date:20171021

Re: [FRIAM] KRACK

2017-10-21 Thread Roger Critchlow

from KRACK to TRACK

https://www.wired.com/story/track-location-with-mobile-ads-1000-dollars-study/

-- rec --

On Sat, Oct 21, 2017 at 6:05 PM, Marcus Daniels 
wrote:

> I am all for big investments in Blockchain:  Secure the vote, secure
> hazardous materials, secure titles to property, fuel the quantum computing
> arms race..  Good stuff!
>
> Sent from my iPhone
>
> On Oct 21, 2017, at 3:27 PM, Steven A Smith  wrote:
>
> I recently heard from a friend who achieved a very transient and
> unexpected contact with a US Antartica Science team member via a 1W
> handheld DMR RX/TX device.   Anecdotally, they field about 10 such contacts
> a week.   This is more than a little misleading since DMR is a packet-relay
> system, albeit ad-hoc, but doesn't really say anything about the distance
> of any single link... just that there were a finite(reasonable) number of
> hops between my friend in Kansas and the folks on the ground in
> Antartica.
>
>
> Meanwhile, my own tiny low-power handheld device (iPhone 4) hears (and
> more importantly, can be heard by) a small handful of cell towers, the
> closest is known to be 9 miles away and I don't get much if any useful
> reception BTW.   That would suggest to me that my 2.4Ghz WiFi modem could
> be "heard" from a similar distance (given the similar frequency of 1.9Ghz)
> I"m sure there are some folks here with more SIGINT knowledge than I, I'm
> just winging it on the back of an envelope.   So that makes for a pretty
> big "moat" around my 2.9 acre property.   And if I can't stop gophers from
> boring under my garden fence buried 18 inches, how can I hope to stop Musk
> and El Chapo?  And the drones and tethered balloons? No way!  I can barely
> see them with my 100x scope on my WWI 30.06 which has a theoretical ceiling
> of 10,000 ft anyway, so I doubt I can shoot them down even if I can find
> them (PS.  I don't own any ammunition for said antique handed down from my
> grandfather who carried it in Europe 100 years ago).
>
>
> I remember scoffing at a colleague 25 years ago who claimed that the
> holographic strips added to $50/$100 bills was a "gubmint konspiracy" to
> track our cash from satellite... and yup!  He had an MS in CS but lined his
> wallet with tinfoil (but not his hat?).It seems steered phased array
> antenna can interrogate UHF RFID tags from about 600ft in free air today...
> so while he was a few orders of magnitude off in his paranoia, it is MORE
> reasonable than I'd expected.
>
>
> McNealy told us 20 years ago "there is NO privacy, get OVER it".   I'm not
> sure what "over it" means, but I think we need a whole restructuring of
> social norms and expectations based on this issue.
>
>
> My latest bets are on ideas grown up out of BlockChain tech...  it's not
> just for Digital Currency anymore?
>
>
> I think we need to transcend both Capitalism (and for sure consumerism)
> and Democracy (but not egalitarianism) at this point, so folks like
> Democracy Earth might either be "a good start" or "a bad seed", I'm not
> sure yet.   http://democracy.earth/ .  Any observations?
>
>
> - Sneeze
>
> On 10/21/17 10:59 AM, Marcus Daniels wrote:
>
> Nick writes:
>
>
> "I hope at some point you will let us civilians know what we should do
> about this.  Other than cringing in abject terror, of course."
>
>
> You can subscribe to one of these..
>
>
> https://www.pcmag.com/article2/0,2817,2403388,00.asp
>
>
> This will involve pressing a Connect button before using the Internet.
> The channel will be encrypted, so that a wiretap (without the wires) it
> will only show gibberish.
>
>
> Or download the software at www.torproject.org
>
> Tor takes more extensive measures to both encrypt your connections and
> also to make it very difficult to track you.  The cost of this is that it
> is slower.  A VPN is less noticeable in this regard.
>
>
> As Glen points out, there are other kinds of wireless access that are easy
> to overlook such as when a smartphone switches from LTE to Wifi,
> Kindle/Tablet browsing, Amazon Fire sticks, wireless cameras, and so on.
> There are VPN app for smartphones too.
>
>
> Then there is another option which is to buy a big estate and put a moat
> around it.   That doesn't stop drones, though.   A moat and a plexiglass
> bubble, then.   Oh, and watch out for boring machines too from
> well-equipped people like Elon Musk and El Chapo.
>
>
> Marcus
> --
> *From:* Friam   on
> behalf of Nick Thompson 
> 
> *Sent:* Saturday, October 21, 2017 9:49:23 AM
> *To:* 'The Friday Morning Applied Complexity Coffee Group'
> *Subject:* Re: [FRIAM] KRACK
>
> Hi, Wizards,
>
> I hope at some point you will let us civilians know what we should do
> about this.  Other than cringing in abject terror, of course.
>
> Nick
>
> Nicholas S. Thompson
> Emeritus Professor of Psychology and

