[FRIAM] KRACK

Steven A Smith sasmyth at swcp.com
Sat Oct 21 17:26:51 EDT 2017 

I recently heard from a friend who achieved a very transient and 
unexpected contact with a US Antartica Science team member via a 1W 
handheld DMR RX/TX device.   Anecdotally, they field about 10 such 
contacts a week.   This is more than a little misleading since DMR is a 
packet-relay system, albeit ad-hoc, but doesn't really say anything 
about the distance of any single link... just that there were a 
finite(reasonable) number of hops between my friend in Kansas and the 
folks on the ground in Antartica.


Meanwhile, my own tiny low-power handheld device (iPhone 4) hears (and 
more importantly, can be heard by) a small handful of cell towers, the 
closest is known to be 9 miles away and I don't get much if any useful 
reception BTW.   That would suggest to me that my 2.4Ghz WiFi modem 
could be "heard" from a similar distance (given the similar frequency of 
1.9Ghz) I"m sure there are some folks here with more SIGINT knowledge 
than I, I'm just winging it on the back of an envelope.   So that makes 
for a pretty big "moat" around my 2.9 acre property.   And if I can't 
stop gophers from boring under my garden fence buried 18 inches, how can 
I hope to stop Musk and El Chapo?  And the drones and tethered balloons? 
No way!  I can barely see them with my 100x scope on my WWI 30.06 which 
has a theoretical ceiling of 10,000 ft anyway, so I doubt I can shoot 
them down even if I can find them (PS.  I don't own any ammunition for 
said antique handed down from my grandfather who carried it in Europe 
100 years ago).


I remember scoffing at a colleague 25 years ago who claimed that the 
holographic strips added to $50/$100 bills was a "gubmint konspiracy" to 
track our cash from satellite... and yup!  He had an MS in CS but lined 
his wallet with tinfoil (but not his hat?).    It seems steered phased 
array antenna can interrogate UHF RFID tags from about 600ft in free air 
today... so while he was a few orders of magnitude off in his paranoia, 
it is MORE reasonable than I'd expected.


McNealy told us 20 years ago "there is NO privacy, get OVER it".   I'm 
not sure what "over it" means, but I think we need a whole restructuring 
of social norms and expectations based on this issue.


My latest bets are on ideas grown up out of BlockChain tech... it's not 
just for Digital Currency anymore?


I think we need to transcend both Capitalism (and for sure consumerism) 
and Democracy (but not egalitarianism) at this point, so folks like 
Democracy Earth might either be "a good start" or "a bad seed", I'm not 
sure yet.   http://democracy.earth/ .  Any observations?


- Sneeze

On 10/21/17 10:59 AM, Marcus Daniels wrote:
>
> Nick writes:
>
>
> "I hope at some point you will let us civilians know what we should do 
> about this.  Other than cringing in abject terror, of course."
>
>
> You can subscribe to one of these..
>
>
> https://www.pcmag.com/article2/0,2817,2403388,00.asp
>
>
> This will involve pressing a Connect button before using the Internet. 
>   The channel will be encrypted, so that a wiretap (without the wires) 
> it will only show gibberish.
>
>
> Or download the software at www.torproject.org <http://www.torproject.org>
>
> Tor takes more extensive measures to both encrypt your connections and 
> also to make it very difficult to track you.  The cost of this is that 
> it is slower.  A VPN is less noticeable in this regard.
>
>
> As Glen points out, there are other kinds of wireless access that are 
> easy to overlook such as when a smartphone switches from LTE to Wifi, 
> Kindle/Tablet browsing, Amazon Fire sticks, wireless cameras, and so 
> on.   There are VPN app for smartphones too.
>
>
> Then there is another option which is to buy a big estate and put a 
> moat around it. That doesn't stop drones, though.   A moat and a 
> plexiglass bubble, then.   Oh, and watch out for boring machines too 
> from well-equipped people like Elon Musk and El Chapo.
>
>
> Marcus
>
> ------------------------------------------------------------------------
> *From:* Friam <friam-bounces at redfish.com> on behalf of Nick Thompson 
> <nickthompson at earthlink.net>
> *Sent:* Saturday, October 21, 2017 9:49:23 AM
> *To:* 'The Friday Morning Applied Complexity Coffee Group'
> *Subject:* Re: [FRIAM] KRACK
> Hi, Wizards,
>
> I hope at some point you will let us civilians know what we should do 
> about this.  Other than cringing in abject terror, of course.
>
> Nick
>
> Nicholas S. Thompson
> Emeritus Professor of Psychology and Biology
> Clark University
> http://home.earthlink.net/~nickthompson/naturaldesigns/ 
> <http://home.earthlink.net/%7Enickthompson/naturaldesigns/>
>
> -----Original Message-----
> From: Friam [mailto:friam-bounces at redfish.com] On Behalf Of gepr ?
> Sent: Friday, October 20, 2017 7:11 PM
> To: The Friday Morning Applied Complexity Coffee Group <friam at redfish.com>
> Subject: Re: [FRIAM] KRACK
>
> Yeah. They've built with a patch for ddwrt, too. Supposedly here:
> http://svn.dd-wrt.com/changeset/33525
> But it's still fun to think about.
>
>
> On October 20, 2017 5:00:38 PM PDT, Roger Critchlow <rec at elf.org> wrote:
> >The OpenWRT/LEDE open source images for compatible routers got updated
> >a few days ago.  Since the hack attacks the handshake protocol between
> >client and access point, there are apparently several ways the access
> >point can subvert the attack.  Whether the update accomplishes that
> >without introducing new vulnerabilities remains to be seen.
>
>
> --
> ⛧glen⛧
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe 
> http://redfish.com/mailman/listinfo/friam_redfish.com 
> <http://redfish.com/mailman/listinfo/friam_redfish.com>
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://redfish.com/pipermail/friam_redfish.com/attachments/20171021/b858f86f/attachment.html>

More information about the Friam mailing list