2021/10/23

Digital sovereignty

There's a European (and German) policy of pursuing digital sovereignty; reducing dependence on foreign cloud servers, for example. I am no expert on the topic (I was never terribly interested in it) and cannot comment on details, but what I saw through general news media was unimpressive.

We would need to address many more vulnerabilities and would also need to change a certain government attitude to reduce our vulnerability significantly.

- - - - -

Back this summer Samsung announced that it had deactivated internet-capable Samsung TV sets that were stolen from a warehouse in South Africa. This is apparently built into all Samsung TV sets; Samsung can brick Samsung TV sets at will if they're connected to the internet. This is in principle a possibility for all kinds of internet-connected hardware.

Microsoft added a Microsoft Exchange Emergency Mitigation service recently. Exchange servers had been affected by malware to a catastrophic extent, and Microsoft developed this as a general countermeasure. To create and apply patches that remove a certain vulnerability to malware takes quite long, and malware can spread much in the meantime. It's much quicker to identify some commands the malware is using and to block those in your software. So Microsoft now builds into Exchange servers the ability to centrally brick them partially, but in effect also to brick them completely. Microsoft can de facto brick all Exchange servers whose admins haven't switched this default active emergency mitigation to off. There's no-one stopping them from coding their software to enable an override over this choice.

This points at a more general problem: Every automated software update capability is in effect a backdoor for the update provider. The software developer or someone who has thoroughly re-engineered and analysed the software can apply an update that turns the software non-functional or adds malicious functions. It can also be used to prevent further updates, as happened to some internet-of-things devices that were accidentally bricked by a poorly designed update in yet another anecdote and could not be repaired any more.

The malicious functions can include surveillance. Microphones can record sound, but loudspeakers can do so as well.

- - - - -

In other words; it's not just Samsung or Microsoft or the U.S., just about every big player has the technical opportunities to shut down our economy, and this includes the ability to cause irreparable harm to our hardware.

A great internet shut down wall as set up by Russia wouldn't help at all (theirs only makes sense as an option for political oppression), nor would blocking certain IPs in the event of crisis. No matter how many satellite and fibreglass communication links you severe, a fingernail-sized storage device can smuggle all the malware into a country that's needed to turn a domestic network computer into the attack launch point.

- - - - -

It would help to prioritise IT security over IT vulnerability. This sounds trivial if not offensively obvious, but then again we're talking about European and American governments.

So far the German government policies and the policies of the U.S., UK and so forth were aimed at implementing vulnerabilities and preventing much security and encryption. This stems from a mindset of bureaucrats who want more and more power, more and more authority - and this leads them towards favouring vulnerabilities that they themselves can then exploit. Even the BSI (German agency for IT security) has been compromised by this

The pursuit of backdoors, unpatched vulnerabilities and encryption weaknesses to enable the own surveillance, spying and sabotage is exposing our whole civilization to hacking on a scale that lets hacking against drug dealers, kiddie porn watchers and errorists look petty and irrelevant. A warlike scale of insecurity exploits could crash government and economy to a greater degree than the 1944 bombing of Germany and bring the railroad infrastructure to a halt for weeks (the German railroad control and signal techs in use are too diverse and antique for much more sabotage through software).

Yet again, I conclude that we need political leadership to understand the issue and to turn the bureaucracies away from pursuing their self-interest, pushing them on course to serve the common good. It's an ambitious request.

S O

defence_and_freedom@gmx.de

P.S.: Audited open source software (compiled by the user himself) with an automatic pause for automatic updates and an unpatchable reversibility of past updates would protect us pretty well. Physically secure and separated backups are a necessity. Encryption should be one-time pad encryption with satisfactory randomisers whenever practical.

A joke for you: The Israeli arms industry sends me press releases and stuff, and one of their companies seriously tries to sell cyber defence software. As if anyone not utterly stupid would trust Israelis with his/her/its cybersecurity after all their hacking (keyword Pegasus), obvious assassination campaigns and other subversive actions. They might have sold their stuff to the lying moron, but the rest of their target audience got to be corrupt or utterly, utterly stupid. That target group is probably the same as for U.S. military trainers abroad.

.

15 comments:

  1. Cyberdefence seems a generally neglected topic, would a re-election of Donald Trump change this?
    How good would you judge Chinese approaches at internet security? They seem to at least attempt something in this regard.

    ReplyDelete
    Replies
    1. Rule of thumb: Lying morons are good for nothing. Same with self-serving narcissists.

