Source: www.schneier.com – Author: Bruce Schneier
Friday Squid Blogging: New Species of Squid Discovered
A new species of squid was discovered, along with about a hundred other species.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Tags: squid
Comments
vas pup •
Senate Select Intelligence Committee Hearing on Global Threats
Director of National Intelligence Avril Haines, CIA Director Bill Burns, and FBI Director Christopher Wray joined other leaders from the intelligence community to testify before the Senate Select Intelligence Committee
h ttps://www.c-span.org/video/?534027-1/senate-select-intelligence-committee-hearing-global-threats&live=
vas pup •
Nvidia: US tech giant unveils latest artificial intelligence chip
https://www.bbc.com/news/business-68603198
“Nvidia has unveiled its latest artificial intelligence (AI) chip which it says can do some tasks 30 times faster than its predecessor.
The firm has an 80% market share and hopes to cement its dominance.
In addition to the B200 “Blackwell” chip, its chief executive Jensen Huang detailed a new set of software tools at its annual developer conference.
Nvidia is the third-most valuable company in the US, behind only Microsoft and Apple.
Nvidia said major customers including Amazon, Google, Microsoft and OpenAI are
expected to use the firm’s new flagship chip in cloud-computing services and for their own AI offerings.
It also said the new software tools, called microservices, improve system
efficiency to make it easier for a business to incorporate an AI model into its work.
Other announcements include a new line of chips for cars which can run chatbots
inside the vehicle. The company said Chinese electric vehicle makers BYD and
Xpeng would both use its new chips.”
Q: What about US manufactures of EV?
Anonymous •
‘Mass surveillance’ fears over law change plans
https://www.bbc.com/news/technology-68625232
“The UK tech industry has deep concerns over government plans to amend a law dubbed a “snooper’s charter”.
Ministers insist their changes to the Investigatory Powers Act is intended to keep UK citizens safe.
But, in a statement, trade body techUK said the changes were neither balanced nor proportionate. It warns that citizens’ privacy, security and safety could be put at risk.
The act currently allows the intelligence agencies to access large amounts of data, including from electronic devices.
It also gives them the power to access messages and listen in to phone calls, and requires internet service providers to keep data about their customers’ internet browsing for one year.
This data is accessible to the police, to some government departments and some emergency services.
The proposed amendments would require messaging platforms to inform the Home Office about security updates before they are released – this applies to any firm with UK customers even if the business is not based here.
It also introduces a new category of “less sensitive data” although critics say this does not have a clear definition.
TechUK and the others says the legislation is being “rushed” and has not had “proper scrutiny.” Their statement outlines a series of concerns, saying the amendments would:
Weaken safeguards when intelligence services collect bulk datasets, potentially enabling the harvesting of millions of facial images and social media data
>Expand the range of politicians who can authorize the surveillance of parliamentarians*
>Impede companies’ ability to advance the data protection efforts expected by users, governments and regulators globally
>Make the UK the “weak link” in the chain of global online security.”
I mark by * how I think it should be.
1. Search, surveillance and/or arrest warrant for former US President, acting Federal Senator or Member of Congress, Members of Cabinet, Governors and Lt. Governors of any US State should be granted by NOT Magistrate Judge – low level judicial official not went through approval by Senate but by Federal District Judge or even better three of them.
Surveillance by FISA as well.
2.Request for all above should signed and approved by Deputy AG not less to provide protection against abuse of legal system for political purpose and high level of protection of top officials.
Just opinion. Nobody is going to listen anyway until become personal victim of abuse… That is reality when logic is not in charge and reactive modus operandi prevail proactive.
Clive Robinson •
@ JM, ALL
“A rather dystopian news item that I saw recently is related to huge stainless steel doors being installed federal buildings.”
Has a regional blocker on it, so is not visible where I am, so I’ll have to make some assumptions.
Like they are note painted or coated in any way, otherwise, why use stainless steel…
So with regards,
“My mind immediately goes to the idea that these will likely be defeated in some simple and unexpected way, possibly disallowing them to open”
I will note that when I was younger I used to “spot welded” stainless steel contact straps with a “car battery”. Modern LiPo’s are a quarter the weight and around ten times the “short current” available.
I’ve not had reason to try it in quite some time, but you can by “screw strap” for construction work quite inexpensively. It’s a steel tape with regular screw holes in, you cut into lengths with cutting shears, you screw it across cracks and gaps to reduce or stop movement before putting up plaster or plaster board etc.
I suspect that it will “spot weld” as easily now as it did in the past.
The thing about “spot welding” is unlike arc welding it is an almost “quiet process”. It makes little or no noise and does not create blinding light or other sparks etc so obvious PPE “safety clothing” etc is not a necessity.
Also you could “drag graffiti” in a similar way… Stainless steel is usually fairly easy to clean paint and similar off… But dragging a high current probe tip across it will “burn in a message” that can not be washed off. And even if you “grind it down” it will still leave visible marks as the light will not reflect in the same way (it’s some what similar to criminals trying to grind off gun serial numbers, if you know what acid to apply the numbers become visible again because the impression goes down into the metal).
Oh and “stainless steel” is not truly stainless, as I’ve mentioned before that some chemical salts used in etching “Printed Circuit Boards”(PCBs) will turn the bright shine to dull black quite easily so don’t pour such chemicals down the kitchen sink or drip on surfaces around cook tops etc (there are reasons sinks in chemistry labs are still made of vitreous glazed porcelain, heavy earthenware, or similar).
