Posts by doublelayer

Re: "It controls the military completely"

Pronoun, antecedent identified incorrectly. -1 points.

"In China, the Communist Party runs the show. That makes tight control of the internet not only possible, but advantageous. 'It controls the military completely. It controls information networks. It controls political perception. It controls the media. It controls the economic design of the country,' Ghosh points out."

"It" does not refer to the state. "It" refers to the political party. A state's military should be part of the state, not of its ruling political party. Be careful with pronouns; they can lead you to incorrect conclusions.

Re: Explains why P2P networks are getting so popular

A network that only has a small number of participants on it because it's really difficult to get on it self-selects the population who is interested in anonymity and capable of using complex tech. All a dictatorship needs to do is identify the small set of people joining that network to have a wonderful list of dangerous elements who need some reeducation. Only if there is some way of hiding in the crowd can that be avoided. Your network which has high barriers to entry is harming you, to say nothing of how it makes any plans you have weaker. If a hundred cryptography experts agree that a protest is needed, it will mean a hundred dead cryptography experts. If a hundred thousand people, most of whom are not cryptography experts, agree because they're all able to coordinate, there's much more chance that something less deadly happens.

Unless you live very close to people, the hardware we have doesn't make it easy to participate in a mesh network. An ad hoc one in a crowd, sure. A long-term one which can be used to organize or find things, no. Worse, in a mesh network, you have lots of ways to interfere with it, either by disruption, impersonation, or surveillance. We should create a good standard mesh network protocol which has clients for existing hardware and has security and anonymity as primary goals, but it will still be of most use for short-term networks.

Re: Explains why P2P networks are getting so popular

How many of your immediate family members know what those things are? How many of your nontechnical friends? There are plenty of systems that exist to protect privacy, but you can't exactly claim victory unless those have been tested. For example, how easy would it be for a dictatorship to detect and block each of your suggested P2P systems? How easy to intercept and read them? And, perhaps most importantly, how hard would it be for a new user to join one without a helpful close friend giving them all the necessary things? If a repressive regime censors the software you need and you can't easily obtain it otherwise, you can have a very anonymous network and still not get anywhere.

Re: what if the net stopped being one big, connected thing?

And, as accurate as the sentences said were, they're not universally so. New laws and regulations restrict the freedom of big tech companies in democracies. In dictatorships, the only regulations are new "thou shalt do what we tell you to when we tell you to" ones. I want more privacy, but I have the freedom to evade corporations here and, depending on where I live, the freedom to sue them for privacy violations and win. I don't have that power in China, where the social credit score is not optional and your options for redress from the government primarily include paying a bunch of money to gain citizenship in a different country.

That's a good start, but you can also try to convince your current employer not to do things you don't want to do. If your current employer isn't someone you have an objection to, but they have started to consider doing business with someone you have an objection to, you have two options. You could quit immediately so you don't do something you object to, or you could go to your employer and suggest that they might want to consider changing their mind. If they do change their mind, you keep a job, they keep you employed by them, and everyone's avoided a negative. If a lot of your colleagues also object to the considered project, you in combination are more likely to convince the company not to do the objectionable thing.

This benefits you, obviously, since you don't have to look for a new job if your employer doesn't do what you want, but it also helps your employer. If everyone only operated on the "never work for people you object to but also never complain" principle, the company would likely sign the contract to work for the objectionable place, lose a bunch of employees, end up in a crisis, and have trouble. If they just don't sign the contract, the company is as fine as it was before and can find a less objectionable contract. No guarantee that they'll change their mind, but if you try to suggest that they do, it's possible it ends better. It can't really end worse, as even if they do nothing it's no different from your original plan.

Re: This confused me

"I never saw a clause in the (admittedly short) forms where secret information from another state was necessarily a UK secret."

That doesn't matter. The question that the judge needs to answer in this case is rather simple. Basically, if all this happened in or to the UK, would it be a crime. In full detail, if a guy broke into Ministry of Defense systems or published UK classified documents, would the UK consider it a crime? In that hypothetical case, the OSA would indicate that it was a crime. Since the action would have been criminal had the UK been the victim, the crime is worthy of extradition on the basis of dual criminality. It's not the only test that needs to pass before extradition succeeds, but it virtually always has to pass in order to do so. Just because it did pass doesn't mean that the real person could be charged under the OSA; only the hypothetical person who acted against a UK victim needs to be culpable for the test to pass.

