Re: ToG Linux (first draft of a RFC) ...
On 12/9/23, Albretch Mueller wrote: > the CIA was giving money to Ukrainian people but in > order to get it they had to use their cell phones ;-) which (cell phones) they would also get "for free", mind you. And well ..., yes, even if you remove the networking hard and software, all RF devices need are electrons moving around in ways you can control and encode. Some time ago, I heard the expected news that they had managed to sandwich a RF circuitry on the layers of a chip! So, expect for everybody to start making their own chips at least for their most critical infrastructure! There will however always be physical ways to hack a hack. Imagine a bugged cell phone, you could always physically extend the functionality you need and keep the cell phone itself encased in a Faraday cage at all times. lbrtchx
Re: ToG Linux (first draft of a RFC) ...
On 12/9/23, Greg Wooledge wrote: >> On 09.12.23 at 10:13, Albretch Mueller wrote: >> > As anyone could see you could even run a network of detached >> > computers without networking interfaces in a "touch of God" kind of >> > way ... Thank you. I should have more clearly stated that those computing devices would go each about their particular business situationally in an air-gapped mode to then each go about their "collective intelligence" on a separate computer, a "server" of sorts. > What I don't understand is what these computers would be *doing*. Why > does he need them at all? If he needs them, why does he need them to > be detached from each other and from the rest of the world? These days, everything from microwave ovens to pacemakers are computing devices, but why should they be wifi-enabled? People don't seem to even realize that since the 1990's they have been driving computers on wheels. Then you hear that Vladimir Putin assassinated Michael Hastings for saying the same Joe Biden said only two decades before; you hear targeted individuals talking about of smoke rings (something that can't happen in nature by itself) to then hear about COVID-19 and how it was all started in China by some dissident "freedom-loving" bats, ... I even heard once as part of those marginal comments you hear which make you go like, say what?, that courtesy of U.S. tax payers the CIA was giving money to Ukrainian people but in order to get it they had to use their cell phones ;-) Think monitoring devices in hospitals, schools, power plants, ... I once heard that some "intelligence department" knew the grounding truth about some matter which happened in some remote place in Russia, because they had been monitoring the cell phones of not only "we the people", but even the police and, of course, when you hear such thing, since neither Physics nor "God" have "blue-eyed sons" (contrary to what some Israelis/Jewish people may think) or as they say "what is good for the goose is good for the gander", that also means that "the Chinese", "Russians", ... are able to do the same thing (of course, in their case they do it "because they hate freedom"). Now, imagine that at least the police would use a "ToG network" (to call it something) without any networking capabilities on a hard- and software level (just the necessary functionality, for example, passively getting GPS coordinates for which you don't need the whole networking stack) for their computing devices with a One-Time pad lease for the session they will be using it (and they would be physically powered for the amount of time they need to be used) which they must relinquish after each day of work to their base and which data would be encrypted (reusing the initial OTP) in ways that only the server which leased the OTP would be able to decrypt. Think of how they hacked the enigma machine and how Nazis suspected such a thing to have happened: https://en.wikipedia.org/wiki/Erhard_Maertens What could those "freedom hating" Chinese, "what the heck is freedom" Russians, all those "intelligence departments", ... do about any of it? > The only things I can imagine are ... > Whatever he's doing, I'm confident he won't tell us, or at least not in > a way I'll be able to understand. I explained the basic idea to a friend over the phone and clarified to him a number of doubts he had about it. He got it. He also realized that it wasn't much of a hassle, really. And he told me that I come up with such ideas because I have been forced to look at reality from a different point of view. In a Hegelian, karmic way it is a good thing that people looking at reality from different vantage points can talk to one another, even though, as they say, "misunderstanding is as mutual as love should be". No XY problem whatsoever, and I am not trying to hide anything from anyone (whatever "hiding", "privacy", ... could possibly mean these days). As Mike Rogers (of Pink Floyd fame) said when he was being accused of being a racist, anti-zionist or a zionist, (or whatever he was accused of), ...: "if I am, at the very least, I should be conscious of it". Keeping an external drive you never connect to the Internet could be understood as a sneakernet aspect of it. lbrtchx
Re: ToG Linux (first draft of a RFC) ...
Greg writes: > Is he simply talking about sneakernet? A human administrator, whom I > imagine to be the "god" in this scenario, walks around and room and > types things on each computer as needed? Carrying removable media around. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: ToG Linux (first draft of a RFC) ...
