Open Letter to the Law Enforcement Community

To my friends in law enforcement, and many whom I don’t know serving our country:

First, thank you. You do an incredibly difficult job that often goes unseen, and you put your life at risk to make this great country safer. For that, I am deeply grateful.

Many of you have suddenly found yourselves on the wrong side of history. Our country has what, by many appearances, seems to be an illegitimate president who may be the product of the Russian intelligence community, and possibly even the head of the FBI, both of whom played a role in defrauding or manipulating our election system. Within one week of taking office, Trump has shown himself a madman who uses racism and personal prejudice to fill in the gaps that his incompetence affords. Seemingly overnight, our country has been transformed from what many had considered a free country struggling to overcome their indifferences, now into a place of fear for basic human rights. Racist extremist minority groups, deeply rooted in our country, have suddenly become empowered to hate, igniting hostility against anyone who is different from the majority in skin tone, religion, or sexual orientation.

With the stroke of a pen, livelihoods and families have been discarded by the government, as many who have lived legally in our country for years now have had to fight against illegal deportation orders, or have been banned from re-entering the country they call home. These men, women, and children are considered among enemies of the state not for committing a crime, but for merely existing. Meanwhile, science, technology, and even the arts are being harmed through this disgraceful practice, as many of these human beings are scientists, engineers, movie directors, and other productive human beings working for large technology innovators, defense contractors, or even in Hollywood. All of them went through several layers of vetting far beyond what the president has ever been subject to, just to be in this country and get the jobs they have. We’re in very troubling times – times that frighten everyone, except those in power.

Continue reading “Open Letter to the Law Enforcement Community”

Technical Analysis: Meitu is Junkware, but not Malicious

Last week, I live tweeted some reverse engineering of the Meitu iOS app, after it got a lot of attention on Android for some awful things, like scraping the IMEI of the phone. To summarize my own findings, the iOS version of Meitu is, in my opinion, one of thousands of types of crapware that you’ll find on any mobile platform, but does not appear to be malicious. In this context, I looked for exfiltration or destruction of personal data to be a key indicator of malicious behavior, as well as performing any kind of unauthorized code execution on the device or performing nefarious tasks… but Meitu does not appear to go beyond basic advertiser tracking. The application comes with several ad trackers and data mining packages compiled into it – which appear to be primarily responsible for the app’s suspicious behavior. While it’s unusually overloaded with tracking software, it also doesn’t seem to be performing any kind of exfiltration of personal data, with some possible exceptions to location tracking. One of the reasons the iOS app is likely less disgusting than the Android app is because it can’t get away with most of that kind of behavior on the iOS platform.

Continue reading “Technical Analysis: Meitu is Junkware, but not Malicious”

Configuring the Touch Bar for System Lockdown

The new Touch Bar is often marketed as a gimmick, but one powerful capability it has is to function as a lockdown mechanism for your machine in the event of a physical breach. By changing a few power management settings and customizing the Touch Bar, you can add a button that will instantly lock the machine’s screen and then begin a countdown (that’s configurable, e.g. 5 minutes) to lock down the entire system, which will disable the fingerprint reader, remove power to the RAM, and discard your FileVault keys, effectively locking the encryption, protecting you from cold boot attacks, and prevent the system from being unlocked by a fingerprint.

One of the reasons you may want to do this is to allow the system to remain live while you step away, answer the door, or run to the bathroom, but in the event that you don’t come back within a few minutes, lock things down. It can be ideal for the office, hotels, or anywhere you feel that you feel your system may become physically compromised. This technique offers the convenience of being able to unlock the system with your fingerprint if you come back quickly, but the safety of having the system secure itself if you don’t.

Continue reading “Configuring the Touch Bar for System Lockdown”

Backdoor: A Technical Definition

Original Date: April, 2016

A clear technical definition of the term backdoor has never reached wide consensus in the computing community. In this paper, I present a three-prong test to determine if a mechanism is a backdoor: “intent”, “consent”, and “access”; all three tests must be satisfied in order for a mechanism to meet the definition of a backdoor. This three-prong test may be applied to software, firmware, and even hardware mechanisms in any computing environment that establish a security boundary, either explicitly or implicitly. These tests, as I will explain, take more complex issues such as disclosure and authorization into account.

The technical definition I present is rigid enough to identify the taxonomy that backdoors share in common, but is also flexible enough to allow for valid arguments and discussion.

Continue reading “Backdoor: A Technical Definition”

On Christianity

I’ve often been asked why an intellectual type guy such as myself would believe in God – a figure most Americans equate to a good bedtime story, or a religious symbol for people who need that sort of thing. Quite the contrary, what I’ve discovered in my years of being a Christian is that it is highly intellectually stimulating to strive to understand God, and that my faith has been a thought-provoking and captivating journey.  I wasn’t raised in a Christian home, nor did I have any real preconceived notions about concepts such as church or the Bible. Like most, I didn’t really understand Christianity with anything other than an outside perception for the first part of my life – all I had surmised was that he was a religious symbol for religious people.

Today’s perception of Christianity is that of a hate-filled, bigoted group of racists, a title that many so-called Christians have rightfully earned for themselves. This doesn’t represent Christianity any more than the other stereotypes do, and even atheists know enough about the Bible to know that such a position is hypocritical. Since 1993, I’ve been walking in the conviction that God is more than just a story, that he’s nothing like the stereotypes, and that it takes looking outside of typical American culture to really get an idea of what God is about. In this country, I’ve seen all of the different notions of what a church should be; I think most people already know in their heart who God is, and that’s why they’re so averse to the church.

Continue reading “On Christianity”

On NCCIC/FBI Joint Report JAR-16-20296

Social media is ripe with analysis of an FBI joint report on Russian malicious cyber activity, and whether or not it provides sufficient evidence to tie Russia to election hacking. What most people are missing is that the JAR was not intended as a presentation of evidence, but rather a statement about the Russian compromises, followed by a detailed scavenger hunt for administrators to identify the possibility of a compromise on their systems. The data included indicators of compromise, not the evidentiary artifacts that tie Russia to the DNC hack.

One thing that’s been made clear by recent statements by James Clapper and Admiral Rogers is that they don’t know how deep inside American computing infrastructure Russia has been able to get a foothold. Rogers cited his biggest fear as the possibility of Russian interference by injection of false data into existing computer systems. Imagine the financial systems that drive the stock market, criminal databases, driver’s license databases, and other infrastructure being subject to malicious records injection (or deletion) by a nation state. The FBI is clearly scared that Russia has penetrated more systems than we know about, and has put out pages of information to help admins go on the equivalent of a bug bounty.

Continue reading “On NCCIC/FBI Joint Report JAR-16-20296”