Posts by Adam 1

Re: Paranoid AF

How secure are we? Our key space is 374144419156711147060143317175368453031918731001856 times larger than that 88 bit key.

Also worth noting that enigma wasn't cracked by manually brute forcing on the 309485009821345068724781056 possible keys. At 100 billion guesses per second, this would take on average ~50 million years to search.

Rather they used some systemic weaknesses like how it wasn't possible for a character to encipher to itself, pattern analysis to guess how many teeth were on the cogs, tricking the originator into resending the same message with multiple keys, stealing codebooks when the opportunity arose, and automating the scanning of that substantially reduced possible key surface. The weakest link of course was and still is the meat sack not following process.

If I was $EvilGovernment$, I wouldn't even bother attacking AES directly. It doesn't have those weaknesses inherent to enigma. Much easier task to compromise the random number generator so that keys are poorly chosen, or even easier would be to exploit vulnerabilities in the system holding the keys, or trick those systems into revealing their key to an imposter.

Re: VW

So why the down votes? Peer reviewed journals use too many big words for you? Or have you got some paper showing how a fake CPU mark score is causing deaths? Both are wrong, but your moral compass is pretty screwed up if you can't understand why one is not a few orders of magnitude worse.

finally a proper use case for Blockchain

Having a distributed ledger that proves that the hash of the archived page has not been modified since collection could certainly add such trust. Of course it can only prove that WBM faithfully kept a copy of the same thing that was delivered to them originally. It cannot prove whether or not:

* WBM was served a custom version of the page different to what another visitor would see

* Whether any doctoring occurred between what was served and when that block was added to the chain

Re: Not el Reg

Took me longer to figure out what you were on about than I care to admit.

Re: "No homebrew" is NOT elitist

> I have DREAMT integer register programming.

You're only human. Don't beat yourself up.

Re: Doesn't this...

Yes. In the slip of paper where you have printed the AP name and the password for the day, you print the Uri that the guest must visit to sign in.

At the retail side, I personally think it's not too bad. They don't really swim in each others' pool, so merging isn't likely to reduce either mobile or ISP competition. TPGs more recent acquisitions of iinet etc would be more worrying than this.

The bigger questions for the ACCC or whatever other toothless tiger would be things like whether they should be permitted to hold whatever 5G frequencies as one company.

/IANAL etc etc

Re: Which machines, where?

They may well have reasonable physical security, but that is only one threat model, but only the most ridiculously poorly thought out attacks would seriously adjust voter intention on a particular way. There are much more effective ways, including

1. Suppressing small numbers of votes from polling booths that are known to lean to the unfavorable side and injecting votes in the booths which tend to vote toward the favourable side.

2. Adjusting votes to lower preference (in preferential systems) which may be enough to push someone over the required quota.

And you and I so far have only addressed the machine level attack vector. The data must be aggregated across thousands of polling booths. That means that these memory cartridges need to be transported. It also means some other opaque system then claims to read what is written to it. This is very hard to externally validate. Everything from the device driver through to the application code must be inspected. Then you have the build chain of those pieces of software. Can you prove that the code that you reviewed is the exact code that was compiled? This is hard enough without malicious actors trying to deliberately add some hole. Can you prove that the compiler itself doesn't inject malicious code even if you can inspect it? Can you prove that the version that you reviewed is the same as the version that was deployed during the actual count? Can you trust the output of the crypto libs in that machine to not lie about the hash of the deployed files?

These are a bunch of really hard problems. It is completely inappropriate to permit a counting tool to be used where the vendor won't permit full inspection.

> I still think that capital letters and special characters are more trouble then they're worth. I haven't trawled through any big password dump files, but I'd be willing to bet that the majority of number/special character requirements are fulfilled by adding a 1 and/or ! to the end of a "normal" or easily guessable password

So much true that hashcat even does this (and a=>@, l=>!, s=>5 style substitutions) and their permutations.

At the end of the day, size matters. A 12 character password consisting solely of lower case a-z has more entropy than an 8 character password consisting of any character (upper and lower), symbol, digit and whitespace.

Those in a position to influence password system design should consider flat out blacklisting terrible passwords. I'd personally consider integrating with pwnd passwords either directly or by just downloading the list and rolling your own.