Arno writes: > At this point it becomes quite clear that we have a misunderstanding > at a very low level. Sentences like "run a network of ... computers > without networking interfaces" are something I can not really grasp > with the facilities I have. You could run a slow network by mailing removable media around. In the early days Australia was on Usenet by way of airmailed taps. Then there's https://www.rfc-editor.org/rfc/rfc2549. Though consider: the earliest computer viruses were transmitted by floppy disk... -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: ToG Linux (first draft of a RFC) ...
On Sat, Dec 09, 2023 at 02:50:16PM +0100, Arno Lehmann wrote: > On 09.12.23 at 10:13, Albretch Mueller wrote: > > As anyone could see you could even run a network of detached > > computers without networking interfaces in a "touch of God" kind of > > way, > > At this point it becomes quite clear that we have a misunderstanding at a > very low level. Sentences like "run a network of ... computers without > networking interfaces" are something I can not really grasp with the > facilities I have. Is he simply talking about sneakernet? A human administrator, whom I imagine to be the "god" in this scenario, walks around and room and types things on each computer as needed? What I don't understand is what these computers would be *doing*. Why does he need them at all? If he needs them, why does he need them to be detached from each other and from the rest of the world? The only things I can imagine are: * Calculating something that takes a long time to calculate. Maybe the problem can be trivially parallelized, in such a way that he can type the necessary parameters for each piece of the calculation on each node. Obviously it would be better if the nodes were networked to each other, instead of requiring manual collation of the results, but we've already established that the OP is insane. * Tools in the creation of some kind of work of art (visual, musical, etc.). A computer runs whatever software is used in this creative endeavor. At the end, a file is created, and this is copied onto removable media, which is then sent to a publisher. I don't see why he would need multiple computers in this scenario, unless he's got many projects going on simultaneously, and he wants one computer dedicated to each project. Whatever he's doing, I'm confident he won't tell us, or at least not in a way I'll be able to understand.
Re: ToG Linux (first draft of a RFC) ...
Hello, On 09.12.23 at 10:13, Albretch Mueller wrote: On 12/7/23, Arno Lehmann wrote: it's quite interesting that you use a platform such as wordpress, running code you can not control, to discuss such matters. I was just brainstorming, dumping a stream of consciousness with a relatively comprehensive outline of the main ideas. Your paranoia needs an adjustment, because the above is what would make you targetable. ... - You can not use the same hardware air gapped and non air gapped. I beg to differ and at the end of the day this is something that can be physically/technically proved. It has been proven. ... Well, not really! Booting a Debian Live DVD doesn't take more time than booting Windows (from scratch) and the whole idea of using a package extensions USB pen drive would automate updates. This basically is all there is to maintaining it. No. You would be basically making use of the BIOS and RAM of a computer You can not trust those. ... As anyone could see you could even run a network of detached computers without networking interfaces in a "touch of God" kind of way, At this point it becomes quite clear that we have a misunderstanding at a very low level. Sentences like "run a network of ... computers without networking interfaces" are something I can not really grasp with the facilities I have. Cheers, Arno -- Arno Lehmann IT-Service Lehmann Sandstr. 6, 49080 Osnabrück
Re: ToG Linux (first draft of a RFC) ...
On 12/9/23, Albretch Mueller wrote: > As anyone could see you could even run a network of detached > computers without networking interfaces in a "touch of God" kind of > way, some sort of "leased One-time pad touches of God" specifically > for each, all coordinated through and which data/information would end > up in a kind of "server", you could even use cell phones to do such > thing ... I could even envision industries around such specifications. The only reason why such things haven’t happened (would not ever happen?) is because police, politicians and IT companies (which these days are all the same) want to run society as if we were all rats in a maze they control real time in a predictive and cross correlating way in which everything is ephemeral to "we the people" while they keep a click by click, keystroke by keystroke, breath by breath, ... data Doppelgänger of each of us. Something "my paranoia" noticed as part of the Snowden revelations which IMO hasn’t been aired, questioned, discussed enough was that the NSA, as part of their "all tangible things" doctrine, was most interested in people’s medical records. Why?!? Why would "they" care about people’s health? Isn’t the safety and betterment of society what they should be interested in? To top it all "we the people" didn’t get the extent to which they were making fun of us when they said that: "what matters is how we use that information, not that we collect it"!!! This is how the world we are living in looks like: // __ 36C3 - The sustainability of safety, security and privacy: https://www.youtube.com/watch?v=2m5EMkVTydI (7:35) Internet of things or -Internet of Targets- (8:15) just as a car has got about 50 computers in it (11:20) hospital safety usability failures kill about 2000 people a year in the UK, just about car accidents (and he was just talking about impedance in the GUIs! not even about "errare humanum est") (12:30) some dude manage to gain access to 450,000 active pace makers over wifi (15:20) modern cars have about 10 radio frequency interfaces (23:20) initially light bulbs could be on for more than a century, ... these days companies make it from almost impossible to illegal to fix things in order to make money ... ~ At some point it all became so unbelievable, out of it all weird that I had to take as some sarcastic theatrics. Like when he showed hospital rooms and the number of network-enabled, RF devices in it. Since things happen for a reason, as part of explaining why Anderson could have at the very least asked why this is all happening) lbrtchx
Re: ToG Linux (first draft of a RFC) ...
