Thursday, July 02, 2015

Some notes when ordering Google's Project Fi

I just ordered my "Project Fi" phone. You probably should, too. Here are some notes (especially near the bottom on getting a new phone number).

Project Fi is Google's MVNO. An "MVNO" is a virtual mobile phone company -- they don't have any of their own network backbone or cell towers, but just rent them from the real mobile phone companies (like AT&T or T-Mobile). Most mobile phone companies are actually MVNOs, because building a physical network is expensive.

What makes Google's MVNO interesting:
  • Straightforward pricing. It's $20 a month for unlimited calling/texting, plus $10 per gigabyte of data used during the month. It includes tethering.
  • No roaming charges, in 120 countries. I can fly to Japan, Australia, and France, and still use email, Google maps, texting -- for no extra charge.
The pricing is similar to other phone companies, a little less or a little more depending on exactly what you want. For around 3 gigs a month, Project Fi is cheaper than AT&T, but for 30 gigs, it's more expensive.

There are more and more MVNOs providing easy international roaming (like, and your own phone company is increasingly solving the problem. T-Mobile, for example, provides free roaming at 2G speeds, enough to check email and maybe enough to navigate.

In-country phone calls are free, but international phone calls still cost $0.20 a minute -- unless you are on WiFi, in which case it's free. Again, this is a feature provided by other mobile phone companies and MVNOs.

In short, Google is really doing nothing new. They are just providing what you'd expect of a 21st century phone service without all the pricing shenanigans that other companies go through in order to squeeze extra money out of you.

One of the big things is which number you will use. In the United States, you can now take your phone number with you when you switch phone companies. But there are other options. For example, you can get a new phone number with the phone in order to try out the service, then switch numbers later. Or, you can switch your current number to Google Voice, and then simply forward it to the new phone. I'm choosing the third option -- using both phones for a while, and if I decide to keep my new Google phone, switch my old number over using Google Voice.

If you plan on getting a new phone number, there is a trick to it. In most areas, you'll just get a recycled phone number that was previously used by somebody else. You'll spend the next several years getting phone calls for that person. In particular, you'll get phone calls from collection agencies trying to collect money from dead beats that used to have your number. That's because people with credit problems go through a lot of phone numbers, either because they run up phone debt they can't pay, or because they deliberately change phones to avoid creditors. Consequently, on average, any recycled phone number you get will have one time been used by somebody with credit problems. Collection firms will then aggressively go through all the former numbers of a target and call you many times, sometimes in the middle of the night.

The way to fix this is to choose an area code without recycled numbers. In the United States, several new area codes are created every year for areas of the country that are growing, when they exhaust their existing area codes. Since long distance is free in the US, it doesn't really matter which area code you have anymore, so pick one of these new area codes for your number.

The way I did this with Project Fi was to first go to this website that documents new area codes. I then went to Google Voice to create a new number. I had to go about 10 area codes down the list to find one that Google Voice supports. I chose a number in that area, and to be certain, Googled it to make sure nobody had used it before. When I get my new Project Fi phone, the number will transfer over, becoming a real phone number instead of a virtual Google Voice number.

Thus, I get a virgin telephone number, albeit one from another state, rather than a recycled number that has been used by somebody else.

The main reason I'm getting a Project Fi phone is to hack it. The WiFi calling looks interesting, so I want to see how much I can mess with it, such as fuzzing the WiFi stack, or intercepting and decrypting my own communications. I suppose the Nexus 6 is necessary for the WiFi calling feature, but otherwise it should be possible to just stick the SIM in an iPhone. If anybody has any suggestions on what to play with, please tweet me @ErrataRob.

Tuesday, June 30, 2015

CyberUL is a dumb idea

Peiter “mudge” Zatko is leaving Google, asked by the White House to create a sort of a cyber “Underwriter Laboratories” (UL) for the government. UL is the organization that certifies electrical devices, so that they don’t short out and zap you to death. But here’s the thing: a CyberUL is a dumb idea. It’s the Vogon approach to the problem. It imagines that security comes from a moral weakness that could be solved by getting “serious” about the problem.