Re: [FRIAM] KRACK

2017-10-21 Thread Marcus Daniels

I am all for big investments in Blockchain:  Secure the vote, secure hazardous 
materials, secure titles to property, fuel the quantum computing arms race..  
Good stuff!

Sent from my iPhone

On Oct 21, 2017, at 3:27 PM, Steven A Smith 
> wrote:


I recently heard from a friend who achieved a very transient and unexpected 
contact with a US Antartica Science team member via a 1W handheld DMR RX/TX 
device.   Anecdotally, they field about 10 such contacts a week.   This is more 
than a little misleading since DMR is a packet-relay system, albeit ad-hoc, but 
doesn't really say anything about the distance of any single link... just that 
there were a finite(reasonable) number of hops between my friend in Kansas and 
the folks on the ground in Antartica.


Meanwhile, my own tiny low-power handheld device (iPhone 4) hears (and more 
importantly, can be heard by) a small handful of cell towers, the closest is 
known to be 9 miles away and I don't get much if any useful reception BTW.   
That would suggest to me that my 2.4Ghz WiFi modem could be "heard" from a 
similar distance (given the similar frequency of 1.9Ghz) I"m sure there are 
some folks here with more SIGINT knowledge than I, I'm just winging it on the 
back of an envelope.   So that makes for a pretty big "moat" around my 2.9 acre 
property.   And if I can't stop gophers from boring under my garden fence 
buried 18 inches, how can I hope to stop Musk and El Chapo?  And the drones and 
tethered balloons? No way!  I can barely see them with my 100x scope on my WWI 
30.06 which has a theoretical ceiling of 10,000 ft anyway, so I doubt I can 
shoot them down even if I can find them (PS.  I don't own any ammunition for 
said antique handed down from my grandfather who carried it in Europe 100 years 
ago).


I remember scoffing at a colleague 25 years ago who claimed that the 
holographic strips added to $50/$100 bills was a "gubmint konspiracy" to track 
our cash from satellite... and yup!  He had an MS in CS but lined his wallet 
with tinfoil (but not his hat?).It seems steered phased array antenna can 
interrogate UHF RFID tags from about 600ft in free air today... so while he was 
a few orders of magnitude off in his paranoia, it is MORE reasonable than I'd 
expected.


McNealy told us 20 years ago "there is NO privacy, get OVER it".   I'm not sure 
what "over it" means, but I think we need a whole restructuring of social norms 
and expectations based on this issue.


My latest bets are on ideas grown up out of BlockChain tech...  it's not just 
for Digital Currency anymore?


I think we need to transcend both Capitalism (and for sure consumerism) and 
Democracy (but not egalitarianism) at this point, so folks like Democracy Earth 
might either be "a good start" or "a bad seed", I'm not sure yet.   
http://democracy.earth/ .  Any observations?


- Sneeze

On 10/21/17 10:59 AM, Marcus Daniels wrote:

Nick writes:


"I hope at some point you will let us civilians know what we should do about 
this.  Other than cringing in abject terror, of course."


You can subscribe to one of these..


https://www.pcmag.com/article2/0,2817,2403388,00.asp


This will involve pressing a Connect button before using the Internet.   The 
channel will be encrypted, so that a wiretap (without the wires) it will only 
show gibberish.


Or download the software at www.torproject.org

Tor takes more extensive measures to both encrypt your connections and also to 
make it very difficult to track you.  The cost of this is that it is slower.  A 
VPN is less noticeable in this regard.


As Glen points out, there are other kinds of wireless access that are easy to 
overlook such as when a smartphone switches from LTE to Wifi, Kindle/Tablet 
browsing, Amazon Fire sticks, wireless cameras, and so on.   There are VPN app 
for smartphones too.


Then there is another option which is to buy a big estate and put a moat around 
it.   That doesn't stop drones, though.   A moat and a plexiglass bubble, then. 
  Oh, and watch out for boring machines too from well-equipped people like Elon 
Musk and El Chapo.