On 12/7/23, Arno Lehmann wrote: > it's quite interesting that you use a platform such as wordpress, > running code you can not control, to discuss such matters. I was just brainstorming, dumping a stream of consciousness with a relatively comprehensive outline of the main ideas. > Wouldn't it be more reasonable to self host That will definitely happen at some point. I will have to test first the Linux initialization process (it’s runlevels) and how to make it dance together with GRUB nicely (no mysteries whatsoever there). > ... using a hoster providing > decent privacy and aonymity or a technology such as Tor? I am not into protagonism and that is not my main line of research, occupation. I would like to culture (invite more like-minded people to own) that open source project. Anyone could take over hosting it (I would pay for the first two years) and anything we do we would openly (well, almost! ;-)). As they say: true security, privacy, ... can not be hidden. All we do and say we would to the four winds. Once it is vetted we could even ask nicely for it to be included as part of the Debian or some other hosting. > Also, what I know about secure, air-gapped systems, can be summarized > quite easily: > > - You can not use the same hardware air gapped and non air gapped. I beg to differ and at the end of the day this is something that can be physically/technically proved. Basically, how could you hack a computer which you booted without a physical networking interface and (part of the objectives) without loading the networking capabilities from the kernel by exploiting Linux' runlevels? All you would need to do is automating updates to that configuration. > - Maintaining such systems is a pain. Well, not really! Booting a Debian Live DVD doesn't take more time than booting Windows (from scratch) and the whole idea of using a package extensions USB pen drive would automate updates. This basically is all there is to maintaining it. You would be basically making use of the BIOS and RAM of a computer (you don't even need to own), you would keep the whole OS and all extras you need in your shirt's front pocket. If they mess with the BIOS you will notice it because the thing will not work and it would report the BIOS change and exactly how, what the difference is and for basic physical reasons you can't infect a computer's RAM. > - There are no shortcuts. Well, no! ... and this is a good thing! We both, "hackers" and "we the people", have to follow step by step procedures (what Ancient Greek thinkers called "techne" and later we meant by "functions" up to Descartes, before all that non-sensical "black box", I/O mindset took over), what makes the difference is "the touch of God" and that no one can take away from you that you could take care of your own security, privacy (as existential philosophers would say: "absolutely no one, nothing can take away your freedom"). Notice that I am not just talking about computer soft and hardware. I got my education as a theoretical Physicist (basically a double-major in Physics and Math) an der TU Dresden, so I tend to see, understand every through its physics. Experiment: 1) use a hermetic metal (not plastic, looking like metal!) box (one of those they use for candies) 2) turn on your cell phone and carefully put it inside (making sure it stays on) 3) close the metal box 4) right in front of that box place a call to your own phone using another one. * since EM waves can't reach your phone it would not only be functionally off the grid, but off the confines of the universe! and "Vladimir Putin" couldn't do sh!t about it! Isn't that cool!?!?! Now, doesn't it make it even cooler that you can do such thing without spending one cent? > Small anecdote: A colleague recently visited a US agencies secure site > to help them with some software deployment. He could bring one DVD-R, > not -RW, there. No electronic equipment. Well, yes! and how would those kinds of anecdotes speak against a "touch of God"? As anyone could see you could even run a network of detached computers without networking interfaces in a "touch of God" kind of way, some sort of "leased One-time pad touches of God" specifically for each, all coordinated through and which data/information would end up in a kind of "server", you could even use cell phones to do such thing ... lbrtchx
Re: ToG Linux (first draft of a RFC) ...
Hopefully finally! We should brainstorm our initial thoughts about it there and once we could envision some completion and continuing hope to it, we can move it into a formal github open source project: https://ergosumus.wordpress.com/2023/12/07/tog-linux-first-draft-of-a-rfc/ lbrtchx
Re: ToG Linux (first draft of a RFC) ...