It’s not the hacking problem

According to data-breach reports, 95% of all attacks are simple things, like phishing, SQL injection, and bad passwords – nothing related to software quality. The other 5% is because victims are using old, unpatched software. When exploits are used, it’s overwhelmingly for software that has remained unpatched for a year.

In other words, CyberUL addresses less than 0.1% of real-world attacks.

It’s not the same quality problem

UL is about accidental failures in electronics. CyberUL would be about intentional attacks against software. These are unrelated issues. Stopping accidental failures is a solved problem in many fields. Stopping attacks is something nobody has solved in any field.

In other words, the UL model of accidents is totally unrelated to the cyber problem of attacks.

Security is a tradeoff

Security experts ignore the costs of fixing security. They assume that it due to moral weakness, and that getting tough is all that’s needed.

That’s not true. Improving security comes at great cost, in terms of price, functionality, or usability. Insecurity happens not because people are weak, but because the tradeoffs aren’t worth it. That’s why you have an iPhone, which can get hacked, instead of a 1980s era feature-phone that can do little more than make phone calls – you find the added risk worth the tradeoffs.

The premise of a CyberUL is that people are wrong, that more tradeoffs must be imposed against their will in order to improve cybersecurity, such as increasing the price, removing features, or making products hard to use.

Rules have a cost

Government already has the “Common Criteria” rules. They are all for obviously good things, like masking a password with **** when users type it in. But here’s the thing: while the actual criteria are easy and straightforward, it’s buried in layers of bureaucracy. It costs at least $1 million to get a product certified with Common Criteria.

OPM invested millions in dealing with similar bureaucratic regulations. It’s not that they had no security – it’s that their security people spent all their time with bureaucracy. They ignored basic problems like SQLi, phishing, bad passwords, and patches because compliance consumed all their budget and time.

Do you even government?

People believe that wise CyberUL administrators will define what’s right based on their own expertise. This is nonsense – rules will be designed according to whoever spends the most on lobbyists. It’s same thing that happens in every industry.

As soon as the White House starts a CyberUL, Oracle, Microsoft, and Cisco will show up offering to help. Whatever rules are created will be those that favor those three companies at the expensive of smaller companies.

Government doesn’t follow the rules, anyways

Government agencies don’t follow the rules anyway. There are so many impossibly onerous rules in government anyway that complaining and getting an exception is the norm. That’s why, for example, the Navy just gave Microsoft $20 million to continue to support WinXP – a 15 year old operating-system – which is otherwise against the rules.


A CyberUL is an absurd idea, being unrelated to the problem it purports to solve. The only reason people take it seriously is that they are secretly fascist at heart. They aren’t interested in solving the problem of cybersecurity, because that’s hard. Instead, they want to tell other people what to do, because that’s easy.

SQLi, phishing, bad passwords, and lack of patches are the Four Horseman of the cybersecurity apocalypse, not software quality. Unless you are addressing those four things, then you are doing essentially nothing to solve the problem.

Wednesday, June 17, 2015

How would you use Lua scripting in a DNS server?

I'm currently putting Lua into a DNS server, and I'm trying to figure out how people would use it.

A typical application would be load-balancing. How I would do this is to create a background Lua thread that frequently (many times a second) queried an external resource to discover current server utilitzation, then rewrote the RRset for that server to put the least utilized server first. This would technically change the zone, but wouldn't be handled as such (i.e. wouldn't trigger serial number changes, wouldn't trigger notification of slave zones).

Such a thread could be used for zone backends. Right now, DNS servers support complex backends like SQL servers and LDAP servers. Instead of making the server code complex, this could easily be done with a Lua thread, that regularly scans an SQL/LDAP server for changes and updates the zone in memory with the changes.

Both these examples are updating static information. One possible alternative is to execute a Lua script on each and every DNS query, such as adding a resource record to a zone that would look like this:

* TXT $LUA:my_script

Every query would cause the script to be executed. There are some issues with this, of course, but for a lot of typical uses, such limitations wouldn't matter. For example, there's complex thread synchronization issues, but I could simply force any use of this feature to go into single threaded mode -- whatever narrow use you'd have for this feature could probably accept the performance hit.