      I have no info about Chinese cybersec. The uselessness of their IP address-blocking censorhip apparatus was already mentioned in the blog text.

      Delete
    2. I agree that Trump himself is unlikely to get much done, but he accumulates smarter malicious people around himself that can serve destructive purposes. His movement of suckers fed conspiracy theories thru microtargeting has developed a live of its own and will bring in further candidates of his ilk. The danger I see, is the USA becoming as non-democratic as Russia thru different means and wielding all that power over us thru our IT security relying on them.

      Actual Chinese internet is a mix of Western services accessed thru VPN and homebrews. It's similar to Russia in this regard. At least their homebrew makes them less susceptible for propaganda messaging in US's favour. I wonder if these homebrews offer other security advantages.

      Delete
    3. I've only observed him accumulating grifters and idiots, not smarter people. The smarter people usually fled his vicinity after a few months, even some malicious ones like Bolton.

      It doesn't really matter who attacks. A vulnerability can be exploited by its creator and by others, so all known vulnerabilities should be unacceptable.

      The creators of hardware and software should be held liable for damage by vulonerabilities, same with the sellers. Rewards should be offered for finding vulnerabilities, and to this end hacker tools should be re-legalised in Germany. Re-engineering source codes should be legalised as well.
      The creators and sellers of hard- and software should have to pay the government both the reward paid to the finder and aditional punitive payments when vulnerabilities were found without known damage done.
      Encryption standards should be defined without involvement by countries with known espionage hyperactivity liek U.S., UK, Russia, PRC, Israel and no weaknesses should be tolerated. Research into quantum-proof encryption should be sponsored, but at the same time we should use one time pads wherever practical.

      Delete
  2. I think that many critical infrastructure needs some de-digitalisation. For example the drinking water infrastructure. One must not think here even in a greater scenario. Lets simply assume that in the heat of late juli the water supply of one german big city and its area around would be stopped by such an attack. Even this "small" scenario would lead to unthinkable results and is actually unsolvable for the german authorities. They would not be able to give enough drinking water to the population at the moment.

    Or lets talk about electricity. If the electricity for only one bigger german city fails for only some days the social order and everythink else would collapse within the shortest time.

    Especially the question of the renewable energies and the green energy revolution in germany leads to more digitalisation and because of that more sensitivity to hacker attacks against the electrical (smart!) grid.

    An greater blackout in germany through an hacker attack for only one weak, only seven days would lead to the collapse of great parts of the society and unthinkable damages.

    The only solution i see here is to swim against the river and to start with an de-digitalisation to make several parts of our infrastructure free from any digitalisation and we need to seperate them from the net completly and as far reaching as possible from any computer.

    ReplyDelete
    Replies
    1. Collapse doesn't happen THAT easily, that's nonsense. A couple jewellery stores would suffer and people would drink no more coffee, and that's about it.

      We can separate critical infrastructure networks from the general internet, but that still doesn't protect against intrusion by USB flash drive. The signal cables of the railway system and their switch boxes are exposed to sabotage in ten thousands of locations.

      At the very least we need to emphasise security over vulnerability to our own hacking, and we need to require some hardening of critical infrastructure (including the ability to maintain DAB+ radio and TV emergency programming).

      CyberSec requirements for banks, insurances and such are beyond the scope of the blog.

      Delete
    2. I think you heavily underestimate how fast things can collapse. There are studies from the bavarian police for the question how long order and security could be maintained in the case of an blackout - and both would collapse totally within a day. The Bundesamt für Bevölkerungsschutz regards an blackout as the most problematic and most possible scenario. The main thread would be the drinking water and heating, as without electricity both things become extremly difficult to maintain.

      One problem in this context is, that the german people ignore that fact heavily despite the same Bundesamt even gives concrete advices how to prepare. But preperation and self-relicance are more regarded as something suspicious - despite it is simply logical and clever to have some reserves at home (as it was the case throughout history). Todays average reserves in private homes would be spend withing days.

      Delete
    3. I know too much about history to fall for fantasy horror scenarios and I have a very, very, very low regard for the opinion of the Bavarian police.

      Delete
    4. May i ask why you regard the bavarian police in this way? What do think then about the Bundesamt für Bevölkerungsschutz und Katastrophenhilfe?

      According to this Bundesamt the personal emergency preparedness is to low for the absolut majority of the people living in germany. And if the electricty fails you cannot simply buy any food or water and moreover the supermarkets etc would be empty without resupply within one or two days. The just in time economy fails terrible in such a scenario.