ResearcherZero •
Side-channel in Apple’s M-series allows for extraction of keys. DMP cannot be disabled on M1 and M2.
‘https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/
The data memory-dependent prefetcher (DMP) activates data loaded from memory that “looks like” a pointer…
‘https://gofetch.fail/files/gofetch.pdf
–
You may want to disconnect your TV from the internet, disable it’s WiFi and Bluetooth.
‘https://www.forbes.com/sites/thomasbrewster/2024/03/22/feds-ordered-google-to-unmask-certain-youtube-users-critics-say-its-terrifying/
–
Walmart also bought Vizio to tap it’s ad platform.
‘https://www.pcmag.com/how-to/how-to-stop-smart-tvs-from-snooping-on-you
Smart TVs are often the most vulnerable devices. (and may contain passwords)
‘https://www.bitdefender.com/files/News/CaseStudies/study/429/2023-IoT-Security-Landscape-Report.pdf
TVs often have out of date firmware. Turn on automatic updates, or manually update using a USB device by downloading the firmware from the manufacturers support website.
To update TV firmware manually, the firmware may need to be extracted into a folder with a specific folder name for the manufacturer. LG uses LG_DTV for example.
At least put some black tape over TV cameras if you don’t want to disconnect your TVs from the internet. (you cannot turn off all of the snooping)
https://www.consumerreports.org/electronics/privacy/how-to-turn-off-smart-tv-snooping-features-a4840102036/
RickRoll a TV
‘https://github.com/yunuscadirci/DIALStranger
CVE-2021-0889 (RCE) creep up and silently pair a TV without it displaying a prompt.
https://www.bleepingcomputer.com/news/security/android-november-patch-fixes-actively-exploited-kernel-bug/
lurker •
@Clive Robinson
re. regional blockers
See what Brexit can do for you? Try this one:
‘https://www.portlandtribune.com/news/massive-stainless-steel-security-doors-being-installed-at-portland-u-s-courthouse/article_b642b1ce-e6c8-11ee-80e6-6748b3734ca5.html
I would try the electric etch graffiti as a first attempt, but after the first one I see 24hr armed patrols.
Then I ask, what is it they are afraid of, or protecting against? Surely there must be cheaper social methods of reducing this risk.
ResearcherZero •
A dinner invitation from the SVR, disguised as an email from the CDU, with links to ‘waterforvoiceless’, delivers a payload along with an invite.
In addition to compromising political parties for policymaking insights, Cozy Bear may also try to use their access to infect downstream cloud providers and their customers.
The invitations arrived ahead of elections and targeted politicians.
‘https://cyberscoop.com/cozy-bear-russia-spearphishing-germany/
Clive Robinson •
@ ResearchZero, Bruce, SpaceLifeForm, ALL,
Re : The Xmas gift that keeps giving.
“Side-channel in Apple’s M-series allows for extraction of keys. DMP cannot be disabled on M1 and M2.”
Oh and it’s not just Apple’s chips, it’s the latest 13th Gen Intel chips as well…
Speaking of Intel, how long is it since Meltdown was found? Getting on for seven years[1]…
Back when the news broke I predicted on this blog that this sort of “go faster stripe” logic faults would continue to be found for half a decade or so and named it “The Xmas gift that keeps giving”. Well at now well gone six years that first mile stone has been cleared and it’s still giving…
But the fact that such logic errors are still being made in what are effectively totally post Meltdown chip designs should concern people.
It means, one of only a few things, is true,
1, They have not learned the Meltdown and Spectre lessons.
2, They do not understand the issues behind race conditions and similar that can become visible time based side channels.
3, For reasons of “Spec-manship” they don’t care about customer security.
My money has moved with time down that list to the “Spec-manship” / “don’t care” as the most likely reason[2] (yup have a good think on that implication especially as both Microsoft and Google are moving to the “Force them on-line” OS model so they can effectively “suck your brains out”.
But further consider these high end chips are appearing in “Electric Vehicles”(EV’s) further up than the “base level” in current cars. At a level where Internet and other insecure Communications connectivity happens again “as a requirement”. But the consumer vehicle internal connection bus is one and the same wire and all systems are connected to it.
In the past I’ve explained why the likes of “Data diodes” and “Data sluices” are very definitely not “One Way” due to “Error and exception” handling moving not “Left to Right” as most programmers assume data flow is, but actually “Right to Left” and how systems are very “transparent” to this “back channel” so external systems can “reach back” into the most security sensitive thus supposedly most secure parts of a system.
Thus I suspect issues based around this will happen in the next half to full decade.
Any one want to bet the price of a beer I’m wrong in this prediction?
Also I’m waiting to see academic papers on side channel exploitation of AI LLM and ML systems for various reasons[3] they will be particularly prone to them, even “over the wire” used for user communications.
We’ve had a close one with a form of “Time based Prompt Attack” but not quite where I expect it to get.
So prediction number two I expect to see them starting in the next 12months.