The specific use for this would be, of course, to setup a DNS communication channel. Captive portals forward DNS, but redirect other TCP/UDP packet. Sending messages back and forth through DNS would allow you to do things like tunnel Twitter messages through even without "real" Internet access. As well know, people in the past have written entire VPNs through DNS this way, with custom DNS stacks.

These are my ideas. Maybe you could post some other ideas. I'm looking for either a problem you want solved (without necessarily dictating the precise solution), or a nifty way of integrating Lua (without necessarily any specific problem in mind).

Tuesday, June 16, 2015

Because dossiers

Here's the thing about computers -- even your laptop can support "big-data" applications. There are only 300-million people in the united states. At  1-kilobyte per person, that's still only 300-gigabytes -- which fits on my laptop hard-drive.

Building dossiers is becoming a thing in the hacking underground. Every time they break into a retail chain, hospital, insurance company, or government agency, they correlate everything back to the same dossier, based on such things as social security numbers, credit card numbers, email addresses, and even IP addresses. Beyond hacked secrets, public sources of information are likewise scanned in order to add to the dossier. Tools such as Maltego make it surprisingly easy to combine your own private information with public sources in order to build such dossiers.

When even the small hacking groups are focused on this effort, you can bet the big guys like China and Russia are even more interested in this.

This is one explanation behind the OPM hack. The hackers may have had something specific in mind, such as getting the personal information from SF86 forms where those seeking clearance are forced to disclose their various addictions and perversions. It may be used to blackmail people -- while the government knows their secrets, their friends won't.

Or it may have been as simple as the fact that the OPM was an easy target, and had useful information for building dossiers -- without any particular designs on what to do with the information.

I point this out because Occam's Razor. People are postulating complex scenarios for what the hackers wanted with the information. I think the more likely answer is simply because it was there, it wasn't hard to get, and it's something you ought to get now in case you need it for somebody's dossier later.

Should I panic because Lastpass was hacked?

Maybe, maybe not. Lastpass uses 100000 iterations in its PBKDF2 algorithm. If you chose a long, non-dictionary password, nobody can crack it. Conversely, if you haven't, then yes, you need to change it.

I benchmarked this on my computer using "oclHashcat". It's not an exact match with the Lastpass algorithm, but it's close enough to show the performance.

As you can see, my machine is getting 2577 (two and a half thousand) random password guesses per second. This may sound like a lot, but it's not not, because cracking passwords is exponentially difficult.

Consider normal hashes, not the stronger ones used by Lastpass. My desktop can crack 1 billion of those per second.  Consider that a password can be built from UPPER and lower case letters, numbers, and punctuation marks -- or about 64 variations per character.

In this case, a 5 letter password has 1 billion combinations, so a fast computer can guess it in a second. Adding one letter, with it's 64 different possibilities, makes this 64 times harder, meaning it'll take a minute. Another letter (7), and it becomes an hour. Another letter (to 8), and it becomes several days. Another letter (9), and it becomes a year. Another letter (10), and it becomes 64 years. Another letter (11), and it's thousands of years, and another letter (12) and its millions of years.

Lastpass re-hashes the password 100,000 times, which slows this down dramatically. What I could've hashed in an hour now takes a decade. On the other hand, consider an adversary like the NSA or a hacker with a botnet that controls 100,000 computers, that would speed things back up to the normal rate. But even with 100,000 computers, the NSA won't be able to brute-force a 12 letter password.

Unfortunately, brute-force isn't the only option. Hackers may instead use a dictionary attack, where they use word lists and common password choices (like GoBroncos!), and then mutate them with common patterns, like adding numbers on to the end. This speeds things up dramatically, making it easy to crack even 12 letter passwords in minutes.

In between the two are Markov chains, which is sort of like brute-forcing, but which follows the logic humans use to construct passwords. If a password letter is lower-case, it's overwhelmingly likely that the next letter will also be lower case, for example.

