"I Write Mass Surveillance Software"

Fri Sep 18 11:37:37 UTC 2009

Eugen Leitl wrote:
> On Thu, Sep 17, 2009 at 03:58:50PM -0400, Michael Holstein wrote:
>
>   
>> (basically, all the OP on Rededit was saying, was he's the guy that 
>> writes the microengine code)  .. the processors themselves aren't 
>>     
>
> Not quite -- he explicitly claimed they used custom hardware. Perhaps
> using network processor macro cells, but custom design was definitely
> involved. 
>
>   
>> capable of realtime brute-force decryption ... but they are the sort of 
>>     
>
> There's no such thing, apart from really obsolete cryptosystems. And
> even there you can't just fish for content as it was cleartext.
>
>   
>> thing that can look for signatures/keywords/etc in a stream and act upon 
>> it at wire-speed.
>>     
>
> That is old news.
>  
>   
>> As for breaking encryption, this would be a task better suited for a 
>> large farm of purpose-programmed FPGAs, since I'm not aware of any 
>> commercially-produced ASIC that does this (although the NSA does list 
>> jobs for "semiconductor fabrication", so I'm sure they're in that game).
>>     
>
> I can see large boxes for e.g. offline DES (perhaps even 3DES) cracks, 
> but everything else is probably not cost effective (of course, NSA has 
> demonstrably been decades ahead of open research in some instances, 
> so don't blame me if they waterboard you just because you took this 
> at face value).
>  
>   
>> IIRC the Russians had purpose-built their own ASICs to break DES when it 
>> was en-vouge .. I'm sure our side of the pond actively does the same.
>>
>> Sneakier mice, better mousetraps.
>> Lather, rinse, repeat.
>> while().
>>     
>
> What I really dread is having to sanitize my entire systems, which
> effectively means wiping and bootstrapping my entire infrastructure 
> from known good state, establish physical security, secret management
> including crypto hardware, system hardening, privilege separation, 
> intrusion detection and documentation, periodic review, and the like.
>
> This is seriously annoying, and I resent having to go full tinhat
> monty. In case anyone has pointers or has already done such a thing
> I very much welcome any documentation. We should publish everthing
> in the open to make it easily replicable by anybody anywhere, so 
> just to make the annoyance mutual.
>
>   

[Grobbage - French - for "a plot of cleared land" the only web use of 
the word is here:

http://cnc.virtuelle.ca/riviere-la-paix/riviere_la_paix/leurs_memoires/roy.html

reference to term's description here:

http://cnc.virtuelle.ca/riviere-la-paix/riviere_la_paix/lexique/grobbage.html 
]

Its equivalent to the English term "grubbed out".

Perhaps his name is the English surname "Grubb".

This "Grobbage's" activity is stated to be UK (Britain) only.

If (s)he's a fake then look for an attention seeker....

Search (webcrawler.com) - Grubb UK - gives Ben Grubb (.co.uk) 3rd in list.

Search (yahoo.co.uk - UK only hits) - Ben Grubb - Wow.. Hey.. he's an 
attention seeker all right!

... so rite or w#so wrong?

(RE-)Build your (new) machine off line - then take a snap shot. Get it 
working on line then take another snapshot. If you fear you've been 
trojaned in future then destroy - install snapshot and you're back in 
business.

Always use official off-line updates.

I don't bother with this - I've got wifi connected spyhardware already 
on my PC motherboard (think about it - its just a kernal tweak), so 
there's no point in protecting from trojans or keyloggers.