Re: [s-t] needle in haystack digest #3 (fwd from Nick.Barnes@pobox.com)
At 08:22 PM 11/6/03 -0800, Tim May wrote: I heard ten years ago that the National Semi fab on-site was a lowly 2-micron fab. Which was enough for keying material. And rad-hard circuits for their buddies at the NRO. And 2 mics is fine for certain esoteric processes. Got GaAs? That's done on 6 wafers. Of import to those who like listening to the aether. But if you want a suitcase DESCracker (stuffing Sun chassis is so passe, though it was a fine recycling program and probably emptied some space in JG's garage :-) you use 90 nm FPGAs. NSA folks probably wear GSM and WEP crackers as cufflinks. Maybe they have competitions to see who can program those crackers on their kids' gameboys.
Re: [s-t] needle in haystack digest #3 (fwd from Nick.Barnes@pobox.com)
Tim May wrote: On Thursday, November 6, 2003, at 09:20 AM, Dave Howe wrote: No Such Agency doesn't fab much of anything; they can't afford to. They and their ilk are far more interested in things like FPGAs and adapting numerical algorithms to COTS SIMD hardware, such as graphics processors (a la http://www.gpgpu.org/). Why do they have their own fab plant if they don't fab anything? http://www.globalsecurity.org/intell/facility/nsaspl.htm I heard ten years ago that the National Semi fab on-site was a lowly 2-micron fab. Which was enough for keying material. Hmm. according to the link I found and posted, they *started* at 1-micron and has been tracking its industry partners improvements in tech, 0.8 microns up to 1995 then .5 then onwards (with an eventual goal of 0.35, although the piece was written in 1995 so they are probably on copper now too) Crunching chips, for special purpose computers, don't carry the same security requirements, as the secret stuff in the code that is being run and not the fuses or links being blown. For this, they would use whatever is out there. Non-volitile keying material on-chip requires only standard proms - much cheaper just to buy those off the shelf; for that matter Industry standard smartcards usually possess cpu, eaprom program and eaprom data areas on a single chip (and the application would actually prefer some sort of dynamic memory whose contents will vanish if the power is removed from the onboard CPU but we can leave that aside for now - smartcard chips often have that too) Some of that capacity is no doubt used and intended to bridge real or artificial chip droughts (if a manu doesn't want to sell them a given chip, or raises the price drastically because he knows how essential it is to some secure device, the NSA can churn out a few thousand to fill in the gap) but there are advantages to having a completely custom chip - if no attacker could possibly know the layout, command set or capabilities of a chip, that makes his job so much harder (not quite STO - if an attacker has only one or two chips to attack, then every time he gets hit by a trap that removes a crackable device; custom chips can have such things as capacitive test pads (for detection of insulation removal) thin conductive (but visually identical) layers that must maintain continuity, and so forth.)
Bush grants pardons
_ FOR IMMEDIATE RELEASE OPA THURSDAY, NOVEMBER 6, 2003 (202) 514-2008 WWW.USDOJ.GOV TDD (202) 514-1888 WASHINGTON, D.C. - President George W. Bush granted pardons to the following four individuals: Brianna Lea HaneyKamloops, BC, Canada Offense: Failure to report monetary instruments, 31 U.S.C. '' 5316 and 5322(a). Sentence: November 8, 1991; Western District of Washington; four and one-half months' community confinement and two years' supervised release. David Custer Heaston Las Vegas, Nevada Offense: False statement, 18 U.S.C. ' 1001. Sentence: April 22, 1988; District of Nevada; three years, probation, $1,000 fine. Bruce Louis BartosFort Lauderdale, Florida Offense: Transportation of a machine gun in foreign commerce, 18 U.S.C. '' 922(a)(4) and 924. Sentence: July 10, 1987; Southern District of Florida; two years' probation. Michael Robert Moelter Jim Falls, Wisconsin Offense: Conducting an illegal gambling business; 18 U.S.C. ' 1955. Sentence: September 15, 1988; Western District of Wisconsin; three years' probation, conditioned upon sixty days' residence in a community treatment center, $5,000 fine. ###
Re: [s-t] needle in haystack digest #3 (fwd from Nick.Barnes@pobox.com)
On Thursday, November 6, 2003, at 09:56 PM, Riad S. Wahby wrote: Major Variola (ret) [EMAIL PROTECTED] wrote: At 08:22 PM 11/6/03 -0800, Tim May wrote: I heard ten years ago that the National Semi fab on-site was a lowly 2-micron fab. Which was enough for keying material. And rad-hard circuits for their buddies at the NRO. Probably not on a CMOS process, though. For the most part, rad-hard==bipolar, even nowadays. Most ULSI today is BiCMOS, but Intel, Harris, and a bunch of others were making rad-hard CMOS nearly 20 years ago. The 80C86 rad hard part was and is used in a lot of critical apps. True enough, a project I consulted on picked the AMD 2901 for the Galileo Jupiter mission, and it was bipolar. And of course the concern with shrinking geometries has moved from suntan effects (long exposure) to SEUs. And here the advantages mostly are with SOI (as they were with SOS and SOI when I started working on SEUs in 1977). --Tim May
Re: [s-t] needle in haystack digest #3 (fwd from Nick.Barnes@pobox.com)
At 06:00 PM 11/6/03 +0100, Eugen Leitl wrote: I guess I didn't make myself clear. I wasn't hypothesizing an attack against a fab. I was saying that The focus on Thomspon-trojaned tools and Chipworks-style reverse engineering is silly. There are plenty of folks who need green cards, or whose relatives do, who have modify access to the CVS of the RTL for a chip. That is the best way to add unauthorized features --through a technically competent insider. Since the features are not in the spec, they won't be tested for. Sure, you might have to do some work after the chips are fielded --getting the trojaned system to process a certain string, wiretapping its response-- but the payoff can be huge.
