Posts by doublelayer

I don't think these are backdoors, the Chinese military is better than that, but let's look at a few possibilities in general.

If I want to embed a backdoor into something but not get caught, I have a few options. I could do the standard hard-coded credential backdoor. This has to go unnoticed by the public. If it is seen, it can be tracked to me depending on how much the company wants to protect me. A patch will be demanded to remove the credential, and after that's installed, I'm stuck. I might instead choose to use some libraries I know I can break into. I'd use the latest version with the vulnerability I want, and I'd probably leave a few different ones open. I'd make the access mechanism complex so people can't easily stumble on the way in, but this mechanism lets me have deniability because I can play the "incompetence and not malice" card. It also lets me patch one of my vulnerabilities and maybe get away with leaving another one open. It does take more programming skill to implement this well.

That's how backdoors work. The reason I don't think these are deliberate is because coding standards are so bad. If they were in the middle, I'd have some suspicion, but nobody needs openSSL from 1999 to get a backdoor and that's just calling attention to problems. However, there's one more thing to consider.

If you were the Chinese government, and you wanted a backdoor in Huawei equipment, and the company didn't already have one for you and wasn't planning one for you, what would you do? This would be my plan: I'd get a PLA programmer employed at Huawei. The person I chose would be very skilled and knowledgeable about the type of equipment. If possible, I'd train them on Huawei source code, to which I assume the Chinese government has easy access from a government contract or having broken Huawei's corporate security. This person would then insert some carefully crafted vulnerabilities into the code for the devices. Nobody will notice internally; they're letting obviously insecure libraries through. When libraries are updated, this code can remain for quite a while, being disguised by the unintentional vulns left in by poor coding. This would also be harder to detect because so much focus is being placed on understanding all the rest of the codebase that my relatively small addition can last a while without being questioned.

Re: AVG FREE ANTIVIRUS, I AM LOOKING AT YOU.

How about this one that happened to me just a few months ago. My father (he's not reading this, so I can safely call him nontechnical) wants to do something his laptop can't do right now. I find him a good piece of freeware (in this case true free software with code on github, score) that does that. Knowing how search engines work, I give him the address to type in over the phone, no fooling me. The site looks nice and clean, with only one link saying download, so all I have to do is get him to select the x64 instead of the x86 and we're done and I can show him how to use it. The problem is that I have an ad blocker and he doesn't. He clicked on a download link and installed the thing it auto-downloaded (fortunately not malware but definitely not the thing I had in mind). I got him to run a defender scan just in case and removed the unwanted application with extreme prejudice next time I was near. Ads allow people to infect good sites with their nastiness; this is why we need to block them.

Re: So EE can't now tell its customers to upgrade to a cheaper plan if they've opted out?

It's a marketing message. Even if it would be a thing I'm interested in, it's marketing. If I stopped you on the street today and said I was selling laptops for any piece of scrap paper (always assuming I was being honest), I'd be marketing to you even though you would probably see how many pieces of paper you could find in your bag. This is the deal with advertising. Sometimes, it actually tells people about things they decide they want. Sometimes, it is an annoying intrusion. Those two sets aren't necessarily mutually distinct. This is why we have things like opt out/in methods for customers to tell places whether they want to see the ads; I have opted in to some communications and opted out to others because I've decided what I want to see.

And there doesn't technically have to be. Firefox supports it, but you can use any DoH server you please by changing the config. I've suggested running a system-wide DoH client that performs requests for applications that communicate with it locally. However, I wouldn't expect Chrome to make this easy to change.

That's unlikely. If he was killed by someone else, they would have had to go to a lot of trouble to get the death ruled natural. His business partners and family members, those who are having property taken to make up the debt, would announce immediately if there were any suspicious parts of the death so they could delay or even prevent their property being seized under the theory that whoever was responsible for his death could also have stolen the money. Since they're not doing that, this leaves only two logical options: 1) he actually did die and you figure out the details that make that work or 2) he stole the money and faked the death, and the company either knows about it or have given up on being able to catch him.

While the first option is possible in that he could have lost the money through some other means and then died coincidentally, possibly aided by stress after losing all the money, the second option is a lot more logical, especially with the small number of large withdrawals as described.

Re: Yay!

