Monday, November 5, 2012

More Security Analysis, Religion, and Sound Editing

One of the things that I find particuarly interesting when people discuss the concept of cyberwarfare/intelligence is that many people are often incredibly ignorant to some of the things which need to occur in order for our concept of peace to remain a reality. Moreover, they often question some of the ethical conundrums that are often raised as part of such operations. I think the biggest difference between physical and cyber/virtual operations is that cyberwarfare/intelligence tends to spill into the civilian world. It's rare in the physical world for you or your assets to be co-opted into a intelligence/defense role. This is not the case in the virtual world.

I think one of strange things is is that people are thinking about cyberwarfare in a very physical fashion. That for every piece of equipment in the real world there should be something that is analogous in the cyberworld. I beg to differ, the cyberworld offers up far more opportunities than you would believe/conceive. If you don't have a piece of equipment in the real world you either go without it, find the resources to pay for it, steal it, or pehaps even borrow it from an ally. The cyberworld/battlefield can be shaped and molded as you see fit.

If you don't have a particular piece of equipment you examine existing cyberweapons (the source-code for malware as well as binary forms are often readily available if you know where to look (and can be reverse engineered if you have the requisite skill, time, and resources)) and modify them as you require. Provided you have the expertise to sanitise them before you use them there should be limited risk associated with re-using someone else's cyberweapons. Moreover, you can shape the landscape itself by taking control of key networking devices such as routers/gateways/servers, firewalls, modems, switches, and even end user computing devices themselves. Ultimately, all nations will/should have the ability to be able to develop/form strong cyberdefenses given enough support and training.

Just because someone says they're certified or they have a certain number of years experience doesn't mean anything. I know of people who have learnt about computer security through highly unusual circumstances, I know of people who taught themselves to pass the certification test/exam but haven't learnt the material thoroughly, I know of people whose skills have atrophied by taking on the wrong role... As has been stated previously, "you can't always judge a book by it's cover".

If you ever develop an interest in any form of security (computer or otherwise) one of the biggest problems you'll face is dealing with FUD. If you've read enough material you can often become anesthetised to it or just plain paranoid. To put this into perspective, let's take a look at our current perspective with regards to so called 'cyberwar'. Definitions vary but if you look hard enough almost anything can be classed as cyberwarfare with some of interpretations that are floating around. I believe that cyberwarfare is, "a substantial, systematic electronic attack on most or all critical infrastructure (transportation, utilities, telecommunications, finance, defense, intelligence, and so on) or supply lines designed to cripple a state or organisation's functioning (often in unison with conventional warfare though they can be discrete operations)". The vast majority of what we've seen thus far are just skirmishes and minor tussles, akin to plain thievery.

While learning the offensive position helps you to learn about how to defend from threats the opposite is also true. By learning to defend properly you can also discover the art of attack as well. For instance, I was recently working with WebKnight after finding details of it on the web regarding FOSS WAFs (Web Application Firewalls). It was clear that the method of defense that it was using was based on examination of string length as well as keywords. For instance, clearly it was just using regular expression/pattern/string matching to block injection and buffer based attacks. In theory it should work well but the way it implements it means that it is capable of blocking legitimate queries without 'tuning'. Also needs better ways of dealing with conflicting rules as well (problem I've seen on other UTM devices as well. Logging in at CLI level is just not possible on some devices). Need to remember that anything that is sent to the server can be used to attack it. Even innocuous things such as cookies, form entries, and parameters. Many websites across the web suffer from this particular problem as indicated by OWASP.

'Active Defense' is a concept I have been playing around with since the 'Cloud' document (p.117). Let's forget all the technical details involved, I'm extremely curious how existing legal frameworks will deal with this.

During times of desperation and despair radicalism and extremism often prevail. Man can not pretend to be something superior to animal if it can not acknowledge that we are often the source of our own demise. As long as there are those who are marginalised within society radicalism and extremism will always find a means to exist and proliferate. While certain religions are currently considered 'dangerous/radical' if one looks deep enough almost every single religion has had a period of conflict or difficulty. Moreover, the basis of radicalism/extremism often have roots in re-interpretations that deviate significantly from the original work/s.

Windows 8 doesn't look too bad in the overall scheme of things. It seems as though they've eschewed the desktop in favour of a more versatile operating system that is capable of competing across multiple platforms. General consensus seems to be that it is a 'solid' mobile platform but a quirky desktop platform. I suspect that if Service Pack 1 provides for stronger, further differentiation on the desktop (especially with regards to the UI) they will have a very strong product offering (possibly an entire ecosystem since programs seem to be reasonably portable) across the board in spite of teething problems.

Have been playing around with some basic sound editing/DJ software. Have tried working with more professional systems in the past such as Traktor and Ableton but honestly sometimes you just want to tweak a song here/there and they are quite simply overkill.

Notes in general. I'd like to see better discrete control over graphic equalisers. Synchronisation won't reset on loading of song (Mixx). It's preferable to have more than one sound card or output option when loading up new songs (to keep the mix/crossfade smooth). Surprising how small the difference needs to be for you to recognise the difference when switching tempo (it's also suprising how often songs from a particular artist have almost identical tempos). Speeding up works much better than slowing down tempo. It may be easier, to have a short, padded section when going from a higher tempo to a significantly slower one or else just use a break/intermission when making large changes in tempo.

Don't forget to alter pitch to match when changing tempo (Audacity has a filter to automatically do this). Live mixing is much harder than you think. Suggest that you premix and only make minor modifications at live stage unless you've been doing this for a while (or else use automix/crossfade option if it is available). You may lose quality when using lossy file encoding formats but in most cases there won't be a discernable difference (especially at higher volumes where most equipment will distort the sound anyhow). CPU cycles do matter in multimedia even on higher end hardware. I've been playing around with methods of controlling thermodynamic envionments but have to turn them off sometimes to maintain skip free work. Samples/other sounds can come from anywhere including the existing world and packs from others artists/producers/software. Ultimately, the final sound comes down to you. Depending on nature of music may be extremely difficult to extract particular sounds. May come down to pure experimentation sometimes though there is some software that will allow you to do this (mostly) automatically. Hardware only worth it if you do this on a regular basis.

Bugs of the week.

Filesystem copy bug with 'pcmanfm' and Android itself (I've detailed this previously on this blog) when dealing with FAT32 results in zero size files or segmented files. Results in stuttering of sound under Meridian and stop of playback in other media players (believe this is related to buffering algorithm in use under Meridian). Have to re-copy relevant files/re-sync to deal with the problem. Obvious what's happening below. In fact, it happens with me sometimes. Insertion or some other lower level electronic events are causing a signal that is similar to to signal that is created by headset remote control system resulting in random skips.

On older version of Opera some problems dealing with foreign languages means that 'save' option results in blank filename in subsequent dialogue box.

Needs better user context/permissions checking and possibly better error reporting. If not root will just spit out error stating that device could not be found. Noticed user space freezes with Huawei E160 under Knoppix during modem initialisation. Am using different modem for now. Dig further when have time.

Arista ASB-102 UHF/VHF/FM Indoor Amplifier
Inadequate shielding (from my perspective) between transformer and PCB can result in intermittent problems/short circuits. Strongly suspect problems with internal transformer at higher thermal ranges (been in use for a while now admittedly). Will require more time to confirm.