Back to: A message from our UK sponsors (revisited) | Forward to: What have we learned?

The latest news

This is my surprised face.

Nope?

Okay: This is my ironic face.

(Same face. I don't gamble, otherwise it would be my poker face, too.)

I am having enourmous trouble resisting the urge to say "v gbyq lbh fb", so, er, v gbyq lbh fb, only you mistook it for pulp/genre fiction. And by you, I don't mean you, I mean everyone who had the opportunity to read Applied Cryptography or The Puzzle Palace back in the day, and didn't. (Or even Bruce Sterling's Hacker Crackdown, which is free on the interwebbytubes these days and they know you know it, too.)

Ah, what's the use? We did this to ourselves, or by negligence allowed it to happen. This is the emergent consequence of the west lacking the moral spine to keep its utilitarian appetites in check in the wake of the collapse of the ideological rivalry that was the only thing that kept the Owners straight for so many decades.

And now we're screwed. Welcome to the Panopticon, it's been nice being able to live in ignorance of your innermost secrets for so long.

234 Comments

1:

In less newsworthy news, I have 15,000 words to go on the current project, and a deadline -- September 14th. Tomorrow is my wife's birthday, so it's a non-writing day. Blogging will therefore resume as normal when I nail the writhing manuscript to the floor ...

2:

So, tell me again, why it was a bad thing when the Stasi did effectively the same thing with the technology available to them.

3:

I hope the surveillance industry chokes on the banality of my innermost secrets. I hope the boredom engendered by my quotidian emails causes a spike in their suicide rate.

4:

The Stasi?

But, But, REASONS! Freedom! Mom! Apple Pie!

Sorry, the snark lies heavy on my stomach.

5:

Yeah, I realized back in the 90s that privacy was something of an anomaly. The way technology was going, someone was going to be able to monitor everything we do. Government, business, military, someone.

We're returning to the old pattern where everyone new your business in the village, and you didn't really have privacy. Except now the village is the whole planet.

So far the application of this spying has been limited. The people doing don't really care what most of us are doing, except in limited circumstances. But what if your local police agency has the info, and decides they need to enforce every law on the books? A lot of our society relies on privacy. For example otherwise proper and law abiding people can get away with smoking pot at home, if they aren't bothering anyone. What happens when they can't do it in private any more -- either a lot arrests, or we're in for a lot of loosening of laws (like happened with old anti-sodomy laws).

There is also a strong risk of the end of law and order in Western society, with laws being enforced arbitrarily by those with power. Have a political enemy or just some citizens being a pain in the ass? Have their data audited and charge them with ever minor infraction you can find. And given the tens of thousands of laws and regulations out there, they've probably done something. And if they haven't, just leak their personal information.

6:

What we need is Gevulot!

... fuck, just remembered how that book ended :-/

7:

Remember, that city started out as a panopticon!

8:

For added fun?

I am writing a near-future thriller titled "Dark State". (Yes, it's the seventh Merchant Princes novel. If you didn't spot them segueing into near future technothrillers, you weren't paying attention.) Just working on a scene in which two people who are deeply, touchingly in the throes of new love are trying to have a private conversation (without being bugged by the DHS, NSA, or FBI). During yesterday's writing, they were taking extreme measures. During today's writing ... maybe they're not paranoid enough?

Dammit, why couldn't this have stayed as a light escapist fantasy series? Why do I have to wake up every morning wondering whether my Grim Meathook Surveillance State Future has been rendered obsolete in the present day?

9:

Yep, that was the irony...

[more serious tone] On the other hand, with more than 10x the budget of PRISM they still can't actually 'crack' encryption, they can only do what was done to Gevulot; circumvent it with hacks inserted into the code. Here, hopefully, opensource will be our friend (assuming all the coders signing off the implementation of encryption on those projects aren't just NSA/GCHQ shills)...

I must say, although I am totally unsurprised that the NSA/GCHQ would try to spy on everyone everywhere, I am kinda shocked they would undermine the foundations of digital banking/commerce by weakening HTTPS/SSL.

10:

vg'f sbe lbhe bja tbbq. gur vaabprag unir abguvat gb srne. gur pbzchgre vf lbhe sevraq.

11:

You could probably get an added layer of security by inventing a new, private language not connected to any in use today. :)

12:

Woop! Been waiting to see where the Merchant Princes is going! Yeah, keeping ahead of the singularity must be hard as a sci-fi writer...

13:

You have a too pessimistic take on the latest revelations.

So, NSA has access to backdoors or exploitable weaknesses throughout the internet. That means that now everybody has potential access to backdoors or exploitable weaknesses everywhere. And like any other achievement, it's much easier to accomplish once you know it's there and you know it's possible.

Sure, access routes to the banking networks are likely very hard to find and would take a lot of resources to unearth. But the payoffs are absolutely staggering, so there are bound to be organizations that will do their utmost to try. You can buy a lot of secrets, a lot of intimidation and blackmmail and a lot of violence for a small fraction of what you could make from illicit access to trading and transfer systems.

And realistically, NSA and other security agencies are not excempt. They all use off the shelf hardware and off the shelf software; there's bound to be similarly exploitable holes in their own systems - if nothing else, holes planted their by other agencies without their knowledge.

Yes, our secrets are wide open. But it's only a matter of time - and not all that much time either - until the secrets of the security agencies, financial systems, and their masters are just as open. And they have a lot more to lose than we do.

14:

Yes, and the society described in the movie 'Brazil' seems more and more realistic to me as years go by.

15:

I love the part where the spooks work with equipment manufacturers to insert security holes. Of course, this stuff is all made in China. Then they complain about Chinese hacking.

16:

V JNF GUVAXVT ZBER:

VS LBH JNAG N CVPGHER BS GUR SHGHER, VZNTVAR N OBBG FGNZCVAT BA N UHZNA SNPR - SBERIRE.

17:

Speaking of the NSA and open source:

https://code.google.com/p/owasp-esapi-java/issues/detail?id=81

I think someone with crypto chops needs to review those commits.

18:

And I just post that, and see this...

http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115

Belgium, Belgium, Belgium...

19:

@jan: Read The Fine Article. The NSA hates backdoors: it also has responsibility for crypto security within the US, remember?

Standard Procedure in the NSA is to leverage its strengths: its computational power. It will weaken systems to the point where it can crack them, but hopefully no-one else. In the current instance, they appear to be cracking SSL, etc. certificates to enable them to Man-in-the-middle VPNS, etc. The beauty of this is: (1) they can do it, no-one else; (2) the hole is discovered, it can be fixed quickly (compare what would happen if there turned out to be a backdoor in the DES cipher for example; all banking crypto would be vulnerable for years ...)

The really interesting bit is what is now happening within NSA and GCHQ. Anyone in IT could have told you what was happening years ago, but it was all secret and you couldn't talk about it (if you were in GCHQ). Now, you can. Now the questions "What are we doing this for? " start to surface within the organisations. This is what the NSA brass are really frightened about. "National Security" was a cover for effective censorship of the goals and actions of the "Intelligence Community". The Brass are not scared of the public (what can they do?) they're scared of a bunch of really clever people asking what their bosses are really up to, and subverting matters from within.

20:

The problem isn't 100% enforcement of all stupid laws ; no state has the bandwidth for that. The problem is selective enforcement. Basically everyone is a potential felon but will only be arrested if someone in power is annoyed. Back to Dickens' England or Hugo's France. Don't protest, don't bother the powers that be, don't occupy anything.

And even assuming completely benevolent legislators who understand the danger of this kind of state, it may be politically impossible to fix enough laws and policies to prevent it.

21:

the main difference i see is the stast was a lot less tech-savy, so they had to rely on classical humint sources, which adds this nice layer of personal betrayel...

speaking of that, i have a hard time with our president, gauck, who was also involved with access to the mfs files later on, trying to calm everybody with pointing out that as far as he know, there were no lockers with personal dossiers at the nsa, like with the stasi.

as somebody, afair foebud, pointed out, paper files seem somewhat illsuited for the amount of data collected by the nsa.

err, some of those decrying that being close to our sed-heirs doesn't make for good feelings, but have i told you i listen to "holiday in cambodia" a lot lately?

22:

I just want to start seeding messages through out the internet using chunks of the Voynich manuscript converted into an English font.

How much computing power do you think that they will dedicate to decoding it?

For those curious: http://en.wikipedia.org/wiki/Voynich_manuscript

23:

hm, you just invented a new way of doing crowdsourcing distributed computing.

i guess it takes some years to get an foia receipt, but, well, better than nothing...

25:

@ghostie: Ah, so thats the workaround to the porn filter:

"Why is the internet censor turned off for the house?"

"It was necessary to allow connections to the VPN at work."

26:

So, rather than saying you can't turn off the censorship system, why not just have the turn off fail? I can't turn of the censorship system for my phone.

27:

Just remember, whole ecosystems of critters evolve to survive and thrive where they have no cover whatsoever. That octopus that mimics a coconut on sandy bottoms is one good example. Similarly, the battle of El Alamein was fought in a zero camouflage environment, and it famous for the amount of deception used.

The general tactic for when there's no cover is to spoof, just as the intelligence agencies do, and it's pretty obvious we're going to see a lot more of that in these so-called panopticons.

My seventeen real-name twitter accounts? All real! That sort of thing. If you're worried about hiding stuff, just remember that NSA can still get hammered by false negatives and too much information, so spamming them with still more plausible looking signals makes it even harder for them to figure out what you are really doing. Lard it on, I say. There are plenty of ways to hide in plain sight if you want to hide: most of them come down to a) looking like something else, and b) making something else look like you.

That said, I think amckinstry is right: the real problems for the NSA et al have to do with publicity. They're only as good as a few rooms in a few telecoms and a few back-doors make them. They're powerful due to man-in-the-middle attacks, but they're vulnerable to man-in-the-middle rebellions.

If, for example, the US telecoms wanted the NSA out, they could, say on Friday the 13th, take a bunch of sledge hammers to every one of those secret wire-splitting rooms we've heard about, and then let the NSA spend the next decade trying to win the legal actions. Similar back doors can be patched by the internet companies if the companies wish.

When everyone (or enough big firms) do it as a form of mass protest, there's not a lot NSA can do except scream to the President. If the NSA is unpopular enough, the White House will hang them out to dry. That is standard operating procedure, and it's been done to the CIA repeatedly. The orders may have come from the White House, but the NSA will take the fall. Unfortunately for us, it's most likely to happen in 2017, but the NSA is acutely vulnerable, and I suspect they know it. Right now, they're trying to keep the rebellion down by looking sinister and omnipotent, as well as good and just.

28:

It's all very well saying that if the US telecoms industry wanted the NSA out they could have the secret bugging rooms destroyed, but the executives that made those decisions could be put in prison over that. It's not a corporate fine, it's personal.

29:

Yes, and if all of the major telecom executives in the US are in prison, then what happens? That's the messy bit. They're kind of essential. And influential.

This is the essence of civil disobedience. One executive could easily be put in jail for breaking from the flock. If most of the flock moves in unison, the NSA is in trouble, because they can't afford to decapitate the US internet. Not that I think this will happen. However, the threat of it happening, say, spurred by customer outrage, might be as effective as sledgehammers, if slower.

For those who are looking for other solutions, I'll point to Bruce Schneier's latest:

http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance

30:

This is the emergent consequence of the west lacking the moral spine to keep its utilitarian appetites in check in the wake of the collapse of the ideological rivalry that was the only thing that kept the Owners straight for so many decades.

Really? Do you think that if USSR didn't collapse, all this would not happen?

31:
  • Rolls eyes *

Where do you get your aspergers-ish knee-jerk contrarianism with added blinkers from? It's deeply annoying.

The USSR gave the west a notional yardstick: internal passports and phone snooping was what they did, they were bad, so if we did those things ... syllogism complete. All it took was a major existential threat with police-state manners. Didn't have to be the USSR, had to be someone. Then, after 1991, something broke. This is not to say that the west didn't go in for bad police-state shit at home prior to 1991 -- google on COINTELPRO for an example, or the Economic League -- but it was generally seen to be wrong.

Since 1991 we've been adrift without a moral compass, watching China overhauling us in the rear-view mirror, and panicking at the cave-wall shadows cast by a messianic lunatic in a cave at Tora Bora in a nice safe house run by Pakistani Military Intelligence. And we have become exactly what Osama bin Laden wanted us to be.

32:

Where do you get your aspergers-ish knee-jerk contrarianism with added blinkers from? It's deeply annoying.

I'm getting it from suspicious statements. No need to be rude. (And "aspergers-ish" is ableist-ish, BTW.)

You see, this argument is popular among the conservative communists\stalinists of the Russian-speaking internet, when they can no longer ignore the statistics that say life quality in the West was better than in USSR.

They basically say that the ONLY reason life in the West was so good is because the West wanted to be better than the USSR. And I'm naturally suspicious of everything that comes out of the mouths of stalinists.

33:

Being suspicious of Stalinists is good. But a subtly different argument is native to the west, too: "Stalinits behave badly, so we've got to behave [morally] better than them to prove we are better than them". Not about material prosperity, in other words, but about not imprisoning huge numbers of people, persecuting dissidents, tapping phones, and ... oh, snap!

34:

The only reason it's been possible for gays to get relatively decent treatment lately is that they had enough privacy to break laws.

On NPR (who is much too chipper about the whole subject) there was a bit about how organized crime doesn't have access to NSA surveillance.... you know, as though there's no way to bribe, blackmail, or intimidate people in government. That being said, I'm more worried about what the government will do with the information-- organized crime would be more of a decent premise for a novel.

35:

Look, I'm trying to imagine a world where USSR still exists and it is connected to the internet and it uses the internet for nefarious goals.

And somehow I don't see the NSA in that alternative world not having the same capabilities that it was discovered to have in ours.

Why am I wrong?

36:

A world with a still-extant USSR, with internet, would look ... well, that'd be quite different. (I'm assuming continuity here, not the ten years of chaos followed by the re-engineered, ideology-free mini-USSR 2.0 that Mr Putin appears to be trying to build for himself.)

For starters, Estonia wouldn't be part of the EU. It's not obvious that the former Warsaw Pact nations would have been allowed to join, either. In turn, there'd be huge implications for the structure of global trade and for the center of gravity of western politics.

Nor is it obvious how a modernizing-USSR-with-internet would have evolved through the 1990s and 2000s. Or whether they'd have spawned a major production of router hardware with KGB involvement, like, say, Huawei. Or how the climate of political repression in the USSR would have changed.