BTW, except for the GRUB/boot loading phase and its possible useful aspects relating to ToG-L (which I haven't found the time to study), I would say that 80%+ of the whole project I have already implemented with my lousy bash scripts skills and in java/GRAALVM as a first "proof of concept" and of the rest of it I have kept a thoroughgoing functional mental map. I have had to fight such issues for a long time and I initially thought of such things as ad hoc momentary solutions to be able to use the Internet, but at some point I started to think of it in an articulate and comprehensive way. > 2.5)* where are the knoppix-like boot options: "toram", > "tohd=", "fromhd=", "myconf=<...>", "home=<...>" > in Debian Live? We all know that a DVD caddy could be easily bugged as well (the USPS keeps stocks of all kinds of equally looking things which are bugged) and a DVD caddy is more of a mechanical, more power consuming thing, so it would be ideal to go the knoppix-like "toram" way. Knoppix these days is based a debian, so figuring out the grub hack to pass start up arguments to the kernel at boot time shouldn't be difficult. You would also be freeing the DVD port in case you need it. > 6.1)* you will have to keep one in your backpack inside of a > protective box or use a partition of your USB pendrive to boot your > computer (ideally if some sort of knoppix-like fromhd boot option is > used, there should be an option to check the size, type and sha*sum of > the iso) "bootfrom" would be also nice (I think in knoppix you can even combine the "bootfrom=<...>.iso" and "toram" start up options!). These days it doesn't matter much because you could use WSL (Windows Subsystem for Linux), but for whatever reason you may want to just use Linux. > ... that thing they used to call "privacy". I am old enough to remember the times in which telling someone that: "you care about their privacy" would have been taken as an odd joke. It would tacitly mean that -you have no privacy whatsoever-! Privacy is one of those things you would have to take care of yourself! (ToG-L would enable "we the people" to do so) In some European countries not just the government has implanted chips in military personnel, but your boss would make it a precondition to be hired even though it doesn't relate to your job description in the least! "We the people" would get chipped just to be part of a dance club! Some government have had ideas about chipping everyone which makes you wonder if people have started to lose their senses "in the end of times" ... Einstein who made his main occupation the mathematically measurable aspect of the it, mind you, said: "two things are infinite: the universe and human stupidity; and I'm not sure about the universe". I am not trying to be persuasive anyone. I actually think in the times we are living things have gotten more than half way off for way too long and we, scientists, tech monkeys and Mathematicians could and should inform "we the people" and help them more actively have their stand on, way out of such issues. lbrtchx
Re: ToG Linux (first draft of a RFC) ...
Hello, it's quite interesting that you use a platform such as wordpress, running code you can not control, to discuss such matters. Wouldn't it be more reasonable to self host, using a hoster providing decent privacy and aonymity or a technology such as Tor? Given the amount of time and effort you put into your draft, that would not be a big overhead, I think. It would, however, make it clearer that you actually mean it. Also, what I know about secure, air-gapped systems, can be summarized quite easily: - You can not use the same hardware air gapped and non air gapped. - Maintaining such systems is a pain. - There are no shortcuts. Small anecdote: A colleague recently visited a US agencies secure site to help them with some software deployment. He could bring one DVD-R, not -RW, there. No electronic equipment. There are no USB keys, portable disks, or dual-booting devices repeatedly crossing the boundaries there. In particular, there are no exceptions. What you bring in is thoroughly examined and stays in. All your fancy ideas seem to be about bridging the gap. This will not create security. Cheers, Arno -- Arno Lehmann IT-Service Lehmann Sandstr. 6, 49080 Osnabrück
Re: ToG Linux (first draft of a RFC) ...
Oh, well! "My paranoia" as Greg would say ;-) Yes, they removed it again! I have no effing idea why (other than messing with me) You could hopefully see my back and forths with them: https://wordpress.com/forums/topic/how-long-does-it-take-for-a-new-post-to-become-active/ Let me resume fighting them to see if they allow my post (they hadn't, then they did for a while, ...) I will keep you all posted. Given the options I hope our community doesn't get too upset about us going about our initial brainstorming here. lbrtchx
Re: ToG Linux (first draft of a RFC) ...
Hi, On Wed, Dec 06, 2023 at 10:25:55PM +, Albretch Mueller wrote: > You may ask me questions or suggest options on my wordpress page: > > https://ergosumus.wordpress.com/2023/12/06/tog-touch-of-god-linux-first-draft-of-a-rfc/ This page doesn't seem to exist (yet?). I looked at the root of the web site and the most recent post was from February 2022. Thanks, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting