fg_swe • User • The Register Forums

Wednesday 16th August 2023 10:44 GMT fg_swe

Shared Cloud: Very Dangerous

Imagine your company "A" runs an accounting system on a Cloud Computer "CC". Everything very secure, properly patched, good security practices. Then there are companies "B" and "C" which have similar good security. Finally, there is Joe "J", who uses CC for throw-away computing experiments.

J runs an outdated version of Apache, which has exploitable bugs. He does not care, because for him it is an experimental system.

Then comes along "I", who is a criminal hacker who runs scripts to probe all IPv4 adresses for exploitable Apache instances. He finds Js Apache on CC. I can now insert an exploit which contains ZenBleed in order to undermine all of CC, including the VMs of A,B,C. I can read out ssh keys and get access to the processes of A,B,C. GAME OVER !

In other words, if you run a cloud system for anything business-critical, you should be very worried now.

0 1

Wednesday 16th August 2023 09:02 GMT fg_swe

Re: Transputer ?

Please see 26:30 of the video, where he speaks about Side Channels.

0 1

Wednesday 16th August 2023 08:49 GMT fg_swe

Practical Measure: Command RPI

Sysadmins should operate a separate, small RPI computer to log into valuable datacenter computers via ssh. This RPI must have JavaScript completely disabled. Cost is less than $300 for an RPI+Display and looks like a worthy investment.

Or maybe deinstall all browsers, PDF viewers, email clients and office packages from the Command Computer. Will definitely increase security.

0 1

Wednesday 16th August 2023 08:42 GMT fg_swe

Transputer ?

The idea of time-sharing a large CPU with lots of state(from register to caches) might be inherently insecure.

As Gernot Heiser states

https://www.youtube.com/watch?v=wJ96s3pNtI0

somewhere in his lectures(can't definitely find it), CPU state must be completely flushed(zero out caches and all types of registers !) if you want to have a secure time-shared CPU. There is no other way to be really sure if you want to provably deny side-channel attacks.

So maybe computers should evolve to the transputer concept of loosely coupled CPU cores ? One process, one CPU, one register set, one cache, no time sharing ?

Definitely, if you have an ssh key for a bank data center on your computer, the same computer should never run a JavaScript-enabled Browser !

Data Center and Cloud Computing based on the Time Sharing idea looks very questionable. The short term fix would be a move to many small machines, which can be easily rented out individually. There should be very fast interconnects between them.

0 1

Wednesday 16th August 2023 08:32 GMT fg_swe

Bullshit

Real-world data always has REDUNDANCY. This will allow heuristic algorithms to "fish out" secret information such as you Bank Account Number, your Banking PIN etc.

PLUS - if it is a crypto key, the attacker can simply brute-force with the collected "key candidates". Testing 1000000 potential keys is done in a few seconds.

In other words, your notion is badly wrong.

0 1

Tuesday 15th August 2023 08:48 GMT fg_swe

Just Stupid

As I wrote above, a very low power CPU/MCU (1W or even less) can do the required cipher(similar to MST). Using Davies-Myer, AES can also double as a Secure Hash code(as done in MST). So less than 2k Lines of C can provide a Secure Command Channel. The CPU can be powered down using a timer, or when battery is low and must first be recharged from solar cells. In power down mode, an IoT CPU will draw only a microWatt or so for the timer counter. There are plenty of IoT chips around, including those from STM and NXP.

No need for power-hungry and quantum-threatened Public Key ciphering. Program the key into the satellite when it is on the ground and from then on use this symmetric key via MST or similar.

Not encrypting at all is like letting your wallet lie on the pavement and going to sleep inside the house.

0 2

Monday 14th August 2023 14:22 GMT fg_swe

Secure HMAC

Of course, for HAM and other amateur satellites, Command Messages and Replies can be transmitted in clear, with only a secure HMAC. SHA256 will do the trick:

COMMAND_OR_REPLY ::= PLAINTEXT_COMMAND AES256(PRESHARED_KEY,SHA256(PLAINTEXT_COMMAND))

This is also "quantum secure", as AES256 has 256 bits of symmetric key, which is considered as hard as 128bit non-quant.

0 2

Monday 14th August 2023 12:35 GMT fg_swe

Re: Hire A Professional Cryptographer

If you need consulting in cryptologic matters, you can write an email and I will call you back: http://fgw.ddnss.de/ (Kontakte). Or just call me on the phone. I speak English, German and three words of French.

1 4

Sunday 13th August 2023 18:41 GMT fg_swe

Hire A Professional Cryptographer

The key problem of many industries is that they believe cipher and communications security can be done by each and every half-and-self trained guy.

A major car company had this trouble with their SMS-based door opener. Other car companies were/are in love with "keyless go", which is very hard to do securely(needs high resolution timers). Replay and Relay attack opportunities all around.

The banking industry had confidentiality, replay-safety and integrity solved at the year 2000. It took others until 2015 to achieve the same, because they were too cheap to hire experts.

TLS in practical implementations is a hell of insecurity too, but often sold as "industry standard". TLS saves people from thinking themselves. The entire idea of hybrid ciphers is not necessary nor useful for most applications.

2 2

Sunday 13th August 2023 18:27 GMT fg_swe

Re: What A Load of Nonsense

https://en.wikipedia.org/wiki/WokFi

1 1

Sunday 13th August 2023 18:25 GMT fg_swe

Re: What A Load of Nonsense

See also https://www.rfhamdesign.com/products/parabolicdishkit/45meterdishkit/index.php

0 1

Sunday 13th August 2023 18:09 GMT fg_swe

What A Load of Nonsense

1.) Secure Command Links can be realized in about 1500 LOC, including AES Locs. Been there, done that: https://github.com/DiplIngFrankGerlach/MST. It needs an ESP8266 or even less muscle do the job. MST has the same assurances as TLS/SSL, but without the Public Key cr4p.

2.) The "researcher" apparently surveyed amateur satellite projects. Not the $500 000 000 commercial or mil satellite.

3.) Of course "hackers" lack of a high gain directional antenna plus the other RF equipement is a "protection" of some sorts. Just never expect the Russians, the Norks or the Iranians to respect this "protection". I would venture to say that HAM radio guys could build this for much less than $10000. A bit of balsa wood, flexible metal grid (1mm opening), a bunch of RF transistors and some HAM RF instruments will do the trick. That antenna might last only a few weeks until the next storm, but it is good enough to send and receive to/from the sat. After the pwn, the antenna can be blown away...

6 1

Wednesday 26th July 2023 08:48 GMT fg_swe

Also

CINCOM does not clearly say how much they want for internally developed apps. The want to "discuss" this with you. And apparently they also use number of users or number of employees to calculate license fees for company-internal applications.

I would not be surprised to learn that they are more expensive than Oracle is.

(No, I am not financially related to Oracle !)

0 5

Wednesday 26th July 2023 08:42 GMT fg_swe

Compared to CINCOM

Cincom is the main developer-provider of serious Smalltalk IDEs and VMs. They demand $500 per dev per year and 6% of your product revenue.

Other pricing models of their products are in the $5000 to $10000 range one-time per developer.

https://comp.lang.smalltalk.narkive.com/jgCbTiWI/is-cincom-smalltalk-prohibitively-expensive-for-a-single-developer

So, Java is not expensive at all, compared to Smalltalk and DELPHI from Embarcadero. Depending on the situation, of course. A few ST devs in a large corporation *might* come cheaper than Java.

0 7

Wednesday 26th July 2023 08:24 GMT fg_swe

Calm Down, Folks

$3000 000 for a 45 000 employee-company is $66 per employee. How much is the average labour cost of an employee per year ? Surely 100x to 5000x more, wherever it matters. North Korea and Nigeria does not count.

Also, compared to a tool machine worker, $66 is a pittance. He stands in front of a $500 000 CNC tool machine, which is depreciated over 10 years.

We computer folks should really get a grip on economics.

The SUN freetard model has destroyed this company. It also destroyed BORLAND, who had a Pascal/Delphi business before the freetard Java model came along. Great job, SUN, you destroyed Borland and yourself by your stupid idealism.

