Article 322-6-1 of the French Code Pénal punishes with one year in prison and a 15000€ fine “the diffusion by any mean of manufacturing processes for destructive devices made from explosive, nuclear, biological or chemical substances or any product intended for domestic, industrial or agricultural use“.

So in France, Cryptome can’t publish this very common and very public US military field manual, a textfiles.com mirror in France is illegal because it contains this, description of a chemical reaction on the MIT’s site would be repressed  and Wikipedia’s legal team better excise this section of the Nitroglycerin article from any HTTP response bound to France.

And someone once again forgot that censoring information locally does not work.

But wait – there is more stupidity… The punishment is tripled (three years in prison and a 45000€ fine) if the information has been published “to an undefined audience on a public electronic communication network“. Why isn’t there a specific punishment for posting on a billboard too ? Once again, in yet another country, the use of electronic tools is an aggravating circumstance. As electronics pervade our whole lives, isn’t that entirely anachronistic ?

Well – as long as Tor, I2P & al. keep working…

By the way, that law makes an exception for professional use – so if you are acting as an agent of a duly accredited terrorist enterprise, rest assured it does not apply to you !

Related articles:

• The Economist’s Democracy Index 2010 ranks France as a “flawed democracy”
• President Bayrou of France
• Sarkozy’s big talk about air strikes in Libya – and the state of France’s SEAD capability

[This post motivated by a strange lack of FISAA awareness around me]

You will certainly be relieved to learn that US government agencies do not spy clandestinely on the data you entrust to Google, Facebook & co.

So stop wondering about dark conspiracies : there are none.

The bad news is that they do it legally instead. Yes – US government agencies can legally access any data stored by non-American citizens at USA-based hosting companies. No warrant required – they can basically help themselves with your data anytime they please and that is entirely legal.

Brazen, isn’t it ? It is called FISAA – for more details, take a look at this European Parliament report. And by the way, I believe that some strong reaction from the European Union has been long overdue.

The silver lining is that European hosts are making good business with everyone who won’t host their data in the USA anymore !

Related articles:

• The Copwatch case – French government incompetence at its best and where to go from there
• AIM for Gmail users is bad news
• Facebook news feed RSS is only for web browsers with GUI

I work for a very large corporation. That sort of companies is not inherently evil, but it is both powerful and soulless – a dangerous combination. Thus when dealing with it, better err on the side of caution. For that reason, all of my browsing from the obligatory corporate Microsoft Windows workstation is done trough a SSH tunnel established using Putty to a trusted host and used by Mozilla Firefox as a SOCKS proxy. If you do that, don’t forget to set network.proxy.socks remote DNS to true so that you don’t leak queries to the local DNS server.

In addition to the privacy benefits, a tunnel also gets you around the immensely annoying arbitrary filtering or throttling of perfectly reasonable sites which mysterious bureaucracies add to opaquely managed exclusion lists used by censorship systems. The site hosting the article you are currently reading is filtered by the brain-damaged Websense filtering gateway as part of the “violence” category – go figure !

Anyway, back on topic – this morning my browsing took me to Internode’s IPv6 site and to my great surprise I read “Congratulations! You’re viewing this page using IPv6 (  2001:470:1f12:425::2 ) !!!!!”. A quick visit to the KAME turtle confirmed : the turtle was dancing. The surprising part is that our office LAN is IPv4 only and the obligatory corporate Microsoft Windows workstation has no clue about IPv6 – how could those sites believe I was connecting through IPv6 ? A quick ‘dig -x 2001:470:1f12:425::2′ cleared the mystery : the reverse DNS record reminded me that this address is the one my trusted host gets from Hurricane Electric’s IPv6 tunnel server.

So browsing trough a SOCKS proxy backed by a SSH tunnel to a host with both IPv4 and IPv6 connectivity will use IPv6 by default and IPv4 if no AAAA record is available for the requested address. This behaviour has many implications – good or bad depending on how you look at it, and fun in any case. As we are all getting used to IPv6, we are going to encounter many more surprises such as this one. From a security point of view, surprises are of course not a good thing.

All that reminds me that I have not yet made this host available trough IPv6… I’ll get that done before the World IPv6 Day which will come on 8th June 2011 – a good motivating milestone !