The upshot is that your 12 character password is a lot weaker than you assume. Your passwords not only have to be long, but also fairly random and not based much on dictionary words, and random in ways that Markov chains can't easily guess.

NSA leaker Edward Snowden recent suggested that a strong password would look like "MargaretThatcheris110%SEXY". he's been criticized for this, but actually, it indeed pretty strong. Yes, there are lots dictionary and Markov weakness, but they are compensated for by length. All else being equal, longer is better. Indeed, whatever password you have now, simply adding "xxxxxxxxxxx" onto the end of it it likely to make it unbreakable, and it's extremely easy for you to remember. A password like "MaThis110%SX" is a 12 character password such that even the NSA is unlikely to be able to break it if it were your Lastpass password -- Snowden's longer form doens't make it worse. (Note, some people claim this Snowden example isn't so secure, but they are wrong).

The downside of password complexity is that you have to both remember the password and type it in frequently. There's really no getting around this -- but that's tools like Lastpass or 1Password are for. They allow you to choose one strong pasword once, then have the system use secure random passwords for all the websites you visit. I don't use such services, I just get use to typing long strings very fast (and write down passwords), but it's a solution used by many others.

Sunday, June 14, 2015

How to code: lesson 27

I was reading some code on the Internet today and came across this:

The thing to notice is the hang & symbols in front of the variables, instead of just making things line up. It's a stylistic quirk of the author of this code. It's a good lesson on what not to do.

There is only one important style rule and it is this: make your code look like everyone else's. The question isn't whether it's good or bad, only that it's unusual. Yes, this quick is relatively insignificant, but I point it out is that you should not be tempted, even on the smallest of things.

You see this with the evolution of programmers. In the beginning, their code is quirky as hell. Over time, as they they are exposed to more and more source by others, they start to see how these quirks are irritating, and stop doing them in their own code. The style becomes blander and blander -- but at the same time, the greatness of their construction of the code starts to shine.

When you start writing great code, you'll eventually have to break this rule and do something big and strange. For example, I do this with my "state-machine parsers". It's a programming pattern unfamiliar to most programmers, yet I have to do it because the scalability and performance are huge. Save your quirks for the big things -- exorcise them in the small things.

By the way, I meant this as the only important style rule. It really is. A lot of companies spend a great deal of time, and politically gnashing of teeth among developers, in order to draft style guidelines. This is garbage -- it truly does not matter where you put braces, for example. Experienced coders have to be accustomed to reading various styles anyway. Here's what you should do. Start a program asking anybody who is interested to come in after work in order to draft a new set of style guidelines. Fire everyone who shows up -- they are political animals who are likely deadweight anyway. Then just pick a style guideline at random, like the Linux kernel style doc or the WebKit style. Or, pick no style at all -- your project is going to pull in a lot of open-source with varying styles anyway, so it's pointless trying to make it conform.

BTW, when I invested all my money in a startup consisting of a team of programmers, when my entire life's saving depending on quality code being produced, I imposed this guideline on the team: stop with the nonsense, make it look normal. Each programmer had different styles, but yet the code produced was high quality anyway. It really can work.

How we really know the Sunday Times story is bogus

Stories sourced entirely from "anonymous senior government officials" are propaganda, not journalism. The identities of the sources are hidden not to protect them from speaking out against the government, since they are in fact delivering exactly the message the government wants to get out. Instead, their identities are kept secret so that their message cannot be challenged.

It's not just me claiming this. Every journalistic organization criticizes the practice. Every set of journalistic ethics guidelines calls this unethical.

Yet, somehow it keeps happening. The latest example is the The Sunday Times, Britains largest newspaper, reporting government officials critical of Snowden. We know the story is bogus, because it quotes solely government official spouting the party line. Moreover, even if that weren't the case, it's obvious propaganda, arguing one side of the story, and not even attempting to get the other point of view from Russia, China, or Snowden himself. Snowden is often quoted in newspapers, he can't be that hard to get a hold of. Not contacting Snowden for his side is also a violation of journalistic ethics.