In fact, my head hurts just contemplating this as an alternate history scenario ...!

37:

Ah, Hem, oh.. Well Really!

Way back in the Deep of Yesterday I was setting up TV studios...Students For The Use of in Negotiation Exercises and Presentation Technique...and also Establishing an Ergonomics Lab that I will admit did owe certain influences towards the Film/from novel " The Ipcress File " and thus did have that Observation view and the Audio Reel To Reel Tape Recorder which lab was transferred from my Responsibility when I was sent out On Assignment and a Reorganisation took Place so that the Psychology Dept was moved beyond my Tech Support purview. At least I had loaned "My” tape recorder to the Chap from Civil Engineering so that it could be used by The Scottish Country Dancing Club and thus I managed to make it disappear into the mystery that was Negotiation Technique Training and They are Paying US ever so much Money for this - and Here is My Overtime Claim duly Authorised by Me ...Err -is Your Imagination being stretched yet to that far distant place that was the !970s?

No, not you Charlie, since your Imagination comes Pre- Stretched.

I don’t suppose that I would ever have really Cruelly Tormented the Graduate Students - Psychology of that Ilk - but it would have been nice if I had been consulted since I'll bet that my cunning scheme would have been of much scientific interest, especially since I'd got all that German monitoring equipment that did look as if it had been left over from the Russian end of the Cold War’s Space Race. LISTEN TO MY VOICE sort of thing and also... “All Orders Must Be Obeyed without Question at all times"

http://en.wikipedia.org/wiki/Journey_into_Space

The thing is that we are discounting the contribution that Fiction has to make in the shaping of the future - well this particular future. Well aren't we? Spooks do read Fiction and it does influence their practice of their profession...well doesn't it?

This is NOT MY Future and if it keeps it up I'm going to send it back and demand what I'd ordered lest I refuse to leave a tip for the waiter.

I wonder how many Intelligence Officers - very Senior Officers - are now living their own fictional childhood. Cue the Theme Music of your choice ...dun de a dump bum Dum de a DUM Dum Dum De a Dum DUMMMM DUM DUMMMMM ... and so forth.

38:

This bit from the Guardian article is hilarious: "The NSA's codeword for its decryption program, Bullrun, is taken from a major battle of the American civil war."

The Union Army of the United States lost the First Battle of the Bull Run. It was a rout. They lost the Second Battle of the Bull Run, too--just not as badly. Someone in high up in the NSA is kind of weak on their American history (or perhaps a sense of irony).

39:

"Stalinits behave badly, so we've got to behave [morally] better than them to prove we are better than them". Not about material prosperity, in other words, but about not imprisoning huge numbers of people, persecuting dissidents, tapping phones, and ... oh, snap!

I live in Helsinki, so Tallinn is very near. All this discussion reminds me of the jokes about the Viru Hotel in Tallinn and how the KGB had bugged the rooms, and had a hidden listening room in the hotel.

Jokes because that was what the Soviets did, not us Western countries. Nowadays bugging hotels seems like too much effort.

I agree that the counterpoint to the Western ways was useful. I'm not sure I like the fact that the life in the East wasn't apparently that nice then, though. I'm also not sure if the current way of Russia makes it a good place to live, either.

40:

The devil's hands are idle playthings.. or something...

The reason we 'adversaries' (USAians and Earthicans) are being intensively observed is to protect us from the Bad Bad People.

http://www.nsa.gov/public_info/_files/speeches_testimonies/2013_08_09_the_nsa_story.pdf

"The purpose of this particular collection is to identify the U.S. nexus of a foreign terrorist threat to the homeland"

Now, this data,or metadata supposedly doesn't include names (which are in another database, and please don't look behind that SQL linkage...), but the NSA NEEDS all this metadata to detect terrorists. Hmmm... I bet nobody in the executive suite understands Baysean statistics, certainly not to the point where they recognize the 'false positive problem' in relation to low probability events.

Suppose, through some incredible miracle of algorithmic programming, the NSA comes up with a way of detecting terrorist activity by analyzing networks of phone activity. The classic assumptions for this example would be a miracle test that's 99% sensitive, and 99% positive, or produces 9% true positive results for terrorists, and 99% true negative results for non-terrorist comm activity such as book group phone trees. Further, suppose that the entire terrorist watchlist of 700,000 (out of 300,000,000 US population) are in fact engaged in terrorist activity. That is, 0.23% of the population are in terrorist cells using the phone system.

So, how likely is the Miracle Algorithm to catch them, that is, correctly report a positive result for each terrorist that triggers the algorithm into reporting them as a terrorist?

P(Terrorist|+) = (P(+|Terrorist)P(Terrorist))/((P(+|Terrorist)P(Terrorist)) + (P(+|Nonterrorist)*P(Nonterrorist)))

P(Terrorist|+) = (0.99 * 0.0023) / ((0.99 * 0.0023) + (0.01 * 0.9977))

P(Terrorist|+) = 0.188 or 18.8%

Yeah. The Miracle algorithm with it's 99% accuracy will report 4 false positives (book group phone trees) for each terrorist cell it finds.

Want to try it for a real world algorithm, and a more likely terrorist population? Suppose they do a really good job and we get an algorithm that's 60% sensitive and 60% specific (better than anything Google Analytics has, but maybe the government attracts better talent than Google...) And suppose that we really have just 1,000 terrorists in country to worry about, or 0.00033% of the population.

P(Terrorist|+) = (0.60 * 0.0000033) / ((0.60 * 0.0000033) + (0.40 * 0.9999967))

Ruh roh... P(Terrorist|+) = 0.0000049499 or 0.00049499%

The probability that someone identified as a Bad Bad Man by the Terrerist Detect-O-Thingie is less than one in two hundred thousand (1::200,000). Two hundred thousand false leads per hit.

If anyone else supplied the FBI with leads that included 200,000 false leads for any good one, I suspect that they would be ignored. The FBI has less than 14,000 special agents, and is under budget pressure.

Suddenly the 'old fashioned' process the FBI uses, chasing fertilizer purchases and whatnot, using the odd informant, and running stings doesn't look so bad.

Meanwhile, there's this huge database of every phone call and location that everyone in the country has made. Growing every day. CURRENTLY accessible only to the NSA, select contractors, and a few undisclosed others... "Senator, I see you've made a number of after-hours calls to the young lady at this number, which is... not your wife... Now, I'd like to talk to you about a little appropriations matter..."

(Now, let's see what happens the next time I try to get on an airplane. I was a SSSS/selectee until 2012...)

41:

D'oh. Fat fingers. " produces 9% true positive results" should be " produces 99% true positive results". I blame the cat.

42:

Oh, I dunno, perhaps its just that I'm just Old and Jaded, but..does it seem to you, as it does to me, that all the Fun has gone out of the Evil Intellegence Gathering Business? ..

http://en.wikipedia.org/wiki/Operation_Bernhard

and also ..

http://www.andrewlownie.co.uk/authors/tim-newark/books/hitlers-gangster-the-extraordinary-crimes-of-alfred-naujocks

Not to miss .. " Salon Kitty (film) From Wikipedia, the free encyclopedia Jump to: navigation, search Salon Kitty Salon Kitty (film).jpg Directed by Tinto Brass Produced by Ermanno Donati Giulio Sbarigia Written by Tinto Brass

Salon Kitty is a 1976 erotic-drama film directed by Tinto Brass. The film was coproduced by Italy, France and West Germany. It is based on the novel with the same name by Peter Norden,[1] covering the real life events of the Salon Kitty Incident, where the Sicherheitsdienst took over an expensive brothel in Berlin, had the place wire tapped and all the prostitutes replaced with trained spies in order to gather data on various members of the Nazi party and foreign dignitaries.

It is considered among the progenitors of Nazisploitation genre."

43:

"Senator, I see you've made a number of after-hours calls to the young lady at this number, which is... not your wife... Now, I'd like to talk to you about a little appropriations matter..."

What happens if the Senator records this talk?

44:

Fascinating question. Tim Weiner's Enemies: A History of the FBI has several such instances, if memory serves. It's how J. Edgar Hoover was able to maintain his hegemony over the bureau until his death.

In general, it takes cojones and preparation to record such a conversation and use the recording, especially since recording a phone call without the other person's permission is against the law in the US.

This, incidentally, is why Gen. Petraeus was such a bad choice for CIA director. If you can't exercise fundamental informational security over your covert affairs, it's better to not have them, at least if you're in a position of power in Washington.

In comparison Hoover, who may have been a homosexual with a long-time lover, was so good on his personal information security that we'll never know if this was the case, scurrilous book accounts of his cross-dressing to the contrary (that cross-dressing account was based solely on the paid testimony from a woman convicted before that testimony of perjuring herself).

45:

The USSR wouldn't have had widespread internet access. Phone books and city maps were considered state secrets at times, because they could allow citizens to organize without Party control. The best model is probably North Korea, where a small number of selected loyalists have limited internet access (or at least that's my impression from the very limited reports from NK).

46:

A few years ago there was a crazy allegation that the FBI paid for vulnerabilities to be inserted in the OpenBSD project's IPSEC implementation. Today I'm thinking that it may not be so crazy, and that it might not have been the FBI ultimately directing it.

Another paranoid thought: complaints that Microsoft and other big companies are slow to respond to privately reported vulnerabilities perhaps appear in a new light. Are they just slow because of conventional problems like process inertia, poor communication channels, low internal priorities, etc. ... or because no ordinary criminals are currently exploiting those problems, but NSA and friends would like to use them for a while?

I'm disappointed that the recent publications about NSA's crypto-breaching were modified to hide specifics after consultation with authorities. Specifics are exactly what people need to protect their privacy. I hope that after the slow drip of revelations is finished generating outrage in the media that the uncensored and complete Snowden cache shows up on the Pirate Bay. Savor the fruit of your poisoned tree, assholes.

47:

"What happens if the Senator records this talk?"

His phone starts sending groinal selfies to every young lady in his address book? My, but those inserted security defects do come in handy from time to time...

The point is that huge NSA databases of call data, Internet activity, and so forth is is far more useful for purposes of blackmail than it will every be for catching terrorists.

What I find interesting is the NSA's desire to replicate, integrate, and preserve all of this information. It goes far beyond the claimed needs,may be statistically self-defeating, and has some serious privacy and US Constitutional issues. It turns out that if one is interested in chasing down connections around a suspicious activity, that casting a narrower net can be more productive, and can be done in full compliance with existing law:

http://arstechnica.com/tech-policy/2013/08/how-cell-tower-dumps-caught-the-high-country-bandits-and-why-it-matters/

48:

Law enforcement wouldn't need cryptographic back doors into banks and the like, if they had more direct cooperative arrangements (a la Prism) --- either with the banks themselves, or with providers of outsourced back-end services. This is certainly an area where the government has shown an interest (e.g., "know your customer" rules). And there are still shoes left to drop.

49:

FWIW, the legality of recording phone conversations without permission varies in the US from state to state. Federal law requires only that one party consent, which is kind of a given if the person making the recording is a party to the call. There are twelve states that require consent from all parties; these include California and Massachusetts, but not New York.

See http://en.wikipedia.org/wiki/Telephone_recording_laws#United_States

50:

It isn't unknown for US Navy ships to be named after battles won by the South (eg USS Chancellorsville), so this part didn't surprise me.

51:

I can't help but think that this is exactly the set of stories that an NSA who had possession of a fast factorization algorithm (and/or other novel number theory proofs and methods) and either just started or was about to start visibly using intel gotten from would want to spread about, as disinformation. You both get a cover for the intel you're about to use and you drive the security-minded into open-source crypto methods that you (in this scenario) have already broken wide open.

(The absence of any math at all in the leaks to date begins to look vaguely suspicious.)

52:

Just joining a few dots that others have mentioned, but the news* that the NSA has been working with hardware (and software) manufacturers to insert backdoors puts a slightly different spin on the complaints about equipment from Huawei (et al) potentially being backdoored by China. Perhaps the reason the US was warning against their use is because Huawei wouldn't insert backdoors for the NSA? Therefore driving companies to buy, perhaps, Cisco kit. (I'm assuming that Cisco are probably one of the manufacturers that did cooperate with the NSA). Not that that precludes them already being backdoored by the Chinese mind.

Questions that we should be able to come to a consensus on: Can we trust that open source software is free from backdoors? My take, probably, and I reckon there'll be a lot more eyeballs checking right now.

If we trust the open source software, do we trust the compilers? My take, again, probably. I'm guessing it's harder to hide a backdoor in a compiler.

Assuming the NSA has access to all the US based Certificate Authorities, are there any widely trusted (ie included in browsers and OS's) CA's that are unlikely to be giving access to their local governments?

  • confirmation might be a better word than news
53:

(Sorry for the double post) If the USSR still existed, surely their internet access would basically look like China does now?

54:

"Dammit, why couldn't this have stayed as a light escapist fantasy series? " well, was it a light escapist fantasy serie from the begining ? Science-Fiction (and fantasy at its best) is not about escapism, it speaks about reality : the one we face, the one we are scared of, the one who "might be possible but no no, please ..." science-fiction is about our fears. I do believe (and I am not the only one here) that you are a very good SF writer and I am pretty sure you know that : you don't write about the future that could be, you write about the future we fear : you write about the present. The actual problem is that ALL of the possible futures we face seam to be horrible because the present is so hard and it is your fate to face this fact better than us. You are doomed, like was John Brunner, or Aldous Huxley. It was a prophety, but you know, now The Sheep Look Up !

55:

If the USSR still existed, surely their internet access would basically look like China does now?

I'd think not. China is growing economically and much more confident than the '80s vintage USSR was. China in 2013 resembles the USSR of the Sputnik era more than it resembles the USSR of the 1980s.

We'll never know. Fortunately.

56:

The Union Army of the United States lost the First Battle of the Bull Run. It was a rout. They lost the Second Battle of the Bull Run, too--just not as badly. Someone in high up in the NSA is kind of weak on their American history (or perhaps a sense of irony).

Then again, it's a signal intercept program; maybe someone had enough sense of humor to expect the large run of bull it would produce.

57:

We have to face this positively. After all, we have an unprecedented research opportunity here: are ordinary people's lives actually more interesting when they're written down? (As per The Diaries of Adrian Mole). Or are they equally boring to read as they are to live?

I dunno. With all the interesting stuff on the internet to read (even a trawl through the most crowded archives on fanfiction.net can be fascinating) I almost feel sorry for the poor dear stuck with reading my life for a crust. I hope they have a good stimulant habit.

