Wednesday, January 26, 2022

Tuesday, December 31, 2013

Cisco launches probe
of NSA malware attacks

Cisco scrambled to initiate a security investigation after a German news outlet published leaked data showing that the NSA had hacker weapons capable of penetrating a variety of U.S. cyber systems and devices.

In a related devlopment, Apple yesterday told the public that it had never cooperated with the agency to create electronic backdoors that can be used to convert iphones into spy devices.

Spiegel report
http://www.spiegel.de/international/world/nsa-secret-toolbox-ant-unit-offers-spy-gadgets-for-every-need-a-941006.html

Cisco said in a statement: "On Monday, December 30th, Der Spiegel magazine published additional information about the techniques allegedly used by NSA TAO to infiltrate the technologies of numerous IT companies. As a result of this new information coming to light, the Cisco Product Security Incident Response Team (PSIRT) has opened an investigation. Customers can stay informed of the progress of this investigation via the previously posted Cisco Security Response."

Cisco statement
http://blogs.cisco.com/news/comment-on-der-spiegel-articles-about-nsa-tao-organization/

The German news outlet Spiegel reported that the NSA's malware and trojan arsenal targets "products made by well-known American manufacturers" with methods that "break into professional-grade routers and hardware firewalls, such as those used by internet and mobile phone operators." Among businesses whose security has been potentially compromised are Cisco, Dell, Juniper, Hewlett-Packard and the Chinese company Huawei, Spiegel said.

A representative of Hewlett-Packard wrote that the company was not aware of any of the information presented in the report and that it did "not believe any of it to be true." Contacted by Spiegel reporters, officials at Juniper Networks and Huawei also said they had no knowledge of any such modifications. Meanwhile, Dell officials said the company "respects and complies with the laws of all countries in which it operates."

Many internet advertisers fear NSA taint
As the big cyber firms scramble to try to contain the financial damage caused by the National Security Agency, the spreading flames of distrust are licking at national firms which are regular internet advertisers. The fear is that they will be implicated as co-conspirators with Big Brother.

It appears, for example, that Google's Youtube division has been reduced to filling up much of its lineage with long-lasting ads alleging poor PC performance. Evidently, Google is so desperate for ad revenue that it is unworried that the ads make it appear that the advertiser is, with Google's cooperation, improperly scanning private computers, thus reinforcing the worry that corporations are teaming up with the feds to spy on ordinary people.

Friday, December 27, 2013

Science or propaganda?
JFK sniper's nest trajectory
gets short shrift from Nova

One-sided science is the best that can be said about Nova's partial defense of the Warren commission findings.

The thrust of the Nova special marking the 50th anniversary of JFK's murder is that a single military bullet from the Mannlicher-Carcano rifle allegedly used could indeed have inflicted the damage that occurred and still have been in nearly pristine condition. One cannot easily quibble with the expert analysis done by the father-son team of ballistics experts Luke and Mike Haag. They found that the military weapon's rifling combined with the bullet's shape and military jacketing helped ensure a powerful hit, the projectile capable of drilling through much skin and bone and emerging nearly undamaged.

However, Nova promised a full ballistics reconstruction based on modern technology, but then failed to deliver. The program demonstrated a laser-based image of the entire vicinity of the assassination, including the grassy knoll and the window that supposedly fronted the "sniper's nest." Months of computer time was needed to reconstruct the Dealey Plaza area. A computer analysis of this huge amount of data showed that a shot could indeed have been fired from behind a stockade fence at President Kennedy. However, the experts decided the bullet would have exited at an angle that did not match the angles attributed to findings of the botched autopsy.

Nova gave quite a bit of attention to arguments opposing a grassy knoll shot, but said very, very little about the reconstruction of the very difficult shots from the Texas School Book Depository. It is here in particular that one must question the scientific integrity of the show's producers. (By the way, the Haags' computer simulation verified this reporter's 1984 conclusion that there was a clear field of fire from behind the stockade fence to the president's vehicle.)

Another sign of bad journalistic practice: Excerpts of interviews with government critics were trimmed in such a way as to aid the desire of the writers to direct the reader toward certain conclusions that fit the lone-gunman theory, a theory that has been promoted by the federal government since Nov. 22, 1963. One is left with the (probably accurate) impression that some important criticisms have been deleted.

Nova showed bits of the Zapruder film in a decidedly unscientific manner, running segments at varying film speeds in a manner that added no knowledge.

Interestingly, a close examination of the film Nova shows includes an open umbrella (it's a sunny day) sticking out from in front of a big road sign just as Kennedy is being shot.  Not only does Nova ignore the "umbrella man" but the umbrella in its film appears to have been shaded in such a way as to make it very hard to notice. Many years later, the umbrella man said he had opened the umbrella as a protest against Kennedy's "appeasement" of communists, in emulation of Neville Chamberlain, the umbrella-toting British prime minister known for his appeasement of Hitler. Be that as it may, he and another man sat down on the curb and were cool, calm and collected while everyone else was running about or taking cover.