Oracle provides tens of thousands of nicely paid, health insured jobs for software engineers. Where do we expect the money for that to come from ???

0 10

Wednesday 19th July 2023 10:48 GMT fg_swe

Debt/GDP Ratio

US debt must always be seen in comparison with Gross Domestic Product.

https://worldpopulationreview.com/country-rankings/countries-by-national-debt

Japan, Greece, Italy and most other nations are worse off on this quotient. Arguably, Japans meteoric rise 1960..1990 was due to massive credit expansion. The cost of this expansion is that many young Japanese men and women consider it financially impossible to have children. Credit was the bonfire where Japan burned its future.

Regarding children, Europe is not much better than Japan. Same with Russia. They build missiles and superyachts instead of raising children.

1 2

Wednesday 19th July 2023 10:32 GMT fg_swe

Dollar

I am now hearing for decades that the dollar implosion is imminent. At the same time, the Russian ruble actually did implode, the Belarus ruble adds a zero every three years or so. Other countries have severe problems of their own, including China's finance bubbles and rapid aging. Japan can´t make enough kids, either. Europe is a brittle bunch of idealists who will call in Uncle Sam instead of standing together. The Euro currency is a crazy subsidy/transfer system with a credit bubble of its own.

Africa only knows how to make children like rabbits.

India makes only minimal progress.

Arabs still mentally live in 800 A.D.

So with all the crazy stuff(denying the concept of mother and father, for example) ongoing in America, I fail to see the demise of the dollar. The Marxist-Americans will be exhaled like a bad joint and the rest of America is probably just fine.

1 1

Wednesday 19th July 2023 10:17 GMT fg_swe

NATO

Netherland operates as part of NATO+JP+SK+ANZAC. That's north of 700 million people.

0 1

Tuesday 18th July 2023 16:18 GMT fg_swe

"evidence that was quite clearly false."

There is a horror to realize and admit that the "money storage/creation systems" might be faulty. So many non-technical folks will simply declare banking technology "perfect" and look for "another explanation".

That is clearly irrational, see my other post.

Software engineers at Fujitsu should have called out the problems, but we must assume they were cowed into silence by their (often non-technical) superiors.

3 1

Tuesday 18th July 2023 12:59 GMT fg_swe

False

Each and every company can be held liable for the quality of their work. There is no way to totally absolve themselves based on T+C.

Having said that, Fujitsu could claim that there are absolutely no standards of finance software engineering. So they are "compliant with industry standards".

A capable judge would find them partially responsible and make them pay a serious fine+damages.

5 1

Tuesday 18th July 2023 12:44 GMT fg_swe

Proper Regulation Of Finance Information Technology

Unlike other industries such as automotive, aerospace, rail and medical, there seems to be a gaping hole in regulation in finance. Untrained engineers/programmers/coders can become project managers and senior engineers. Processes can be chosen at random, including a total lack of proper quality controls.

Compare that to the V-Model, ISO26261 and ASPICE mandated in the auto industry. ABS brakes actually work and so do electric/electronic steering systems.

So the short answer is: regulate the finance industry to use the V-Model and to certify at least one engineer on each project to know what that means. Financial oversight authorities must be able to inspect and check compliance to these rules. For example, there must be up-to-date, appropriate design documentation, unit tests, system tests. If a finance company fails to comply, there must be serious, progressive fines until technology deficits are eliminated.

Of course this requires competent public servants who had a career in software engineering. This means serious, competitive wages. A good software engineer costs as much as a colonel in the army or more. The cost of doing nothing will be much higher !

3 1

Friday 7th July 2023 13:32 GMT fg_swe

Well

There are surely hidden and overt groups who want to control as much as possible. There are political parties. Powerful commercial interests like the WEF. Armies, intelligence, police, unions, even firebrigades have some influence. Corporations who bribe journalists on a grand scale.

Then there are the cross-cutting ones like freemasons, churches, rotarians etc.

During the C scare, the power of commercial information operations was visible.