30-second knock notice case in California
THE PEOPLE, Plaintiff and Respondent, v. JEAN MICHEL RABADUEX, Defendant and Appellant. C041818 COURT OF APPEAL OF CALIFORNIA, THIRD APPELLATE DISTRICT November 4, 2003, Filed PRIOR HISTORY: [*1] APPEAL from a judgment of the Superior Court of San Joaquin County No. TF030882A. Richard Guiliani, Judge. DISPOSITION: Affirmed. CORE TERMS: knock-notice, Fourth Amendment, knock, privacy, homeowner, motion to suppress, occupant, door, infringed, announce, search warrant, waited, bedroom, wait, deputy, electronic surveillance, destruction of property, refused admittance, conversation, suppression of evidence, execute, seizure, morning, search and seizure, privacy interest, police entry, destruction, invaded, violent, right to privacy COUNSEL: Peter Dodd, under appointment by the Court of Appeal, for Defendant and Appellant. Bill Lockyer, Attorney General, Robert R. Anderson, Chief Assistant Attorney General, Jo Graves, Senior Assistant Attorney General, Susan Rankin Bunting, Acting Supervising Deputy Attorney General, Patrick J. Whalen, Deputy Attorney General, for Plaintiff and Respondent. JUDGES: ROBIE, J.; Blease, Acting P.J., and Davis, J., concurred. OPINIONBY: ROBIE OPINION: Defendant Jean Michel Rabaduex was charged with 199 offenses arising out of his sexual acts with and electronic surveillance of his live-in girlfriend's daughter. Defendant moved to suppress evidence obtained from a search of his house because the police did not comply with knock and announce principles, particularly by failing to wait a sufficient period of time after 'knock-notice' to infer a constructive refusal to enter. The court denied defendant's motion. He subsequently pled guilty to all counts and was sentenced to 35 years in prison. On appeal, defendant contends the trial court erred in denying his motion to suppress. [*2] Defendant argues that because police had reason to know the only person at home was asleep, it was unreasonable for them to enter the house only 30 seconds after first announcing their presence. Because the only person home at the time of the entry was defendant's girlfriend, we conclude defendant failed to show the violation of his Fourth Amendment rights necessary to require suppression of the evidence against him. Accordingly, the trial court did not err in denying defendant's motion to suppress, and we will affirm the judgment. FACTUAL AND PROCEDURAL HISTORY I Background In September 2001, Deborah S. was living at a house in Tracy with her 14-year-old daughter C.S. and defendant. Defendant had lived with Deborah S. for about eight years but was not married to her and was not C.S.'s father. In late September 2001, defendant's nephew Richard moved into the house. During his stay, Richard saw defendant touching C.S. inappropriately. Richard also discovered that hidden cameras had been installed in C.S.'s bedroom and bathroom. Richard found videotapes in defendant's bedroom depicting defendant and C.S. engaging in sexual intercourse. Richard then contacted [*3] the Tracy Police Department. A search warrant was issued for the house, and the resulting search, which was conducted on September 20, 2001, led to the seizure of numerous items, including two computers and various videotapes. The two computers contained over 1,000 images depicting child pornography. Police also determined that the video surveillance cameras set up in C.S.'s bedroom and bathroom were connected to a monitor in defendant's room. Several days after the search, officers interviewed C.S. C.S. initially told officers that she began having sex with defendant when she was about 12 years old. At the preliminary hearing, C.S. testified that she began having sex with defendant when she was 14. She stated that she loved defendant and that he was the only father she had ever known. II Suppression Hearing Deborah S. is employed as a nurse and had worked the night shift before the morning of the search. On the morning of the search, Deborah S. arrived home at 8:30 a.m. and went to bed about 10:30 a.m. Before going to bed, she spoke with defendant three or four times by telephone. The last call she received from defendant that morning was at 9:43 a.m. Deborah [*4] S. testified that she sleeps in the master bedroom at the top of the stairs with the door closed and that her dog sleeps in the room with her and barks whenever someone knocks on the door. There is a sign taped over the doorbell which reads, Day sleeper. Do not ring doorbell. Deborah S. claimed that on the day police executed the search warrant, she neither heard the police knocking nor her dog barking. She awoke from the sound of her home alarm system and opened the bedroom door to find police officers on the landing outside her bedroom. A defense investigator testified that she went to the house with Deborah S. and waited inside the bedroom with the dog while defendant's lawyer rang the doorbell and
Re: [s-t] needle in haystack digest #3 (fwd from Nick.Barnes@pobox.com)