This also adds another level of interest to things - what happens if a surveillance geek gets so fed up with the boredom of their current lot that they decide to throw a few spanners into the works? Like, for example, getting their chosen target arrested for something, just to see how they handle it? What happens when the surveillance type gets tempted by the power of the author - the power to make things happen, the power to create stories?

58:

paquette.mj @ 40 I bet nobody in the executive suite understands Baysean statistics, certainly not to the point where they recognize the 'false positive problem' in relation to low probability events.

The increasing number of signature drone strikes being carried out suggests that this is already the case. Or, more scarily, that the executive suite in the US recognises the false positive problem and doesn't care.

"Targetted" drone strikes are made against identified people. Phone cell or other surveillance picks up that so-and-so will be in this house on this date, send a drone to blow him up.

"Signature" strikes are made on pattern matching. We're not told exactly how, but it is just on the basis of behaviour, something like "if more than X SUVs park outside a house of size Y from where more than Z phone calls have been made to possible Bad Guys, they're Taliban." And a drone gets sent to blow them up.

Applied domestically in the West, probably not drone strikes. But it wouldn't require the FBI or equivalent either. You get put on the Usual Suspects list, and if anything bad happens, the local police haul you in.

59:

Regarding trusting compilers, the seminal work is the "Reflections on Trusting Trust", written by Ken Thompson in (ironically) 1984:

http://cm.bell-labs.com/who/ken/trust.html

The answer is "no, you can't necessarily trust a compiler, even if you compiled it yourself from source code".

60:

heteromeles @43 This, incidentally, is why Gen. Petraeus was such a bad choice for CIA director. If you can't exercise fundamental informational security over your covert affairs...

I prefer the other interpretation from (I think) Bruce Schneier.

Hoover wasn't better at information security, his "adversaries" (including those in his own organisation!) didn't have the capabilities they do today.

We live in a time when the head of the CIA can't protect himself. IIRC, he got caught just by some random agent doing a bit of LOVEINT.

Which is the point made by steve back @20, if anyone can be spied on and everyone has something to hide, The Powers That Be get to select who is the target. We go from a society (nominally at least) of laws to one ruled by influence and corruption.

61:

@34:

how organized crime doesn't have access to NSA surveillance.... you know, as though there's no way to bribe, blackmail, or intimidate people in government.

The NSA's back doors of software (and probably hardware) platforms won't remain secret forever. Once the cracks propagate, the [insert name here] doesn't need to trawl and store all communications when they can just target the things they're interested in - law enforcement communications, court dockets, banking information, blackmailable messages, etc.

If you need to move bulk data, there's always the spindle of DVDs and the Royal Mail...

62:

I wouldn't call what we have a Panopticon, but rather a Panmemnecon. Everything we do online or while carrying a phone is being recorded, but the vast majority of us are not being watched.

63:

@46:

far more useful for purposes of blackmail than it will every be for catching terrorists.

True, but the bar for useful blackmail information keeps rising.

Out someone as G/B/L/T? Nobody cares.

Out them as a member of the Klan, Black Panthers, or Greenpeace? Nobody much cares, and it's probably out there in googlespace already.

Out them as divorced, Jewish, or Catholic? Other than a handful of places, nobody has cared for a long time.

Out them as pedophiles, drug users, rapists, or domestic abusers? Maybe some luck there, but enough people have survived (or capitalized on) such accusations for them not to be the kiss of death they once were.

Out them as animal abusers? That's still enough to get the torch-and-pitchfork crowd out, at least until the mainstream media flog it until nobody cares...

I figure it won't be long before most of the traditional blackmail levers won't be worth much.

64:
Out them as animal abusers? That's still enough to get the torch-and-pitchfork crowd out, at least until the mainstream media flog it until nobody cares...

Oddly enough, this one seems to be the one inviolable taboo, if by animals you mean pets. And I don't think this one will be going away any time soon; in fact, it appears to be getting stronger. Or so I believe :-)

65:
I can't help but think that this is exactly the set of stories that an NSA who had possession of a fast factorization algorithm (and/or other novel number theory proofs and methods) and either just started or was about to start visibly using intel gotten from would want to spread about, as disinformation.

I'd believe that they had a working quantum computer running Shor's algorithm before I'd believe in an NSA who came up with some major advance in number theory. Trust me, there'd be ripples. Black engineering, maybe not so much.

66:

So is David Brin's "sousveillance" idea going to have to be the approach to keep these institutions in check? The last few years seem to suggest to me that won't work, but holding back the surveillance tidal wave seems to be very much a rearguard action, especially as the US population (to name one) don't appear to care about privacy all that much apparently.

67:

So is David Brin's "sousveillance" idea going to have to be the approach to keep these institutions in check?

Life-logging may protect you from false accusations. Won't help much when you actually need something to hide.

68:

The head of the CIA could not protect himself because he was incompetent at computer security.

If my information is correct, Petraeus and his mistress logged into one single e-mail account, and wrote each other messages that they did not send but saved in a Draft directory, in the mistaken belief that this would make it impossible to read their communication (because the message was not "sent", see...). This is pure cargo cult security.

And much as it facepalms me to read that the head of CIA can't be bothered with cryptography and traffic analysis (probably too busy doing photo-ops, knowing the chap...), it would be mistaken to assume that they are all like that in his organisation. Petraeus acting like an idiot does not prove that the technology is beyond mastery.

69:

Maybe your implicit assumption that the NSA sees itself as a heir of the Northern side of the Civil war is mistaken. The CSA might have lost the war, but they won the peace. It was not until the 1960s that the Civil Rights movement managed to implement the theoretical wins of the Civil War, and these rights have been challenged since (War on Drugs anybody?).

I am not saying that we are living the CSA mockumentary, but lots of aspects of the present-day USA are CSA features in disguise. Sometimes not even bothering with disguise.

70:

Life under Communist dictatorships was not fun. But it was not what people like Reagan or Richard Perle described to get elected or funded, either. A band as subversive and provocative as Laibach started its career in Yugoslavia before the Berlin Wall collapsed, for instance; that does indicate some tolerance of free expression and enterprise. [1]

Dictatorships have a carrot side and a stick side; you cannot govern by stick alone. Incidentally, democracies have a stick side too, and it would be naive to assume that the stick falls according to what is written in the law and actual criminality statistics.

Anyway, the point is not that the USSR had a good side, it is that the USA seem incapable to build and maintain a sense of identity without an enemy. They exist mostly in opposition to some external force -- hence the sorry spectacle of the "drunken sailor" US foreign policy in the 90s, where it kept trying to provoke various countries into becoming the new arch-enemy.

On a wider point of view, the fall of the USSR also indicates the end of the super-power era. It is quite consensual that the USA are losing their relative power due to the emergence of the BRICs (and the UE, which is slowly grying to grow a backbone). The brutal actions of the USA abroad and at home, against friends and enemies alike, with disregard for its humanitarian traditions and international standards, can be interpreted as the convulsions of a giant organism dying -- or, more accurately, undergoing a traumatic evolutive adaptation to a new environment, like the UK and France did in the 1950s.

[1] A symbol of Communist backwaterness was the Traban. But cars like the Traban seemed ridiculous in 1989, because they were from the 1960s. When the Traban came out, it was a worthy competitor to its Western equivalent; the crucial point was that it never got updated because of the Beznevian stagnation -- but from what I see in the contemporary USA, freak economic malfunctions like the Beznevian stagnation can very well befall to Western countries (for instance, Russia and China have manned space programmes; the USA do not).

71:

Lifelogging won't help in a court of law since there's no verifiable chain of custody for the data generated by Google Glass and its brethren and the word "photoshopping" has become a proper verb. There are also the privacy implications of lifelogging everybody else's private affairs as you move around in public; I await the reports of the first GG wearer getting punched in the face by an irate privacy advocate.

As for the court of public opinion you can try to put your lifelogged evidence out there but if you're faced with a tidal wave of accusations and insinuations (see "Gish Gallop") then you're probably SOL in that case too. There have been enough instances where the evidence about someone was clear and folks still believed the lies because they were tastier or paandered to their prejudices.

72:

Most people don't care about privacy because they don't believe in it. Big Sky Fairy has been watching all along, remember?

73:

Logging into a single account and saving emails in the draft folder is secure unless that account has been compromised or your connection to the account is compromised. This actually has better security characteristics than encrypted emails.

74:

This actually has better security characteristics than encrypted emails.

Storing plaintext documents on some random, remote server in order to avoid "sending" the mail -- knowing that the parties will have to both connect to the mail account in question to retrieve the documents and are public figures; that has "better security characteristics" than GPG?

That is an astounding statement. Could you either explain where I misunderstand you, or elaborate?

75:

@71:

Most people don't care about privacy because they don't believe in it. Big Sky Fairy has been watching all along, remember?

Yes, but other than the occasional, burning bush, golden plates, or euphoric revelation, He/She/It doesn't tattle, and certainly doesn't contribute evidence against you in a court of law...

76:

"We're returning to the old pattern where everyone new your business in the village, and you didn't really have privacy. Except now the village is the whole planet."

No, now the 'village' is the elites.

77:

"Basically everyone is a potential felon but will only be arrested if someone in power is annoyed. "

Or you just get some snippets sent to you, showing just what they have on you, with speculation about the effects of public dissemination. Or the effects of having your enemies or competitors having access to all of your secrets.

78:

"Yes, and if all of the major telecom executives in the US are in prison, then what happens? That's the messy bit. They're kind of essential. And influential."

Are you actually trying to tell us that you think that:

1). The CEO's are the kind of people who'd do that? 2). The boards would not immediately replace them after checking their e-mails and reading their Stasi files? 3). The US government wouldn't simply imprison CEO A for twenty years, then imprison CEO B for twenty years,...., until the next CEO on the list cooperated?

79:

"Yeah. The Miracle algorithm with it's 99% accuracy will report 4 false positives (book group phone trees) for each terrorist cell it finds."

I may be exceeding my authority here, but I feel that you should know that there has been at least one extensive discussion here about the false positive problem.

The short answer is that nasty authoritarians are OK with it.

Heck, popping innocent people for each actual terrorist might be extremely good odds, compared with the real wolrd.

80:

Another: "Senator, I see you've made a number of after-hours calls to the young lady at this number, which is... not your wife... Now, I'd like to talk to you about a little appropriations matter..."

Vanzetti: "What happens if the Senator records this talk?"

What talk? An e-mail comes in on your closely-held number on a private cell phone, with some details which you really, really, really don't want revealed. You look up, and the guy you are talking with smiles...........

81:

"In general, it takes cojones and preparation to record such a conversation and use the recording, especially since recording a phone call without the other person's permission is against the law in the US."

First, there are numerous national security/state secrets laws and precedents. It's really hard to being criminal charges against well-connected people who can inovke. Given the various laws, I'd also bet my money on many things being legal for the right people.

"This, incidentally, is why Gen. Petraeus was such a bad choice for CIA director. If you can't exercise fundamental informational security over your covert affairs, it's better to not have them, at least if you're in a position of power in Washington."

I imagine that the higher-level guys in the CIA wer quite happy with a compromised nominal superior. And having him zapped by a rival agency might simpy be a cost of not having a Hoover come in over you and take actual charge.

82:

"The increasing number of signature drone strikes being carried out suggests that this is already the case. Or, more scarily, that the executive suite in the US recognises the false positive problem and doesn't care."

I have pointed this out, repeatedly. Think about Stalin's approach to it. Think about the Iraq War - I can tell you that d@mned few of the supporters bleating about liberating the Iraqi people cared when the bodies piled up high. And very few of the 'public intellectuals' and pundits calling for war with Syria for humanitarian reasons will be horrified if this kicks the killing into fourth gear.

In additon (as I and others have pointed out), many 'strikes' will be dirt-cheap electronic actions. Mailing 'Stasi files' to people might not always work (e.g., Joe Smith receives dirt on another Jor Smith), but unless there is a massive backlash, who cares? And some things will be highly deniable, such as somebody's credit report flagging them bright red (no job, bank accounts shut down, etc),, or some misc. police system flag saying that the guy they just pulled over is a 'baddie', and should be f-ed with.

83:

I agree. I'm thinking it through from a game theory perspective: a given strike has maybe a 1% chance of killing a high value target (or someone who can be marketed as such). This outcome means promotions for everyone involved. The other outcome is a 99% chance that some random Pashtun gets a Hellfire missle as a wedding present; the person who ordered the strike is not penalized.

It won't be terribly long before the higher ranks of the organization are full of people with a bias for launching strikes.

84:

"The head of the CIA could not protect himself because he was incompetent at computer security."

And the President of the USA is not selected for their military prowess.

85:

"It won't be terribly long before the higher ranks of the organization are full of people with a bias for launching strikes. "

My point exactly.

86:

@58 Theoretically you can't trust a compiler, but practically what would it take to subvert one? You'd need some code that could detect when it was being used to compile something that looked like an encryption protocol, and to hobble it in some way. Then you have to obfuscate that code so that it looks benign to whoever looks at it. The GCC contributors page lists hundreds of people. Most probably wouldn't notice your addition, but it would be hubristic to think that at least one of those contributors isn't at least as clever as you. Neutering an encryption algorithm is easier, because it only takes a small mistake in how the algorithm is implemented to make the result much easier to break. However, while inserting a backdoor into a compiler is technically possible, doing so as a practical matter, and hiding it, is very difficult. If it's easier just to arrest someone (or just hit them with a drone strike), it's unlikely to happen in my opinion.

87:

If you want to wallow in paranoia, the government could have placed backdoors in your CPU or NIC as well.

Note that wifi chipsets in particular are largely software driven these days, and there have been a number of documented security flaws in their firmware.

All fast peripherals like a wifi or ethernet card run using DMA (direct memory access), so they could certainly do something like, say, change some of the operating system's memory when directed to do so by a special IP packet, giving the sender a root shell.

Subverting a compiler would be extremely risky in comparison, since people can actually read through the compiler's machine code and notice your backdoor (and very well might, since poking through assembly is what compiler engineers do all day). Plus, actually knowing what code to subvert would probably require strong AI to be reliable.

Computer hardware on the other hand is essentially a closed box which requires serious resources to take apart.

Commercial products tend to have a backdoor in them anyway, put in by the manufacturer. For an obvious example... notice you can remote wipe an Apple computer or Android phone? People pretty much expect a corporate backdoor these days as a matter of course.

