The Daily Parker

Politics, Weather, Photography, and the Dog

The women who broke Nazi codes

Via Bruce SchneierTech Republic tells the story of the women who worked at Bletchley Park during World War II:

Because [Alan] Turing's individual achievements were so momentous, it's sometimes forgotten that more than 10,000 other people worked at the Government Code and Cypher School, of whom more than two-thirds were female. These servicewomen played a pivotal role in an operation that decrypted millions of German messages and which is credited with significantly shortening the war.

The code-breaking operation was spread over teams working in various huts around the manor house at Bletchley, with the bombe machines situated in outstations nearby. There were about 8,000 people involved in the code-breaking—what was known as the factory—and 4,000 support staff. Each team generally knew no more than was necessary about what the other groups were doing.

Teams worked in different huts on breaking the Enigma codes, focusing on the army and air-force ciphers in one and the tougher naval encryption in another. Unscrambled messages were then sent on to linguists for translation and officials who would decide how the information should be used and, more importantly, whether it could be used without revealing that the Allies had cracked Enigma.

This history is hinted at, however minimally, by Kiera Knightly's character in The Imitation Game.

Europe's worst case scenario

We have a child in the White House. And European leaders are saying they can no longer rely on the United States:

Trump’s speech alone is likely a sufficient explanation. But I suspect there’s an additional element. Most of the major European and NATO leaders had already met Trump in Washington – Merkel, May, Gentiloni, Trudeau and others. But I suspect in meeting as a group, over a more extended period and in a context specifically focused on Europe and NATO there was a further realization that what they are watching from across the Atlantic is no act. Indeed, Trump appears more impulsive and erratic in person than on TV. Rather than growing into the job he’s growing into the role of aggressor.

Another, perhaps more critical realization, is suggested in this Twitter thread by Max Fisher of the Times: That is, it’s not just that Trump is greedy or impulsive or unreliable, indifferent to the North Atlantic alliance but that he is positively against it. He and Vladimir Putin are in a de facto alliance against ‘Europe’ or to put it less geographically, the liberal internationalist state system which has rested on and built out from the United States and Western Europe.

I've imagined the damage that Trump can do to the world, and I am seeing how what I've imagined is coming to pass. I hope Europe is stronger than they have seemed so far.

Don't push that button!

British Airways cancelled all of its flights out of its two biggest hubs in London today because of a power-supply failure:

The airline hoped to be able to operate some long haul inbound flights on Saturday, landing in London on Sunday, Mr Cruz added.

The GMB union has suggested the failure could have been avoided, had the airline not outsourced its IT work.

BA refuted the claim, saying: "We would never compromise the integrity and security of our IT systems".

All passengers affected by the failure - which coincides with the first weekend of the half-term holiday for many in the UK - will be offered the option of rescheduling or a refund.

The airline, which had previously said flights would be cancelled until 18:00 BST, has now cancelled all flights for Saturday and asked passengers not to come to Gatwick or Heathrow airports.

Some things never change.

Mueller appointed special counsel

Surprising everyone in Washington last night, Deputy Attorney General Rod Rosenstein appointed former FBI director Robert Mueller as special counsel to investigate the Trump campaign's possible ties to Russia. The Washington Post sees this as really bad news for the president:

“The risk is that you lose control of your agenda,” added Robert Luskin, a Washington white-collar attorney who represented Karl Rove in the Plame investigation, as well as a pair of Clinton senior officials during Whitewater. “It’s an enormous distraction. It’s an energy suck. As long as the clouds hang over a presidency it becomes much more difficult to get anything else done.”

This is why White House officials and GOP leaders in Congress have so strongly resisted a special counsel until now.

The FiveThirtyEight blog has a balancing view:

Although the simple case is that Mueller’s appointment is not welcome news for Trump — the White House was surprised by the announcement — it does have some plausible benefits for the president, especially in the near term. The Russia investigation had been dogging the Trump administration, and his firing of Comey had turned into a debacle.