[1] Meltdown was on Intel chips and although made public in early Jan 2018, it was kept secret by Intel’s lawyers and executives for over six months. During which Intel’s peak annual “Xmas prezzie” sales happened and a senior Intel executive sold their shares at a much higher value than they were worth after the announcement (but apparently SEC decided it was not “insider trading”…).
https://en.m.wikipedia.org/wiki/Meltdown_(security_vulnerability)
After Meltdown was made public so were similar problems found on ARM and AMD chips. In the case of AMD it was in a different area of the CPU and thus called “Spectre”,
https://en.m.wikipedia.org/wiki/Spectre_(security_vulnerability)
[2] An interesting thought to consider, Nvidia is now the third most valuable “tech-stock” in the US in part because they have the fastest AI chips there are[3]. As these logic insecurities are all effectively due to “go faster stripes” what are the odds that all Nvidia high end chips have them? Especially the just announced “Upto 30 times faster” BL200 “Blackwell” chips,
https://www.bbc.co.uk/news/business-68603198
But also those chips for “Electric Vehicles” ChatBots, anyone want to predict what would happen with a security busting side channel could do in the EV systems built around them that you are doing 80kph or more towards a freeway bridge in?
[3] As I’ve mentioned befor AI LLM systems and even the AI ML systems are effectively DSP algorithm based systems. As such they would normally be considered “constant time algorithms” thus not suffering from or having very little side channel leakage. Unfortunately they are not true constant time, the timing is dependent mainly on the user query and in part on a stochastic source.
The stochastic source however does not really effect the “constant time” but the user query very definitely does both on the input and the output of the query and it will be “visible on the wire”. This makes both much much easier to sperate and pull out in analysis of both LLM and ML systems because the otherwise constant time makes synchronisation way way easier.
I’ve yet to see any academic papers on this security aspect of LLM and ML systems, if anyone knows of one I’d be interested in seeing a link.
Clive Robinson •
@ lurker,
Re : EU and EEU has them to scared to play.
“See what Brexit can do for you? Try this one:”
Nagh it brings up a for EU and EEU no access message page.
Maybe some one should start an open access database of all such sites…
After all what have they to worry about?
Unless of course they are “data r4ping” people who visit their site to make just a few cents via very very unsavoury advertising and data broker agencies…
But,
“Hey that’s the American way”
“Sell your readers every day”
“To earn a Shekel just to pay”
“Shareholders who run away”
“When regulators start to bay.”
“The corporate executives say”
“This is essential don’t be fay”
“On us vast bonuses they do lay”
“So your privacy we must flay”
“Or you should just go away.”
lurker •
@Clive Robinson
Well, I did note another link, but for me msn always gives a local news page and the search box on that page will not look for any overseas news …
‘https://www.msn.com/en-us/news/us/massive-stainless-steel-security-doors-to-be-installed-at-portland-us-courthouse/ar-BB1kfEvf
But the portlandtribune link I posted above had a set of five photos, inside and out during construction, perfect recce …
Clive Robinson •
@ fib, ALL
Re : Solar storm on it’s way.
“AR3615 did unleash a solar flare, as we commented earlier in the week. A possible CME is being investigated.”
Two questions,
1, Will there be a geomagnetic storm on earth?
2, If so is it going to be a problem for electronics?
The answer to the first is very probably yes in about two days time. Which is sufficient time to take precautions should they be necessary…
Which brings us onto the second question. To which the answer is yes, but to which the answer needs to be qualified.
The problems can range from GPS signals not getting down to places with sufficient strength to be reliable, disturbance to the Earths magnetic field causing compasses to point off in direction, and radio systems above around 2Mhz suffering from decreased signal reception. To full-on blow out of the control inputs of active semiconductor devices and destruction of chips both electronically and physically (yup if enough energy gets in before the bond wires melt the chip casing can have a hole blown in it by rapid thermal expansion).
So on the principle of,
“Two is one, and one is none”
Protecting two sets of devices and backups might well be a wise precaution for a few days.
The question is what level of protection.
I have some EMP proof equipment that simply requires connections be disconnected and the conductive “dust caps” fitted over the connectors. Other equipment is already inside an “RF Cage” that is good for all CME induced storms that humans can reasonably tolerate.
As for the rest, of the equipment, time to get the shielded shipping crates out of the loft and do a little packing.
Is it necessary, almost certainly not, the probability of a harmful event is on balance very low.
But as some of the equipment and data is irreplaceable it makes sense to take precautions.
However this is a “twin event” of two sunspots and more recent analysis of historic events suggests the probability of a large storm is very much increased with these “twin events”…
The last time this happened the Canadian power grid got more than a bit of a wake up call…
So putting backups in conductive bags inside, insulated bags, inside a “biscuit tin” with the seams taped with conductive foil sitting ontop of an insulated surface might be precautionary move that will protect your memories etc.
Clive Robinson •
@ lurker, ALL,
Re : Doors of steel so stainless.
“But the portlandtribune link…”
No worries, I suspect that any article or photo is in reality not going to give me any more information as to the “Why?” of them. But I guess would give specific information as to “How?” to “throw sand in the gears” as it were (which I don’t want to get into beyond the “obvious”).
As far as physical security is concerned, any barrier across an access way is going to have defects or weaknesses it’s unavoidable if future access is a requirement. As an example you can make the walls of a strong room as thick as you want, but there are very real physical limits on how big and thick a door can be as a consequence.
This should be obvious to anyone with a little knowledge and experience of Civil or Mechanical Engineering (of which I unfortunately have rather more of both than is good for me).
If you can also “think hinky” as our host would say about such systems then weaknesses will meet your eye in the same way that liberally spread caltrops[1] meet bare feet in the dark…
Hence I could make way to many suggestions on seeing photos, so it’s best I don’t ={
[1] A nasty piece “of work of man” that goes back in time at least four millennium,
https://en.wikipedia.org/wiki/Caltrop
But as is often the case nature got there first with plant pods. It’s known that these were collected and dried and used by both the Japanese and Chinese, though which got there first is a matter of unsolved history.