Marcus


From: Friam  on 
behalf of Nick Thompson 

Sent: Saturday, October 21, 2017 9:49:23 AM
To: 'The Friday Morning Applied Complexity Coffee Group'
Subject: Re: [FRIAM] KRACK

Hi, Wizards,

I hope at some point you will let us civilians know what we should do about 
this.  Other than cringing in abject terror, of course.

Nick

Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
http://home.earthlink.net/~nickthompson/naturaldesigns/

-Original Message-
From: Friam [mailto:friam-boun...@redfish.com] On Behalf Of gepr ?
Sent: Friday, October 20, 2017 7:11 PM

Re: [FRIAM] KRACK

2017-10-21 Thread gepr ⛧

Awesome contribution!

On October 21, 2017 2:26:51 PM PDT, Steven A Smith  wrote:
>I recently heard from a friend who achieved a very transient and 
>unexpected contact with a US Antartica Science team member via a 1W 
>handheld DMR RX/TX device.   Anecdotally, they field about 10 such 
>contacts a week.   This is more than a little misleading since DMR is a
>
>packet-relay system, albeit ad-hoc, but doesn't really say anything 
>about the distance of any single link... just that there were a 
>finite(reasonable) number of hops between my friend in Kansas and the 
>folks on the ground in Antartica.
>
>
>Meanwhile, my own tiny low-power handheld device (iPhone 4) hears (and 
>more importantly, can be heard by) a small handful of cell towers, the 
>closest is known to be 9 miles away and I don't get much if any useful 
>reception BTW.   That would suggest to me that my 2.4Ghz WiFi modem 
>could be "heard" from a similar distance (given the similar frequency
>of 
>1.9Ghz) I"m sure there are some folks here with more SIGINT knowledge 
>than I, I'm just winging it on the back of an envelope.   So that makes
>
>for a pretty big "moat" around my 2.9 acre property.   And if I can't 
>stop gophers from boring under my garden fence buried 18 inches, how
>can 
>I hope to stop Musk and El Chapo?  And the drones and tethered
>balloons? 
>No way!  I can barely see them with my 100x scope on my WWI 30.06 which
>
>has a theoretical ceiling of 10,000 ft anyway, so I doubt I can shoot 
>them down even if I can find them (PS.  I don't own any ammunition for 
>said antique handed down from my grandfather who carried it in Europe 
>100 years ago).
>
>
>I remember scoffing at a colleague 25 years ago who claimed that the 
>holographic strips added to $50/$100 bills was a "gubmint konspiracy"
>to 
>track our cash from satellite... and yup!  He had an MS in CS but lined
>
>his wallet with tinfoil (but not his hat?).    It seems steered phased 
>array antenna can interrogate UHF RFID tags from about 600ft in free
>air 
>today... so while he was a few orders of magnitude off in his paranoia,
>
>it is MORE reasonable than I'd expected.
>
>
>McNealy told us 20 years ago "there is NO privacy, get OVER it".   I'm 
>not sure what "over it" means, but I think we need a whole
>restructuring 
>of social norms and expectations based on this issue.
>
>
>My latest bets are on ideas grown up out of BlockChain tech... it's not
>
>just for Digital Currency anymore?
>
>
>I think we need to transcend both Capitalism (and for sure consumerism)
>
>and Democracy (but not egalitarianism) at this point, so folks like 
>Democracy Earth might either be "a good start" or "a bad seed", I'm not
>
>sure yet.   http://democracy.earth/ .  Any observations?
-- 
⛧glen⛧


FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-21 Thread Steven A Smith

I recently heard from a friend who achieved a very transient and 
unexpected contact with a US Antartica Science team member via a 1W 
handheld DMR RX/TX device.   Anecdotally, they field about 10 such 
contacts a week.   This is more than a little misleading since DMR is a 
packet-relay system, albeit ad-hoc, but doesn't really say anything 
about the distance of any single link... just that there were a 
finite(reasonable) number of hops between my friend in Kansas and the 
folks on the ground in Antartica.