88:

You're assuming that the code that produced the misbehavior would be evident in the compiler source. Thompson's paper demonstrates that that is not necessarily the case: it's a worked example of a compiler "backdoor" that was present only in the compiled binaries of the compiler itself, and completely absent from the source code of the system.

To see how this works, you really should read the whole paper (it's short and nearly jargon-free). But briefly: The compiler in question was self-hosting, like gcc; Thompson hacked the binary to recognize when it was compiling its own source, and reinsert the backdoor. The backdoor code in this case recognized two sequences: one was a hack to the "login" command, and the other was the hack to the compiler.

In this case, the buggy behavior would be pretty obvious if you could see the source code, but that's not necessarily the case either. Optimizing compilers sometimes have subtle bugs that, say, elide a null-pointer safety check under some obscure circumstances --- perhaps due to a missing safety check in the compiler itself, which wouldn't be obvious to someone looking at the source. It's certainly possible for someone with knowledge of such a bug, or the wherewithal to create one, to set up those circumstances in a different piece of safety-critical code. The vulnerability depends in subtle ways on both the compiler and the vulnerable code --- but the most careful audit of each, in isolation, won't turn it up.

89:

Another interesting possible avenue for backdoors is cellphone baseband processors. Briefly, a typical smart phone actually has two computers in it: the application processor, which runs the UI, the apps, and their supporting operating system (iOS, Android, or what have you), and the baseband processor, which does the hard realtime processing involved with talking to cellular networks, running the GPS, and so forth. On most phones, the baseband also has direct access to other sensors, including the microphone. Also, replacing the application processor's software with Cyanogenmod (or whatever you like) doesn't change the baseband; its software is a separate closed-source binary blob.

What else can the baseband do? You don't know. It's closed source. But some of them will provide diagnostics to the cellular network whenever it asks. So, how does the network request diagnostics? In some cases, apparently, by downloading small bits of Forth which implement whatever diagnostic procedure the network happens to want this week.

The networks themselves, in the US, have been extremely cooperative with government surveillance efforts even before the law that effectively immunized them from any consequences. And even so, law enforcement agencies are known to use tools like "Stingray" which act as captive cell towers in the vicinity of targets of interest. So, putting this all together: if they can download arbitrary code to the baseband, which can talk to all the sensors, they get to pwn a phone whenever they like. As can anyone else capable of impersonating a network.

If you view the network as potentially hostile, it doesn't feel right to call this sort of thing a security hole. It's more like a gaping, empty void where you might think there ought to be a little security.

By the way, some government officials, when traveling to China, make a point of leaving their cell phones in the States.

90:

So, is an air-gaped computed with a hardware random number generator, for generating one-time pads, safe enough? Or should we now assume all hardware is compromised by default?

91:

Well, if you constructed your RNG hardware yourself in some suitably foolproof way[1], it might be OK. If it relies on anything that uses an externally-written algorithm, I'd say assume it's compromised.

[1] trivially constructed example: set up a manual switch with software that records the time between uses and then create your pad using, say, the 3rd and 4th significant digits of each time interval. You'll do a lot of switch-flipping, but it's reasonable to assume that the intervals are being recorded accurately, and you can (a) cross-check those numbers against the pad and (b) analyse them yourself for randomness problems.

92:

Oh, and the computer is kept and used inside a Faraday cage, and runs off a battery, right? (A laptop is probably OK, although you obviously can't use it when it's charging.)

93:

Oh, and the computer is kept and used inside a Faraday cage, and runs off a battery, right? (A laptop is probably OK, although you obviously can't use it when it's charging.)

Wait, what? You can hack something through the power cable?

94:

Make sure you don't have any windows (or worse yet, charge the laptop using solar panels), lest there be any backdoors in the firmware watching your laptop's camera or charge controller. Watch for suspicious cloud patterns!

On a more serious note, the NSA and the various other spy agencies are a bunch of bumbling bureaucrats working in secret. They're not superhuman.

They're probably able to subvert any mobile phone easily, since having a bug in everyone's pocket is so useful to them. And any commercial encryption product is probably full of backdoors, since it's so easy.

But I wouldn't be too paranoid about crypto algorithms that have received a lot of peer review, or eschaton-class subversion of open source compiler binaries.

95:

Well, you could always write your own encryption code. It's not hard; I did the RSA thing in about ten minutes. I don't see how that could be cracked short of your keystrokes being logged somewhere. And if we're already at that level of invasiveness . . .

96:

You can't hack any old computer through the power cable, but if the thing is already running hostile software (and worse, hardware), sure.

For example:

The NSA backdoor sits in the BIOS. It watches the charge system for patterns, and if it sees the mains power fluctuate in a pattern that says "Mary had a little lamb" in ASCII, it responds by uploading new logic into the CPU (yes, the BIOS can do this) which reads your keys, and then sends them out via the power cable. It can do this by pulsing CPU load from 0% to 100%, which changes the power draw of the processor, and in turn your house.

97:

So if your computer is already hacked then you can hack it? Well, yeah. But by that logic even one-time pads aren't secure if there's already key-logging code on your machine.

98:

A UPS should take care of that, I think.

99:

I doubt the NSA has installed a keylogger in your machine, but it is entirely possible to pick up a keylogger on some sketchy site, in which case the NSA would naturally record the keylogger's outward communications (including the keylog).

100:

I wondered for a minute whether you meant Uninterrupted Power Supply or United Parcel Service. Either would work, actually.

101:

Right! But that's the point: the news is about spy agencies hacking computers in the factory. Unless you know exactly what they did, pretty much the only thing left is unbounded paranoia and the assumption of constant surveillance through any channel.

Are these fanciful schemes real? Well, probably not: power line hacking is pretty absurd, and so is sneaking binary bugs into compilers. But people are looking for a way to trust their machines, and the reality is that they're being subverted at the factory in various ways for the purposes of the spy agencies.

102:

I worked in Technical Support and did quite a lot of Teaching.. introduced by Easy Stages starting with ' I'm Am Really sick of having students weep on my shoulder through inadequate tuition in Presentation Technique causing me to do seminars in the subject that led to "Not Really Lectures Oh Dear Me NO " to several Hundred Business Management students at a Time. You'd think that someone like me couldn’t possibly be insufficiently cynical/realistic wouldn't you? And yet..I never anticipated that there would come a time in the near future when - thanks to Our Hosts Post - I would regard this following as being The Good Old Days...

" Fred James Cook (March 8, 1911 – April 4, 2003) was an investigative journalist whose prime years of reporting spanned from the 1950s to the late 1970s. His 1964 exposé, The FBI Nobody Knows, was central to the plot of one of Rex Stout's most popular Nero Wolfe novels, The Doorbell Rang (1965). " http://en.wikipedia.org/wiki/Fred_J._Cook Both that Fred Cook Expose and Rex Stouts Novel are still really readable and available.

I do wonder what Rex Stout would have thought of the Age Of Information Technology? There’s got to be an,' in the Style of a Golden Age Detective Fiction story 'in there somewhere.

103:

United Parcel Service

How is this safe?

104:

Well, you could always do-it-yourself, starting with some old 8088's, working around those infamous but known corruptions of course . . .

105:

Hey, you can do a lot better than that these days. Just get an FPGA setup, and design the CPU, GPU, and network host adapters yourself! The better FPGAs can support a fistful of PPC processors at a decent clock rate these days.

Plus, if you get bored with your CPU paradigm, you could just buy a few thousand more and reprogram the chip to run a piece of your giant neural network AI tomorrow.

106:
Wait, what? You can hack something through the power cable

As others have said above, you can do so in theory, but probably not in practice. (If necessary, constructing a modified UPS device that smoothed out existing fluctuations and added random noise would be a pretty trivial exercise for any competent electrical engineer.)

But the power cable represents a hole in the Faraday cage, and the cage is essential. Because you can determine an enormous amount about what the machine's doing from its radio spectrum emissions. Can you hack it? Well, if you persuaded the manufacturer to put a backdoor in the built-in wifi that allowed you to turn it on remotely using a broadcast key, then yes. And that persuasion should certainly be within the means of the security services; whether they've thought to do so may be another matter, but it certainly wouldn't surprise me. It's precisely the sort of thing I'd expect to be included in the "revelations" about NSA-mandated hardware backdoors.

I imagine that turning your wifi on remotely won't be universal, however; they'll have to actually care enough about you personally to send the relevant instructions to your modem/router/other wireless capable internet-connected device.

107:

Hmmm . . . you lost me there. I'm a math guy who knows some computer stuff, not a computer guy who knows some math. What are FPGA's and what is it about them that ensures they have no 'back door' either soft- or hard-wired in?

108:

It's safe in that even the NSA don't know whether your parcel will actually get delivered or not unless they intercept it themselves. Which means you could use it for a bitwise random number generator, so long as you didn't mind it being rather slow and expensive to use.

109:

According to the wiki, FPGAs have some stuff already hard-wired in. Or rather, they are only partially programmable.

110:

Field Programmable Gate Array. However, modern FPGAs contain huge chunks on non-programmable hardware (DSP slices, ARM cores, graphics processors...). This is how they manage their impressive processing power, but also means that you can't be quite so certain they don't have a backdoor in the hardware. (Unless you examine the chip gate by gate using an electron microscope, which has certain obvious disadvantages.)

111:

Yeppers. That was my takeaway from the wiki article. Which I trusted, btw. Didn't feel the need to click on any of the links.

112:

Anyway, how far back down the historical tree do you have to go before you can trust something you've built yourself? Do you have to build your own gates and registers out of NANDS before you can be sure your secure? Do you have to build your NANDS out of individual transistors? I mean, it's okay to take paranoid and run with it. But sooner or later it gets to Dickian levels. That doesn't necessarily disqualify it. But it does drastically reduce the scope of action.

113:

An FPGA certainly can have some sort of backdoor, but for the same reasons that a compiler isn't a very realistic target, an FPGA isn't either.

As long as the creator of the backdoor doesn't know what sort of processor you're going to lay down on the FPGA (i.e. you wrote the CPU yourself), and you're talking to a low level DAC or similar yourself through a custom protocol, putting in an effective backdoor would be close to superhuman.

To scentofviolets' question, I suspect that there's no way to be absolutely sure that your tech is safe from the spooks.

Imagine for a second that you go and build your own system out of NAND gates. First off, it's probably not going to be useful unless you have some way to make a whole lot of them in a very dense form, so you're pretty quickly going to have to contract a chip factory to build your design for you.

At that point, the chip factory probably sends your design to the spooks... And who knows what the chips you get back actually do?

Build your own factory? Now you have an address, and the spooks show up at your door with a national security letter.

Is this ridiculous paranoia? To a large degree it is, but it's at about the same level as the compiler stuff above.

More realistically, the spooks are interested in trawling massive amounts of data with as little effort as possible. Putting backdoors in all the major telecom products is pretty low touch for them, and lets them track and bug the vast majority of the public at will.

Breaking into custom kit designed by hackers is a whole different world of difficulty, and isn't something they're likely to attempt unless they have a specific target. But if they know your name, there are lots of other methods besides computers they can use.

114:

I was thinking more along the lines of United Parcel Service packages not being searched in mass. If you're being specifically targeted, then it's not safe.

115:

You're going about this entirely the wrong way. If all the tech is compromised, avoid tech.

Yes, it's a pain. It's not nearly as big a pain as spending the rest of your life in Guantanamo Bay.

116:
Imagine for a second that you go and build your own system out of NAND gates. First off, it's probably not going to be useful unless you have some way to make a whole lot of them in a very dense form, so you're pretty quickly going to have to contract a chip factory to build your design for you.

That sounds really hand-wavy. Would a box full of 8088's get you on the internet and provide secure encryption? Certainly. Could you build the equivalent out of gates and registers. Sure. It would be expensive, but sure. Would the costs be prohibitive, both in terms of the assembly and it's running requirements? My wild-ass guestimate would be 'you bet'.

So would something smaller get you on the modern intertubes highway, and if so, how small could you go? This strikes me as an interesting question.

117:

"how small..."

Kinda depends on how fast you want. Ignoring for a moment the likely timeouts on the lower level protocols, all you need is the ability to send and receive appropriate signals representing one and zero. Yeah, yeah, carrier level analog issues aside, that's all the protocols and content need. Be a bit of a hassle encoding/decoding but telegraphy worked for quite a while on little more (and still does in the ham radio world). Doesn't solve the problem of encryption but that just adds to the grey matter pre- and post-processing required.

As many have said, personal privacy is only an issue of how badly someone wants your information. It's accessible -- and really has been for a long time -- via so many channels computers in many ways just add to the noise.

I like to think of it as a missed business opportunity: "Lost a document or email? Deleted that birthday text from your grandmother? Don't worry! The NSA has you covered!" Wait a moment... isn't that what says? Hmmm...

118:

Argh! Forgot the MT escapes. That sentence should be "isn't that what (insert your favorite cloud vendor) says?"

119:

You can't hack any old computer through the power cable --- but mobile devices that charge through their USB ports are more vulnerable. There, you have a single connector supplying both power and data. Chargers are not expected to send anything down the data lines --- but gimmicked ones that do that, with malicious intent, have been found in the wild.

Speaking of which, if you're trying to defend a stock computer, there are reports of weaponized exploits on USB stacks, which could be triggered through a gimmicked mouse, keyboard, or USB memory stick. Exploits going through Firewire, or the display ID blocks that monitors use to describe their capabilities to the monitors, might also be possible. (There was a report a few months ago of a US government agency destroying about $3 million of peripherals after a malware infestation, including keyboards, mice, monitors, and printers. In some circles, they were roundly mocked. I'm not sure why.)

As to what you can do about this: it's interesting that several of the people who are working directly with the Snowden files (including, most recently, Bruce Schneier) have reported that they're using computers which have never connected to the Internet; one presumes that the idea is that whatever back doors may exist on the device, your opponent gets no chance to use them. They have not, to my knowledge, mentioned physically cutting the wires to the antennas inside the devices, or doing anything to suppress the RF emissions from the screens, but some government installations with high security requirements are known to do both.

120:

hm, for the selfdestructing agency, that was:

The Economic Development Administration (EDA) is an agency in the Department of Commerce that promotes economic development in regions of the US suffering slow growth, low employment, and other economic problems.

if the new hardware was acquired in said areas, i'd say mission accomplished.

121:

i guess even the big sky fairy is more of a rationalization for the general feeling off being watched or something going on (cf. douglas adams on paranoia).

a somewhat healthy and adaptive pov in the savannah, but today?