JonKnowsNothing •
@Clive, @ fib, All
re: solar interference Soon(tm)
I think it’s already here… 🙂
My RT PVP game has so much “lag” recently that it’s almost a “turn based” game. Lag of course encompasses all sorts of problems with client-server and video updating.
Players are complaining someone(s) is using a Lag Switch:
In the peer-to-peer gaming model, lagging is what happens when the stream of data between one or more players gets slowed or interrupted, causing movement to stutter and making opponents appear to behave erratically.
By using a lag switch, a player is able to disrupt uploads from the client to the server, while their own client queues up the actions performed. The goal is to gain advantage over another player without reciprocation; opponents slow down or stop moving, allowing the lag switch user to easily outmaneuver them. From the opponent’s perspective, the player using the device may appear to be teleporting, invisible or invincible, while the opponents suffer delayed animations and fast-forwarded game play, delivered in bursts.
The term “lag switch” encompasses many methods of disrupting the network communication between a client and its server. One method is by attaching a physical device, called a hardware lag switch, to a standard Ethernet cable. By flipping the switch on and off, the physical connection between the client and the server is disrupted.
Some gaming communities refer to this method as “tapping” which refers to the users “tapping” on and off their internet connection to create the lag.
Solar Interference == Solar Lag Switch
===
ht tps://en.wi kipedia.org/wiki/Cheating_in_online_games
ht tps://en.wik ipedia.org/wiki/Cheating_in_online_games#Artificial_lag/lag_switch
JonKnowsNothing •
@Clive, @ lurker, All
re: caltrop
Locally we have our own natural caltrop, we call it a Goathead. It’s got 3 long thorns that puncture bicycle tires, sandals, flip flops and thinner soled shoes and does substantial damage if you step on it or get one in your hand. It’s a large thumb-tack thorn; a menace.
===
ht tps:// en.wi kipedia.org/wiki/Tribulus_terrestris
- having long sharp and strong spines which easily penetrate surfaces, such as bare feet or thin shoes of crop workers and other pedestrians, the rubber of bicycle tires, and the mouths and skin of grazing animals
SpaceLifeForm •
Security is hard
‘https://www.philvenables.com/post/infosec-hard-problems
Clive Robinson •
@ JonKnowsNothing, lurker, All
Re : Natural source of caltrop.
“…[it] does substantial damage if you step on it or get one in your hand. It’s a large thumb-tack thorn; a menace.”
There are a few such species of them around and they have become a heraldic symbol on coats of arms etc in a stylistic form.
It’s ironic that you say of it,
“we have our own natural caltrop, we call it a Goathead.”
As was pointed out to me when I was very young up on a relatives farm (where we children were treated much like “live stock” 😉
“If a goat won’t eat it then it’s a menace on the farm.”
Whilst goats have a reputation for eating “anything and everything” they actually don’t, and if a goat won’t eat it it’s best to follow the goats advice and treat the plant as a menace and “grub them out when young” before they grow and kill something or someone (unlike a lot of livestock goats are actually quite smart and useful and you can learn a lot by just watching them).
Where I lived in Surrey the worst we had locally was “blackberry bushes” and the thorns on their stems were evil. They came to points so fine not only are they sharper than the sharpest knife/blade the tips would break off in wounds and if unlucky you could get festering wounds or worse (bird droppings can contain real nasties and effectively get injected).
And yes they would go through tough boot leather if you came at them from the wrong angle, hence tough canvas wrap around gaiters that became leggings upto the knee like old style dense wool “puttees” were worn by some older folk over their boots and they stepped with an odd looking swing, if they had to work in or around them. Also “blackthorn” and similar all used as “hedge rows” or natural stock proof field boarders and something that got “coppiced” along with hazel and other strong but fast growing plants that could be repeatedly cut for “hurdle” and “wicket” fence making used to protect sheep and other live stock from drift snow through winter and into early spring and from the wind in lambing time (as a “season” it can be from November to May in the UK but the actual lambing is mostly over by the end of March/Easter, with the quiet time starting in May when they are all “back on the hills” hence the time for a few festivities and fertility rights).
With such plant menaces around if you are aware of their historical use, it makes you wonder sometimes how our original “hunter gatherer” ancestors survived long enough to become live stock farmers…
Clive Robinson •
@ SpaceLifeForm, ALL,
Nice to hear from you, I hope you are well?
With regards,
“”
I had to smile when I read,
“The UK’s NCSC has a more understated list of challenges in the so-called Cybersecurity Research Problem Book.”
They are certainly way more foundational, that is for sure, and if you don’t get all of them right all you build on them will fail.
But all these programs still suffer from a problem I’ve mentioned before and it’s such a critical failing that you can almost guarantee that all work is going to fail.
The “top down authoritarian view” which is so prevalent is exemplified by the “Single Sign On” failure.
We have very old sayings that warn against such stupidity like,
“Putting all your eggs in one basket”
Authoritarians see people as faceless just numerical identities, and that is not how humans work at almost every level. Humans have “roles” and they are many, varied, and for good reason mostly segregated.
Unless systems are designed to support this properly they will fail and often as not fail hard.
But a couple of things stand out,
1, Repeated mention of AI.
