8chan/8kun QResearch Posts (2)
#5731535 at 2019-03-17 05:58:51 (UTC+1)
Q Research General #7330: HAPPY ST. PATRICK'S DAY! Edition
>>5731533
"I'm trying to change that and make hardware part of the solution to security rather than a bystander," said Salmon. "This is only the beginning. This is a problem that is so big that one DARPA program isn't going to solve even 20 percent of the problem."
In a voting system, this means the hardware would prevent, for example, someone entering a voting booth and slipping a malicious memory card into the system and tricking the system into recording 20 votes for one vote cast, as researchers have shown could be done with some voting systems.
"Our goal is to make this so that the hardware is blocked against all of these various types of attack from the external world. If this is successful, and if the software put on top is equally successful, then it means people can't hack in and ... alter votes. It would also mean that the person who votes would get some verification that they did vote and all of that would be done in a manner that hackers couldn't change," Salmon said.
The DARPA secure hardware program involves six teams from several universities as well as Lockheed Martin. Each team was tasked with creating three secure CPU designs. Galois, which is part of the SSITH project, plans to build its voting system on top of the secure hardware designed by these teams, and will create a prototype for each CPU design.
"It's normal, open source voting system software, which just happens to be running on top of those secure CPUs," said Kiniry. "Our contention is... that a normal voting system running on COTS [commercial off-the-shelf hardware] will be hacked. A normal voting system running on the secure hardware will probably not be hacked."
Not only are teams developing secure CPUs but to best take advantage of what a secure CPU offers, they're developing new versions of open source C-compilers so they can recompile the entire software stack on a system-the operating system, the kernel, all the libraries and all the user software that's written in C.
"So it really is a powerful software play and hardware play," Kiniry said.
The program isn't about re-architecting new CPUs, but proving that existing hardware can be modified to be made secure, thereby avoiding the need to re-design hardware from scratch.
"Galois and DARPA have just stepped up and filled a vacuum of leadership at the federal level to address the well-documented vulnerabilities in US voting machines that constitute a national security crisis."
But even so, the secure designs are expected to change how new CPUs are architected going forward.
Joe FitzPatrick, a noted hardware security expert who trains professionals on hardware hacking and security, calls the DARPA secure hardware project a lofty goal that will be great if it succeeds.
"I can't tell if they truly are architecting a new CPU that is truly resistant to all these [attacks]. But if they designed a new CPU that was able to understand and determine malicious or correct operations from the software, that's not trivial. That would be pretty amazing," said FitzPatrick.
Peiter "Mudge" Zatko, a former program manager at DARPA and noted security professional who has testified to Congress on security issues, said this and other DARPA projects are beneficial because they usually spawn new solutions. But he cautions that secure CPUs won't solve all security problems.
"We should [also] work towards building processors that have more security principles inherent in them," he told Motherboard.
Susan Greenhalgh, policy director for the for the National Election Defense Coalition, an election integrity group, hopes the systems Galois and DARPA are building will finally change the status quo of insecure voting.
"The [current systems are] woefully equipped and too prosaic to drive the quantum changes needed to face the nation-state actors that are threatening our democracy," she told Motherboard. "Galois and DARPA have just stepped up and filled a vacuum of leadership at the federal level to address the well-documented vulnerabilities in US voting machines that constitute a national security crisis."
#3444694 at 2018-10-12 00:19:20 (UTC+1)
Q Research General #4367: But, Of Course, Anons Already Knew Edition
Report on Chinese Spy Chips Untrue, Demonstrates Shaky Journalism
A recent Bloomberg report citing Chinese efforts to secretly install microchips in US computer servers as a means to infiltrate the US' technology supply chain contains flaws that raise questions about the publication's journalistic ethics, web developer and technologist Chris Garaffa told Sputnik.
Last week, Bloomberg published a lengthy report alleging a Chinese hacking attempt which it calls "the most significant known supply chain attack ever against American companies." The report goes on to detail how hackers reportedly implanted spy chips into motherboards of servers used by some 30 tech companies, including Amazon and Apple. The chips were allegedly inserted into motherboards sold by Super Micro, a server component manufacturer based in California, before those motherboards were used in servers sold to customers by various companies.
Citing various anonymous sources, the report also notes that Chinese spies had even inserted microchips into equipment used by several US government agencies. (Think the Central Intelligence Agency and the US Department of Defense.)
According to Bloomberg, these mysterious chips could be used to give China access to the US government's internal servers and to collect trade secrets and other data from the targeted American companies.