122:

Its a lot easier than that, guys. Modern processors have specialty instructions for special operations. Intel, for example, has an instruction called "RDRAND", that it claims is a hardware random number generator. If it had a weakness that only the NSA knows about, everyone who uses an modern intel processor has weak keys. There is evidence that this has occured.

123:
Would a box full of 8088's get you on the internet and provide secure encryption? Certainly.

Well, let's work through this, then.

In a little more depth: your goal here is to build a box that can utilize the internet with secure encryption of some sort.

Let's just take it as a given that older kit is not compromised. Let's build this box.

First off, your box needs IO. At a bare minimum, I'd say it needs to drive some sort of medium resolution screen to produce text, with a keyboard, and a wired ethernet adapter. It also needs a mass storage device. For our purposes, a wifi adapter would be much better, since we'd prefer our packets not be easily traceable.

We already have some problems here: where are you going to source your components? Are we building these devices new, or is this literally a matter of going down to the local PC recycler and scrounging for chips?

If these are new components, then a number of these parts aren't trustworthy. The wifi standard is pretty new, and the chipsets involved are fairly powerful computers in their own right, running closed source binary blobs.

The same is essentially true of modern hard disks and flash devices (in fact, even back in the '80s, the Commodore 64 sported a floppy disk drive that was equal to the main computer in CPU power). Luckily, it's less obvious how subverting a disk would matter.

So, I'm afraid we're going to be stuck with with wired ethernet. OK, so let's say you build this machine. What can it do?

Well, an 8088 class processor would struggle to run TCP/IP. It could perform whatever sort of encryption we want, but not in real-time. I think this pretty much limits us to sending and receiving email, and possibly downloading encrypted files for use later on an untrusted air-gapped machine. Even if we walk forward a decade to, say, a 68040 or similar, things aren't that much better.

That's not much of the internet. And it may not even be that secure, because we need a way for these machines to find each other. With email, we're talking about a store-and-forward system passing through network servers that (we have to assume) will record all the metadata they can about us and who we're talking to. In other words, pretty much the same as what the NSA collects now.

Maybe the machine is online all the time, and talks to other such machines through a P2P network, such as I2P or TOR. This is much better! We remove the store-and-forward problem, but now we've replaced it with more problems:

First, now our machine has a permanent network presence. This is a problem, because while it might be secure, it lacks any anonymity. Perhaps this isn't a problem for us.

Second, I think we've just overwhelmed our little 8088 (or even 68040) class machine. I have a raspberry pi in my closet, with a 600Mhz SOC and 512MB of RAM, and it's fairly difficult for it to perform the encryption these sorts of systems require in real time.

More to the point, I don't think the minimum specs up above are at all what you'd desire in a secure computing device. Don't you want a graphical environment with a web browser at the minimum? I mean, sending a few encrypted emails around is nice, but the real benefit of a secure computer is access to information. I think a better minimum here would be that you can access wikipedia through TOR.

That pretty much calls for a raspberry pi class machine, or a high end late '90s desktop. Is that too far up the technology sequence to be trustworthy? I don't know.

124:

That's everyone who uses a modern Intel processor, and uses bits coming out of RDRAND as their sole source of entropy for their RNG. Linux, for example, mixes in other stuff. (Note the Ted Ts'o quote in your link; he was one of the guys responsible for making sure that /dev/random would not just output the results of rdrand with minimal postprocessing, against what he describes as considerable pressure.)

There are certainly other ways of generating physically random bits. I'm strangely fond of Lavarand, an ancient hack from the now-defunct SGI which involved digitally hashing the pixel data of images of 1960s-throwback Lava Lamps. There may be more convenient ways of packaging a physically chaotic process, but this one has ... panache.

125:

An old processor like an 8088 or 68040 probably has errata that are known to the NSA, even if they weren't created as deliberate back doors. You'd probably be at least as well off burning an OpenRisc core into an FPGA, with better performance and current stock Linux support to boot.

126:

Well, I totally agree with that. But as people were noting up above, an FPGA is itself a piece of modern kit, and might have been sabotaged in subtle ways (even if, as a programmable component, effective attacks are harder).

127:

Rather than try to encrypt things more securely, which is futile if they've actually solved fast factorization, it's probably simpler to evade the search. Use a public or unsecured wifi network, test gmail accounts until you find one where the password is "password", and generally make it as hard as possible for the NSA to connect your online behavior to your meatspace identity. At some level of paranoia, using a new laptop every month/week/day starts to make sense (purchased with cash, of course).

128:

You're probably not going to be able to maintain electronic privacy by heroics if you're explicitly targeted by the NSA and trying to use network connected computers. That's no reason for the rest of us to preemptively surrender. Make it harder for the dragnets to operate. Whatever amazing special purpose hardware and algorithmic advances have been developed inside the NSA, we can be pretty certain that encrypted communications are always far more difficult to process en masse than plaintext communications, even if that just means spending 10 seconds instead of 10 nanoseconds scanning for keywords.

The NSA budget is vast but finite. Modern strong encryption is supposed to make scanning your communications 24 orders of magnitude (or more) slower than scanning plaintext. Suppose that the NSA has combined algorithmic advances, subtle bad advice to crypto implementors, and special purpose hardware to shave off 15 or 16 orders of magnitude -- truly astonishing, and you're screwed if targeted. But we can try to make it harder to target people in the first place based on cryptographic profiles, by using cryptography everywhere and in the strongest forms practical. A "mere" 8 orders of magnitude difficulty increase over plaintext processing will barely slow targeted operations but will make whole-internet dragnets impractical.

I already upgraded the public key size on my (self signed) SSL cert to 2048 bits last year. It looks like I'm going to increase the size again when it needs to be refreshed, perhaps enable perfect forward secrecy too. Communications protected with larger keys are slower to process even after you have determined the private key. I don't have any secrets worth protecting. My efforts and their small effects are aimed entirely at normalizing the use of self-signed certificates and ensuring that any decryption dragnets will expend maximum resources before finally seeing the mundane non-secrets I'm communicating.

129:

If you just want to make your communications harder to harvest, handwrite them and send images or (better) video.

130:

Could these revelations, and presumably more to come, be enough to break up the Internet?

A single world-wide computer network was pure sci-fi as recently as the 1970s. (And usually dystopian "used to subjugate humanity" sci-fi at that - hmmm.)

In David J Williams not too distant future "Autumn Rain" trilogy all three major power blocks have their own networks, non-interoperable right down to the protocol level.

Maybe we won't go quite that far, but perhaps the China model will become prevalent? Governments insisting that any trans-border network traffic go through designated gateways and be subject to inspection?

We could end up with something like 1960s/1970s postal and telephone communication in Europe. Even at the height of the Cold War, the post still worked across the Iron Curtain. Academic and scientific communication and travel was largely unhindered except for deathtech such as nukes. Business went on.

What would be the consequences if, say, the EU put the Great Firewall of Europe on the fiber nodes across the Atlantic? Email/web/ within the EU is free, outside costs a penny per kilobyte?

131:

If they were going to try to compromise FPGA implementations of OpenRisc, it would be easier to do it in software --- either inserting subtle bugs into the OpenRisc design itself, or by rigging the layout software so that when it recognizes that it's laying out something that looks like, say, an OpenRisc MMU, it adds a little something extra. (The standard layout tools are closed source and proprietary; a little googling around turns up software that describes itself as alternative open source toolchains, but I have no idea how good they are.)

On the other hand, it's worth remembering that not everything they do is necessarily this subtle. Some of the escapades described in this note from EFF cofounder John Gilmore on the development of IPSEC look like semicompetent buffoonery --- although knowing about BULLRUN shows them in a rather different light. Which is, of course, Gilmore's point.

132:

What would be the consequences if, say, the EU put the Great Firewall of Europe on the fiber nodes across the Atlantic? Email/web/ within the EU is free, outside costs a penny per kilobyte?

At some point it becomes practical to toss out realtime duplex communication.

You can pick up a micro-SD card at any office supply store for not much money. Lay down some cash and walk out with double-digit gigabytes on a chip the size of a fingernail. Never mind stopping that kind of traffic, people are hard pressed to find it. And you can always go wild with your favorite encryption there; I suggest putting your encrypted secrets in with encrypted vacation snapshots, encrypted blog entries, encrypted porn, encrypted cat videos, and encrypted random gibberish. There's no reason your kilobytes of secrets can't live amongst gigabytes of chaff.

If you want to go a little bigger, the pranks that can be performed on a USB stick boggle the mind.

133:

"I'd believe that they had a working quantum computer"

I can both confirm and deny that.

134:

You are familiar with the hobby of geocaching, I take it?

Geocachers use cryptic crossword like clues and GPS coordinates to hunt buried treasures. And they leave treasures for other 'cachers to find. Lest caches be muggled (tampered with by non-geocachers) they tend to be furtive and use many of the techniques evolved by HUMINT services for covert transfers and dead letter drops. This is a hobby, mind.

There is a type of cache called a travel bug; a small object, typically a coin or keyfob or pocket souvenir, that tries to travel around the map, often aiming to hit every continent or arrive at a specific destination. Cachers collect them and transfer them to new caches. (Directing the travel is usually the job of the websites where they coordinate their puzzle-play, but it's not implausible for a travel bug to come with a handwritten logbook and a handwritten destination.)

And it's easy enough to buy "spy coins" -- hollow tins shaped like small change that are sized to contain microdots or micro-SD cards.

(You will now FORGET YOU KNOW THIS until you have read "Dark State": otherwise I just spoilered a chunk of the plot of a novel, which revolves around parties swapping secret data under the nose of a very nosy secret police agency. NB: I am certain that the geocacher websites are heavily penetrated by any spook agencies with any sense -- and probably used for exactly this purpose.)

135:

You will now FORGET YOU KNOW THIS until you have read "Dark State": otherwise I just spoilered a chunk of the plot of a novel

I'd say that's more a teaser than a spoiler.

(Yes, I'm waiting for the book already. Now more than a moment ago.)

136:

Scott @ 132, Charlie @134

It's certainly possible to smuggle data around without the Internet.

But my question is what happens if the regular business and personal traffic we now take for granted is no longer easy? I don't see services like Amazon, Gmail, or Wikipedia relying on covert USB sticks as the mode of communication.

As to why it could happen, nice though it would be for governments everywhere to champion the cause of net privacy, I don't think it very likely.

The French govt, as a representative sample, probably isn't really annoyed about the US govt spying on people and companies in the US. What really upsets them is the US spying on people and companies in France. That's their turf, and if anyone is going to do any spying, it's their own intelligence people.

137:

The Spy Coins were viewed with alarm by the Daily Star, a few months back. They were reporting claims made by anonymous prison sources.

3 grams of PETN could cause chaos in a high security prison. One of these things could carry a foot of detcord.

At this point, I'm thinking a cautious OK, but....

What do you need to make the stuff go bang?

And can you do something clever with a denser metal to make one of these coins weight the same as a real one?

Then I looked up some numbers. PETN has a density of 1.77 grams per cubic centimeter, and a Pound coin is about 7.6 grams per cubic centimeter, so we have a difference of about 12 grams to make up. So lets use something like Uranium or Tungsten, density of about 19 grams per cubic centimeter. We take out 2/3 of a cubic centimeter and replace it with a piece of heavy metal. As a rough guess, call it 2.5 cubic centimeters need removing from the original coin. With a pound coin 22.5 mm in diameter, 3 grams of PETN needs a coin at least 1.6 centimetres thick.

This is not adding up. The Prison story starts to look bogus.

OK, a spy coin could carry a microSD card. Matching the weight looks possible (payload of standard weight, and it weighs less than 0.5 grams).

If I were travelling from Germany to another country, I think I would carry a few coins I would't spend by accident. A few Euro coins, perhaps, that it isn't worth the hassle of changing, maybe sitting in the wrong pocket. I keep my change in that pocket, but I was juggling a bag and the change, and I stuffed the change in whatever pocket I could reach.

Or is that getting too clever?

138:

Regular business and personal traffic isn't likely to stop because of NSA snooping. Amazon doesn't care about the NSA any more than the NSA cares about my order of The Fuller Memorandum. Some investment banking or tech design information might be worth Fedexing a USB stick, but not much.

Now if organized crime got ahold of a fast factorization algorithm, things change. They could use a botnet to insert thousands of fake-but-believably-encrypted deposit records into banking systems and withdraw all the money, or tell Amazon to ship them everything (paid for by fictitious account credit), or whatever. That breaks the internet by rendering it too unreliable for ordinary business.

139:

The spy coins I was looking at for micro-SD cards are fake Sterling 5p pieces or US dimes.

A dime is 2.268 grams of 92% nickel/8% copper (copper: density 8.96g/cm^3, nickel: density 8.9g/cm^3). Approximating to 8.9g/cm^3 for the alloy, we get a volume of 0.25cm^3 for a dime.

(A 5p piece is so similar in size/weight/appearance that I have a problem confusing them in my pocket change after a US trip.)

Anyway, I make that 0.44g of PETN in the entire volume of a dime or 5p piece. In practice, using a denser metal, you might be able to use half the volume for your charge, so ... 200mg? That about 1.15kJ of energy. Probably enough to blow the tip off your finger, but chaos in prison? Forget it.

When traveling internationally ... I have a plastic box on my desk, full of US small change -- coins. I periodically skim the quarters (and rare dollar coins) out of it, so it's entirely dimes and smaller. It weighs half a kilogram and is worth something like $8 -- I counted it earlier this year (not having an American coin-counter). I'd haul it across the ocean and dump it into a change machine if I gave a shit, but it's hardly worth the effort. If I had a secret to keep (I don't: I'm not paranoid and I'm not into illegal stuff) I'd shove it on a micro-SD card in a dime and dump it in the box. To retrieve, weigh each dime individually on a milligram balance as sold by your local head shop -- tedious, but if J. Random Plod is going to weigh every single coin in my house to the nearest milligram, they'll also be slitting open the spine of every paperback and scouring every page to ensure there are no microdots hidden there. For reasons that should be obvious, I find this vision highly amusing (says the guy with around 70-100 shelf-metres of double-stacked books, and crates as yet unopened) ...

140:

I was under the impression that geocaching in the UK is already compromised, because after various bomb and thief scares, the police were given a list of the geocaching sites, thus they know of all locations in the official geocache setup. Between that and the spooks reading emails etc, using the official geocaching stuff is pretty pointless. You may as well just use your own personal dead drops.