2, At the end it’s just “more of the same” thinking.
As these are both easily recognisable “industry traits” currently, it should cause people to stop and think.
AI is not a security solving tool.
Because current AI does not think, it does not reason, and it can not test it’s self. As a result it most certainly does not create new or original work. So like old Generals all it can do is fight wars the “old way” by rote, and thus be at the very best “second best”.
What AI does is take “second best” and “soften the edges” by a little randomisation. Which means that as like as not it won’t even be “second best” but worse potentially a lot worse. It’s kind of “inverse fuzzing” like,
“Throwing darts blind fold at a map of the world to decide where you are going to spend two months or more income on a two week holiday.”
Lets hope such people can swim…
But “more of the same” thinking is equivalent to that definition of “madness” by “doing the same repeatedly and expecting different outcomes” wrapped up in a faux-management meme of “nerding harder”. Which most definitely is not behaving smarter.
Doing things “smarter” requires insight and rationality few humans actually posses and current AI systems do not.
Evolution has been said by some to be,
“Random selected by fitness functions”
But it’s fairly useless as a definition without saying how those “fitness functions” come about in the first place. Which all to often devolves into,
1, A “You Know” appeal to vacuity.
2, A “Turtles all the way down” appeal to infinity.
3, Or both.
ResearcherZero •
Outside of Portland, doors are standard fittings. In Portland it would be a freakout man!
–
@Clive
I just fixed an internet connection for somebody. As it was a single wire, twisted once and making barely one point of contact. It was a single point of failure. The cable was hanging free and blowing about in the wind. The other insulated wires were haphazardly wound around it without providing any purchase. The “joint” openly exposed to the weather.
After a little maintenance, DNS resolution now works properly. Connection speed improved and no longer drops out intermittently. The original modem/router is one of those old ISP models. I moved it up off the carpet. With a new router attached, it is quite snappy.
The professionals from National Broadband Network apparently visited the site last week.
It does not appear that they did a whole lot of work. Last few feet rules. Do FA. 😉
Clive Robinson •
@ ResearcherZero,
Re : Reaching out.
“I just fixed an internet connection for somebody. As it was a single wire, twisted once and making barely one point of contact. It was a single point of failure. The cable was hanging free and blowing about in the wind…”
Sounds like it was an
“Easy job not but must required”
as Yoda might say 😉
I was once told a moral about old cables and such like,
“The weakest link is oft the one that can not be reached.”
Implying that the amount of “love and maintenance things get” depends on how easy they are to get to or do.
Something I’m sure California’s PG&E customers, who had their property burnt down, by PG&E’s “love for share holders and seniors bonuses, not service maintenance” understand all to well.
It is the reason I suspect,
“The professionals from National Broadband Network apparently visited the site last week. It does not appear that they did a whole lot of work. Last few feet rules. Do FA.”
The “Quick and easy” get fixed, whilst the “long and hard” get “No fault found” and a quick coffee stop on the way back. It’s what management want with their “less time on site” initiatives…
The first time it hit home to me must be four decades ago now back in the time of 1200/75 baud modems. I had “line noise” issues and the idiot they sent wandered around humming and harrumphing and took the handset off hook. Then got out an analogue meter pluged and unpluged the “line jack” and claimed it showed “line noise” was in my equipment[1]…
He was I assume not amused when I wrote a letter of complaint about his lack of competence and sent it in.
[1] It’s an old “wireman’s trick” that works because the telephone circuit from the “exchange battery” to the consumer instrument is effectively a partial “DC bridge” circuit. The off hook instrument looks like 300-1200 ohms and the line to and relays at the exchange look like 3000 or more so putting a volt meter across the line and unplugging the instrument will make the voltage reading jump up. If however you put the headset back on hook and thus open the line switch in the instrument then plugging and unplugging it won’t make the voltage jump across the line.
Clive Robinson •
@ MarkH, ALL,
The investigation of the blown out Boeing 737 Max 9 door way cover on the Alaska Airlines 5 January 5th flight from Portland has apparently changed status…
‘A criminal probe was confirmed by the FBI in a letter sent to those aboard the plane, identifying them as “victims”.’
https://www.bbc.co.uk/news/world-us-canada-68640136
I’m not altogether surprised the US DoJ has been making noises about Boeing for more than a month now in various ways.
I guess we are going to have to wait upto a couple of years depending on how deep a dive the DoJ decide to do before we find out what exactly they’ve found to “Hang Boeing management with”.
Dr Wellington Yueh •
re: steel doors in Portland…he he… That’s a hotbed of backyard bicycle builders. But surely none of them would know the least about welding, alloys, stuff.
re: goathead, it is the scourge of the bicyclist!!! Went for a ride with wife, had a lovely 20km ride along a nice paved path. Within 500m of the end she rode through a patch of goatheads, collected about 20 or 30 in each tire. 300m later we’re walking. 🙂
Clive Robinson •
@ Bruce,
Re : Is it you?
I’ve been sent a link,
https://m.youtube.com/watch?v=Wr8qY3yJr5I
That sure looks like you, talking about Tik Tok and it’s supposed danger to US National security…
So “fess up” 🙂
The answer to the question is of course,
“It’s just as bad as all the other ‘Social Media Corps’ in Silicon Valley that have all sold their souls etc to the US Gov, and other Gov’s around the World.”
So as an individual you are probably currently fractionally safer with Tik Tok than you are X, YouTube, et al.
