... shouldn't the NSA be operating to tighten the security of these things to protect US consumers?
2173 posts • joined 14 Nov 2007
... shouldn't the NSA be operating to tighten the security of these things to protect US consumers?
IANAL(BIPOOTI) and I think it is extremely unlikely that there is any country on earth which allows contractual terms to overrule its national legislation. Certainly in the UK it is absolutely the case that it really doesn't matter what companies put in their contracts, if it contradicts the law, it's dead in the water. Restocking fee? No. Must be returned in original packaging? No. etc.
In that case, rust is only about 8TB/Kg, compared to about 30TB/kg for SSDs.
100 tonnes of Samsung 850EVO 2TB SSDs at 66g is 3EB which I rounded  to 2EB; 100 tonnes of WD Red 6TBs at 753g is only 0.8 EB
 We probably need packing overhead but, in any case, when I'm guestimating I like to go for what I call 'currency logs' in other words, chose a 1, 2 or 5 then a number of 0s. I find this is a good compromise between the intuitiveness of 'order of magnitude' and the difficulty of, in situations like this, getting enough precision for even 1 significant figure (although I've never really been sure whether the choice for first digit should include '8').
"How does it compare with FTPing a tape image? Or even the classic "747 full of DVDs (or Bluerays)"
The bandwidth of a 747 full of media is well in excess of 10TB/s  so the raw transmission time for 1GB is less than a millisecond. A motorcycle courier can manage 1GB/s (i.e. 10Gb/s) London to Edinburgh.
Ping time is several hours though!
I cannot remember a time in the past (nor envisage one in the future) when any networks had a higher bandwidth than the movement of contemporary physical media.
 A 747 can carry 100 tonnes of cargo (I think), a 2TB SSD weighs less than 100g including appropriate packaging, meaning that is 2 Exabytes per Jumbo, say 8 hours for a LON->NYC flight time and 2 more hours handling time, around 50TB/s unless my maths is letting me down.
What is "superfast" broadband? Does it just mean > 12Mb/s of ADSL on POTS?
I'd say 2(N+1) Mb/s, where N is the number of bedrooms in a property, should be the absolute minimum.
"Can this be weaponized & used in the war against [whatever]?" --- allthecoolshortnamesweretaken
Isn't that the robotic cricketers ... ?
* nod to the memory of the genial genius who brought so much pleasure to so many of our lives
Do they really mean the possibility that Theresa May will say, oh, no I don't think that's justified in this instance? Because if so, maybe they'd like to buy another bridge ...
never mind grey, mine went away!
Because nobody in their right mind uses RAID5. It went over the usability horizon about the time that disk capacities started exceeding 100GB and their costs came down. *dons downvote armour*
[Edit: seriously guys, get 2 diskfulls from 4 in RAID10, or 3 from 4 in RAID5? Is 50% more capacity really worth risking needing a full rebuild when you hit an Unrecoverable Read Error? During which another URE would kill you? When UREs are have a probability of 1e-13 --- wasn't so much a problem when disks were small, but that's 1 error per 10TB]
They are trying to formalise a logically inconsistent ever worsening complex mess. They should have spent the time and money on rationalising the taxation and benefit system, not trying to build a system to automate the impossible.
Compression before encryption is good practice to remove excess (entropy lowering) redundancy. But although lempel-ziv compressibility is a good test for high levels of redundancy, the lack of the same is a necessary but not (nearly) sufficient property to judge the input as random.
It wouldn't take long to find a sequence of digits of Pi... Google Bayer Moore algorithm. In fact if you can get any chunk of a one time pad with moderate entropy it's not that hard to search a large canon of alphanumeric sequences. Google "no very favourable idea of the age" and you'll find Austen's Northanger Abbey in no time.
"Can you guarantee your mirrors are 100% non-bias?" -- TechnicalBen
Sorry to harp on, but this doesn't matter because you can debiass it (see my earlier post). What would matter is if the mirror had a memory. But then on the the upside you would probably win a Nobel Prize.
"Then the spooks start firing fast neutrons at your house, to adjust the bias in your random noise generator." -- AC
LOL but (and this is relevant to some other side-channel attacks) if you use the Von Neumann de-biassing method above, all they can do is slow down your RNG. Bombarding you with neutrons might actually improve the quality of the output, but I guess slowing it down (and hastening your personal End-of-Life) might be an approach if they get desperate!
2nd line of article, my emphasis:
"The recommendation NIST's put up for discussion covers the design principles and requirements for random bit generators, and tests to validate entropy sources."