Garaffa told Radio Sputnik's Loud & Clear on Thursday that Bloomberg's investigative piece raised more questions than it answered when it was published on October 4.
"I don't believe it's true," he told hosts Brian Becker and John Kiriakou. "There have been... so many questions raised about it, and many people, including some people who talked to Bloomberg about the story, have come out and said that there are issues with the way it was covered."
One hole in the story was made evident when one of the security experts quoted in the story, Joe FitzPatrick, appeared on an episode of the Risky Biz podcast and revealed that he'd been misquoted, Garaffa told Becker, noting that Bloomberg used theoretical background FitzPatrick provided about computer hardware attacks and just ran with it.
"If a foreign government... if the US government wanted to attack a supply chain like this, there are much easier ways and much less intrusive ways to do it rather than inserting this chip on however many thousands of servers," Garaffa stressed.
Super Micro, Apple, Amazon and even the US Department of Homeland Security's Cyber Security Center have rejected Bloomberg's claims. For Super Micro, the report caused the company's stock value drop by 41 percent, CNBC reported after the story went live in the early morning hours of October 4.
Though Garaffa believes that Bloomberg's reporting harbors the essence of "sloppy journalism," he did indicate that it also offers a special twist on how the outlet joins its reporting on world affairs with the technology industry. "This is how Bloomberg covers tech stories with an international spin," he said.
https://sputniknews.com/analysis/201810121068813648-bloomberg-chinese-spy-chips-report/
8chan/8kun QResearch SCOTLAND Posts (1)
#15302181 at 2022-01-03 19:06:16 (UTC+1)
Q Research Scotland #5: Humanity Rising Edition
https://www.bbc.co.uk/news/uk-scotland-scotland-politics-59830333
Heads of Scotland's drug death taskforce resign
The heads of Scotland's drug death task force have resigned.
Chairwoman Prof Catriona Matheson and her deputy, former deputy chief constable Neil Richardson, have stepped down from their roles.
They said the government's "demand for speed" over a report on reforms was "counterproductive" and driven by a desire to meet targets rather than achieving "sustainable change"
But minister Angela Constance said the taskforce needed to "move faster".
Prof Matheson, a Stirling University expert in substance misuse, has been chairwoman of the taskforce since it was established in 2019.
Leaders make 'united effort' against drug deaths
Drugs helpline aimed at user safety to be launched
Six ways to tackle Scotland's drugs crisis
Drugs tsar says addicts 'neglected and ignored'
It was set up by the Scottish government in a bid to curb a rising number of drug deaths.
The then public health minister Joe FitzPatrick described the situation as an "emergency" and said new approaches were needed "even if at first they may be challenging".
Drug deaths in Scotland reached a record high of 1,339 in 2020 with the country suffering by far the highest fatality rate of any country in Europe.
Figures published earlier this month showed that Police Scotland recorded 1,007 deaths believed to be linked to drug use between January and September this year, 40 fewer than the same period in 2020.
The resignations were first reported by The Daily Record, which said Prof Matheson and Mr Richardson had stood down after being asked to produce a report on reforms by the summer.
In a resignation letter, they said: "We have always understood the need for urgency but we feel the current demand for speed is counterproductive and driven by other factors such as meeting targets, rather than achieving the sustainable change evidence shows is more effective."
Drugs policy ministerAngela Constancesaid that she regretted the fact that Prof Matheson and Mr Richardson had resigned but thanked them for their "hard work and commitment".
She told BBC Scotland's Drivetime programme: "The taskforce has undertaken wide-ranging and very important work to help inform us on how best to turn the tide on rising drug deaths in Scotland.
"But I am clear that as we come to the end of the first year of the national mission and look ahead to what's next, we need to have an increased focus on implementation and delivery on the ground."
She said that was why she had asked the taskforce "to make its recommendations earlier than anticipated".
'Pick up the pace'
"Drug deaths in Scotland is our other public health emergency and we do need to move further but we also need to move faster," she told the programme.
"I think I was very fair and very clear with my expectations. We need to be continuously challenging ourselves and others to pick up the pace.
"We need to be doing more, doing it better and doing it faster."As fast as you got a public inquiry into historic child abuse?
She added that she would speak to the other taskforce members before updating parliament as soon as possible in the new year.
Ms Constance said that the recent quarterly statistics had shown a slight fall in suspected drug-related deaths.
But she added: "It is clear there is still an urgent need to implement changes that will make a real and tangible difference to people's lives."