The reason a hypothetical criminality test is used is that one country could pass a law making something illegal which another country hasn't done. Extradition in that scenario is usually refused. For example, consider the U.S.'s slavery legislation in the 1800s. The laws of the U.S. stated that it was legal to enslave people and it was illegal for a person who was enslaved to run away. Canada's laws said that it was not legal to enslave people. A person who managed to escape to Canada could therefore live in freedom because an extradition request would be denied; the act of leaving a position of slavery was not considered criminal in Canada, so they wouldn't be sent. Meanwhile, someone who escaped to Canada after murdering people would be extradited, because murder was considered a crime in both countries. Even if Canada couldn't charge the murderer because the victim was American, Canada would still consider the murder to have been a crime and sent the perpetrator to the location where the trial was allowed.

Re: pft

The OSA is not necessarily considered to cover secrets of other countries, though it could. The point is that it is a crime in the UK to release information of that nature, and thus that extradition is permitted on that basis. In most cases, to extradite a person, the crime of which they're accused must be a crime in the country they're physically in. If country A thinks something I did was illegal but country B does not, country B is unlikely to extradite me. If country B also thinks that's illegal, then I'm more likely to be extradited. That works whether or not country B could charge me for the crime.

Here's a simple example. Let's say that I go to the UK, rob a bank there, then flee to Germany. The robbery charge should happen in the UK. The Germans probably wouldn't charge me there for it, because the victim was located in the UK and I wasn't in Germany when I robbed it. Technically, my crime wasn't a thing for Germany. However, robbery is still a crime in Germany, so the extradition request would go through quickly, even though the victim wasn't German. In the same sense, the crimes that the U.S. allege are crimes in the UK, so the UK doesn't have to deny extradition for that reason.

I cannot reproduce that. Running the latest stable 84.0.1 here and about:config loads just fine after a warning page which I can suppress if I want to.

Re: Not Free

Private browsing and Tor are not defenses against JS. Only blocking JS is a defense against it. Depending on the level of worry, it isn't necessary to always do so, but let's quickly review what each of the defenses does and why they're not doing anything about the risk of dodgy JS.

A private window isolates the loaded page from certain data the browser holds. It prevents the server from getting cookies or other browsing data, and it prevents the loaded page from persistently storing that stuff. It doesn't do anything else. Cookies are a server-side tracking thing, not a JS tracking thing. Most fingerprinting techniques implemented with client-side scripts access information which isn't stored in the browser. For example, fingerprinting a device based on system state or capabilities. Blocking it from cookies won't do anything to prevent that.

Tor is even less a defense against client-side scripts, although if you're using it, you probably want to avoid JS too. Tor is a way to redirect traffic through a network of relays such that the place you contact doesn't know what you're looking at, the final site doesn't know who you are, and most observers don't know what you're doing. It protects data in transit, but it will protect that data equally well no matter what it is. Crucially, it does not protect data on a computer. If a script is part of a site, Tor will not prevent it being sent. If that script collects information from the system, Tor will not detect or prevent that collection. If the script contacts a remote server to upload the collected information, Tor will happily pass it through. Tor is a network-protection system, not an endpoint-protection system. If you want privacy enough, go ahead and use Tor and also disable scripting when possible; the former does not do the latter for you.

Re: Not Free

I agree with you about most autorefreshing pages. They're quite annoying when they don't need to refresh. Sometimes, however, it is important that they do so. If any application is written with dynamic information, it probably needs to update or at least warn people about the fact that it hasn't.

Consider a simple system I wrote for someone. There is a form for user requests which includes various details including the time when the request must be completed. The backend lists all known requests, sorted by time, color-coded for urgency, with a field for time remaining, and buttons to mark the request as in progress or resolved. This needs to update itself so that new requests are seen, urgency is updated, and multiple users can mark requests as resolved and have all the participants know about it. If it didn't stay updated, people might duplicate requests, ignore one which has become urgent but wasn't when the system originally loaded, etc. Now it doesn't have to be a website, but something this simple might be done that way just to make things easier.

Re: Folded content in raw HTML

Yes, this is a thing now. This makes it easier to do that particular example. What's worth keeping in mind is that this set of tags is rather new, and for many years, it wasn't available in plain HTML. For a similar reason, HTML5 can embed video really easily, but it still took a while for competing video embedding to die because HTML was so late to the party. JS used to fold or unfold sections will probably die eventually too, but it was necessary so long that it has taken over other things.