On Thursday, November 6, 2003, at 09:20 AM, Dave Howe wrote: No Such Agency doesn't fab much of anything; they can't afford to. They and their ilk are far more interested in things like FPGAs and adapting numerical algorithms to COTS SIMD hardware, such as graphics processors (a la http://www.gpgpu.org/). Why do they have their own fab plant if they don't fab anything? http://www.globalsecurity.org/intell/facility/nsaspl.htm The conventional--and convincing to me--story has been that they had National Semi (and maybe others) help them with local fabs. These are fabs for things like key chips (the ICs carrying keying material in whatever form, for Permissive Action Links, and ultra-sensitive kinds of stuff that they wouldn't the usual cranked-up fab workers in Sunnyvale or Nampa getting near). I heard ten years ago that the National Semi fab on-site was a lowly 2-micron fab. Which was enough for keying material. Crunching chips, for special purpose computers, don't carry the same security requirements, as the secret stuff in the code that is being run and not the fuses or links being blown. For this, they would use whatever is out there. --Tim May
Panther's FileVault can damage data
In case you've been using Apple OS X 10.3 (Panther)'s FileVault (Rijndael128 on ~/) there's a yet unfixed bug. Answer no if requested to regain lost disk space in encrypted directory[1] Notice that while the screen lock buffer overrun has been fixed, there are still unresolved issues with it[2] [1]http://www.theregister.co.uk/content/39/33769.html [2]http://www.securityfocus.com/bid/8912 -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 0.97c removed an attachment of type application/pgp-signature]
Re: Panther's FileVault can damage data
On Fri, Nov 07, 2003 at 08:55:08AM -0800, Tim May wrote: It's astounding to me that that Apple failed to do basic QC on its major new release. The problem with the Firewire 800 drives using the Oxford 922 chips is inexcusable. Did Apple never bother to run the new version of OS X with drives made by vendors other than Apple? (I'm assuming here the Firewire 800 problem is not present in Apple drives, about which I am not 100% convinced.) Which Apple drives? Is there such a thing as an Apple firewire drive, and if so does it use the Oxford 922 bridge chipset? This is the closest product I am aware of: http://www.apple.com/ipod/ It's firewire 400 and most assuredly does not use a 922 chip. If software companies were responsible for bugs in hardware that they do not manufacture, MS would be in much more trouble than it is already. petard
Blacknet - SF Chron: Credit agencies sending our files abroad
More of Tim's Blacknet predictions coming true. (And they didn't mention that the Jamaican call center's comment on whether information might be used in ways that US laws didn't control was No problem, mon...) Credit agencies sending our files abroad David Lazarus Friday, November 7, 2003 )2003 San Francisco Chronicle |Feedback URL: sfgate.com/article.cgi?file=/c/a/2003/11/07/MNG4Q2SEAM1.DTL Two of the three major credit-reporting agencies, each holding detailed files on about 220 million U.S. consumers, are in the process of outsourcing sensitive operations abroad, and a third may follow suit shortly, industry officials acknowledge for the first time. Privacy advocates say the outsourcing of files that include Social Security numbers and complete credit histories could lead to a surge in identity theft because U.S. laws cannot be enforced overseas. For their part, the credit agencies say the trend is a necessary cost- cutting move in light of new legislation that would allow all consumers to obtain free copies of their credit reports. The top credit agencies -- Equifax, Experian and Trans Union -- have refused in the past to comment on their outsourcing plans. No longer. A hundred percent of our mail regarding customer disputes is going to go to India at some point, said David Emery, executive vice president and chief financial officer of TransUnion in Chicago. We are now testing the system and negotiating a contract with an outside vendor. We expect to sign that contract by the end of the year. Emery said in an interview that the decision to have an Indian firm handle thousands of written requests for changes to credit files each year was necessitated in part by the amended Fair Credit Reporting Act, which was approved by the U.S. Senate on Wednesday. The act would require credit agencies to provide copies of personal credit files to anyone who asks -- an expense that TransUnion, for one, estimates could cost the company as much as $350 million a year. A credit file serves as a snapshot of one's legal identity and financial status. It contains a person's name, address, date of birth, Social Security number and details of relationships with all credit-card issuers and other lenders. Emery also said the decision to offshore'' a key customer service was necessitated