Meanwhile, my own tiny low-power handheld device (iPhone 4) hears (and 
more importantly, can be heard by) a small handful of cell towers, the 
closest is known to be 9 miles away and I don't get much if any useful 
reception BTW.   That would suggest to me that my 2.4Ghz WiFi modem 
could be "heard" from a similar distance (given the similar frequency of 
1.9Ghz) I"m sure there are some folks here with more SIGINT knowledge 
than I, I'm just winging it on the back of an envelope.   So that makes 
for a pretty big "moat" around my 2.9 acre property.   And if I can't 
stop gophers from boring under my garden fence buried 18 inches, how can 
I hope to stop Musk and El Chapo?  And the drones and tethered balloons? 
No way!  I can barely see them with my 100x scope on my WWI 30.06 which 
has a theoretical ceiling of 10,000 ft anyway, so I doubt I can shoot 
them down even if I can find them (PS.  I don't own any ammunition for 
said antique handed down from my grandfather who carried it in Europe 
100 years ago).



I remember scoffing at a colleague 25 years ago who claimed that the 
holographic strips added to $50/$100 bills was a "gubmint konspiracy" to 
track our cash from satellite... and yup!  He had an MS in CS but lined 
his wallet with tinfoil (but not his hat?).    It seems steered phased 
array antenna can interrogate UHF RFID tags from about 600ft in free air 
today... so while he was a few orders of magnitude off in his paranoia, 
it is MORE reasonable than I'd expected.



McNealy told us 20 years ago "there is NO privacy, get OVER it".   I'm 
not sure what "over it" means, but I think we need a whole restructuring 
of social norms and expectations based on this issue.



My latest bets are on ideas grown up out of BlockChain tech... it's not 
just for Digital Currency anymore?



I think we need to transcend both Capitalism (and for sure consumerism) 
and Democracy (but not egalitarianism) at this point, so folks like 
Democracy Earth might either be "a good start" or "a bad seed", I'm not 
sure yet.   http://democracy.earth/ .  Any observations?



- Sneeze

On 10/21/17 10:59 AM, Marcus Daniels wrote:


Nick writes:


"I hope at some point you will let us civilians know what we should do 
about this.  Other than cringing in abject terror, of course."



You can subscribe to one of these..


https://www.pcmag.com/article2/0,2817,2403388,00.asp


This will involve pressing a Connect button before using the Internet. 
  The channel will be encrypted, so that a wiretap (without the wires) 
it will only show gibberish.



Or download the software at www.torproject.org 

Tor takes more extensive measures to both encrypt your connections and 
also to make it very difficult to track you.  The cost of this is that 
it is slower.  A VPN is less noticeable in this regard.



As Glen points out, there are other kinds of wireless access that are 
easy to overlook such as when a smartphone switches from LTE to Wifi, 
Kindle/Tablet browsing, Amazon Fire sticks, wireless cameras, and so 
on.   There are VPN app for smartphones too.



Then there is another option which is to buy a big estate and put a 
moat around it. That doesn't stop drones, though.   A moat and a 
plexiglass bubble, then.   Oh, and watch out for boring machines too 
from well-equipped people like Elon Musk and El Chapo.



Marcus


*From:* Friam  on behalf of Nick Thompson 


*Sent:* Saturday, October 21, 2017 9:49:23 AM
*To:* 'The Friday Morning Applied Complexity Coffee Group'
*Subject:* Re: [FRIAM] KRACK
Hi, Wizards,

I hope at some point you will let us civilians know what we should do 
about this.  Other than cringing in abject terror, of course.


Nick

Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
http://home.earthlink.net/~nickthompson/naturaldesigns/ 



-Original Message-
From: Friam [mailto:friam-boun...@redfish.com] On Behalf Of gepr ?
Sent: Friday, October 20, 2017 7:11 PM
To: The Friday Morning Applied Complexity Coffee Group 
Subject: Re: [FRIAM] KRACK

Yeah. They've built with a patch for ddwrt, too. Supposedly here:
http://svn.dd-wrt.com/changeset/33525
But it's still fun to think about.


On October 20, 2017 5:00:38 PM PDT, Roger Critchlow

Re: [FRIAM] KRACK

2017-10-21 Thread gepr ⛧

Ha! That reminds me of the fact that gmane no longer archives this list. (And 
even the mailman archives have been down for awhile.) So now's the time to 
speak freely because your words are less likely to be used against you later. 
8^) 

I can't help but wonder how the notorious lack of security in the Internet of 
Things will impact our (what Mikhail Epstein calls) "textoids", those little 
snippets of our produce, video, music, email, tweets, etc. The openness of the 
universe (as Dave's rant gets right) continues to flummox the GUMmers amongst 
us. At the ALife Evolution of evolvability I workshop, the group was bifurcated 
into 2 camps: those who thought hierarchy decreased degrees of freedom and 
those who thought it increased DoF. I'm still too ignorant to have a coherent 
opinion. But it seems either could be right.