Re: Not Free

Sort of, but not really. With CSS scripting, it's possible to get a browser to collapse a section for you. However, it takes many lines of CSS and many sections for each collapsable area. Do it wrong and browsers will get lost. For example, one way I've seen it done will trip up anything automatic reading a page. That includes bots, which you might not care about, but also includes accessibility software. Don't care about that either? Depending on how it's done, it can also find its way into things if your user copies and pastes from the page or converts it to a PDF. Meanwhile, JS code that can collapse areas is really simple. Three lines of source at the top makes it available, and a single link or button can be dropped in to do the job.

Re: Not Free

JavaScript is really useful in some cases. Without it, pages can't do some things that users expect. Then, since the developers already learned JS so they could do those useful things, they try to write everything else in it too and create a monstrosity. That's the short version, but if you're interested, the slightly longer version is below.

Without JS, HTML is basic and static unless the user fills out a static form and submits it for a new page. A lot of the internet can work like that. News sites like this one, for example, really don't need much else. However, there are some things that aren't very complicated to implement but can't be done without scripting. A basic example is dynamically showing or hiding content. Having a button which allows a user to collapse or expand a region means that the page can have lots of things on it without requiring the user to scroll past irrelevant things, but HTML itself doesn't do that. JS can also provide basic data checking for forms, so it prevents users from submitting invalid forms all the time. And if you've ever used a table which can be sorted by clicking the column headers, that's JS doing the sorting*. Initial site developers wanted to do things like that, so JS took off. Later on, JS could also be used to keep a page updated even when data changed at the remote server without making the user refresh the page all the time. As you might imagine, users were pretty happy that they could have tabs open and see updates without having to remember to refresh them manually.

These uses for JavaScript are not necessary, but without them, some sites would be less organized and inconvenient to use. Users would prefer a control panel which is on a single page which can unfold sections when desired and updates dynamic information automatically over one which uses fifty subpages so the interface can fit on a screen and requires the user to refresh every five minutes. However, devs who knew how to do that started trying to do everything else in JS too. Why do the work of writing the HTML so that it at least renders when the JS doesn't run? They instead used someone else's library to do the rendering. The library, trying to be generic, was written in JS and writes most of the HTML when initialized. Without it, a framework page is all that's left. Or they realized that a JS page allows them to collect more information about how people view the page than a static one, so they include tracking scripts as well. It also allows them to embed things from other places by dumping in a convenient script; the other places are usually happy to do so because that gives them the ability to add in their own tracking. In a few quick years, JS had changed from something allowing a page to move around content to better serve the user to something slowing down every page and making it impossible to know or trust what was being done on the computer.

*Table sorting: Making the server reload an entire page just to sort a table is possible but rarely done.

Re: I'd be shocked if ...

And what would that have been? No matter what database server you use, the machine running it has to be turned on. There are two good solutions to this: a server in a place where you can't easily turn it off and a redundant server which can withstand one being turned off. Either approach costs money and causes extra complication. A standard small business has tons of single points of failure. The network connection to the office might get severed. Power to the office might fail. A water leak could force an evacuation. Someone might forget the key to unlock it while the person with the other key is off on holiday. Each and every one of these will borke the workflow more than a database going down, but somehow the database needs to be more resilient anyway?

Re: These developers seem to forget what some users want

I like Apple's software (some of the time), but let's be honest about it. The comment here is not honest.

"I kinda like how I have a device where I’m able to block third party ad servers comprehensively by default across all apps without having to sacrifice security or vendor support (for example)."

Implying that Apple makes this easier? They don't. I can do that on anything. On device or not. Android has firewall apps. Any desktop OS gives me a lot more control than either popular mobile OS. Apple doesn't even write that software, so why are you giving them credit for letting you run software that runs everywhere?

"I also like how I don’t have to give my card details out to every Tom, Dick and Harry and how I can see every subscription in one central list with the ability to cancel without losing immediate access for the rest of the period."

It's so terrible having to give payment details to people when you want to buy their thing with money. There are one-time credit card numbers you can use to ensure they can't charge you unexpectedly or lose data in a hack. I'm sure it's nice having everything in one place, but just because it's convenient for you probably doesn't justify to others paying Apple for the minor convenience when the heavy lifting is done by the developers.

"Do these greedy developers ever think that as a user, I might want centralised controls?"

Let me ask you a question. Why are the developers greedy? Because they don't want to pay Apple a big chunk of their revenues? When it's the developers who make the apps which make Apple phones valuable (some competing phone OSes received good reviews for OS design but failed to sell because apps weren't there)? The app developer writes the code, makes the content that makes the code useful, maintains the infrastructure that the app uses, all of that. Apple provides a place to download the app package. That's all. No, Apple can't claim that they're charging developers for all the work on IOS, because the users are paying for that when they buy IOS devices. The users get those advantages, not the devs; a new IOS feature doesn't help an app developer as much as it helps a user.