And people still wonder why I don’t do any of them…
But… Let’s assume Donald Trump gets his “Hissy fit” way, All the major US Social Media corps have already sold their souls to China anyway, and they are dependent on China in fairly major ways. As are a great deal of their employees and those dependent on them economically…
So if the Chinese Government did a “tit for tat” I suspect US National Security would be harmed rather more due to the loss in “economic benefit”…
So folks in the US should consider which side of their bread has butter on it… And which side up they want it to land if the Numpty US Politicians banging the war drum have their “Propaganda Way” and the bread heads for the floor…
Clive Robinson •
@ dbCoper, ALL,
Re : Vulnerable Hotel door locks.
““Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds””
From the article,
“By exploiting weaknesses in both Dormakaba’s encryption and the underlying RFID system Dormakaba uses, ‘known as MIFARE Classic‘”
Oh dear “MIFARE Classic”… Say no more it’s less secure than a sardine tin is to a steam roller…
Even Mossad have know how to get around MIFARE Classic for several years now…
vas pup •
Unfortunately, by Moderator and Bruce (by their own initiative or by request by deep state – I have no idea the reason and source) my post as of yesterday related to vicious terrorist’s attack in Moscow, Russia where 133 civilians were murdered with source of AP and Yahoo was deleted.
I am speechless.
Clive Robinson •
@ vas pup,
It might have been due to the “sounds completely false” claims coming out of the media/government in that area.
Or the fact that the US –based on EU intel– had been waving a small red flag about large entertainment events were being targeted in that region for over two weeks prior.
Either would attract unwanted attention by the metric crap-ton.
fib •
Re CME
Dear @Clive, please correct me if I’m wrong, but, on account of the Parker spiral[0], the worst case scenario is more likely when the CM is ejected from sunspots located close to the western limb or even a little beyond [usually to the right in Space Agency images], because the material is thrown in such a way that intercept Earth’s orbit at a point in the future – 12 hours to 3 days. In these circumstances, the Earth collides head-on and crosses the bulk of the plasma mass and frozen-in-flux magnetic field.
The center of the last CME crosses the point in Earth’s orbit where we were last Friday and we are being hit at the edge of it. As far as the complex AR3614/15 is concerned, things start to get dangerous from here on out as it begins to transit the western side of the solar disk.
ResearcherZero •
@vas pup
Such posts get deleted all the time.
Here is another one. This has a bit of a rundown of all the things that were said, what sources in Russia are claiming, and a little about the alert that went out. CNN had a little more information about the alerts the US put out earlier.
ISW commented that the Kremlin did not explain how the individuals might cross a heavily defended border. Russian sources claimed they are all citizens of Tajikistan.
Putin called the warning from the US of a likely attack by extremists “provocative”.
‘https://www.understandingwar.org/backgrounder/russian-offensive-campaign-assessment-march-23-2024
“The Islamic State’s (IS) Amaq News Agency published footage on March 23 purportedly filmed from the perspective of the attackers involved in the March 22 Crocus City Hall attack.”
“The footage further supports ISW’s assessment that IS is very likely responsible for the Crocus City Hall attack, despite continued efforts by Kremlin mouthpieces to baselessly tie Ukraine to the attack.”
‘https://www.understandingwar.org/backgrounder/russian-offensive-campaign-assessment-march-24-2024
lurjer •
@fib, Clive Robinson
Yes, you’re right about the Parker spiral and the best/worst might be yet to come. One could ask why the mass arrived 12 hours earlier than so-called forecasts. One popular “spaceweather” site thought this would be good for pretty pictures of aurora from Australia/NZ. A full moon and cloudy weather stopped that, but almost nil reception of my usual BBC southern Africa service.
ResearcherZero •
@Clive Robinson
I’ve dealt with some of those friendly chaps too. From the old national carrier, back in the day. A barrel of laughs to deal with. Charging people a large service fee, plus another $50 an hour to wonder around for half the day drinking coffee. Irate customers would ring me up and ask if I could come and nip the problem in the bud before they bled out.
A guy tried to sell me a $400 soldering station yesterday, rather than a cheap, portable gas iron. Bit overkill for a single wire. He explained that he solders “whole boards”. I explained earlier to him, I was soldering a single wire with not access to electricity.
My wife must have then given him ‘dagger eyes’ at that point, as he mentioned he would leave us alone to discuss it and quickly left to serve another customer. 😀
ResearcherZero •
Reckless decisions: few examples of madman tactics actually working for anyone.
‘https://theconversation.com/donald-trump-and-the-madman-theory-of-foreign-policy-221909
Although NATO has thus far received most of his ire, Trump appears to dislike alliances in general, and has a transactional worldview. This is particularly worrying for the UK and its triad of current national security priorities – NATO, Five Eyes and AUKUS.
The revelations in 2023 that hundreds of classified documents were found in a shower and elsewhere in Trump’s Mar-a-Lago resort, including details of allies’ defence capabilities and potential vulnerabilities, will send shivers through the UK intelligence community.
In 2016, Trump was able to convince established defence seniors to serve. None survived. It is therefore unlikely that similar ‘grown-ups’ will risk their reputations, so UK ministers must be prepared to work with the third or even fourth string. UK senior ministerial team will really matter.
–
(2017)
The problem is that Mr Trump is prone to treat foreign countries like rival businesses — that can be alternately wooed and destabilised — as the US president practises the “art of the deal”. But in diplomacy, unpredictability can be dangerous — particularly when dealing with allies that need to be reassured about the consistency of America’s approach to the world.