Of course I'm having trouble finding evidence online about the police knowing of the network of caches, but that could just be taken as confirmation...

141:

I was under the impression that geocaching in the UK is already compromised

I'd be astonished if that wasn't the case, for exactly that reason. Doesn't mean it isn't still useful, though. More to the point: (a) stuff like this can slip in and out of surveillance, (b) there's always room for a new hobby or fad with tradecraft potential (trading card games, anyone? Give your 10-yo kids trading cards with microdots?), and (c) it puts the authorities into purely reactive movie plot mode.

142:

FPGAs these days range from the "nothing but programmable arrays" to "well, we burned some hefty transceivers and a couple of processor systems onto the silicon next tot the programmable stuff".

I wouldn't worry about truly-subtle hacks on the FPGA fabric. I work on design tools for an FPGA manufacturer; working next to some of our communications IP types (who aren't based in the USA, and aren't List X cleared) and occasionally working with some of our synthesis / place-and-route types, I would be truly awed if the NSA had a back door into the code; it's kind of specialist stuff, and with all the testing that we do (and the volatility of the code concerned) it wouldn't last long before being clobbered by accident.

The engineering team is based around the world - US, Europe, and India. IMHO, cunning deep state conspiracies intended to suborn the FPGA fabric and toolchain are in the truly tinfoil-hat probability ranges...

143:

I just looked at a 5p coin and a microSD card, and it looks marginal. When I checked with Google I saw things such as pound coins and half dollars.

But I see that somebody does sell nickels intended to hold a microSD card.

Trouble is, if such a coin is found, it's suspicious. But a microSD card could have slipped through that hole in your jacket pocket.

144:

Geocaching highlights an important feature of the real world - it's big and expensive to search. Step back from the geocaching game itself and look at what the technology enables - simple and secure ways to share physical goods. It's a dead drop with a one-time location.

Let's say you've got two groups (journalists and leakers, drug importers and distributors for example) who want to communicate and/or trade infrequently. All they need to do is share lat and long co-ords, accurate to about a metre. That's all of what, eight bytes? Swap that with a simple algorithm, think the phone number substitution from season one of The Wire, and write the resulting two numbers as grafitti on a wall that's known to both parties (or phone numbers on a dummy "lost cat" notice on a lamp post, or any of a million different ways to publicly make available a tiny amount of data). Put a camoflauged waterproof container at that location and swap small, highly-valuable goods with low risk.

Your two parties have a minimal set of shared secrets (location of grafitti wall, simple swap algorithm) that lets them trade without making any contact other than scribbling two numbers on a wall. It's a pretty robust mechanism for a cut-out, using no specialised hardware or software whatsoever.

Intercepting this involves either gaining both of those shared secrets or following a delivery and then staking out the drop point (possibly for months). Following the collector and catching them red-handed only nabs the receiver, not the other party.

And if spooks haven't been using this process themselves, then I'll eat my hat.

145:
That's everyone who uses a modern Intel processor, and uses bits coming out of RDRAND as their sole source of entropy for their RNG. Linux, for example, mixes in other stuff.

Yeah, but how many people do that, other than Linux? Ted Ts'o may be paranoid enough, but others aren't. If he got a patch last week[1] from a Red Hat engineer, what are the odds that Red Hat is using it for all of their own kernels?

Interestingly, the description in the patch itself is rather misleading, making it sound like it improves randomness even though it does no such thing (RDRAND is used in any case, the only effect is disabling all the other sources of randomness).

Subverting RDRAND sounds like a high-value, low-risk operation. Not everyone will use it, but a lot of people will; and it's almost impossible to detect, because there's no way to test random numbers. What's not to like?

[1] https://lkml.org/lkml/2013/9/5/212

146:
What happens when the surveillance type gets tempted by the power of the author - the power to make things happen, the power to create stories?

I think OGH already wrote that story...

Spoiler: ehyrguveglsbhe.

147:

On the bright side future historians will enjoy an unprecedented wealth of primary sources.

148:

You've described a variation on a classic tradecraft technique called a "dead drop", which features in a lot of spy novels and memoirs. (That's the only way I know about it.)

The usual scheme is that the two people (say, a spy and their "handler") will agree to a covert hiding place for small message-bearing objects. When they've left something there and want the other party to pick it up, they'll use some sort of prearranged signal to indicate that a message is waiting --- a flower of a particular color in a vase visible from the street through a window is the sort of thing that turns up in spy novels.

I won't pretend to evaluate your variant. But if you want to switch drop locations, there may be less obtrusive ways than graffiti in a public place to signal the new one.

149:

So all the information in the entire electronic communications system of the world is now being bugged and searched. We have what is by orders of magnitude the largest data bank ever conceived, giving us Laplacian knowledge about our society at every point in time. I've occasionally speculated on the kind of data cornucopia we could have if we weren't obsessed with privacy - and now we've got it.

And what are we doing with it? If you believe the government, they're looking for terrorists; if you listen to just-proven-correct paranoiacs, they're looking for opposition; in any case, how terribly trivial.

We have a corpus that contains the answers to almost any question about human beings. We have the oracle in front of us. And all we can ask it is "Who is going to plant a bomb where?" it's been pointed out that this is expensive and inefficient - it would pay us to dismantle it unless it was stopping one 9/11 a month - but not much attention has been paid to the opportunity costs. We're not asking how many people with prescriptions for drugs A and B and C but not Q visit emergency rooms, or what proportion of users of different mobile phones have convictions for domestic violence, or which mobile phones correspond to an unusual number of burgled houses, or..... why isn't there an industry for thinking up questions?

Privacy's dead, and we're not getting anything worthwhile out of it.

150:

Maybe the NSA (or some Dilbert bosses there) forgot that encryption isn't just about hiding information, it is critical for authentication. More likely, they either believe their "security through obscurity" BS or just don't care.

151:

Feorag @ 2 And everyone else subsequently ... Because they were EVIL COMMONISTS - and worse, because people forgat, & because were are (the competing religious group) of delightful christains, WE are PURe so it is a good thing. People need to look up the invention & operation of the first police-surveillance state - Calvin's Geneva. "it was as if all the walls of the houses in Geneva had been turned into glass". indeed.

152:

aggray @ 5 But what if your local police agency has the info, and decides they need to enforce every law on the books? This was, actually how the SovUnion operated. Everyone was guilty of SOMETHING. So they could always get you, if they wanted to. Sorry, but this trend has been apparent in the UK for about 10+ years, already ... The only hope is that someone will hack the system & expose every petty & not-so-petty misdemeanour of those in power. Because: "Nothing to hide, nothing to fear" works both ways ... & they don't seem to have twigged to this yet.

153:

Ant @ 9 Because they are terminally stupid .. And failed, toitally, to foresee the results of their actions.

154:

amckinstry @ 19 they can do it, no-one else; THIS WEEK

Next month? The stupid, it burns!

155:

We have a corpus that contains the answers to almost any question about human beings. We have the oracle in front of us. And all we can ask it is "Who is going to plant a bomb where?" ... why isn't there an industry for thinking up questions?

Possibly because they've read a leaked manuscript of "The Rhesus Chart", coming out next July, wherein Bob asks an irrelevant question (and spends the rest of the book really, really, wishing he hadn't). Ahem.

156:

Sorry, but this trend has been apparent in the UK for about 10+ years, already ...

Add an extra two zeros on the end of that number.

The reason the Home Office has been passing draconian-looking criminal laws for the past 20 years is because they've been retiring a shedload of very vaguely worded common law offenses ("causing an affray", "outraging public decency") and replacing them with much more specific offenses, because in an era of rapidly changing social norms jurys were from time to time not agreeing with M'Learned Friends and the Police on core concepts like "affray" and "public decency". Which had previously been left vague for the convenience of enforcers. (Remember Murder is a common law offense? There's no actual definition of it, just a bunch of precedents going back up to a thousand years?)

157:

Charlie @ 36 followed by the re-engineered, ideology-free mini-USSR 2.0 that Mr Putin appears to be trying to build for himself CORRECTION The re-engineered Holy Mother Russia that Putin IS constructing for himself. [ The anti-gay persecution is a bit of a give-away ]

158:

TRX @ 63 Child Abusers & rapists won't escape for a very long time ... never was aceptable, actually. Also, slavery is rising up the list of no-nos' as is FGM. And, of course, you can aloways fake the evidence if you really want to nail somoene.

159:

cahth3iK @ 70 The brutal actions of the USA abroad and at home, against friends and enemies alike, with disregard for its humanitarian traditions ... What humanitarian traditions? Hanging on to slavery? Not joining or signing international accords? Exerting force, even on supposed friends? Been doing that since forever, actually.

160:

Nestor @ 72 Which shows how hypocritical christians & other BSF-believers are ... It took the delightful Jean Calvin (see my post above) to make it real. Now, it is real, again. How nice!

161:

deccecio barry @ 79 Indeed ask the shade of Juan de Menezes ....

162:

hugo fisher @ 130 Too late GB is inside the EU & the NSA read all of GCHQ's mail (& probably the other way around) Also, breaking up the Internet is/would be hugely counterproductive ....

163:

Cahrlie @ 141 You mean they react to supposed threats that ARE NOT "Movie Plots" ??

Colour me purple with green spots, because, given the lunacy one sees at airports, & the Eurostar terminals - I mean it's a TRAIN & they DON NOT use the same scanning (or at all) on lorries & cars usuing the tunnel & .....

164:

Or the ferries.

Some years back, I was bemused on taking the Holyhead - Dun Laoghaire ferry to see that foot passengers were now boarding through a metal detector gate.

As it happened, I ended up buying some nice kitchen knives in Dun Laoghaire and bringing them back. Of course, because they were in the car, those knives were taken onto the ship without security even bothering to look for them. There's no search of passengers between the car deck and the passenger decks, so it would have been trivially easy for me to get them there.

But of course, no terrorist would think of using a car ... oh wait.

165:

Case study - I had an Ada program that threw a general exception when given a specific piece of data to analyse. I was able to identify that the exception was thrown by a specific group of lines in one sub-program. In order to try and isolate the problem more exactly, I placed an exception block around those lines, so that I could inspect the program state there more closely. The exception promptly went away and never recurred!

166:

And, if you just want the ferry itself, well, CalMac doesn't even search foot passengers (I suspect Red Funnel and Condor don't either; certainly Condor didn't when I was going to Helicon 2).

167:

Though those future historians will have changed quite much compared to today's historians. For starters, with few primary sources, you focus on the authenticity of the source, the situation of the author etc. Let's call it "psychoanalytical".

With an amount of data like the NSA archives, there might be better ways of putting the data to use; let's call it "psychological".

Today's history is the stories of Homer. Future history is reading the laundry list of Knossos...

168:

Not to forget that long lines in front of airport security checks make perfect soft targets.

169:

If we see the NSA's dataset as a treasure trove, that means the NSA is playing the role of Smaug, no!?!

The following should (probably) be taken as ironic sarcasm not a real suggestion. Let's crowd source the search for interesting questions and test them against a Google mediated version of the NSA's dataset. Google could index it, apply Google Maps style automated redaction and anonymisation to protect the innocent and provide an API. Think of it as a cross between the Gutenberg project, Internet Archive, Google Library digitisation and so on. We could even help the CIA-NSA in their real functions and help spot terrorists the way Reddit did. Because clearly the only reason the Reddit lynch mob failed so spectacularly after Boston was insufficient data.

170:

There is, in fact, a way to thwart the Thompson Trust exploit. See David A. Wheeler's PhD work here.

171:

Did you include the bent nail to gouge into your palm?

172:

Actually, in the US the legality of recording phone calls depends on the laws of the states the parties are in. In Colorado, for example, I have cause to know that it's legal to record a call if one party consents.

173:

Possibly because they've read a leaked manuscript of "The Rhesus Chart", coming out next July, wherein Bob asks an irrelevant question (and spends the rest of the book really, really, wishing he hadn't). Ahem.

What kind of information the internet contains that you think we don't need to find out? (Besides everyone's sexual fetishes.)

174:

the legality of recording phone calls depends on the laws of the states the parties are in

True, but state laws don't have jurisdiction over federal agencies.

175:

That's a laugh - France is one of the most active "friendly" countries spying on the US. There's a cozy relationship between DGSE and French industry, and they're notorious in certain circles for state-sponsored industrial espionage.

176:

Hmmm. Scenario: How to destroy a bibliophile

Step 1: Find out if said bibliophile is a fan of spy novels.

Step 2: Give them a present of a microdot manufacturing system and a box of reading lenses. Make sure they all look well-used, and that the box of lenses (which are about the size of rice grains) is about half-full.

Step 3: Wait a year. Encourage the bibliophile to try out making microdots

Step 4: Rat out the bibliophile to the local authorities. in the US, the DEA might be the best one, if you say that your harmless bibliophile is actually a drug kingpin. Espionage charges are also good.

Step 5: when the authorities raid, they find the microdot equipment, and shred the bibliophile's book collection looking for the microdot encoded evidence. It helps even more if the bibliophile was paranoid enough to encrypt his hard drive and to not talk to the authorities.

Personally, I think arson is simpler, but if you want devious revenge on a book lover, this is one way to do it.

On the positive side, I'm seriously thinking about using a large number of micro-sd cards and thumb drives to back up my data in various fire-proof caches, since large fire-proof safes are expensive and I live in fire country. Thoughts on this?

177:

On the positive side, I'm seriously thinking about using a large number of micro-sd cards and thumb drives to back up my data in various fire-proof caches, since large fire-proof safes are expensive and I live in fire country. Thoughts on this?

Wait a couple of years.

Right now, micro-SDHC cards max out at around 64Gb. But a new non-volatile memory technology is coming along fast and contact-resistive RAM promises cards up to 1Tb or so within a relatively short time (not only far higher capacity than FLASH, but probably much faster too -- 10x to 20x the write speed).

178:

SD cards (and thumb drives, and most SSDs for that matter) will not retain data for a long time. I've been told that a number of thumb drives will start to lose bits after a month of no power; the good SSDs guarantee one year data retention without power. (Having checksums for all the files will help here. Of course, you may not be able to tell if the checksum file is bad, or if the file is bad.)

That doesn't even start to factor in environmental considerations -- heat, cold, humidity, static electricity, can all cause state to be lost.

(Similarly, a fire-proof safe is not likely to help -- if there is a fire, the safes are generally only guaranteed to retard temperatures at which paper burns, and electronics are a lot more sensitive. Hard drives will also lose their data due to heat.)