I can't really agree with a zero and a 4 being the only models. The zero is great for its use cases as a controller for hardware, battery-powered machine, or headless WiFi device, but it's pretty much useless for everything else. It can't so easily be used for education because the price in getting its weird HDMI (that mini one that is between standard and the small one people decided to use) to connect to a school monitor and the USB OTG cable and hub to get input devices makes it more practical to just use the standard pi for that. The compute module helps people build stuff with the pi, which encourages open source development and helps support the foundation as well.

Re: Good reason

I can see only two times when a factory reset of a light bulb would be desirable. The first is when ownership over the bulb is about to be transferred. Given that we're talking about cheap light bulbs and not phones or computers, that seems relatively unlikely, although the app reset mechanism would work just fine in this scenario. The second and in my mind more likely situation is that the bulb is not working properly and does not respond to app commands to reset, resync, or reconfigure. In this case, the app can send out its code all it likes and the bulb might easily ignore the reset code because it's broken. The software needed to receive the code is more complex because it has to run the bluetooth receiver and properly decode the result. A simple program in the bootloader that responds to power on/off can run at a lower level, just as a physical reset button could. These options circumvent the problem of a software stack that might break too often. They also introduce the difficulty of flipping switches or removing bulbs from sockets. It's a game of tradeoffs.

Re: AI database

Alternate suggestion: don't store them at all. Not in Google's database, not in a normal personal database, not in your whatever-it-may-be database, nowhere.

Re: @Splurg The Barbarian - No, no, no, no, no!

But this requires a large amount of user buy-in. If a hundred users start spamming voice assistant things on average once a day, it will be nothing at all compared with the millions of users actually saying real things. Even if we scale it up to a thousand people and twenty times a day, it's still a drop in the bucket. That's one thing neural networks are useful for. We'd need a lot more junk data. If we try to automate it by recording specific things, they won't have to bother with the algorithm; they simply find the weirdest spikes in the data and delete that from the dataset, if they don't find the recording of "Alexa" or "OK Google" being used and program the units to stop recognizing it.

Re: So what is the blockchain for?

I believe this transcript I stole from Facebook will make the point of blockchain clear:

PR Exec [name redacted]: "We have heard some concerns about the privacy and integrity of our new currency. We'd first like to tell you how we're ensuring that money can't disappear from users' accounts. You may have heard of the revolutionary technology blockchain. This technology is used to ensure the integrity of data, like how much money each user has, even when those users don't necessarily trust one another. You don't have to trust us; the blockchain will keep people from doing anything at all to your data without your specific approval."

Extremely high-level executive [name redacted]: "How will you handle it if they notice you've not answered the privacy question?"

PR Exec: "Standard boiler plate, failing that I just threaten them with their blackmail file."

EHL Exec: "Oh, by the way, how much of the blockchain do we control?"

Tech Exec [name redacted]: "100%, sir."

EHL Exec: "So we could in fact delete all the money in about how long?"

Tech Exec: "It's a big button on the main page. Takes about two seconds to propagate. After all, we have a lot of money to spend on reliable systems for things that matter."

EHL Exec: "What if it goes down?"

Tech Exec: "That doesn't go down. It's not low-importance like all the rest of the services."

EHL Exec: "Well done. You can leave now."

[Sound of door opening and closing]

[Silence lasts eight seconds]

EHL Exec: [maniacal laughter, see recording] [Transcriber's note: If listening to recording, mental health services are recommended, contact transcriber for further details]

My family bought a smart TV, and quickly realized that they did not want any of its smart capabilities. It has been told to forget the network, the WiFi credentials were changed, and I added a firewall rule to block any packets coming from the TV's MAC address in case it has the smarts to read my mind and guess the new password. It has been relegated to a simple panel with an unused processor somewhere in it.

Re: Can someone tell me why Venmo is a thing?

As for why it's a thing, the various problems with cash have been noted. One could write checks, and that would work most of the time, except that people in general seem to dislike them and prefer paying by card. Venmo provides a method for people to use payment cards to pay individuals. Whether that's important depends on the local alternatives, but the success of Venmo even though it charges a small fee per transaction shows that it provides a service useful for some.

As for why it's public, I have no earthly idea. I didn't think that was the case. It seemed really stupid to me, with no perceivable benefit and requiring the Venmo people to spend a little time on a public interface for viewing them. No idea whatsoever who made that decision and what exactly is wrong with them.