      Also your experience in history in all honours, but the circumstances today are completly different. The people in earlier ages lived completly different in completly different structures and had completly different circumstances in comparison to today. And even then the results were catastrophic. Lets take for example the years 1708 / 1709. Similar cirumstances would could lead today to an complete blackout. And even then, hundreds of thousands of people died, today it would be much worth as no longer the greatest part of the population are farmers, with their own well, their own cattle, their own forest and self-sufficiency. The big citys would become inhabitable within weeks.

      Especially if someone knows about history he should also regard that illogical, stupid and irrational behaviour in such an situation will be overwhelming. A scenario like the raft of the medusa will be much more probably than an rational and calm reaction.

      Delete
    5. The Bavarian LE sector is among the most extreme in Germany in its overreach, particularly regarding civil rights. I do generally not trust the opinion of bureaucrats and there is no evidence about breakdown of order in such a case, it's all worthless guessing. LE has a vastly inflated opinion of imposed "order and security" and is completely blind regarding other ways of getting things done among other people.

      No bureaucracy has a clue about how long we could make do without a food supply chain and tap water. I had enough insight to bureaucracies to know that they have hardly any capacity to collect such information.

      I've had a sizeable stash of spaghetti, rice, tea and other durable foodstuff that would last for months since 2017, and not one bureaucracy had a clue about it. All my relatives easily have enough food reserves for weeks. It's commonplace in rural areas and among old people who remember tougher times.
      -------------------------------------
      You're dabbling in end-of-world fantasy. Keep that for fiction literature, it's misplaced in discussions about the real world.

      Delete
    6. And you are talking about things you know not enough about. That is no end-of-the-world fantasy and even if a hundredthousand people die it would not be the end of the world, but to the opposite over 80 million people would still be alive.

      I wonder realy that someone like you who claims to know about history can neglect the differences between earlier times and today and simply denies the weaknesses and problems of an modern society such at it is in comparison to the self sufficency in earlier times. Moreover it is only anecdotic evidence which says absolutly nothing that you and your relatives have food for months (lucky for you) as it is an fact, that the majority does not have such an amount of food (despite the question of drinking water and cooking etc) Especially in the great citys this is not the case.

      I wonder also how weak your argumentation and logic is here. You claim the bureaucracy of the bundesamt für katastrophenschutz knows nothing but you know everything?! Seriously? According to what information can you claim that? Because you have spaghetti and rice (insufficient) the majority of the population can last months without food resupply and without water?! that argumentation is so absurd and illogical that it is an waste of time to write anything more. you are the one dabbling about an fantasy world.

      Delete
    7. At the beginning of the Corona crisis I had something that might be symptoms and went into quarantine, lived of my food storage and had my neighbour do shopping for me. In case of a catastrophy people help each other, despite some looting the toilet paper supply.

      Delete
    8. You're checking enough boxes of the all-too familiar pattern that's all about insisting that the society is super fragile if not doomed to collapse anytime now. That pattern has been wrong since basically forever. We've had really dire situation in 1945, but only after a lost world war, migration and mostly in the 80+% razed cities.

      Bureaucracies highlight the problems they're supposed to manage. Quel surprise!

      Order and security would not "collapse within a day". That's bullshit, presumably self-serving bullshit by bureaucrats who feel professionally obliged to obsess about order and security.

      The Bundesamt für Bevölkerungsschutz und Katastrophenhilfe has close to zero knowledge about the actual private food reserves. I highly doubt that they have much of a clue about the complicated supply chains and stocks in businesses.
      I've been on the working end of some studies done for the government and industrial associations. The basis for such studies is always shaky because you simply cannot force your way to actually know things. You can only use what others write or say and fill the many gaps with estimates.

      Drinking water would be an issue, but we hardly drink tap water anyway, and could coffee filter + boil lake and river water easily for a while. Heating is much less now a problem than ever before because of all the obsessive adding of insulation to homes and because our winter isn't any more what it used to be.

      Supply chains collapse easily, but societies ("order and security") don't.

      Delete
  3. I have some experience with the railway signal system. There do happen system errors and failures and the trained train drivers are to a degree capable of compensating in case of system malfunction. Railway might be one of the more resilient systems.

    ReplyDelete
    Replies
    1. Keep in mind most railway traffic is dependent on electrification and the track switches depend on regionally centralised control.
      The German railway control centres often use antique tech, but the cables are exposed.

      I suppose we could maintain diesel powered train traffic with simplified routes (with track switches stuck in one position), mostly the main routes. Railway bridges could be physically busted in time of war, at least the Oder bridges.

      Delete