8 5

Friday 7th July 2023 12:59 GMT fg_swe

Internet Interoperability Without Central Censorship

+ Learn a bit of HTML

+ Learn how to run a WWW server, ideally on your own hardware. Post your ideas there.

+ Learn how to share HTTP URLs. Can be done on WA, Telegram, Twitter, FB and other Golden Cages.

+ Run your own file server in order to be protected from oligarch censorship and spying

Nobody said it is as convenient as eating an oily burger plus a liter of aromatized sugar water.

Grow up. Grow balls. Don't be a sheep.

3 27

Friday 7th July 2023 12:33 GMT fg_swe

One Man

One IP Address

One RPI server

One Web Server

One Vote

1 8

Friday 7th July 2023 12:31 GMT fg_swe

Centralized Information

BBC

DW

RFI

Globaltimes

Voice of America

RT

Prawda

NYT

All of them are beholden to powermongers. They can lie in synchronized fashion in order to enable wars in Iraq, in Syria or now in Ukraine. We clearly need LESS centralization.

6 17

Friday 7th July 2023 12:28 GMT fg_swe

NewSpeak: "Fragmented Internet"

The internet started out as a collection of thousands of independent, small servers and other endpoints. It developed into millions of independent servers, blogs, video sites, government propaganda outlets, some conspiracy sites plus the Mainframes called Google, Facebook, Amazon, Twitter and so on.

The Mainframes are in fact Golden Cages, where a small cabal of oligarchs censors as they please. During the C-Virus-Panic the oligarchy censored away critical, correct information such as the CDC VAERS results. They want Total Control of Information in order to protect their investments in various GigaScams.

But you know what ? We are NOT living in the soviet union and we should raise the middle one to this self-appointed Dollar Soviet. As much as we show it to other powermongers like the one who threatens nuclear war weekly.

The internet ins INTENDED to be fragmented !

5 18

Thursday 6th July 2023 09:34 GMT fg_swe

Yes, the 30%

As I wrote before, the other 30% of CVE bugs (as of 2023) must be taken care of: correct scanners, parsers, appropriate protocols, proper testing on all levels from unit to system. Appropriate system design. KISS. Static Error checkers. Fuzzing, Code Reviews, Bug Bountys.

It's called computer science because there are no simple solutions for all problems. But squash those 70%, so that engineers can focus on the other 30%.

0 1

Thursday 6th July 2023 09:29 GMT fg_swe

Re: GC - NO

That is what I said, if ARC is used for memory management, circular references must be cut by programmer. This is the only advantage of (mark+sweep style)GC.

ARC is semi-realtime capable, GC much less so.

0 1

Monday 3rd July 2023 12:27 GMT fg_swe

Unix And Valgrind

There are reports from first-time runs of Unix userland tools with the valgrind memory checker. It reported up lots of "unknown to this date" bugs.

In other words: memory programming errors are normal for humans. There should be a safety+security net to mitigate them.

2 1

Monday 3rd July 2023 12:22 GMT fg_swe

WRONG II

Your P- and D-discrimination will do nothing to stop an attacker to overwrite function pointers or virtual method tables.

0 2

Monday 3rd July 2023 12:18 GMT fg_swe

WRONG

See this simple example:

struct customer

{

char firstname[20];

char lastname[20];

char street[20];

char postcode[6];

char city[20];

unsigned long long creditlimit;

};

Now let's assume there is an automatic "account creation" web service. It will set the name and address as specified by the customer and automatically set the credit limit to 1000 Euros. Now what happens if an attacker enters a 40 character city ? It will overwrite the credit limit to something like 10^28 Euros.

Of course this is a contrived example, as banks will (hopefully) be diligent in input checking, but you can see that a lack of memory safety definitely is risky. It could also be the banks own programming error mistakenly overrwriting the creditlimit.

Separating code and data is a much weaker assurance than Memory Safety from the compiler+runtime.

1 3

Monday 3rd July 2023 12:10 GMT fg_swe

SPARK Ada

..is what you look for.