Related articles:

• “Lost connection to MySQL server during query” error while using SSH tunnel [solved]
• Can Xen create a level ground for SSI clustering ?
• Ludicruous disk swap space occupation with Exodus.

Lexmark stubbornly refuses to make any effort toward providing, or at least letting other people provide, printer drivers for their devices – don’t buy from them if you need support for anything other than their operating system of choice.

After repeatedly acquiring throwaway inkjet printers from Lexmark and repeatedly wondering why my mother’s Ubuntu laptop can’t use them, my father finally accepted my suggestion of studying compatibility beforehand instead of buying on impulse – years of pedagogy finally paid off !

My parents required a compact wireless device supporting printing and scanning from their operating systems – preferably fast and silent, if possible robust and not too unsightly. No need for color, black and white was fine - though I would have pushed them toward color if multifunction laser printing devices capable of putting out colors were not so bulky. Those requirements led us toward the Samsung SCX-4500W.

I connected the Samsung SCX-4500W on one of the Ethernet ports of my parent’s router and went through the HTTP administration interface. The printing controls are extremely basic – but the networking configuration surprised me with a wealth of supported protocols : raw TCP/IP printing, LPR/LPD, IPP, SLP, UPnP, SNMP including SNMP v3, Telnet, email alert on any event you want – including levels of consumables… Anything I can think about printing on top of my mind is there. The funniest thing is that neither the product presentation, nor the specification sheet or the various reviews advertise that this device boasts such a rich set of networking features… Demure advertising - now that’s a novel concept !

I set-up wireless the printer’s 802.11 networking features, unplugged the Ethernet cable, rebooted the device… And nothing happened. No wireless networking, no error and, when I reconnected the Ethernet cable and got back to the administration interface, the radio networking menu was not even available anymore. After careful verification I could reliably reproduce that behaviour. At that stage, my parents were already lamenting the sorry state of the ever-unreliable modern technology – and most users would have been equally lost.

I pressed on and found that I was not alone in my predicament. User experiences soon led me to the solution : I had configured my parent’s radio network to use WPA with TKIP+AES encryption (the best option available on their access point) but the Samsung SCX-4500W was unable to support that properly. The administration interface’s radio networking menu proposed TKIP+AES but silently failed to establish a connection and seemed to screw the whole radio networking stack. Only setting my parent’s Freebox and all other devices on the network, to use TKIP only instead of TKIP+AES yielded a working setup with a reachable printer, at the cost of using trivially circumventable security to protect the network’s traffic from intrusion.

Now that is seriously bad engineering : not supporting a desirable protocol is entirely forgivable – but advertising it in a menu, then failing to connect without generating the slightest hint of an error message, and as a bonus wedging the user into an irrecoverable configuration is a grievous sin. I managed to overcome the obstacle, but this is a device aimed at the mass market and I can perfectly understand its target audience’s desire to throw it out of the window.

On that problem was solved, configuring the clients over the network was a breeze and pages of nice print were soon flying out quickly and silently. In summary, the Samsung SCX-4500W is a stylish printing and scanning device that lives up to its promises – apart from that nasty bug that makes me doubt Samsung’s quality control over its networking features.

Scanning with the Samsung SCX-4500W is another story entirely – it should work with the xerox_mfp SANE backend, but only through USB. For now I have found no hope of having it scan for a Linux host across the network.

The PGP web of trust is a social network, even if many of the people who published their keys would never admit joining one. But there are less than sixty thousand users, so low density of users in most social environments causes weak connectivity in the web of trust : the strong set (largest set of keys such that for any two keys in the set, there is a path from one to the other) ties together less than fifty thousand users. This has been a problem for a long time : in 1997 the strong set was only 3100 keys out of sixty thousand published. And in a fast expanding online social sphere, a stagnating network of sixty thousand users is marginal. Of course, many of those users participate in core institutions of  the developper community, but that does not make that population any less marginal. Many don’t mind that marginality, but our taste for elitist cave-dwelling among like-minded peers will not change the fact that effective software development is a social sport. Societies need trust, and restricting our communications to people whose idea of a party is a key signing party is not going to help us very much, so a solution is needed.