Re: What's it Good For?

Nobody's arguing that it should be shut down. That'd be crazy. However, this site falls into a valley where on-device random number generation is insufficient and where this site would introduce security problems. There are probably a few places that need that degree of entropy, but many of them may have gotten a temperature, static (cosmic radiation), or even human-fed (times of typing or something like that) source. By all means use it if it's needed, but I doubt that people will be rushing out to do so en mass.

Re: Some weird comments on here...

I don't think it's a good thing. I wouldn't be eager to do it. Yet I'm a little proud that I have done it and succeeded. When I was first required to work that long, it felt very difficult. Knowing that I didn't fail under that stress is at least a bit positive, even if I don't want to repeat the experience. Thinking this also lets me take an unpleasant part of my history and use it to my benefit.

Re: Missing the point

"Surely it's up to the consumer/viewer to say "I've seen a video showing X said Y" and not "X said Y". Isn't "don't believe what you see on the internet" a thing still too?"

But that's not good enough. It's well and good if I know something's false, but if someone else believes it, I can still get hurt. Suppose someone is angry at me and makes a fake video of me plotting a crime. I clearly know it isn't true. However, I need my boss to know that as well so I keep a job. I need my neighbor to know that as well so they don't call the police on me. I'd prefer that my friends and family know that so I don't lose their company. When a lie believed by someone else can cause problems for others, it's not enough to say that people should just come to their own conclusions. If something can be done to support the objective truth (I'm not sure there is such a thing, but if), it should be considered quite strongly.

Re: EVERY SINGLE SEARCH RESULT was for a frigging VIDEO.

I doubt it. Reading will still be useful for things like signage or searching through things (skimming isn't so useful when being read to). It also allows reading more privately, as one has to have headphones to listen privately but just has to block their screen to read privately. In addition, it requires those with sight, the vast majority of people, to entirely change their workflow to stop using their primary sense. I wouldn't count on that happening.

Re: Scoff not

I would argue that two points are simultaneously correct:

point 1: IT people tend to be more dismissive of users than they should,

point 2: IT people have very good reasons to be dismissive of some users.

I've seen both sides, as I'm sure have most others reading these comments. I've seen the IT people who think they know a lot more than they do and think everyone else is an idiot. I've also seen the users who don't know anything and refuse to do anything these IT idiots have suggested. It can often be tempting to ignore one point by focusing excessively on another, but that doesn't help. If you lean to hard on the stupid users, you don't treat the large set of users who have problems, don't know how to solve them, and need and rely the help of IT to keep things going with the respect they deserve. If you lean to hard on IT having an arrogance problem, you end up trying to be nice as opposed to efficient. While the people who actually fall into the "stupid user" group might feel happier at the end, the people who really need IT's help probably aren't getting it. Once again, they lose.

Something should be done about users who waste the time of the IT people. IT people need to respect users more. I think this applies to pretty much every profession.

Re: "hybrid Android"

Me: "That [installing Google Play Services and other Google apps on non-Google Android] is difficult enough that most users won't know how"

Response: "It is exactly as difficult as installing any other Android application."

I beg to differ. For example, if one wants the Google components on Lineage OS, one has to download the open-gapps suite containing the wanted components and flash that via ADB. On most devices, the Lineage OS wiki specifically includes a warning that this must be done prior to the initial boot or some of the components won't work. That's easy enough to do for people who read this site, but your standard user doesn't want to connect their phone to their computer, tap through scary warning screens on a bootloader and type terminal commands. Yes, some Google apps can be downloaded in apk form and side-loaded, but the number that work without Google Play Services available is relatively small.

Re: SE no longer supported end of 2019

After Apple drops support for a phone for large OS updates, it won't receive major updates to Apple-written apps like Safari. However, it will usually receive at least one more security update and can still run most updates to apps, as the store will continue to function. Usually, apps will support the most recent three OS releases (although in the days of IOS 12 it's typically been four). In addition, as already mentioned here, the iPhone SE will be supported under IOS 13.

Re: iD10tic design decision.

