media (“‘MSM'”) doesn’t seem to be spending much time on this issue.

bttb May 23, 2018 4:32 PM

Are Windows and non-Windows DNSCrypt-Proxy uses considered worthwhile, now or ever? With Google and Cloudflare, is there an easy way to enable DNS encryption, and test it? I noticed there is an iOS app for DNSCrypt, too.

I know DNS was recently discussed on other threads on this website.

From https://thebestvpn.com/dnscrypt-best-alternatives/ :
“The Best Alternatives to DNSCrypt

DNSCrypt is a protocol that encrypts your DNS requests, and it’s long been one of the most popular options. It encrypts your queries to the OpenDNS servers, which are maintained by Cisco. But DNSCrypt.org was taken offline at the end of 2017, as its creator stated that he no longer uses it.

A group called Dyne.org has taken over maintenance of DNSCrypt-Proxy, an interface for using the protocol, but has committed only to patching bugs, and not further developing the technology. The proxy will be available for the foreseeable future, but there’s no telling what the future holds for the app.

You can also still get DNSCrypt directly from Cisco, but it’s not going to do you any good if you’re not using their DNS servers.

While DNSCrypt is certainly one of the more robust options, there are others. Here are four choices you have when you want to encrypt your DNS traffic.
1. Use a VPN with DNS Leak Protection
[…]
2. Use DNS-over-TLS
[…]
3. Use DNSCurve
[…]
4. Stick with DNSCrypt-Proxy 2

This isn’t really an alternative, but it’s an important option to mention. The future of DNSCrypt is unclear, but you can still download clients that use the specification. DNSCrypt-Proxy is one of the best options available, and the second version is actively maintained.

DNSCrypt can still protect your DNS traffic, but after DNSCrypt.org went down, it cast a bit of doubt on the future of the project.

Still, if you use DNSCrypt-Proxy 2 and you pass a DNS leak test, you know that your DNS queries are protected. But we’d recommend that you test regularly, in case anything changes.”

How about DNSCrypt-Proxy_1.9.5?

Finally, a link, somewhere, said you might test DNSCrypt-Proxy with https://www.dnsleaktest.com , short of using WireShark to test for encrypted DNS

Ratio May 23, 2018 8:30 PM

U.S. Government Can’t Get Rid of Russian Software:

Federal agencies are so far unable to comply with a law banning Kaspersky Lab software from U.S. government networks by October, The Daily Beast has learned. Multiple divisions of the U.S. government are confronting the reality that code written by the Moscow-based security company is embedded deep within American infrastructure, in routers, firewalls, and other hardware—and nobody is certain how to get rid of it.

“It’s messy, and it’s going to take way longer than a year,” said one U.S. official. “Congress didn’t give anyone money to replace these devices, and the budget had no wiggle-room to begin with.”

At issue is a provision of the National Defense Authorization Act (NDAA) enacted last December that requires the government to fully purge itself of “any hardware, software, or services developed or provided, in whole or in part,” by Kaspersky Lab. The law was a dramatic expansion of an earlier DHS directive that only outlawed “Kaspersky-branded” products. […]

[…]

Kaspersky’s website showcases scores of technology partners who’ve used the company’s software development kits to bake Kaspersky code into their own products. That includes big names in services or software like Amazon and Microsoft, and networking hardware firms like D-Link, Check Point, and Allied Telesis—a major government supplier—that have baked Kaspersky’s code into firewall appliances. The networking giant Juniper Networks offered Kaspersky a full range of routers, gateways, and firewalls. Broadcom, which makes everything from Wi-Fi chips to fiber optic components, is listed as a technology partner, though it’s not clear for what product, and Broadcom declined comment.

It’s unclear if the list on Kaspersky’s website is comprehensive—the company isn’t saying—and at press time Kaspersky was redirecting U.S. visitors to an identical webpage without the list of partners.

Very Nice Human Being May 23, 2018 10:07 PM

Australian company Telstra, formerly known as Telecom, was the government owned landline comms sold off against the wishes of the people.
As well as landlines they are now one of the two companies in Australia that own the substantial cellular phone infrastructure.
They have announced they are falling in lock step with the US and ceasing to provide ZTE phones to consumers. Ki? Oh thats right, this is Telstra we are talking about.

https://exchange.telstra.com.au/stop-sell-zte/

This article about email vulnerabilities and crypto in email is vaguely technical and vaguely interesting

https://www.theatlantic.com/technology/archive/2018/05/email-is-dangerous/560780/

Ratio May 23, 2018 11:00 PM

FBI Seizes Control of Russian Botnet:

The FBI counter-operation goes after “VPN Filter,” a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election. On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States.

VPN Filter uses known vulnerabilities to infect home office routers made by Linksys, MikroTik, NETGEAR, and TP-Link. Once in place, the malware reports back to a command-and-control infrastructure that can install purpose-built plug-ins, according to the researchers. One plug-in lets the hackers eavesdrop on the victim’s Internet traffic to steal website credentials; another targets a protocol used in industrial control networks, such as those in the electric grid. A third lets the attacker cripple any or all of the infected devices at will.