The PGP web of trust is no longer the only application that supports a social graph. With the recent mainstream explosion of social networking and digital identity applications, there is an embarrassing wealth of choices such as Google’s OpenSocial specificationhat propose a common set of API for social applications across multiple sites. Social networking in a web environment, including all forms of publication such as blogging, microblogging, forums and anything else that support links is a way to build digital identity. Each person that follows your updates or links to your articles is in effect vouching for the authenticity of your personae, and each one who adds you as a “friend” on a social network is an even stronger vote toward the authenticity of your profile, even if some people add any comer as their “friend”.

The vetting process in social networking applications is in effect just as good as the average key signing outside of a proper key signing process : some will actually check who they are vetting, others will happily sign anything – and it does not matter too much because the whole point of the web of trust is to handle a continuous fabric whose nodes have different reputations and no guarantee of reliability. The result is a weak form of pseudonymous web of trust – just like the PGP web of trust. But with an untrusted technological infrastructure, it is only about strong enough for common social use.

An anaemic GPG web of trust and thriving social networking applications are obvious matches. So what about a social networking application that handles the PGP web of trust ? As usual, similar inputs through similar individuals generate similar outputs – the same problems with the same environment and the same tools handled by people who share backgrounds produce the same conclusions. So now that I am trawling search engines about that concept I find that I am not the only one to hav thought about it. Who will be the first to develop a social networking application plug-in that links a profile to a GPG key to facilitate and encourage key signing between members of  the same platform that know each other ?

Related articles:

• Components for open distributed social networking are already available
• XMPP geographic presence for local social networks
• The least desirable social graph user

Bruce Schneier brought to our attention the performance and ease of use of off-the-shelf data-mining tools for social networking analysis. With a few million CDR that sort of tool can identify user communities in the physical, temporal and social dimensions. ThorpeGlen’s graphical user interface screenshots are particularly impressive.

Needless to say that SIM swapping does not work as the IMEI is still available – that is old news. But swapping both SIM and teminal is not the solution either anymore as behavorial analysis can nowadays still yield a match. This may be the end of  the road for communications security in durable networks by pure compartimentalization. Instead of acquiring random prepaid accounts, clandestine operators should now focus on creating sufficient decoy activity so that the social signal is drowned in enough misleading connexions – and maybe only stolen accounts provide enough credible noise to evade profiling. Doing that without a single mistep is going to be difficult, especially under the sort of pressure that justify such precautions.

But whatever the performance of  the analysis system, casual mobile phone use in a clandestine context is getting more risky – if  this is an off-the-shelf system, just imagine what custom systems can do for the most advanced nations.

Related articles:

• Microsoft Windows disgraceful public failure mode
• Apt update : “public key is not available: NO_PUBKEY “

Who these days has not witnessed the embarrassing failure modes of Microsoft Windows ? Blue screens of all hues and an assortment of badged dialog boxes make each crash into a very public display of incompetence.

I will not argue that Windows is more prone to failure than other operating systems – that potential war of religion is best left alone. What I am arguing is that failure modes should be graceful, or at least more discreet.

A black screen is neutral : the service is not delivered, but at least the most trafficked billboard in town is not hammering everyone with a random pseudo-technical message that actually means “my owners are clueless morons”.

Even better than a black screen : a low level routine that in case of system failure may display something harmless. Anything but an error message.

With so many information screens in the transportation industry, automated teller machines of all sorts and a growing number of advertising screens on roadsides, a properly and specifically configured system is necessary. What about “Microsoft Windows – Public Display Edition” ? Of course, users of Free Software don’t have to wait for a stubborn editor to understand the problems its customers are facing.

When the stakes are high enough, the costs of not managing risk through graceful degradation cannot be ignored. But let’s not underestimate the power of user inertia…

Related articles:

• 30 useful free sotfware packages to make a default Microsoft Windows workstation setup more functional
• Apt update : “public key is not available: NO_PUBKEY “
• Openoffice outline mode

I stumbled upon this gem in Hannah Arendt‘s book The Origins of Totalitarianism :