Would that Nova had undertaken a scientific analysis of the photo of Oswald that appeared on the cover of Life magazine. Anyone with a critical eye can see that there are numerous things wrong with it.

This photo, which seems to promote the idea of Oswald as Marxist revolutionary, has long been the subject of controversy. An interesting detail is that the scale is way off. In 1984, I visited the address where this photo was purportedly taken, and it was apparent that the staircase dimensions did not accord with a typical adult standing where Oswald is allegedly standing.





Thursday, December 26, 2013

Cyber security's randomization problem

Modern encryption systems rely on pseudorandom number generators, which are computer algorithms for generating data streams that pass all statistical tests for randomness. For example, computer software tycoon Stephen Wolfram has related that he has used segments of a bit stream from one of his cellular automata in his encryption systems.

But it turns out that any fully deterministic system leaves fingerprints that largely random systems don't have.

Consider the most complicated output definable: that which is generated by a deterministic chaos system. It leaves an output graph that is indistinguishable from a randomly generated pattern. Such artificial randomization leads computer experts to have confidence in their encryption systems.

However, a difference plot of those output values will show a curve or curves completely uncharacteristic of a difference plot for random numbers (in which the deterministic process is negligible). One takes successive output values and subtracts them from one another, and then plots these new values on a graph. The deterministic process, no matter how random looking on first analysis, will stand out like a sore thumb.

One can also deploy a pseudo phase space graph on the output, with the same result. For both truly random and deterministically complicated (chaotic) ouputs, the basic output value graphs are highly scattered. But in pseudo phase space, only the truly random output is highly scattered; the deterministic output is very obvious. That is, the randomization feature vanishes.

Now what does this mean for computer security? Potentially, that these forms of analysis yield sufficient information to speed up certain decryption techniques. Weaker encryption systems -- and there are many relatively weak systems -- may be quite vulnerable.

At the very least, we learn that attempts to conceal data as mere noise are probably naive, even if the scrambled bit stream defeats a Fourier bandwidth analysis.

Perhaps it is true that NSA and private cyber security experts are aware of these methods and have been quietly exploiting them, where appropriate. On the other hand, one may wonder whether even military grade encryption is as safe as has been assumed.

Wednesday, December 25, 2013

Worst science of the year
Nova shielded security firm
in Boston bombing special



Newz from Limbo makes no allegations concerning what happened in Boston at the time of the marathon bombings. However, mainline news media have consistently suppressed the fact that a team from the private security firm Craft International was present at the marathon, with some team members wearing black backpacks that seemed to bear similarities with those that contained the bombs.

In a May special, Nova said that images of the bomb suspects were released, after initial FBI resistance, to the public after internet photo crowd-sourcing pinpointed people who had nothing to do with the bombings, thus putting their lives at risk. However, the PBS science program omitted all mention of Craft, as if it wasn't a relevant fact.

Earlier in the broadcast, an ordnance expert told PBS that though pressure cooker bombs are easy to make, he thought the fact that the bombs went off close together indicated an above-average level of sophistication on the part of the bombers.

Craft uniforms visible in Boston

Craft founded by ex-Seal


Psst... Obama, personal space is still important

Personal space. Boundaries. You don't cross them without very strong cause. President Obama and his NSA and Homeland Security people don't properly appreciate this attitude of the everyday American. Get with it, Mr. President. Personal space is still a big deal for Americans. Personal boundaries should not be crossed lightly. Yes, reasonable precautions need to be taken against bad guys. But how does Obama and his secret system turn that routine governmental function into a license to violate everyone's personal space?

Friday, December 20, 2013

Parallels to communism
seen in U.S. spy system

Marc Ratner of Ashland , Oregon, told the N.Y. Times:

"During the 1970s I lived in Czechoslovakia and later in the 80s in Romania, and I am struck by the similarities of life in those two countries with the atmosphere in the U.S. today. The average citizen was never directly affected by the police state, as long as he/she minded their business and didn't step out of line, but everyone knew that the security police were tuned into everything that was going on. The key word was "control" and it was designed to maintain the security of the state.

"Although we have not reached the point of registering typewriters and imprisoning dissidents our government has been operating on the "dark side " for decades, even before 9/11. One of the prices that we paid for WW II is that we have become a corporate/militaristic state where security is bought at a high price in pointless wars, and now in a weakened economy."

In fact some journalists and activists have been imprisoned or ruined for exposing information that threatened the powerful.

Putin's strange defense of the NSA
"However much our American friends are criticized, I think their work was mainly directed at fighting terrorism," Russian chief Vladimir Putin said at his annual press conference. "Of course, this has its negative aspects and on a political level the appetites of the special services need to be controlled. But overall, you have to understand that it is necessary."

Putin also asserted that Russia has steered clear of trying to get a glimpse of the NSA data trove shared by Edward Snowden with journalists.

These statements should be viewed in light of Putin's initial reluctance to help Edward Snowden.

One can only wonder about what sort of relationship the ex-KGB spook has with the NSA.

Wednesday, December 18, 2013

 

No comments:

Post a Comment