"Besides, people can say what they will about App Store practices, but their approach does have some serious advantages as a result of Apple pushing developers to use consistent development methodologies."

They don't really do that all that much. There are so many different frameworks in use to create IOS apps. Most of them are popular because they allow a GUI to be created once and run on IOS or Android. Apple doesn't prevent anyone from using those, nor has it done anything to improve them. An app can look nice or not as its developer likes, and it will get through review equally well.

The rest of your comment, talking about security, is pretty good. I think that's a fair area to give Apple credit. In almost all cases though, none of those security benefits come from restrictions on developers. IOS can get security updates equally well whether they let in an app that accepts payments or not. Mac OS can sandbox data on disk just fine if the apps get downloaded from the internet. I give credit for those admirable accomplishments to those who accomplished them: the OS developers. Not the App Store review team.

Re: Its about the money

However, that's not how breakups work. They don't say "You're a big company and you abused something, so we're going to bring in some wedges and break it into chunks along existing boundaries". Instead, they find the places where abuse occurred and break along those boundaries. Separating AWS from Amazon shopping would happen if, for instance, Amazon didn't agree to sell a product if it used a different cloud provider for its support system, but that's not how that went. The abuses that are most often used as ammunition are that Amazon's shopping system gives Amazon a bunch of data about other sellers which Amazon then uses to compete against those sellers. The boundary where the break would happen should a case on that basis succeed is the boundary between the Amazon store system and the part which makes products, including Amazon basics and a few other lines.

The same general rule applies with other breakups too. If Apple gets broken up, they're not going to make iPhone Inc and MacBook Inc. They'd make Apple the hardware and OS people and a separate App Store runner. Or maybe they'd leave Apple as it is, with App Store intact, but demand that others can also run stores. Or maybe they'd accept Apple's arguments about the single App Store being a feature but make them change rules and tactics that were abused before. If Facebook were broken up, it wouldn't be small social networks with subsets of the previous members. It would be into Facebook, Instagram, and WhatsApp as separate entities. It all depends on the argument being used to prove an anti-competitive abuse of market power; if the courts agree, the action taken is designed to stop and prevent the abuse in the argument.

Re: Idiot dev

"This is why Apple do not allow it. This is why they make it clear in the license."

I'm sorry, but they don't forbid a trial period. Here is a section of the article:

"The creator was told he had to roll out a payment system to make users input their credit card details before signing up for the trial period. There must also be a specific time limit to the pro version of the app, and once that period was over it must charge its customers money. To get out of it, users would have to explicitly cancel their subscription or else it would keep billing them."

This section outlines what Apple accepts. As you can see, it includes a trial period. Trials are not what they object to. What they appear to object to is that the user would have several chances at a trial. Perhaps instead it's that the app isn't using a subscription model which would earn them revenue. Either way, Apple doesn't seem to have a problem with the trial model as long as it only happens once and customers are enrolled into a subscription beforehand. The second part of that could easily be seen as self-serving.

You might not like trials in software which expire. If Apple forbade them, you might have a leg to stand on. They don't. In my opinion, there is no good excuse to forbid that anyway, but we don't have to have that hypothetical discussion, because that's not what happened.

Re: Sorting other people's stuff

Good advice. I can definitely recycle them if needed, and if it's old enough, I do so. The problem for me is the ones that are new enough that they'll run modern software (very well if it's Linux, but Windows 10 will work well enough until too many other programs are added) but old enough that the specs don't sound modern. I don't like to recycle something in such good working order until I've failed to find anyone to reuse them.

Re: Sorting other people's stuff

This is a very good thing to do when people want to get rid of things. Although it helps to have plans for how to deal with the machines afterward. I've recycled machines so often that the charity I used to donate them to has had to tell me that no, they don't want any more computers. It probably doesn't hurt that I've been maintaining the ones they have too so they're also lasting a lot longer. I need to find a new place that wants them. I've tried selling computers on occasion, which sometimes works, but the older ones don't always go as fast as I'd like.

"I'm not going to put the blame completely on the user for this one. Particularly if the user hadn't been allowed by management to move the modem, and by having IT show up and move it he actually got the problem resolved in a more durable fashion."