“The Okhrana, the Czarist predecessor of the GPU, is reported to have invented a filing system in which every suspect was noted on a large card in the center of which his name was surrounded by a red circle; his political friends were designated by smaller red circles and his nonpolitical acquaintances by green ones; brown circles indicated persons in contact with friends of the suspect but not known to him personally; cross-relationships between the suspect’s friends, political and nonpolitical, and the friends of his friends were indicated by lines between the respective circles. Obviously the limitations of this method are set only by the size of the filing cards, and, theoretically, a gigantic single sheet could show the relations and cross-relationships of the entire population. And this is the utopian goal of the totalitarian secret police: a look at the gigantic map on the office wall should suffice at any given moment to establish, not who is who or who thinks what, but who is related to whom and in what degree or kind of intimacy. The totalitarian ruler knows that it is dangerous to send a person to a concentration camp and leave his family and particular milieu untouched; [It is a common practice in Soviet Russia to arrest whole families; Hitler's "Health Bill" also foresaw the elimination of all families in which one member was found to be afflicted with a disease.] the map on the wall would enable him to eradicate people without leaving any traces of them-or almost none. Total abolition of legality is safe only under the condition of perfect information, or at least a degree of knowledge of private and intimate details which evokes the illusion of perfection”.

Hannah Arendt‘s nightmare social mapping system was somewhat mitigated by the technological limits of her time – The Origins of Totalitarianism was published in 1951 and in her mind the information processing technology capable of supporting an extensive social graph was still about as far away as it seemed to the Czarist secret police. But today we are all busy building representations of the social graph to support and enrich our interactions. We are busy on social networking tools making the secret police’s work and making their dream come true.

Have we lost our minds and forgotten about the dangers ? Not quite : privacy management remains at the center of most social graph use cases. But this is a superficial defense : if a totalitarian state was to emerge among our society I know I would be as good as dead – or rather disappeared without a trace.

Luckily I am an European and I therefore enjoy the benefits of a life with historically high levels of freedom. But evil is never as far away as we imagine, and the generation of our grandparents who experienced totalitarism will not remain among us much longer to remind us that.

“You must remember, my fellow-citizens, that eternal vigilance by the people is the price of liberty, and that you must pay the price if you wish to secure the blessing. It behooves you, therefore, to be watchful in your States as well as in the Federal Government” — Andrew Jackson, Farewell Address, March 4, 1837

Related articles:

• Components for open distributed social networking are already available
• Munin plugin for IRC channel user count
• Getting friendly with Pligg – IRC notifications and post submission restriction by user level

In spite of the hype surrounding micro and nano UAV and how important they are becoming to winning the struggle for tactical information, I can’t find any reference about how to defend against them. As their current use is mostly on the strong side of asymmetrical warfare, it seems that the industry and the users have simply set the problem aside for now.

But it won’t be long before two high-technological forces equipped with swarms of nano UAV will find themselves fighting against each other, and they will both certainly clamor for a better fly swatter. Since I can’t foresee very large fly swatters being part of standard issue kit anytime soon, there is a clear need for some new form of air defense against air vehicles as small as a mapple seed.

Will we see micro air defense units in action, complete with toy-size automatically guided artillery, dust-like shrapnel and tiny missiles ? This heralds the appearance of new dimensions in the tactical environment, and those familiar with nanotechnological prospective will have recognized the first step of a downscaling war.

Meanwhile I think about the potential for pest control – selectively killing flying intruders seems definitely better than spraying nerve agents in my home…

Mentioning video surveillance, a sticker on the T2 tram line in Paris refers to it as “video protection”. Considering the dubious efficiency of video surveillance for crime deterrence in unpatrolled spaces, I think we have a beautiful specimen of pristine security bullshit with bonus points for creative use of newspeak. While thinking about it I could almost hear a friendly security agent tell me “please sir, it is for your own safety”. I hope it is the last time I read “video protection” as a way to muddle the negative connotations of video surveillance under a layer of weasel fur, but I guess not.

And while I am at it, let it be known that I am not against video surveillance. I am against the incoherent, inefficient and  expensive dogmatic use of video surveillance for political purposes by flattering popular paranoia with a warm and fuzzy pixie dusted security blanket. Video surveillance is a mildly dissuasive technological extension of patrol work that requires real time attention and human resources for reaction and investigation – like all fortifications it is useless if it is not sufficiently manned. And like all tools it is more than useless if acquired for no profitable purpose other than furthering the personal ambitions of political leaders.