Gideon 1, my emphasis
""Verification not generation ... It's interesting how many Commentards didn't understand the article."
On a more serious note, given the difficulties in verifiability (not just doing it, but doing it in a way that is widely understood), I think verifiable generation (quantum & other physical methods proposed above by commentards including myself "who didn't understand the article") would be a better approach than new methods for verification. Given that there are any number of deterministic sequences (e.g. digits of pi, mentioned above) that satisfy all existing tests for randomness and (as far as my limited mathematical understanding goes) are likely to continue to do so, verifiable generation seems to me a much more promising area than verification of deterministic generators.
"For the past year, I've been running tests on a couple random number generators. I grab a random 32-bit integer form it, each number is plotted on a 65,536 x 65,536 bitmap. Each time a number comes up, its pixel's color is bumped up by one. Every so often, the bitmap gets saved to an external storage array so that the image can be viewed from another machine, any number that is favored by the RNG will show up as a different color in the resulting image." -- Crazy Operations Guy
It's a good first attempt at RNG visualization but I'm afraid it is rather flawed: a quick example will show why: what if you replaced your RNG with a counter? It is lack of correlation between one bit and the next (more exactly that any given bit in no way depends on any of the previous history) that is the crucial thing rather than a completely even coverage (as explained in my earlier post you can extract a smaller number of perfectly distributed random bits from an imperfectly distributed random source as long as each bit is independent.
This sounds right to me --- the sort of device that you can plug into a USB port to read, but made from simple components (capacitors, resistors, transistors) that you can verify (or assemble yourself). I've seen some circuit diagrams but we really need something very simple indeed. People add complexity to circuits by adding clever stuff to ensure random weighting* but this seems unnecessary and adds the kind of circuitry that could disguise randomness-subverting badness.
Maybe what we need is something physical that we can verify by eye -- like a lotto ball machine. We just need something that can generate numbers much faster. Perhaps a shaker full of tiny particles, read by a CCD?
* if you have a random bit stream which is suitable in every respect other than weighting (ratio of 1s and 0s) you can create a perfectly weighted stream from it by sampling non-overlapping pairs. I think it was Von Neumann who invented this - you read bits pairwise, discarding all pairs where the bits are equal. You convert the remaining pairs into 1s and 0s using the code 01->0; 10->1 (or vice versa) and bingo, you have a bit stream balanced perfectly 50:50 into 1s and 0s. This is because if the bits are independent then the probabilities of 01 and 10 are equal, whatever the probabilities of 0 and 1 (and hence 00 and 11, which have unknown probabilities, are discarded).
Barron insisted that the £130m arrangement for Google to pay its back taxes between 2005-2014 was not a sweetheart deal. He said: “Identifying what the economic activity is, what the added value in the UK is, is a difficult business and that is what we have been working out with HMRC over the years and all the discussion about [a] so-called permanent establishment.”
Are Google and/or HMRC are prepared to show the steps and figures in this "working out" because if not it's easier to believe that it is is a sweetheart deal.
... a foreign power or bad actor can effectively run a DDoS on that system by infecting British network devices and either (a) vastly increasing their ICR production rate (a few orders of magnitude wouldn't be too hard); and/or (b) creating ICRs that will raise red flags (e.g. to known suspect sites).
"They start off at ground level, or didn't you realise that?" --- Pompous Git
If they climb like normal weather balloons, at about 5m/s, they'll be out of range of all but the sniper sights of sober sharpshooters within a few minutes. As we are talking about a 100 day lifespan, they'll be spending (coming down as well as up) well under 0.0001% of their lifespan within projectile range. Even less if they are launched at night, without notice, from an area with a reasonable perimeter.
So, yes, I did realise they start off at ground level but they are hardly more vulnerable to drunken shooters than if they were launched out of planes or magically spawned in mid-air.
"This would probably be viewed as aerial target practice by some inebriated locals." -- NotBob
... I think even with the steadiest hand going you'd be unlikely to hit one with anything other than a SAM
"There is another sort of proverb that says "Wer glaubt, daß Abteilungsleiter Abteilungen leiten, der glaubt auch, daß Zitronenfalter Zitronen falten", but so far I couldn't come up with a translation that really works. Sorry. Anyone who wants to give it a try?" --- allthecoolshortnamesweretaken
How about ...