On the policy level, Mr Trump has already executed a number of dizzying flip-flops. … China’s wealth, long-term vision and confidence in the future will only bolster talk of an “Asian century”. By contrast, Mr Trump’s presidency risks becoming a symbol of western decline.
‘https://www.ft.com/content/b56c7c9c-3ecf-11e7-82b6-896b95f30f58
Nor has Trump’s rise gone unnoticed in Russia:
There are paragraphs on how Russia might insert “media viruses” into American public life, which could become self-sustaining and self-replicating. These would alter mass consciousness, especially in certain groups, it says.
According to the document, each spy agency was given a role. The defence minister was instructed to coordinate the work of subdivisions and services. Shoigu was also responsible for collecting and systematising necessary information and for “preparing measures to act on the information environment of the object” – a command, it seems, to hack sensitive American cyber-targets identified by the SVR.
As the report correctly envisaged, these stolen and dumped emails became a “media virus” – infecting and weakening the Democratic campaign, and reaching millions of American voters via Facebook and Twitter.
Trump’s personal flaws were so extensive – also featuring an “inferiority complex” – that he was the perfect person to feed divisions and to weaken America’s negotiating position. The report appears to confirm Trump was being watched, though no dates or locations are given.
‘https://www.theguardian.com/world/2021/jul/15/the-person-to-weaken-america-what-the-kremlin-papers-said-about-trump
Clive Robinson •
@ fib, lurker, ALL,
Re : CME.
“Dear @Clive, please correct me if I’m wrong,”
Much of what goes on is still guess work[1] with the 1989 event that took down power grids in North America being the last “twin CME” to play smack down on Earth with serious consequence. And we’ve had some near misses that have been modelled with some quite fun videos[2].
Remember that there is also a north / south element to the CME path, so although it can look bad with just an East / West projection it could figuratively speaking “go over our heads”.
I tend to be “cautious” but yes this current G4 event may be causing “only a few” problems[3] as much of it went north of us.
You can read a fun blow by blow account,
https://community.spaceweatherlive.com/topic/3137-20240323-event-cme/
(Warning it’s 13 pages so might take a little while to read).
But it looks like we may have seen the worst of it.
Sadly 100% cloud cover where I am so nothing seen, but yes HF is seeing effects,
https://www.sws.bom.gov.au/HF_Systems
” Latitude Band
Date Low Middle High
25 Mar Normal-fair Fair Poor(PCA)
26 Mar Normal-fair Fair Fair
27 Mar Normal Normal-fair Normal-fairCOMMENT: HF radio communications on UT day 24-Mar were mostly
normal at low latitudes and fair to poor at middle to high latitudes.
Fair to poor conditions were due to significant geomagnetic activity
that was observed on 24-Mar. Polar cap absorption (PCA) contributed
to poor conditions in high latitudes. HF radio conditions are
expected to be degraded over 25-26 Mar due to the geomagnetic
activity, but are expected to begin recovering by 27-Mar. Shortwave
fadeouts are probable.”
[1] https://www.arrl.org/news/a-perfect-coronal-mass-ejection-could-be-a-nightmare
[2] https://svs.gsfc.nasa.gov/4167
[3] https://www.swpc.noaa.gov/news/severe-g4-geomagnetic-storms-observed-24-march-2024
ResearcherZero •
Fake documents increase in price, and social media companies to receive closer scrutiny over scams.
“proposing a raft of changes in a new mandatory code of practice for social media companies”
‘https://www.abc.net.au/news/2024-03-25/criminal-inflation-stolen-data-price-increase-dark-web-scams/103620916
ResearcherZero •
@Clive
Re: meltdown
If prefetchers are still revealing info that can help to retrieve encryption keys and other secrets, the go faster model is certainly going to help your data go faster to another destination than intended.
Clive Robinson •
@ ResearcherZero, ALL,
Re : The Xmas gift that keeps giving.
“… the go faster model is certainly going to help your data go faster to another destination than intended.”
Yup, and it does not matter at what level of the computing stack it happens at…
A data leaking side channel requires just two things to exist and harm you,
1, A mechanism that changes energy/matter in a data dependent manner.
2, A Shannon Channel that your adversary can observe the energy/matter changes.
After a moment or two’s thought you will remember what you got taught in School Physics,
1, All work requires the movement of energy from a coherent state to a less coherent state.
2, All work is inefficient therefore energy has to be released into the environment.
So you know that any and all parts of “information processing” results in “energy released to the environment”.
Further that this “released energy” is “modulated by the level of work”.
So if the Shannon information channel has enough bandwidth then the work done thus in effect the data value gets released into the environment.
Is there anything that can be done to stop this?
Two obvious things can be done,
1, Stop down the Shannon Channel bandwidth several orders of magnitude below the processing rate.
2, Use certain types of data obfuscation techniques.
Less obvious is identify how the amplitude of the modulating signal drops with distance, and what the “natural noise” in the information channel is. Because,
1, The “natural noise” is evenly generated for any unit of distance along the channel.
2, The information signal gets antennuated by the same percentage for any unit of distance along the channel (exponential decay).
3, Therefore at some point –from the source of the information signal generation– along the channel the information signal will be less than the natural noise.
At which point the signal starts to become obfuscated.