[…]

[Observing the network traffic leaving an infected home router] allowed the bureau to identify a key weakness in the malware. If a victim reboots an infected router, the malicious plugins all disappear, and only the core malware code survives. That code is programmed to connect over the Internet to a command-and-control infrastructure set up by the hackers. First it checks for particular images hosted on Photobucket.com that held hidden information in the metadata. If it can’t find those images—which have indeed been removed from Photobucket—it turns to an emergency backup control point at the hard-coded web address ToKnowAll[.]com.

On Tuesday, FBI agents in Pittsburg asked federal Magistrate Judge Lisa Pupo Lenihan in Pittsburgh for an order directing the domain registration firm Verisign to hand the ToKnowAll[.]com address over to the FBI, in order to “further the investigation, disrupt the ongoing criminal activity involving the establishment and use of the botnet, and assist in the remediation efforts,” according to court records. Lenihan agreed, and on Wednesday the bureau took control of the domain.

Ratio May 24, 2018 12:00 AM

Recruiting Intelligence Sources: President Trump Makes a Hard Job Harder:

Observers have rightly criticized the recent efforts of both President Trump and House intelligence chairman Devin Nunes to uncover an FBI source as a blatant, cynical endeavor to derail Robert Mueller’s investigation by translating the normal functioning of governing into something sinister. By using confusing and charged language, Trump seems to believe he can build on his false narrative that there is a deep state—an internal enemy out to get him. Previously, the president crafted that narrative with the similarly unfounded charges that he was wiretapped and his aides were “unmasked” were similar subterfuge. These tactics risk damage to a variety of political and legal norms. They also harm the ability of U.S. intelligence, diplomatic and law enforcement to do their jobs. And this latest instance is particularly dire.

The president and his allies have presented absolutely no credible evidence to support their theory that the FBI and other entities in the intelligence community did anything wrong in the course of conducting a counterintelligence investigation into the Trump campaign. But for intelligence professionals, these recent public charges and accusations will make it harder to develop and recruit new sources in the future. They will also likely put a scare in partner foreign intelligence services who routinely share sensitive information with the U.S.

[…]

At its heart, intelligence collection is a simple—yet fragile—process. The success of U.S. intelligence, diplomatic and law enforcement efforts rests on little more than the ability of intelligence professionals to build trust with people so that they will share information. The only thing the U.S. can really offer potential intelligence sources is to keep them safe and protect their identities. If people don’t want to talk, there is little the intelligence community can do.

Gerard van Vooren May 24, 2018 5:34 AM

@ Clive Robinson,

Wow, I have to say you that!

“It’s why in the past I’ve talked of that “vast gulf” between ASM and C and I do not regard C as being even a meta assembler of any note…”

But, what I just don’t accept is that the language Ada just is ignored, thanks to that meta assembly language. And Ada is also a serious engineering language, with the same speed as that of C, but without most of the bugs and with SPARK the language is almost bullet proof. An entire class of errors simply disappear. Bit manipulation is absolutely fantastic.

And please don’t talk about Rust, that language is gonna explode, just like C++.

Alyer Babtu May 24, 2018 12:52 PM

I like ML, but what I really want is a language that is the computerology image of Category Theory, specifically Topos theory.

Humdee May 24, 2018 5:18 PM

“Observers have rightly criticized the recent efforts of both President Trump and House intelligence chairman Devin Nunes to uncover an FBI source as a blatant, cynical endeavor to derail Robert Mueller’s investigation by translating the normal functioning of governing into something sinister.”

Rightly? It is sinister! One’s person’s spy is another person’s informant just like one person’s freedom fighter is another person’s terrorist.

Anura May 24, 2018 6:19 PM

@Humdee

Thank you! Words don’t have meaning! The truth is just a matter of opinion! They call them fingers but I’ve never seen them fing!

Seriously, though, context matters. The problem here is that Trump declares he is a spy, declares it’s a massive conspiracy that proves the deep state is out to get him, when what the FBI did was basically use the least intrusive means to investigate someone: they asked a connected person outside of the campaign to talk to people inside of the campaign.

As TheDCNF reported back in March, Halper contacted Papadopoulos through email on Sept. 2, 2016, offering to fly him to London to discuss writing a policy paper about energy issues in Turkey, Israel and Cyprus. Halper offered to pay $3,000 for the paper.

Papadopoulos made the trip and had dinner multiple times with Halper and a Turkish woman described as his assistant. Sources familiar with Papadopoulos’s version of their meetings said Halper randomly asked Papadopoulos whether he knew about Democratic National Committee emails that had been hacked and leaked by Russians.

Papadopoulos strongly denied the allegation, sources familiar with his version of the exchange have told TheDCNF. Halper grew agitated and pressed Papadopoulos on the topic. Papadopoulos believes that Halper was recording him during some of their interactions, sources said.

Halper’s assistant, who is named Azra Turk, brought up Russians and emails over drinks with Papadopoulos. Turk also flirted heavily with Papadopoulos and attempted to meet him in Chicago, where he lives, a source told TheDCNF.

https://www.emptywheel.net/2018/05/20/nunes-outraged-that-american-spies-paid-to-brush-up-against-trump-aides/

This isn’t planting a spy in the campaign, this is the FBI saying “We have evidence of wrongdoing, let’s have someone talk to them.”

THOT Crime May 24, 2018 6:19 PM

On the topic of pigskin,

With respect to changing your batteries, or charging one’s device:

is the nuclear football nuclear?

I’ll leave the other possibilities out for the moment.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.