"Expecting the brains of the Department (company, division, group) to be in the Head of the same is like expecting to find pants in the pantry"
"Theresa May isn't stupid, far from it she's a shrewd political operator..." -- Adam 52
Well; most politicians, however 'shrewd', are certainly not all that far from stupid. Success as a politician, regretfully, relies on some other qualities rather more than intelligence. To some extent, possessing it, let alone demonstrating it, is often regarded as a bit of a disadvantage.
@TRT that is genius. I look forward to telling someone their argument is hemidemibiscuit. And @ElReg can we have a quarter biscuit icon to indicate the same?
"Cant give exact folder names as i am currently sat on toilet" --- psychonaut
Am I the only one who thinks it's inconceivable that someone who knew all the foregoing could not RDP to his machine from the throne?
Emacs and LaTeX. Everything else sucks - often not just to use, but in terms of the ugliness of its output. It's only been the last few years of a what, two decade?, life that MS Word has been able to produce documents that aren't almost immediately identifiable as the ill-formatted output of the same.
"Why are such ideas so attractive to certain individuals" -- Jonathan Richards 1
Best answer I've seen (on FB recently) was that "conspiracy theories help dumb people feel they are smart"
"Is there not a program which conceals the encrypted message within a jpg or other image file?" -- Donchik.
Yes, there are several --- search "Steganography." More to the point, if you conceal it within an original creation of your own (i.e. there's no way to compare the picture to an 'original version' out on the web) you can post it publicly on Facebook, Tumblr or any number of well known places and, providing you have enough friends/watchers then they cannot even see to whom it is addressed.
If you're senior enough to be able to order redundancies, and you have stock in the company itself, isn't that almost insider trading? It's certainly a conflict of interest of some kind.
... but I know if it is found to suffer from a serious safety design flaw I am, to a greater or lesser extent, protected (viz. large numbers of recalls we have seen).
The problem with a closed source device such as a router, with a massive security hole in it, is that it seems to to fall between two stools: there's very little the user can do check that it is safe, or keep it so, and I'm not aware of anyone who has tried to enforce supplier or manufacturer liability. Not even in the UK, where I'm guessing the Sale of Goods Act should allow you to at least return the device to the retailer.
Perhaps the information required to manage such a device oneself (firmware unlock keys, source code, etc.) should be placed in escrow with consumer organisations so that it can be released if the manufacturer goes under (or just stops supplying updates). But I still think that the detection of certain malfeatures, such as a hardcoded backdoor, should be a matter of manufacturer liability.
"Negligence = duty + b[r]each + damage. Someone can sue as soon as they suffer damage" -- ThomH
Sure, that's what's required to prosecute the guys who fsck'd up the crypto ... but making the statement isn't negligent, it's dishonest. IANAL but surely there's another offence which covers making false claims about financial services? Doesn't seem to me that it would be acceptable to imply that your customers were adequately protected when they were not. Any actual lawyers got a view on this?
I'll pay the postage if you send it to me!
Someone, hopefully multiple someones including the budget holders, should face internal disciplinary action for the bad state of crypto. However, the person who made this statement "Customers visiting the Sainsbury’s Bank website can rest assured that they are protected at all times by multiple layers of online security" should be prosecuted; the statement is simply false, and they have hoped to have worded it in such a manner as to attempt to escape being caught in an outright lie. But the purpose of the statement, in the context of the established facts, is to deceive. And the purpose of that deception, at this moment in time, is to falsely reassure customers that their financial details are adequately protected.
If Sainsbury's or their PR department fancy suing me for libel, I'm happy to provide my details, and I look forward to hearing from them.
"Well then, where are all the games? No serious gamer would use a Linux desktop" -- Charles 9
No serious gamer would use a machine from PC world costing a few hundred quid either --- they're likely to be spending that (at least) on their graphics card(s). If that's out of your budget and you're still a serious gamer you are looking at self-build or buying from a specialist. Whilst I agree (and personally regret) that it's almost Windows or bust for headline games, these are not the kind of users that are being discussed here.
is a figure of speech, hopefully. There's a lot of flexibility here: you can "split a key" into n pieces and require m of them for decryption, without any loss of security. So you could, for instance, create 10 keys and distribute them round your family, but only require 4 of them to unlock your stuff.
"Not proper German.... try harder" -- petur
Hey, if we're being really pedantic, that's not a proper ellipsis!
"You also can't monitor a subject without their knowledge" -- Paul Hovnanian.
I disagree: sure, using 'hand-over-the-key-or-else' legislation does have that consequence. But keyloggers, key stealing, shoulder-surfing, bugging devices, etc. can all be used to monitor a subject who is using strong encryption without having to either attack the crypto or let the subject know that they are being watched. Endpoint compromise is effective against everything, even quantum crypto.