Re: I learned something

I'm not sure who you're suggesting people go with. Apple store is also 30% (plus another call it 100pa for the account). At the low end of the market, paying 30c to Google or Apple for vetting, indexing, distribution and push of upgrades isn't too bad, but once you start hitting the the expensive apps, you can't really justify it.

If enough of these sorts of companies separately distribute their wares, the app stores will smarten up.

Re: What time is it now?

@Phil, whilst I don't know you from a bar of soap, you can't be much worse than those on offer. Whilst JB might be ok in the job, she lacks a penis so they won't promote her.

Re: Obviously, their code 'Review and Approval' processes need some work...

> The article notes the code was formally verified. What does that say?

That it is a hard problem that even a reviewer or 10 can miss.

Imagine an ancient city under seige. The defender must cut off each and every attack against their stronghold. Be they through the city gates, over the walls, under the walls, earthworks outside to cause a collapse in those walls, every vector, every time. If they fail once, the city is at risk of capture.

Now imagine the attacking army. They get to choose how to attack. Whether to try and sneak one person through to sabotage the defences, or whether to block off the water supply and wait for surrender. They may notice a piece of wall that is not visible from the defensive ramparts to start digging or climbing. They may observe a pattern of those sentry guards and learn when they have 30 minutes of time.

That's the equation here too. One step wrong and you are exposed. If it's not a timing attack then it could be some other vector to act as an oracle. It's serious, sure. But let's be realistic.

Re: SuperProf

Maybe they should get one of their "star" tutors.

Re: Bloom filters

> the more elements that are added to the set, the larger the probability of false positives

Yes, it is mathematics, not magic. The laws in information theory are not violated. The probability of false positives can also be lowered by using a bigger file. It's a bang for your buck argument.

And if you keep reading that Wikipedia page, you'll read about how Google Chrome uses this exact technique to flag pages as malicious.

You need to remember that larger is a comparator, not an absolute size. In the same way that 0.0000033% chance is larger than 0.0000032%, but both are still rather unlikely.

Maybe it would help to understand if you substitute USA where you see Australia and, geez, pick any law, but let's go with DMCA, or EU and GDPR.

Our collective Muppets-in-charge can not get their head around the limits of their legislative powers.

You can ignore this unless:

(a) you planning to visit our fine shores; or

(b) you starting up a local company presence; or

(c) Some trade agreement where your own country has agreed to limit you in this area; or

(d) Your customer is subject to these laws and requires that you agree to the technical assistance measures to the extent that your law permits you to. (You are of course free to not accept such customers).

TL;DR, if you're the cow on the hill, feel free to ignore Yertle bellowing from the pond.

So your handle is quite applicable.

Sounds like you need to take more care next time you "send and e-mail" from the CEO.

Re: Note to self

No point if the laws of mathematics don't apply. On a serious note, do this as there are already metadata retention laws in place.

/Posted from, oooh, let's go Azerbaijan, today.

Re: WhatsApp or Signal protocol?

Why down votes for AC on a reasonable question? Signal users are indeed very interested given that WhatsApp uses the same end to end encryption protocol.

<PedantHat>

There is no need to worry that an attacker can manipulate encrypted data. This is always a possibility and is logically unpreventable (at least outside of quantum cryptography). The concerning thing is if they can do so with more than a decimal point of an astronomically small number percentage chance of detection by the receiver.

</PedantHat>

Re: But we're not going to tell you..

No-one is going to get better performance out of it. They've admitted that they will use it to cut the pie into smaller pieces rather than give users more bandwidth. Sorry, how did they put it? "double the capacity".

Re: Where does it end?

No no no. Who's on first!

Re: Ah, but

> my first harddrive was eighty whole megabytes, that's room for almost eighty floppy disks

Well lah-de-dar. Look at me and my multi megabyte scale storage nodes. We had it tough. We had to store our data on a tape using an unwound paperclip and a steady hand, magnetised by rubbing your feet on the back of a cat. But we were 'appy back then.

We can't afford one sorry. We're too busy pulling down perfectly adequate stadiums and rebuilding ones with practically the same capacity. And let's not even get started on the powerhouse.

Re: what the fuck does PC LOAD LETTER mean?