1 1

Monday 3rd July 2023 12:09 GMT fg_swe

Memory Errors: 70% of CVE

See this http://sappeur.ddnss.de/Sappeur_Cyber_Security.pdf

0 4

Monday 3rd July 2023 12:08 GMT fg_swe

ALGOL Mainframes

These machines are (mostly) implemented in memory safe Algol, including kernel code.

Maybe someone from Fujitsu/ICL or Burroughs could comment on the practical difference to Unix security ?

If I read Mr Hoare correctly, Algol memory safety was very useful.

0 3

Monday 3rd July 2023 12:04 GMT fg_swe

FALSE: Rust isn't the panacea

I have some experience creating http servers in both C++ and Sappeur. I can assure you the number of exceptions from memory safety in the Sappeur version is very small( "inline_cpp" 4).

http://gauss.ddnss.de/

There are about 60 "inline_cpp" in TCP.ai, System.ai and Math.ai, but those are "system libraries" which finally call the POSIX functions. These system libraries are supposed to be eventually "perfect" from a lot of re-use(read: debugging) in different projects.

So probably 90% of the gauss web server code is memory-safe. In my experience, this web server runs extremely stable(as compared to an equivalent C++ version). Of course it had deterministic crashes during development, but that is exactly what we want: immediate, localized crash upon programming error. No long-running, covert corruption of memory.

So, even if your code is "just 90% memory safe", it is a huge progress from "100% memory unsafe". Each and every method implemented in a memory-safe way is shoring up safety and security.

0 4

Monday 3rd July 2023 11:52 GMT fg_swe

No

It is very hard/impossible to reproduce the safety assurances of a proper memory safe language in hardware mechanisms. Also, it is NOT just about separating code and data, as function pointers and vtables are effectively a mix of both.

ARM tries to do some of this with their fat pointers, but it looks very expensive to me.

For example, in Sappeur you must declare multithreaded objects as such, in order to ensure automatic locking. How would you do this in hardware ?

1 4

Monday 3rd July 2023 11:49 GMT fg_swe

RAII

Can be used in Sappeur and Rust.

0 5

Monday 3rd July 2023 11:47 GMT fg_swe

GC - NO

There exist quite a few non-GC (mark+sweep) languages, which are memory-safe.

Rust, Swift, Sappeur (mine) to name a few.

It must be said that the software engineer must break circular references in non-GC languages or you have a memory leak(which is usually NOT exploitable for subversion, but for a DOS attack)

1 4

Monday 3rd July 2023 11:43 GMT fg_swe

Sir Tony Hoare on Index Errors

Listen to this

https://www.infoq.com/presentations/Null-References-The-Billion-Dollar-Mistake-Tony-Hoare/

and you will see that Index Errors are an OPP (Old Persistent Problem). The FORTRAN people had this decades ago.

We have index errors in C, C++, Java, C# programs today, we must assume.

Software engineer's understanding of their own "perfection" is wrong. Homo Sapiens is not a machine, but a highly capable, error-prone being.

Machines should be tolerant against human mistake as much as possible. C and C++ are good for Code Generators, because machines will eventually be "perfect".

We were already much better with memory-safe ALGOL, but C+Unix won out for cheapness.

2 1

Wednesday 5th July 2023 10:58 GMT fg_swe

Perfect Security

"must make sure their wares are 100% secure"

That is an impossible-to-achieve statement, especially given the complex "standards" to be implemented.

I suggest the public should demand reasonable measure such as input fuzzing, memory safe languages, proper documentation, proper testcases.

We already have this in auto, aerospace, medical, and railways. It is a totally different process than what most developers are accustomed to. Also totally different from a price-point POV. Would you be prepared to pay 3x more than you do now ?

0 1

Wednesday 5th July 2023 10:53 GMT fg_swe

All The Fun of C and C++

A memory safe language would have neutered this exploit.

http://sappeur.ddnss.de/Sappeur_Cyber_Security.pdf

0 2

Tuesday 4th July 2023 21:29 GMT fg_swe

Ocaml II

According to

https://ocaml.org/docs/first-hour

it is a two-headed beast which can also do imperative programming with mutable state ("variables"). So it is a kind of LISP married with Algol...