We need an audited, open-source, secure, traffic-analysis resistant system, impervious to blocking and denial of service.
This is problematic, because it would be of use to terrorists, but any remotely competent terrorist can do this stuff anyway and, as we have seen, they don't even have to: it seems they can be on everybody's watchlist, pretty much announce their intent publicly and still commit atrocities before being intercepted.
Such a system would kill, once and for all, the technically ignorant idea that all communication can be policed, as we would just say --- look, what's the point? Bad actors can always use System X.
"Is there a system in the wings?" -- T. occipitalis
Doesn't matter - the bad actors won't use it. If I can post random thoughts on Facebook I can communicate in code with any system of my choice without anyone apart from the recipient being aware of the hidden content. If I am allowed to post photographs I have taken, that content can be of quite significant size.
"Given that the UK authorities, at least, can demand keys from suspects why bother with SBDC"
Because you can't dragnet; That is the whole motivation here. Even with unbreakable encryption they can hit known targets through a variety of old school and technological measures; what they want to do is monitor everyone, all the time, just in case.
@asdf - apologies, I deleted my earlier comment because I thought I was being unnecessarily pedantic and I actually agreed with you. Unfortunately that then 'orphaned' your reply, apologies :-)
Brilliant idea, although might I suggest HSL rather than RGB --- it's a bit more sympathetic for conveying gradients
"Leaving choice aside, some people really don't have a distinguishing body part and it does seem unreasonable to assign them to an arbitrary category for administrative convenience." -- absolutely
There are 4 standard values for gender: male, female, unknown, unspecified and you've got to be able to support AT LEAST these 4. "experienced healthcare software designers" who are using Booleans should be taken out the back and shot --- IEC 5218 is forty years old this year FFS.
I think the seminal hit is sometime before the insertion of the babypod
My eldest son had a difficult birth. Some time after he was born, we received a baby gift of "relaxing womb sounds." The normally placid little chap reacted with considerable distress when the disc started to play, and settled only when it stopped.
Being a scientist, I had to try another couple of times to see if it happened again --- it did. Being a father, I wasn't going to do it more than thrice --- I didn't.
Now, I wouldn't normally want to infer something from a sample of three. However, might it be possible that some ill-timed music during foetal distress could result in a baby who would be distressed by such music?
On a related note, I'm now wondering whether my parents travelled back in time with some Kanye West tracks?
"Wouldn't it be much simpler to follow one from station to home after work?"
That would give you 1 address and would involve both more time and more risk. It's the same with a sexual predator following a young woman home, or an investment scammer following an older person home to see if they are likely to be asset-rich and income-poor (and a good target for an equity release scam). You'd still have more work to get a name and phone number (handy for "household surveys" where you can usually find out if someone lives alone --- especially if you have a handy conversation starter like registered political affiliation) but it's not going to be impossible.
What IS going to be impossible, though, is finding thousands of targets this way. Finding a wallet with someone's name, address and phone number is completely different to finding a DB with millions of addresses and phone numbers. Sometimes the scale of a quantitative difference is so large it is more effectively interpreted as a qualitative difference: my engineering inclinations would ordinarily, depending on the context, put that "switch" between about 3 and 6 orders of magnitude.
I presume the concern is that the voters did not necessarily give permission for this information to be given to anyone, without restriction -- or audit.
Privacy is not one dimensional: I really don't mind the UK secret services knowing what I use my VPN for, but it doesn't mean I want the council's parking control officer to know; I don't mind the latter knowing my address, but I don't want him to know my date of birth; etc.
There is also the issue of aggregation. Sometimes secrets that aren't even in the data can be given away by the data (e.g. a geographic clustering of security cleared people in a rural town). Databases which contain gender and D.o.B. information can be used to identify the locations of thousands of young women, for instance.
However, the key flaw in your argument is to assume that everyone else should be comfortable with your own personal privacy levels. I post here using my full name, but I don't expect everyone else to, and I'd be highly unimpressed with someone "outing" a fellow commentard who had used a handle or posted AC.
According to Reuters:
"The draft law, which could require technology firms to install "back doors" in products or hand over sensitive information such as encryption keys to the government, has also been criticised by some Western business groups.
U.S. President Barack Obama has said that he had raised concern about the law directly with Chinese President Xi Jinping."
I hope Mr President will be calling David CamJongUn to express his concerns about draft legislation proposed by Treasonous May.
What if I don't really want to have a laser focussed on me?