179:

Nobody was disputing that. But just because a country's government does something, that doesn't mean they think it's OK for other governments to do it. Which is just as true of France as any other country; consider the number of things the US government does routinely to non-USAians that the USA would consider grounds for aggressive diplomacy or outright war if anyone else did them to USAians. (Espionage, cyber-warfare, drone strikes on marked medical response vehicles...)

Sure, the French government spies on all other major economies and passes on information to select French companies. Is there a G20 country that doesn't? ([snark] OK, possible exception for Britain, but only as part of successive British governments' ongoing policy of permanently destroying the UK's entire manufacturing industry. [/snark])

180:

Unless the person interested in reading it can get a warrant (or NSL, or other Official Nosiness Permission) and Google hands them the whole thing. Once your document is in the cloud and it's officialdom that's interested, all they need to do is ask.

181:
Another paranoid thought: complaints that Microsoft and other big companies are slow to respond to privately reported vulnerabilities perhaps appear in a new light. Are they just slow because of conventional problems like process inertia, poor communication channels, low internal priorities, etc. ... or because no ordinary criminals are currently exploiting those problems, but NSA and friends would like to use them for a while?

About that...

It's the problem of combining defence and offence in one organization; the defenders need to know about vulnerabilities ASAP to prevent break-ins or other Bad Stuff. But if the offenders know about the vulnerabilities before the patch is published, they can use them to break in or do Bad Stuff to others' machines.

182:

I'm seriously thinking about using a large number of micro-sd cards and thumb drives to back up my data... Thoughts on this?

I still use DVD-Rs, as I had to pick media back when burning CDs was cool and USB thumb drives didn't exist. It's not bad for long-term storage but does take up more space (and is a write-once medium). As Charlie notes, the current micro-SD technology is marginal for archival storage - but it is improving.

183:

Recordable optical media, including CD and DVD density discs, has a distressingly-short lifespan as well. Five years is typical in dark, cool, dry storage; ten years is considered very good. (A couple of companies have tried for premium media, with lifespans of 25 - 100 years, but they did not do well on the market.)

(So I'm not just negative: using optical or flash storage is fine, if you are aware of the weaknesses, and plan accordingly. I would, for example, rotate through SDXC cards fairly often. They'll also do better when they have power, so you can use pop them into a card reader, and provide power to those, without connecting them to a computer. For optical media, I'd do off-site backups once a week, and anything over than a year old would be trashed. Disk drives can go for 6 months without power minimum, so they can be used for off-site storage, and being rewritable, can be rotated. In all cases, checksums are absolutely essential, and make sure you have your data backed up more than once, in case there is bitloss.)

184:

There are certainly other ways of generating physically random bits. I'm strangely fond of Lavarand, an ancient hack from the now-defunct SGI which involved digitally hashing the pixel data of images of 1960s-throwback Lava Lamps. There may be more convenient ways of packaging a physically chaotic process, but this one has ... panache.

If you have a video camera, how about pointing it at a reasonably chaotic and dynamic scene (aquarium with fish and bubble aerator, foliage blowing in the wind, a fountain, etc), grab frames, apply SHA-xxx to each frame. That should get modest quantities of random numbers suitable for passwords, encryption keys or even one-time pads, albeit at a fairly low data rate, no? Not a panacea by any means, but perhaps useful for specific applications.

89DE 5704 F71D CEF5 9725 013E A67C 3AAB 14C7 E084 DD88 4CD4 B73E 08FD 7A78 12E2 A260 B218 4E52 2E7C 5B6E 1F48 C3BB 4014

185:

All beacons of humanism have darker sides. It does not make their positive contributions non-existent. We need these beacons for reference to build a better world.

(Hint: the Marshall Plan. The United Nations.)

186:

One thought about spy coins: I don't know how sensitive modern change and vending machines are, but were I stuck with finding the one spy coin, the first thing I'd do (with a vendor tech present, so that I could clean out the collection box and use it to collect the evidence) is to run the coins through a vending machine, and look with great care at the coins the machine spit out. They've gotten pretty good at detecting counterfeits, and that would be a good first pass.

The obvious counter to this is not to have a change bowl of one type of currency, but to have a souvenir jar of all sorts of different types of currency from as many countries as you can get. Then make the spy coin one of the coins that only appears once in your jumbled sample (along with, maybe, 20 or 30 other singletons). That will be much more adequate camouflage.

187:

Thanks, I'll wait if I can. In the meantime, the memory is in the go bag. Right now, I'm contemplating the pleasures of small memory inside the vacuum thermos inside the fire safe... Probably not cool enough, but some combination should work.

188:

Unfortunately the false positive rate on vending machines (subset my area, subset machines I've had occasion to use) is pretty high. More than once I've had a pocket full of change, all of which was rejected. I've had similar problems with the ones that take paper money.

I had to buy some washers at the hardware store today. Since I only needed two, the price was 14 cents each. They were about the size of a US nickle. If I'd felt like cleaning the swarf off the lathe, it would have been cheaper to drill a couple of nickles... counterfeiting common US coinage would definitely be a losing proposition, as anything you'd use to make a reasonably successful counterfeit costs more than the coin.

189:

Depends on the machine, I think. I've seen some that are very sensitive and some that were not. Twenty years ago, people in Berkeley made "Berkeley dimes" for parking meters by grinding pennies down on the pavement until they fit in the slot. I doubt you can do that now.

Probably if I wanted to do it with a formal study for a criminal proceeding, I'd get the Treasury Department to come in.

If you don't have a fancy machine, Car Talk and Scientific American (Martin Gardner, among others) have for years had puzzles along the lines of "you're trying to find one or more coins of different weight amongst a pile of duplicates and a balance. How few weighings would it take to find them. The answers is invariably less than weighing them individually, and involves weighing them in groups.

The general solution for someone hiding a spy coin is to make sure that none of your coins have exactly the same weight, and that a bunch of them are worn (possibly including the spy coin) so that it's not clear what each coin is supposed to weigh. Then they have to check every single one.

190:

> Dammit, why couldn't this have stayed as a light escapist fantasy series?

You mean like The Secret World Chronicle, The Red (your guest blogger Linda Nagata), guest Cat Valente's works...or the Laundry series? I dunno, perhaps it's that "mundane SF&F" consistency thing that nags at you, producing better works as it does?

> Why do I have to wake up every morning wondering whether my Grim Meathook Surveillance State Future has been rendered obsolete in the present day?

Well, it's not obsolete, except as a future. And probably not even then. It's here and now, and for the foreseeable future.

You're no longer a "science fiction and fantasy author", you're a novelist...or a reporter?* Is there a difference, in the singularity?

I have to say, the more time elapses, the more I am impressed with Jacques Attali's A Brief History of the Future, especially chapter 4. (One has to translate from French Intellectual Style, of course.)

-- I hope Feòrag had a good birthday! Many happy returns, I hope!

  • Not to mention being a pillar of the establishment, what with publication in Foreign Policy, and all.
191:

> The GCC contributors page lists hundreds of people. Most probably wouldn't notice your addition, but it would be hubristic to think that at least one of those contributors isn't at least as clever as you.

And as willing to spend hundreds or thousands of hours?

More realistically, the simple and direct route is subverting hardware. There are few manufacturers and even fewer designers. And little of it is open source.

192:

Didn't we have a discussion this year on the issues of long-term storage of digital information? It seems I remember something on those lines.

I do have a storage medium that requires no machine interpretation, and with some moderately inexpensive manufacturing and storage technology, can remain viable for hundreds of years. It's called a book. On paper.

193:

It's called a book.

Catchy name; what does it stand for? ;-)

194:

I gather that it's an attempt at passing-off, aimed at customers of the Nook. They were going for pPad, but were warned off by Apple's lawyers.

(And anyway, 'pad' for something made from paper? Weak, sir, weak.)

195:

Charlie Just did a quick re-check on your self-referentail link to the (then) proposed Panopticon Singularity. As you imply in the leader to this discussion, it is clear that all of the elements required to set up such a panopticon now exist & that, if sufficiently motivated any first-world guvmint could & can implement such a system, and that parts of the USSA's administrative "services" are, indeed, doing just that. With the Brits a very short distance behind.

Grauniad article or no, Snowden's revelations, or no ... How long before the realisation of this state of affairs becoems general & protests begin? Or are the sheeple now too cowed [ Because of the "example" being made of Snowden, f'rinstance ] & the alternative of "sousvellance" discarded?

And how long, as these "powers" in the sense of tech-access become available, & before some spiteful petty offical or cop uses it to truly, thoroughly crap all over some really innocent person who has annoyed them? Given the existing & appalling precedent of Katie Bowman the prognosis is not good, at all.

196:

Greg, New Scientist this week: Penal code: The coming world of trial by algorithm. "Advocates argue that automated policing cuts cost, frees up resources and ensures wrongdoers do not escape justice. Yet many lawyers and computer scientists warn that we may not want to live in the algorithmically enforced world we're headed for. Not only does it do away with key principles of civilised societies – such as discretion – it could also force us to change our behaviour in undesirable ways."

It's gone from an SF author and amateur futurist's warning to a pop-sci magazine feature article in ten years. In another decade there'll be hand-wringing editorials in whatever passes for newspapers ... but by then it'll be too late.

197:

Many members and ex-members of the armed services - especially Americans - already carry unusual coins - "challenge coins".

http://en.wikipedia.org/wiki/Challenge_coin

198:

Charlie I used to subscribe to "NS" but it went so down-market & "pop" that I gave up. Now, they want £$HOW MUCH? to get through the paywall... IF I have time, I'll try to buy the actual magazine today, on the way into town. Scary stuff indeed. However, I think, as an SF author, your prediction is waaaay too slow. I give it 2-5 years before there are public (i.e. in the newspapers / to your MP) protests at this nonsense.

199:

especially Americans

Almost entirely a USA tradition from what I gather, one that needs explaining to we Brits and the like. I'd never heard of them until a few months ago.

The challenge coins I do have are quite heavy, more so than any other coin I'd normally have in my pocket (i.e. the £2 or the €2 coins). But I have no particular desire to carry them in with the rest of my coins, they stay on the mantel.

200:

True, but the bar for useful blackmail information keeps rising. Out someone as G/B/L/T? Nobody cares.

Ironically (maybe not so ironically) this sort of thing is still useful against people who are NOT in positions of power. Scott Brown does not seem to have suffered any political damage from revelation that he posed nude for some porno magazine decades earlier. Whereas schoolteachers and nurses still get fired for exactly that. Their contracts often require "upstanding conduct" (or something like that -- I forgot exact words) both on and off duty -- and in the past.

201:

anonemouse: The issue is not so much that defence and offence are combined in the same organisation, but that defence has been a relatively low-budget outgrowth of an organisation whose great past glories and most visible effect on the powers-that-be come from the offence side.

You could imagine an organisation that started out with some early-twentieth-century Swiss or Swedish equivalent of Ross Anderson, and concentrated on absolutely iron-clad cryptography and really good research into physical security; there are occasional hints of that in some of the work around nuclear weapons security, 'we redesigned the ASICs to have keys stored as the XOR of results in registers more than six millimetres apart, because we discovered that the destruct charges left some shards of recognisable circuitry two millimetres on a side'.

But it's difficult to see how such an organisation avoids getting subverted. It is said that Mossad at one point offered a very good consultancy service to lock designers, but that a few decades later the consultancy reports stopped showing flaws that the lock designers later found, and locks which had passed their tests were under some circumstances found open.

202:

Charlie, are you aware of Niven's Law №9?

"Ethics change with technology."

I don't like Niven as an author, but I think this is spot-on.

203:

Typical SciFi idea... I think it's already been used in Glasshouse.

204:

Yes, ethics change with technology. And usually for the better, at least in the long run.

205:

Yes, ethics change with technology. And usually for the better, at least in the long run.

I'm not sure about that. For example, AFAIR, hunter-gathereres have no slavery. Their technology is not advanced enough for slavery to be efficient (no agriculture). This is a clear example of a technological advancement that makes ethics worse (from our POV).

206:

This 10 min chunk of Night Waves is relevant: http://www.bbc.co.uk/programmes/p01gfkwp

A discussion of how AI is making prediction easier than explanation.

207:

After reading many of these comments, I am thinking of the dreary life of the agent who has to read all of the Twihard section of fanfiction.net looking for ciphers in the stories and the reviews...

208:

I'm not sure about that. For example, AFAIR, hunter-gatherers have no slavery. Their technology is not advanced enough for slavery to be efficient (no agriculture).

Actually, hunter-gatherers do take slaves. The Haida, for example:

The Haida went to war to acquire objects of wealth, such as coppers and Chilkat blankets, that were in short supply on the islands, but primarily for slaves, who enhanced their productivity or were traded to other tribes. High-ranking captives were also the source of other property received in ransom such as crest designs, dances and songs.

Online source: http://www.civilization.ca/cmc/exhibitions/aborig/haida/havwa01e.shtml

First Nations of Canada routinely captured slaves from neighboring tribes. Slave-owning tribes were Muscogee Creek of Georgia, the Pawnee and Klamath, the Caribs of Dominica, the Tupinambá of Brazil, and some fishing societies, such as the Yurok, that lived along the coast from what is now Alaska to California.[3] The Haida, Nuu-chah-nulth, Tlingit, Coast Tsimshian and some other tribes who lived along the Pacific Northwest Coast were traditionally known as fierce warriors and slave-traders, raiding as far as California and also among neighboring people, particularly the Coast Salish groups. Slavery was hereditary, with new slaves generally being prisoners of war or captured for the purpose of trade and status. Among some Pacific Northwest tribes about a quarter of the population were slaves.

Source: Wikipedia: http://en.wikipedia.org/wiki/Slavery_among_the_indigenous_peoples_of_the_Americas

The Huron and Iroquois also took slaves in war, as did the Cree and Algonquin. The first two were hunter-gardeners more than hunter-gatherers, but still not fully agricultural. Last two were hunter-gatherers.

209:

For the origins of this comfortable middle class idealist illusion looks to...

http://en.wikipedia.org/wiki/Noble_savage

We mostly literate/literary Middle Class Persons do quite desperately want to believe that once upon a time there were these Simple Folks who did live a Gentle - mostly Agrarian - Life in which...for some values of simplicity...Women were equal to Men - as Medicine Women and Amazons - and it was all...well BETTER than Now. Thus all that we have to do is get back to that Simple Whole germ/REAL lifestyle and all will be well ... oh, and with Added Microwave Ovens...for how is it possible to do without Microwave ovens ..And automatic washing machines... and...And one or two simple additions to the Naturalist Lifestyle. Is this too much to ask for?