On October 21, 2017 9:59:01 AM PDT, Marcus Daniels  wrote:
>Then there is another option which is to buy a big estate and put a
>moat around it.   That doesn't stop drones, though.   A moat and a
>plexiglass bubble, then.   Oh, and watch out for boring machines too
>from well-equipped people like Elon Musk and El Chapo.
-- 
⛧glen⛧

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-21 Thread Marcus Daniels

Nick writes:

"I hope at some point you will let us civilians know what we should do about 
this.  Other than cringing in abject terror, of course."

You can subscribe to one of these..

https://www.pcmag.com/article2/0,2817,2403388,00.asp

This will involve pressing a Connect button before using the Internet.   The 
channel will be encrypted, so that a wiretap (without the wires) it will only 
show gibberish.

Or download the software at www.torproject.org

Tor takes more extensive measures to both encrypt your connections and also to 
make it very difficult to track you.  The cost of this is that it is slower.  A 
VPN is less noticeable in this regard.

As Glen points out, there are other kinds of wireless access that are easy to 
overlook such as when a smartphone switches from LTE to Wifi, Kindle/Tablet 
browsing, Amazon Fire sticks, wireless cameras, and so on.   There are VPN app 
for smartphones too.

Then there is another option which is to buy a big estate and put a moat around 
it.   That doesn't stop drones, though.   A moat and a plexiglass bubble, then. 
  Oh, and watch out for boring machines too from well-equipped people like Elon 
Musk and El Chapo.

Marcus

From: Friam  on behalf of Nick Thompson 

Sent: Saturday, October 21, 2017 9:49:23 AM
To: 'The Friday Morning Applied Complexity Coffee Group'
Subject: Re: [FRIAM] KRACK

Hi, Wizards,

I hope at some point you will let us civilians know what we should do about 
this.  Other than cringing in abject terror, of course.

Nick

Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
http://home.earthlink.net/~nickthompson/naturaldesigns/

-Original Message-
From: Friam [mailto:friam-boun...@redfish.com] On Behalf Of gepr ?
Sent: Friday, October 20, 2017 7:11 PM
To: The Friday Morning Applied Complexity Coffee Group 
Subject: Re: [FRIAM] KRACK

Yeah. They've built with a patch for ddwrt, too. Supposedly here:
http://svn.dd-wrt.com/changeset/33525
But it's still fun to think about.

On October 20, 2017 5:00:38 PM PDT, Roger Critchlow  wrote:
>The OpenWRT/LEDE open source images for compatible routers got updated
>a few days ago.  Since the hack attacks the handshake protocol between
>client and access point, there are apparently several ways the access
>point can subvert the attack.  Whether the update accomplishes that
>without introducing new vulnerabilities remains to be seen.

--
⛧glen⛧

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe 
http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-21 Thread Nick Thompson

Hi, Wizards,

I hope at some point you will let us civilians know what we should do about 
this.  Other than cringing in abject terror, of course.  

Nick 

Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
http://home.earthlink.net/~nickthompson/naturaldesigns/

-Original Message-
From: Friam [mailto:friam-boun...@redfish.com] On Behalf Of gepr ?
Sent: Friday, October 20, 2017 7:11 PM
To: The Friday Morning Applied Complexity Coffee Group 
Subject: Re: [FRIAM] KRACK

Yeah. They've built with a patch for ddwrt, too. Supposedly here:
http://svn.dd-wrt.com/changeset/33525
But it's still fun to think about.

On October 20, 2017 5:00:38 PM PDT, Roger Critchlow  wrote:
>The OpenWRT/LEDE open source images for compatible routers got updated 
>a few days ago.  Since the hack attacks the handshake protocol between 
>client and access point, there are apparently several ways the access 
>point can subvert the attack.  Whether the update accomplishes that 
>without introducing new vulnerabilities remains to be seen.

--
⛧glen⛧

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe 
http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

Re: [FRIAM] KRACK

Re: [FRIAM] KRACK

Re: [FRIAM] KRACK

Re: [FRIAM] KRACK

Re: [FRIAM] KRACK

Re: [FRIAM] KRACK

7 matches

Site Navigation

Mail list logo

Footer information