Trump can now say there is an independent investigation going on, by someone he did not personally appoint and who is not beholden to his party. And Mueller has very strong credentials. The president and his team, in theory, can turn the focus to governing, while deferring questions about the investigation. And maybe Comey, who appears to have notes of every conversation he has had with the president, will share them with Mueller and not The New York Times.

But:

Mueller’s appointment ensures that the Russia controversy won’t just go away — at least not anytime soon. And he could gravely threaten Trump’s presidency if he finds clear, improper connections between the president’s campaign and Russian officials. There was a reason that Republicans on Capitol Hill and the Trump administration were trying to stop the appointment of a special counsel. Prosecutors with broad authority to investigate can cause major problems. Just ask Bill Clinton.

Greg Sargent simply says "Trump is totally delusional about what’s happening to him right now."

On the other side, Fox News is downplaying the appointment, reporting that Mueller and Comey have had a "long, close relationship." Otherwise they seem more preoccupied with Roger Ailes' death ("and his legacy of free speech"). And I'm not going to look at the far-right reactions just now.

So is this a good development? We'll see.

This fake news is from Donbass, dumbass

Laura Reston at New Republic has a good piece on how the Soviets Russian government is doubling down on its disinformation campaign against Western democracies:

One of the most recent battles in the propaganda war took place on January 4, less than a week after President Obama expelled 35 Russian diplomats in retaliation for the Kremlin’s meddling in the U.S. election. The Donbass International News Agency, a small wire service in Eastern Ukraine, published a short article online headlined “MASSIVE NATO DEPLOYMENT UNDERWAY.” Some 2,000 American tanks were assembling on the Russian border, the agency reported. The United States was preparing to invade.

The story was a blatant fabrication.

Such tactics were pioneered during the Cold War, as the Soviet Union worked covertly to influence political dialogue in the West. From KGB rezidenturas scattered around the world, a small division called Service A planted false stories in newspapers, spread rumors, and worked to stir up racial tensions. In 1964, a KGB front group helped Joachim Joesten, a former Newsweek reporter, publish a sprawling conspiracy theory about John F. Kennedy’s assassination, which later became the basis for Oliver Stone’s JFK. In 1983, Russian operatives planted a story in a small Indian newspaper claiming that the U.S. government had manufactured the AIDS virus at a military facility in Fort Detrick, Maryland—and Soviet wire services then trumpeted the story all over the world. As U.S. officials later explained in a report to Congress, “This allows the Soviets to claim that they are just repeating stories that have appeared in the foreign press.”

The internet has enabled the Kremlin to weaponize such tactics, making propaganda easier to manufacture and quicker to disseminate than any guided missile or act of espionage. Russian operations like the Internet Research Agency have employed hundreds of bloggers to mass-produce disinformation in the form of misleading tweets, Facebook posts, and comments on web sites ranging from The Huffington Post to Fox News. “Since at least 2008,” Peter Pomerantsev, a Russian media expert, observes, “Kremlin military and intelligence thinkers have been talking about information not in the familiar terms of ‘persuasion,’ ‘public diplomacy,’ or even ‘propaganda,’ but in weaponized terms, as a tool to confuse, blackmail, demoralize, subvert, and paralyze.”

Meanwhile, our deranged President this morning openly threatened private citizen James Comey on Twitter, which should give everyone pause.

Fitbit helping to solve crimes?

Via security expert Bruce Schneier, the AP reports that police in central Connecticut obtained an arrest warrant partially on the timing of a murder victim's Fitbit step data:

Connecticut State Police allege [Richard] Dabate killed 39-year-old Connie Dabate at their Ellington home two days before Christmas in 2015, while their two young sons were in school.

Dabate told investigators a masked man shot his wife and tied him up before he burned the intruder with a torch. Authorities responded to a burglary alarm at the home and found Richard Dabate with superficial knife wounds, with one arm and one leg zip-tied to a folding chair.

But police said evidence contradicted Dabate's story and timeline of events, including information from Connie Dabate's Fitbit that showed she was still moving around the house an hour after Richard Dabate said she was shot.