This strikes me as very unlikely. Sure, IT can be annoying about telling people not to do things ("No, you may not come into the server room and move the wires around even if you think you know that it will help", "No, you may not open the network cabinet and force a power cycle by pulling the power cable just because something sort of network-related isn't working and that works at home"), but I don't really think anyone in management would have a regulation about turning a box on your desk around. They might suggest you not do it in case it made things less organized, but it's not hard to do it anyway and claim an IT person did it. Also, I don't think anyone would notice or care.

Meanwhile, the call described in the article is a very stupid way to handle a hypothetical situation as you propose. If you want IT to confirm that the box can be turned around, it would be much more helpful to remember this and ask them when they're already there. Ranting at the IT person who is suggesting how to fix the problem just makes the caller look like a jerk. If I had been called out like that, I certainly would not have turned the box around; I'd have flipped the switch and left. Problem resolved for now. No reason for me to make things easier for someone who won't do what they've been told (correctly) will fix their problem, shown me profound disrespect, and didn't even think about the inconvenience of making someone come in a rainstorm to do something unnecessary.

I see the point, but I don't know if that matters all that much. A museum holding an original painting can at least show something beautiful to its patrons. A museum holding an original circuit board doesn't look very different from a museum holding a reproduction of the circuit board, which shouldn't be that hard to make. Better yet, a museum holding a reproduction of the circuit board in a glass case and an emulator of the running system next to it, perhaps running software from the time. That would probably be more interesting and educational to patrons.

It's even less necessary when the item is a bunch of papers that had engineering documentation on them. Most patrons won't want to read all of that anyway, and even if they did, are you going to post them all on the wall? I'm guessing we already have pretty good scans of those which can be published online (or if you insist next to the reproduction and emulator).

For now, they know:

1. The DNS queries for the specific domain and all the domains it pulls in. Until DoT or DoH, they'll keep having that.

2. The SNI requests which contain the domain name and the first page URL you request. If you type in a domain name, they get it and "/". If you click a link from a search engine, they get the whole thing. Until ESNI or one of the other suggestions takes effect, that will be available to them.

3. The destination IP. This may be a CDN, but not always. Plenty of people use a server dedicated to network requests which makes it obvious who runs it. Others will run multiple sites on a single server but not on all the other servers, meaning that only that server needs to be interrogated to figure out what the possibilities are.

4. The size and timing of requests. They probably don't go this far, but if they have a server to test, they can try certain likely pages until they identify the one requiring the right number of assets from the right locations. Sites that bring in images and scripts can fingerprint themselves in that way.

Re: "Fingerprints" is very vague and hand-wavery.

Of course false flags are possible. They're tried all the time. They can be fiendishly difficult when it comes to an attack on computer systems because you are dealing with lots of variables and you don't know what others know about you. It's been done before, but it usually gets figured out fast enough. For example, when the 2018 Olympic games were attacked, it was first believed that a North Korea-based group had done it. A few days later, it was actually discovered that the first clues pointing to North Korea were shallow and didn't stand the weight of investigation, and most likely Russia had done it and attempted to frame the North Koreans. Further investigation substantiated those theories to the extent possible without anyone taking credit.

Attribution is tricky, but there are people who put a lot of time into getting it right. They can recognize little techniques or snippets, trace through records of systems used, and make a pretty good hypothesis. When one person releases a preliminary report calling out someone, they could easily be wrong. When several places all agree on who it was, they likely know quite a bit and have done their homework. While they could be wrong and eventually they will be about something, they're often right.

Re: Infra-red

"The best thing about line-of-sight remote controls is that they don't upload your button presses to a server in California."

That's what you think. Unless you have a WiFi remote control, the thing that you have to worry about is the device receiving the commands from it. Nothing prevents a television relaying your IR remote commands any more than it's not prevented from sending commands sent over an RF protocol.

Re: Better computer cases?

That would work rather well as a listener. Even low-end devices can have enough storage to cache data sent to them over a workday. The open-source PineTime watch has 4.5 MB of flash, and the proof of concept can only transmit at 12.5 bytes/sec. That allows for four straight days of collection on a watch which can easily sync back as the attacker goes home. If you wanted to execute a plan like that, your idea is a good one.

However, it doesn't change the requirements. If you consistently work in the secure building and were able to install malware on the target computer, you can probably also go to the secure computer and make it do things. Especially so as you need to be very close to it for the transmission to be received by your sneaky watch. If you do have access, it might be easier just to make the computer disclose information a faster way, whether that's copying to media, converting to QR codes displayed on screen, or just bringing it up for you to peruse.