I prefer that option. It lets me temporarily disable the screen for various reasons. For example, if I want my laptop to keep computing on something while I sleep nearby (for instance if I'm in a hotel), I don't have to see the lighted screen. I could configure it not to sleep when it's closed, but I like having that capability. A simple key press that turns off the screen can be useful. Of course, if that's going to be part of your typical operating procedure, you should ensure you know how to turn it back up, which in this case would be reseting the NVRAM (hold command, option, P, and R at boot time).

There are a lot of options for small computers. Depending on how much power and I/O is required, you have everything from a raspberry pi up to a NUC or the like. These people still seem to be around, and their machines have various features like multiple network ports and lots of expandability that might be useful. There are a lot of small Intel Atom-based computers modeled off the Intel Compute Stick as well, as long as a tiny Atom SOC will serve your purposes (usually, it will not be enough or a raspberry pi will be better value). The past few years have given us a lot of very nice options when form factor is an important issue.

Re: re: anarchism in action

I would say not at all. Linux clearly isn't for reasons stated above. GNU is a little less eager to describe themselves as dictators, but someone decides which version of the GNU-related code goes up on the website as the official glibc or utils or HURD kernel. That person has power to decide what they'll call the official GNU code, and the people who wrote a different version that didn't get used don't have that power. They can publish their version, of course, but that doesn't make it GNU approved. Because it is hard to define power, it's hard for anything to be anarchic. Power can at times be the ability to control some place, institution, activity, etc. I don't see any mechanism for ensuring everyone has equal control of every thing, physical or theoretical, in the universe. I'm not convinced I would want to try, either.

Re: A pretty simple concept really:

"On site, yes. Inside the computer room, no. At the very least they would need to be stored in a data-rated fireproof safe, and putting that inside the computer room itself would be monumentally stupid from a DR view and a waste of space anyway."

Why? I've seen many places where the safe was stored near the computer room, usually next door. The major reason for doing that was security--I.E. the computers and the backups were inside the same security area, and could be dealt with by the same team. The theory was that the safe would protect the tapes no matter where it was stored, and that there could be an additional security problem if tapes were stored in multiple areas and had to be moved frequently between those places.

"Even if they did that, there's always a moment that that safe is full and tapes have to be taken out and stored elsewhere. Or all sets of tapes can be kept in that safe."

This leads me to the next point, which is that this safe could be on-site storage only, with another person responsible for moving them, which brings us to:

me: "or someone else is responsible for moving it to wherever it is going."

Response: "Which again is just stupid, because you want to minimize access to restricted areas. Swapping the tapes in one go does that."

Yes, it does. However, there may be multiple roles. We have technician guy, whose job it is to move tapes around and ensure the systems have media to write the new backup to. We also have information security guy, whose job it is to make sure the tapes are brought to off-site storage or a separate on-site location securely. New tapes are brought to the technician to load into the machines as required, and the security guy comes when needed to remove the tapes after stuff has been written to them, possibly several hours or even days after they've been written. Technician guy is not allowed to leave with a potentially heavy box of tapes, because they could use that vulnerability to leave with something heavy that is not a box of tapes. Security guy is allowed to do this, because they installed or are trusted by whoever installed the security system. Technician guy could remove a box of tapes to make the weight the same, but they are not supposed to do that and could face penalties if they did, hence the problem mentioned in the post.

Re: Hire immediately

I'm inclined to be sympathetic and go with the hire option. The type of person who tries something like this and ends up breaking the system as a result is usually the type of curious person who will figure out how everything works and use that knowledge for good. However, I don't think I can do that because of two major problems:

The first problem is that he knew what would happen. If he ran his initial directory bomb long enough that he couldn't recover, that would be just fine and I'd think he should be hired. But he already knew that running this wouldn't help anything and wouldn't be self-limiting. Running it in parallel didn't really produce anything different--it just increased the amount of work needed to clear it up. That doesn't sound like curiosity to me. It sounds like pointless disruption.

The second point has already been made, which is that I'm a lot more likely to consider someone nicely when they've confessed. I've dealt with plenty of people who have done a lot of damage, realized that, and contacted me to give me all the information they have that will help me fix it. I really respect those people; I know that, if we have a problem later when we're working together, they won't hide things from me and they're not going to have some problem letting me help out. By extension, anyone who doesn't confess and leaves me to discover, diagnose, and clear up their problem after they've just left it there is going to find themselves lower on my to-be-hired list than anyone who has confessed or hasn't caused me a problem.