by the competition placed on us by Equifax and Experian. Equifax, he said, was the first major credit agency to move operations abroad, establishing a facility in the Caribbean. Experian, meanwhile, is actively testing work with an overseas affiliate, Emery said. We had to get into this process for defensive reasons, he said. An Equifax spokesman's first response when asked about the Atlanta company's outsourcing was to insist that all customer service was handled at North American facilities. Confronted with TransUnion's remarks, though, a senior Equifax official later offered a different answer. We have a vendor in Jamaica, said Rob Hogan, senior vice president of customer services. The Jamaican workers handle data entry at the very beginning of the reinvestigation process (for disputed credit reports). He said the overseas workers had limited access to consumers' credit files but were closely supervised by our Atlanta office. Hogan acknowledged that Equifax had had problems from time to time with consumers' privacy being compromised. But he said each problem had led to improvements in security. He also said there had been no known security breaches in the four years that Equifax has outsourced to Jamaica. We take great care of our data, Hogan stressed. It's our livelihood. An Experian spokesman, Addrian Brooks, denied Trans Union's assertion that the Costa Mesa company is now actively testing an overseas operation. We are confident that Trans Union doesn't know what our plans are because we don't know what their plans are, he said. However, Brooks repeatedly emphasized that Experian could outsource work abroad at any time. We definitely are evaluating every option on the table, and offshoring is one of them, he said. I don't want to be quoted as saying we'll never do it. Privacy advocates say the outsourcing of credit agencies' work abroad -- and hence access to U.S. consumers' credit files -- dramatically increases the chance that confidential information will get into the wrong hands. Consumers should be worried, said Beth Givens, director of the Privacy Rights Clearing House in San Diego. The infrastructure to protect information just isn't there in a lot of these places. Credit industry officials bristle at such talk. Are we saying that Hindus are more criminal? asked Stuart Pratt, president of the Consumer Data Industry Association, a trade group for credit- reporting agencies. Are we saying that workers in India are less safe? That strikes me as xenophobic, and I don't want to go there. But privacy advocates say that this isn't a question
Re: Deniable data storage
On Wed, Nov 05, 2003 at 06:58:58PM -0800, James A. Donald wrote: -- I want fully deniable information storage -- information theoretic deniable, not merely steganographic deniable, for stenography can never be wholly secure. So I would have a fixed sized block of data containing a variable number of smaller secret chunks of data. A random key would extract a random length of gibberish, a valid key would extract a stream of valid data, and revealing one secret key to the adversary would not give the adversary any evidene that more secrety keys were present or absent. Any good known algorithms for this? rubberhose probably does what you want. is there some problem with it? http://www.rubberhose.org/
Re: Panther's FileVault can damage data
On Friday, November 7, 2003, at 07:52 AM, Eugen Leitl wrote: In case you've been using Apple OS X 10.3 (Panther)'s FileVault (Rijndael128 on ~/) there's a yet unfixed bug. Answer no if requested to regain lost disk space in encrypted directory[1] Notice that while the screen lock buffer overrun has been fixed, there are still unresolved issues with it[2] [1]http://www.theregister.co.uk/content/39/33769.html [2]http://www.securityfocus.com/bid/8912 It's astounding to me that that Apple failed to do basic QC on its major new release. The problem with the Firewire 800 drives using the Oxford 922 chips is inexcusable. Did Apple never bother to run the new version of OS X with drives made by vendors other than Apple? (I'm assuming here the Firewire 800 problem is not present in Apple drives, about which I am not 100% convinced.) Apple should've had a team of testers running the new 10.3 version, as with each new version, on a variety of machine configurations, keeping careful track of incompatibilities and gotchas. That something so gross as trashing external drives (the very popular ones from LaCie and others) went unnoticed is just plain inexcusable. I have a perfectly new copy of Panther OS X 10.3 sitting ready to be installed on the machine I am on right now. But I won't install it until Apple does its QC. And since I'm still on a dial-up connection and cannot easily download 100 MB of updated versions, I plan to contact Apple when the new fix is released and tell them to send me a new CD-ROM. As an Apple shareholder since 1984, this really sucks. What does Apple think they are, Microsoft? --Tim May