These are the basic physical laws of the Universe by which the human TEMPEST and EmSec rules are created.
morganism •
still havn’t heard a confirmation, or a denial on the supposed RU gov network hack by nebula. Posted this last fri, and an article link to fintech
Nebula (@Nebula00x)
and surprised not to see this mentioned here yet
Truck-to-truck worm could infect – and disrupt – entire US commercial fleet
The device that makes it possible is required in all American big rigs, and has poor security
Vulnerabilities in common Electronic Logging Devices (ELDs) required in US commercial trucks could be present in over 14 million medium- and heavy-duty rigs, according to boffins at Colorado State University.
In a paper presented at the 2024 Network and Distributed System Security Symposium, associate professor Jeremy Daily and systems engineering graduate students Jake Jepson and Rik Chatterjee demonstrated how ELDs can be accessed over Bluetooth or Wi-Fi connections to take control of a truck, manipulate data, and spread malware between vehicles.
Schemes for tall vehicle relay testing
White Van Man could become a rolling radio relay
READ MORE
“These findings highlight an urgent need to improve the security posture in ELD systems,” the trio wrote [PDF].
The authors did not specify brands or models of ELDs that are vulnerable to the security flaws they highlight in the paper. But they do note there’s not too much diversity of products on the market. While there are some 880 devices registered, “only a few tens of distinct ELD models” have hit the road in commercial trucks.
A federal mandate requires most heavy-duty trucks to be equipped with ELDs, which track driving hours. These systems also log data on engine operation, vehicle movement and distances driven – but they aren’t required to have tested safety controls built in.
And according to the researchers, they can be wirelessly manipulated by another car on the road to, for example, force a truck to pull over.
The academics pointed out three vulnerabilities in ELDs. They used bench level testing systems for the demo, as well as additional testing on a moving 2014 Kenworth T270 Class 6 research truck equipped with a vulnerable ELD.
“In our evaluation of ELD units procured from various resellers, we discovered that they are distributed with factory default firmware settings that present considerable security risks,” the authors noted.
This included an exposed API that permits over-the-air (OTA) updates. The devices also have Wi-Fi and Bluetooth enabled by default, with a “predictable” Bluetooth identifier and Wi-Fi Service Set Identifier (SSID) and weak default password. That makes it easy to connect to the device and then obtain network access to the rest of the vehicle’s systems – at least for attackers within wireless range.
This can be achieved via a drive-by attack, or by hanging out at truck stops, rest stops, distribution centers, ports – basically anywhere that heavy-duty trucks tend to congregate.
The ELDs use a Controller Area Network (CAN) bus to communicate. For one of the attacks, the boffins showed how anyone within wireless range could use the device’s Wi-Fi and Bluetooth radios to send an arbitrary CAN message that could disrupt of some of the vehicle’s systems.
A second attack scenario, which also required the attacker to be within wireless range, involved connecting to the device and uploading malicious firmware to manipulate data and vehicle operations.
Finally, in what the authors described as the “most concerning” scenario, they uploaded a truck-to-truck worm. The worm uses the compromised device’s Wi-Fi capabilities to search for other vulnerable ELDs nearby.
Here’s how it knows the devices are vulnerable:
It specifically looks for devices with SSIDs starting with “VULNERABLE ELD:”. Although this may sound contrived the SSID of the ELD we examined was predictable and could be used to identify the vulnerable devices.
After finding the right ELDs, the worm uses default credentials to establish a connection, drops its malicious code on the next ELD, overwrites existing firmware, and then starts the process over again, scanning for additional devices.
“Such an attack could lead to widespread disruptions in commercial fleets, with severe safety and operational implications,” the researchers warned.
The team also conducted a real-world, drive-by attack simulation on an empty airfield to demonstrate this attack. It used a 2014 truck, and the “attacker” drove a Tesla Model Y at 20mph with a laptop and an Alfa extended range wireless adapter. While both vehicles were in motion, in just 14 seconds the team connected to the truck’s Wi-Fi, used the ELD’s interface to re-flash the device, and started sending malicious messages causing the truck to slow down.
According to Jepson, the researchers disclosed the flaws to the ELD manufacturers and the US Cybersecurity and Infrastructure Security Agency (CISA) before publishing the paper.
“The manufacturer is working on a firmware update now,” Jepson explained. “But we suspect these issues may be common and potentially not limited to a single device or instance.”
https://www.theregister.com/2024/03/22/boffins_tucktotruck_worm/
Commercial Vehicle Electronic Logging Device
Security: Unmasking the Risk of Truck-to-Truck Cyber Worms
https://www.ndss-symposium.org/wp-content/uploads/vehiclesec2024-47-paper.pdf
Eriadilos •
@morganism
Re: Truck-to-Truck worm
“The ELDs use a Controller Area Network (CAN) bus to communicate. For one of the attacks, the boffins showed how anyone within wireless range could use the device’s Wi-Fi and Bluetooth radios to send an arbitrary CAN message that could disrupt of some of the vehicle’s systems.”
Because putting wireless capability on CAN is such a good idea as has been proven in the past. The automotive industry truly never learns.
But since the flaw is wormable, how about a timebomb that triggers (almost) simultaneous emergency breaking of all trucks ? I bet it would be quite a mess.
I am quite sure that other attacks on these systems could very seriously disrupt an entire country.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Original Post URL: https://www.schneier.com/blog/archives/2024/03/friday-squid-blogging-new-species-of-squid-discovered.html
Category & Tags: Uncategorized,squid – Uncategorized,squid