Dabate pleaded not guilty to the crime. Also, the Fitibit data, while helpful to the police, may have had less impact than the allegation that "Dabate also told his pregnant girlfriend before the slaying that he was going to divorce his wife, state police said in an arrest warrant affidavit."

NBC has more.

Things I'll be reading this afternoon

Some articles:

And now, Parker needs a walk.

Schneier on trusting the government and the laptop ban

Security expert Bruce Schneier weighs in on the ridiculous airplane laptop ban the Trump administration and the British government imposed last week:

This current restriction implies some specific intelligence of a laptop-based plot and a temporary ban to address it. However, if that's the case, why only certain non-US carriers? And why only certain airports? Terrorists are smart enough to put a laptop bomb in checked baggage from the Middle East to Europe and then carry it on from Europe to the US.

Why not require passengers to turn their laptops on as they go through security? That would be a more effective security measure than forcing them to check them in their luggage. And lastly, why is there a delay between the ban being announced and it taking effect?

One analysis painted this as a protectionist measure targeted at the heavily subsidized Middle Eastern airlines by hitting them where it hurts the most: high-paying business class travelers who need their laptops with them on planes to get work done. That reasoning makes more sense than any security-related explanation, but doesn't explain why the British extended the ban to UK carriers as well. Or why this measure won't backfire when those Middle Eastern countries turn around and ban laptops on American carriers in retaliation. And one aviation official told CNN that an intelligence official informed him it was not a "political move."

In the end, national security measures based on secret information require us to trust the government. That trust is at historic low levels right now, so people both in the US and other countries are rightly skeptical of the official unsatisfying explanations. The new laptop ban highlights this mistrust.

But to the Trump team, distrusting government is a feature, not a bug. They just may not have thought through all the consequences.

Two unhappy articles about your phone

First, two unidentified have discovered malware on 38 Android devices that could only have been installed after manufacture but before distribution to retailers:

An assortment of malware was found on 38 Android devices belonging to two unidentified companies. This is according to a blog post published Friday by Check Point Software Technologies, maker of a mobile threat prevention app. The malicious apps weren't part of the official ROM firmware supplied by the phone manufacturers but were added later somewhere along the supply chain. In six of the cases, the malware was installed to the ROM using system privileges, a technique that requires the firmware to be completely reinstalled for the phone to be disinfected.

"This finding proves that, even if a user is extremely careful, never clicks a malicious link, or downloads a fishy app, he can still be infected by malware without even knowing it," Check Point Mobile Threat Researcher Daniel Padon told Ars. "This should be a concern for all mobile users."

Padon said it's not clear if the two companies were specifically targeted or if the infections were part of a broader, more opportunistic campaign. The presence of ransomware and other easy-to-detect malware seems to suggest the latter. Check Point also doesn't know where the infected phones were obtained. One of the affected parties was a "large telecommunications company" and the other was a "multinational technology company."

But malware and password stealing doesn't always need software. Sometimes it just needs a suspicious border guard:

Data provided by the Department of Homeland Security shows that searches of cellphones by border agents has exploded, growing fivefold in just one year, from fewer than 5,000 in 2015 to nearly 25,000 in 2016.

According to DHS officials, 2017 will be a blockbuster year. Five-thousand devices were searched in February alone, more than in all of 2015.

The more aggressive tactics of the past two years, two senior intelligence officials told NBC News, were sparked by a string of domestic incidents in 2015 and 2016 in which the watch list system and the FBI failed to stop American citizens from conducting attacks. The searches also reflect new abilities to extract contact lists, travel patterns and other data from phones very quickly.

But the officials caution that rhetoric about a Muslim registry and ban during the presidential campaign also seems to have emboldened federal agents to act more forcefully.

"The shackles are off," said Hugh Handeyside, a staff attorney with the ACLU's National Security Project. "We see individual officers and perhaps supervisors as well pushing those limits, exceeding their authority and violating people's rights."

Expect a lot of litigation and very unhappy travelers. Plus some other Fourth Amendment issues that go unreported.

Happy cell phoning!