210:

For the origins of this comfortable middle class idealist illusion looks to...

What illusion are you talking about?

Also, what the hell is going with your punctuation?

211:

You did notice what happened to the poor soul who got Outed as a, a, a...Paediatrician!! Here in the U.K.? ..

" A paediatrician is mistaken for a pedophile, vandals spray paint the doctor's house with the term "paedo" A paediatrician at a south Wales hospital has been forced out of her home by vandals who thought her job title meant the same as "peadophile". South African born Yvette Cloete, a Pediatrician (Paediatrician in other English versions), is a specialist registrar for the Royal Gwen Hospital for almost two and half years. Some dummy confusing the term pedophile (paedophile) with pediatrics, thought she was pedophile, so they spray painted all over her home with the term “Paedo”. When she woke up she saw all the spray painting and got scared and is now in hiding at a friend’s house. She has told the hospital and her friends, that she no longer will be staying at that area and feels it is less safe to live there. Gwent Police are searching for the perpetrators and said it shows “extraordinary ignorance” on their part.

Read more: http://www.digitaljournal.com/article/182683#ixzz2eWABQoYK "

I live in DREAD that Our Hosts Outing of ME and Others here on his Blog as being ...BIBLOPHILES ..Will call forth an angry Mob of Illiterates. Actually, I rather suspect that, the way things are going, Reading Books on Paper -as opposed to an utterly State Controlled Internets Documentation that is available in a 'Library ' near you - may well become a sure and certain sign of a Subversive Personality- as confirmed by Gene Type and Brain Scan. Prove that you aren't a Criminal Subversive Element at modest cost with service provided by state approved Atropos Healthcare... or Aisa (/ˈætrəpɒs/; Greek: Ἄτροπος "without turn"), in Greek mythology, was one of the three Moirai, goddesses of fate and destiny. Her Roman equivalent was Morta.

Atropos or Aisa was the oldest of the Three Fates, and was known as the "inflexible" or "inevitable." It was Atropos who chose the mechanism of death and ended the life of each mortal by cutting their thread with her "abhorred shears." She worked along with her two sisters, Clotho, who spun the thread, and Lachesis, who measured the length. Atropos has been featured in several stories such as Atalanta and Achill...

Or, er .. or rather, that is to say ... " Atos Healthcare is proud to lead improvements in the way care is delivered, giving control to patients and helping them choose how to manage their health.

We utilise our expertise in consulting, technology and healthcare, to continually drive innovation through one integrated, world-class offering. “ And so forth.

If you aren't Guilty then what do you have to fear?

212:

Oops, Sorry about the double post Mods Dear...my internet provider cut me off and then re-entered with a repeat post...hum...someone is up to something somewhere. Or, Not .. for that sort of interpretation of events is a possible sign of Subversion!

But am I afraid? No, Not I! Never! For I am Pure of Heart and Shielded by Righteousness and thus am “One of Us” or at least I am according to my Psychometric test results. Which said results are “an objective way for recruiters to measure the potential of candidates to perform well in a job role. Traditionally recruiters studied your CV and qualifications, and made a decision based on an interview. Extensive research has shown that actually this is a fairly poor way to pick which candidates are going to be best for the job. What's a better way? You guessed it: a psychometric test. In fact, many employers use a combination of interviews, assessments and psychometric tests. The power of psychometric testing is that there is a strong correlation between test scores and job performance, i.e. if you score highly in a psychometric test, the chances are that you are going to perform well in the job. As an employer, their predictive qualities make psychometric tests very attractive. Add the fact that they can be administered quickly and efficiently on a large scale and you can see why psychometric tests have become the norm, especially for graduate recruitment."

http://www.assessmentday.co.uk/psychometric-test.htm

I was once qualified to do such tests, and my then employers paid quite a lot of money for my qualification .. so that should be reassuring eh, wot?

213:

Ahem. You know about the (allegedly American) politician who denounced his theater-loving opponent in an election thuswise?

"I have recently been informed that my honorable opponent consorts with thespians! Furthermore, he masticates."

(Paediatricians indeed.)

214:

Punctuation? You say?

Mostly indifference mixed with lack of conventional education. That and being in an hurry ..lift arriving momenterily.

In my 'umble opinion people who are obsesed with punctuation clearly havent enough to do .. or as Angela Carter once told me " Editors are there to correct your fucking spelling not to mess arround with your Fucking prose "

215:

" What illusion are you talking about? "

In haste ..but also ..you did read that post didn't you? ..

" We mostly literate/literary Middle Class Persons do quite desperately want to believe that once upon a time there were these Simple Folks who did live a Gentle - mostly Agrarian - Life in which...for some values of simplicity...Women were equal to Men - as Medicine Women and Amazons - and it was all...well BETTER than Now."

Its the great Conservative Illusion/Delusion that really is mostly Middle Class.

216:

Damn It! I didn't need to be made even more Disillusioned and despondent! To The Pub ....

217:

It's gone from an SF author and amateur futurist's warning to a pop-sci magazine feature article in ten years. In another decade there'll be hand-wringing editorials in whatever passes for newspapers ... but by then it'll be too late.

SPOILER ALERT

Well, in Glasshouse [1], this is the moment where the protagonists stage an armed insurrection. I understand you have qualms with harming fellow Humans; I think that violence is not only distasteful, but clearly not going to work against our DHS-ised societies.

We must identify dynamics that could put our societies back on track. Julian Assange has proposed one. Another is that anyway, on the long run, our post-colonial crypto-authoritarian states clinging to obsolete industrial-era concepts of economics will eventually collapse under the weight of their own idiocy -- but this will take considerable amounts of time, lives and suffering.

What is your take on this?

[1] Glasshouse is not only a pleasant reading and an excellent SF book, it's a frigging political manifesto. It should be translated and made available like The Little Red Book once was.

218:

I don't disagree with the slavery quotes, but I do disagree rather sharply with "hunter-gardener" vs. fully agricultural. Given that tribes like the Yurok knew every deer on their tribal lands (Kroeber, Handbook of the California Indians), I'd suggest a rather different metric is necessary.

Thing is, deer can't be domesticated, nor can oak trees or salmon (except under industrial conditions). You're not more primitive if you don't domesticate these types of organisms, but clueless academics may think you're more primitive.

In any case, the point about slavery is really simple: slaves are less efficient than free people, because you've got to keep them captive, and they (for very good reason) don't produce as much in return. So slavery only works if you've got a surplus of resources. If your resources are bountiful runs of salmon, good corn crops, or reliable acorn harvests, then yes, you can keep alive the people you conquer in war. Otherwise, they're a burden, and you've got to kill them before your own limited food runs out.

Note that many fully agricultural societies kill their enemies, even eat them, rather than taking slaves (look at New Guinea for hundreds of examples, or the Maori and the Aztecs), while a few relatively rich "hunter-gatherer" societies routinely kept slaves, presumably on the assumption that this was more humane than slaughtering them after they were defeated.

It's about resources and surpluses, not the level of societal advancement. Arguably, given the way our penal system works, the US falls into the slave-taking category even now, even though we've been trying to kill that particular dream for 150 years.

219:

I agree with you. Back when I studied anthropology my prof used "hunter-gardener" for the Huron and local Iroquois because (at least around here) that's what they were: hunters and horticulturists. Being "fully agricultural", at least as I was using the term, just means getting your food almost solely from agriculture.

It was Vanzetti that equated agriculture with advanced technology and slavery. I was giving him some counter-examples.

220:

Stealing wives from the next tribe over, OTOH, is time honored tradition in many subsistence societies. Ghengis Khan's mother, for example, was one such.

221:

MAD Magazine once published a version of that speech, which I once delivered with great verve to my speech class in high school--the rolling sneer on matriculated! was, I think, one of my better efforts. I have no idea how many of my classmates actually got the joke, though judging by the teacher's face going puce, she did.

222:

Thing is, deer can't be domesticated,

Cite needed. Seriously, aside from "deer forest" where actually wild deer roam the land (and are occasionally shot with high-power rifles from half a mile away), there is such stuff as farmed venison these days. It doesn't have the same taste as wild venison though.

223:

Depends on what you mean by domesticated.

There's no such thing as "can't" be domesticated - it's a matter of whether the time and difficulty involved make it worthwhile to do so.

Deer are harder to domesticate than, say, anything of the bovine persuasion, because they are excellent leapers.

But that's assuming what you mean by domesticated is "bred into something docile and useful" which is what we've done with cattle and dogs.

But cats, for instance, are referred to as domesticated and they aren't, really, in the above sense. They're pretty close to the same animal as the original version.

In the case of deer, you can certainly raise them up to be unafraid of humans*, so you could have them around. I think reindeer in Finland are actually domesticated in the same sense as cattle, but I don't know enough to say for sure.

*Indeed, it's actually so easy you will do so without intending to, if you feed orphaned fawns.

224:

There's a difference between tamed and domesticated. For example, deer have been shipped all over the world has hunting animals (for example, to New Zealand, Hawaii, etc), but we don't have tame black and white deer with reduced antlers coming when called on a farm.

Domestication through selection for tameness involves a host of morphological changes as well as behavioral ones. The clearest example of this is the famed Russian silver fox study, which ended up producing a domesticated silver fox simply by selectively breeding animals for tameness to humans, and incidentally introduced many of the morphological changes we associate with other domestic animals, such as dogs, horses, cattle (and cats). These include things like coat color changes and changes in ear morphology. It appears that the genes that "tame" mammals are fairly closely linked to genes for coat color and other features, such that domesticated mammals tend to have similar coats: black and white being very common.

As for deer ranches, I've driven by a couple, and the ten foot high fences give them away (that's to keep the deer from jumping over them and escaping). The deer may be habituated to humans, but they are in no sense domesticated. Similarly, people ranch bison, alligators, and ostiches, but these are still the wild-type animals.

Deer (and here we're talking about mule deer) have a reputation for being hard to confine, in that they'll beat themselves to death against the side of a shipping container trying to escape, if they're not very carefully handled. My general take is that people will make pets out of just about anything, and pet fawns occur even to this day (as do pet tigers, rattlesnakes, rocks, etc). If someone had figured out how to create a domesticated deer through breeding unusually tame pet deer, it probably would have been done centuries ago, just as it was done with llamas and alpacas (or reindeer, for that matter). The fact that it hasn't strongly argues that it's difficult to impossible to do.

Note, if you don't believe the argument, this was lifted out of Diamond's Guns, Germs, and Steel.

225:

As I implied, there are people in the UK who describe themselves as deer farmers, and who do not require to go stalking in order to kill animals. They then sell the meat commercially, which meets my requirements for "domesticated for the purposes of farming".

226:

Yeah, you told us so. And Apple comes out the next day with universal biometric-indexed tracking devices to help fill out and scrub the NSA's fingerprint database:

http://www.apple.com/iphone-5s/design/

227:

It also fits what I'd consider domestication, I was referring to what Heteromeles might have had in mind.

228:

I don't know if the deer at Nara count as domesticated, but they have learned which humans sell the biscuits that tourists feed them, and hang about mugging tourists as soon as they purchase a packet. Not so much domesticated, perhaps, as civilised (as Conan would see it).

How did we get to deer from crypto-statism, btw?

229:

Seriously, aside from "deer forest" where actually wild deer roam the land (and are occasionally shot with high-power rifles from half a mile away)

Minor accuracy nit. AIUI (I do target rather than game shooting), no-one shoots deer from half a mile (800m) away, for several reasons. They shoot them from much closer, for both humane and practical reasons.

The humane reason is that you cannot guarantee a quick and humane kill of the deer unless you hit it in the heart or major artery; that's a six-inch target. Given that a sporting rifle won't group to much better than a couple of inches spread per hundred yards range, and that the sporting shooter is firing without many aids to stability, from an unprepared firing point, at an uncertain range, outside in the wind, at a not-quite-static target, using a bullet with a velocity of about 800m per second - you're looking at (I suspect) under 200m. Well under 200m, for the average shot. Hence "stalking" - getting to and staying within that 200m is the tricky bit.

The practical reason is that if the deer is wounded, not killed on the spot, it will try to run away. You now have to catch it / find it, and then recover its body. There's a lot of dead ground (i.e. that you can't see) in 800m.

The anecdote comes from trying to run an infantry-based exercise on Forestry Commission land - one of my concerns was that the contractors doing the deer cull would be at the other end of the peninsula, and nowhere near the students that I had wandering (sorry, "patrolling") around in the forest...

230:

I think the right word for the Nara deer is that they are commensal with the tourists. They benefit from food, and the tourists don't suffer.

Well, except that some of those deer are a bit thuggish. And some of them are definitely daft — we have a picture of one attempting to eat a sheet of cardboard that a sweeper was trying to lift into his dustcart.

Anyway, tame rather than domesticated. Not at all biddable, they do what they want, and if they're lying on the steps in the sun, people will have to just step over them.

231:

My exposure to the sport is minimal (usually involving seeing warning signs); fortunately it doesn't invalidate the point that you don't go shooting "farmed deer" one by one with a rifle.

232:

It looks as though it's possible to take the hardware backdoor far beyond anything I'd imagined: you can insert trojans at the dopant level, making them practically undetectable.

233:

Give us time on the Red Deer domestication; here in NZ we've been farming them since the late nineteen sixties, and the current population is around 2 million (Compare to 10 million cattle and 40 million sheep.) We're not doing anything so silly as to try to breed out the antlers, mind - that's where most of the money is, selling deer velvet to the Chinese. We want them big. (Hence the popularity of crossbreeding with Wapiti, for the much greater weight of velvet)

We're also partway into the domestication of fallow deer as well.

234:

Well under 200m, for the average shot. Hence "stalking" - getting to and staying within that 200m is the tricky bit.

I seldom shoot red deer at more than 100m, and prefer my to take my shot at no more than fifty. However, I have the advantage of stalking in fairly heavy scrub and forest, so often the deer and I are basically on top of each other. I don't use sporting rifles, though, preferring peep sighted range rifles or issue infantry rifles pre-1945. Heart/lung shot is generally the most reliable, although if I'm at fifty metres or closer, I'll take a headshot.

Specials

Merchandise

About this Entry

This page contains a single entry by Charlie Stross published on September 6, 2013 1:59 PM.

A message from our UK sponsors (revisited) was the previous entry in this blog.

What have we learned? is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Search this blog

Propaganda