Reminds me of Dennis Denuto* (Language warning)

*We've all been there Dennis

Re: 'Don't route the messenger'

> the US is about 40x the size of the UK.

Cough* Down here we have a cattle farm that is bigger than Wales.

Re: shit code in C# every day

> That's the reason why there could be also some Pascal-ish echoes in his later works.

That might have more to do with Anders being the original author of Turbo Pascal and chief architect at Borland for Delphi than any J++ similarity.

Re: 16MB?

> boss went WFW -> ME -> Vista - > 8.x

Sorry to hear. No-one deserves that.

Re: Not in IT...

> surely you could just configure the linker to look in that location

Why yes you could, however that isn't the problem being solved by a library. A linker is a compile time process. It's the thing that grabs all the compiled objects and bundles them into an executable or library.

A library is something that allows you to load a library at runtime. As long as the interfaces are compatible, it means you can upgrade or replace one component without touching anything else. Symlinks allow you to install side by side versions of the same library without "DLL hell". (Different applications on a given system may require different versions of the same libraries to function. This often happens when you have a legacy application linked to an older version of a third party library together with a newer version which uses some bells and whistles not available in the old version.)

Re: They Live....

> Even if LCD does inherently produce polarised light, it doesn't stop the manufacturer turning the display 90 degrees.

That's true, but I agree with the vehicle manufacturers that a sideways mounted LCD screen is going to look a bit out of place when all the other switch gear is mounted in the upright orientation.

/Ah, my lab coat

Re: Health Records, ok to a degree

> not some bank to assess my credit abilities because I may be too sick to pay for something

The legislators seem quite asleep at the wheel on this point. They believe that they've sorted this out with $BIGFINE$. This does not address the actual threat model.

A sufficiently big fine may have been an effective in 1983, but that assumes that they can

(1) catch them in the act, and

(2) prove that they were aware of the data misuse.

In case you are scratching your head about 2, let me outline some possibilities.

The data may be stolen in bulk via direct hack, or maybe like the publication quoted in the article, it gets accidently published (irony meter going off the scale). We have seen other government departments misconfigure their websites, resulting in the accidental leak sensitive data on asylum seekers.

Or perhaps an insider may manage to exfiltrate the data Snowdon style. It would be a courageous decision to believe that it couldn't happen.

Next step is that this data is purchased by a data aggregation company not based here. We are talking about companies paid to aggregate disparate data sources for AI training sets. That data is purchased by other aggregators, rolled together and sold on to yet others until it arrives in a company who specialises in using AI/Big data to provide risk assessment as a service to retail insurers. The retailers are at arm's length to the shadier side of the data collection. Even the risk assessment as a service don't realise that their AI training data is polluted by data obtained by questionable means. Definitely a case of don't ask don't tell.

Your AMPs of the world won't be pulling out your discussion notes from your counselor or your MRI from a decade ago. They'll just get a number out that'll be your risk band where all this is factored in. This will affect your ability to get insurance products. Computer says no. Computer says add exclusion. Computer says big loading for that inclusion.

And before anyone points out how you can investigate supply chains, remember it was only recently that Andrew Forrest discovered slavery in his supply chain. He claimed to be horrified and to have sorted it out immediately. I personally believe him. Supply chains are hard to assert. Even harder when you develop an AI that is trained to pick the datasets dynamically based on continuous "how well did it predict last week". They literally won't know why they've rejected you. Any authority charged with policing that the companies haven't misused the health data has zero chance of detecting it.

Re: Yay... maybe?

Anyone who is in that network path can inject, modify or suppress any of the page resources. This includes injecting coinhive.js or worse. This includes "free WiFi hotspots", and probably any hotel or airline you've ever flown. Even a major US ISP was fiddling with some headers at one point. These modifications cannot be made to a HTTPS stream unless you can convince a CA to sign your public key.

I'm not saying HTTPS is a panacea for all security ills, but I fail to see what is controversial about calling HTTP "Not Secure". It is after all, a long game of "Chinese Whispers" with no capacity to assert that what you see is what the server served or what the server sees is what you sent.

Re: No worries, its all good, nothing to see here....

You might as well add the 37 no sorry we mean 78 million left pondian Anthem Healthcare sods whose records were stolen by hackers in 2015. But don't worry. We have big penalties.