I point this out because there are lots of good criticisms of the story, for example, pointing out that the correct term is "MI6 officers" not "agents", and no knowledgeable government expert would make that error. But a detailed analysis of that piece isn't needed. The pure fact that it tramples all over journalistic ethics is proof enough that the story is bogus.

Thursday, June 11, 2015

Intel has 4 processor lines

Just a quick note: Intel has four different processor lines -- or four different "microarchitectures". All Intel processors support the x86 instruction set externally, but have very different microarchitectures internally.

To start with is their mainstream processor in desktops, notebooks, servers, and supercomputers. This accounts for the bulk of their business, and what we think of as an "Intel processor". The latest version of this microarchitecture is "Broadwell". Previous versions have been Haswell, Ivy Bridge, Sandy Bridge. It's sold as the Xeon, Core i7/i5/i3, Pentium, Celeron, etc.

Then there is the low power processor to compete against ARM in cellphone devices known as the "Atom". There are have been two radically different versions of this processor. The older version of the microarchitecture from 2008 was known as "Bonnel", and it kinda sucked (dual-issue, but in-order). The newer version of the microarchitecture, "Silvermont", is out-of-order, and is much better. Atom processors are just as power efficient as ARM processors. Indeed, many phones use them without people really being aware of the difference. I point this out because there is a widespread misconception that ARM processors are more power efficient than Intel processors. Note that all these processors are 64-bit internally, though some are sold as 32-bit processors with the 64-bit feature disabled.

Then there is the ultra low power processor for markets where even cellphone processors are too large. Intel sells the "Quark" processor for this. It's actually just a 486 processor from the early 1990s running at 400 MHz. It's sometimes called a "Pentium-class" processor, but it's really just been updated with some Pentium instructions like CMOV so that it can run the latest Linux kernel. It's actually pretty worthless -- at this stage in technology, RISC really was better, and ARM equivalents will perform faster using less power. Also, Silvermont processors clocked down to the same 400 MHz use much the same low power -- although they are much bigger chips. These processors are of course only 32-bit, whereas all the other processors are 64-bit.

Finally, there is graphics processor markets which Intel addresses with it's Xeon Phi product (not to be confused with normal Xeons). This competes against GPUs from nVidia and AMD/ATI. GPUs are designed to be massively parallel computers, designed originally for games, but which also work well for many supercomputer applications. Since they have been encroaching on Intel's supercomputer business, they've responded with a GPU-like chip. This chip puts 72 Silvermont Atom cores on a chip, where the cores have been tweaked to support 512-bit SIMD (i.e. eight 64-bit floating point calculations per instruction). This is the same 512-bit AVX that will be appearing in the next desktop/laptop/server processors. This means such floating point intensive software can be written on a desktop, then run on a much faster super computer. The current Xeon Phi is used in the Tianhe-2 supercomputer -- which has been the fastest supercomputer in the world for almost 2 years.

Intel has defeated all other processors over the last couple decades by making their single processor line address all markets. Competitors, namely ARM and nVidia/ATI have therefore optimized for targets Intel can't go. These additional processor lines are therefore in response to these threats.

The Atom line is going badly -- Intel essentially gives them away for free. They are technically an excellent product, beating most ARM processors in power efficiency and speed, but that doesn't matter, because in the mobile space, ARM compatibility is already more important than x86. Also, Intel doesn't have the supporting hardware infrastructure of other chips that ARM has. Intel thus gives mobile phone developers a lot of "development" money to build products -- which in the end means they are essentially giving away Atom processors.

On the flip side, Intel's mainstream server processors are still more power efficient than ARM (or Atom) processors. Those processors work better in cellphones by simply being slower, but once you speed up processor for massive computation, Intel's mainstream processors are still more power efficient. That's why you hear a lot of bluster about people building ARM servers, but when those systems are eventually shipped (such as HP's Moonshot), they come with Intel.

Monday, June 08, 2015

What's the state of iPhone PIN guessing

I think even some experts have gotten this wrong, so I want to ask everyone: what's the current state-of-the-art for trying to crack Apple PIN codes?

This is how I think it works currently (in iOS 8).