0 2

Tuesday 4th July 2023 20:53 GMT fg_swe

OCaml

So OCaml is not LISP, but shares all the hallmarks of LISP: functional programming, immutable state, garbage collection. All of that translates into inefficiency and a lack of realtime capabilities.

For some problems, functional programming is definitely the right solution, but not for others such as realtime control, realtime signals processing, realtime GUIs and the like. Also, GC typically requires 2x the memory of an ARC-based equivalent program.

0 2

Friday 23rd June 2023 11:31 GMT fg_swe

Nr 1 Right, Nr 2 Wrong

Indeed it is very dangerous to be dependent on a military-political adversary/enemy for your communications system. They can turn it off any time and only they have the expertise to turn it on again. Also they can and will use it as a spying and person-tracking system. A clear national security issue, given that the Chicoms can roam freely inside NATO.

Details regarding terminology here: https://www.bundeswehr.de/de/organisation/luftwaffe/team-luftwaffe-auf-uebung/rapid-pacific-teil-4-die-besuche

Mr Finck is wrong on AI machines, though: only trivial code can be properly coded by ChatGPT. All the tough problems still require meatsacks to do the heavy lifting. I asked ChatGPT to code an Enigma cipher machine and it failed spectacularly. Then there are AI controlled Tesla cars which crash into parked trucks...

4 1

Thursday 15th June 2023 07:01 GMT fg_swe

B0ll0cks

Maddie de Garay is a case of severe adverse effects which has been systematically suppressed, in order to achieve a faux "successful trial".

It demonstrates that our (NATO+SK+JP+ANZAC) world is highly corrupt in the highest layers. That does not mean Moscow and Beijing are better. The light seems to shine in Africa, where they already resist the Drug Oligarchs - for good reasons.

0 12

Wednesday 14th June 2023 08:57 GMT fg_swe

BIDEN And Garage Papers

I recall that BIDEN hat Top Secret papers stored in his garage. When will he show up in court ? If not, where is the fair application of justice ?

5 47

Wednesday 14th June 2023 08:54 GMT fg_swe

President And Classified Information

It is the job of the president to handle classified information in order to make proper decisions. He needs access to secret papers. Surely he should have been more careful and diligent. Is it part of your job to handle as much classified papers ?

Mr Trump must be held to the same standards as other presidents or secretaries, otherwise it stinks like a soviet political prosecution.

It looks like they are grasping for straws to avoid him running for president.

2 45

Wednesday 14th June 2023 08:49 GMT fg_swe

Substance

Given your substance-less reply, I would like to share this with you

https://rumble.com/vqwdp6-how-many-more-adverse-effects-have-been-covered-up-during-the-trials-maddie.html

Not sure who did this, was it Trump+Biden or just Biden ? We know Biden called the drug "safe".

2 42

Posts by fg_swe

Page:

Shared Cloud: Very Dangerous

Re: Transputer ?

Practical Measure: Command RPI

Transputer ?

Bullshit

Just Stupid

Secure HMAC

Re: Hire A Professional Cryptographer

Hire A Professional Cryptographer

Re: What A Load of Nonsense

Re: What A Load of Nonsense

What A Load of Nonsense

Also

Compared to CINCOM

Calm Down, Folks

Debt/GDP Ratio

Dollar

NATO

"evidence that was quite clearly false."

False

Proper Regulation Of Finance Information Technology

Well

Internet Interoperability Without Central Censorship

One Man

Centralized Information

NewSpeak: "Fragmented Internet"

Yes, the 30%

Re: GC - NO

Unix And Valgrind

WRONG II

WRONG

SPARK Ada

Memory Errors: 70% of CVE

ALGOL Mainframes

FALSE: Rust isn't the panacea

No

RAII

GC - NO

Sir Tony Hoare on Index Errors

Perfect Security

All The Fun of C and C++

Ocaml II

OCaml

Nr 1 Right, Nr 2 Wrong

B0ll0cks

BIDEN And Garage Papers

President And Classified Information

Substance

Page: