Tag Archives: encryption

March 1, 2023 · 21:48

Moments of clarity

It happens, we all have them and at times we do not know how it interacts with reality. For me it started yesterday. I was at first thinking No Ware, No where, Know Wear, Know What and so on, like a train, phonetic phrases. This took me back to a moment in the 80’s when I came across the idea for a phonetic virus. A virus that when played on a PC it does nothing, when on played on an Apple with a RISC processor it stops processes and other elements. Nothing destructive, merely disruptive. I never brought it into play for the reason that I had a job and I was too busy for anything else but work. So in that setting my mind starting mulling a few things over.

Local awareness
The setting is that there is no real way to keep things safe, pretty much any cloud system can be transgressed upon. I got there by the MSNBC article ‘U.S. Marshals Service suffers ‘major’ security breach that compromises sensitive information, senior law enforcement officials say’, nothing really new, Solarwinds brought that to the surface, the April 2021 events brought that to the surface and that was not the first event, more has happened that overthrows the statements regarding ‘Data at rest’ and ‘Data in motion’. The data vault programs on the iPad merely heightens the issue to a much higher and a much more visible event. We need programs that reserve memory on mobiles and make sure that it is local only, the idea to put it ‘safely’ in the cloud is a joke that is much bigger than the Titanic.

QR codes
Then I moved towards replacing the QR codes. There is nothing wrong with the QR code, it is an awesome invention, but there is a geriatric need. Many of these people are not good with their phone camera’s, and at times the use of such a code could have larger ramifications.

I came up with an idea. 4 blocks of 12 characters consisting of either A, C, D, E, G, H, K, L, M, P, S, T, U, W, X, Z, even with camera on an angle, there is every chance to repair the image and code. The 16 letters could represent a hexadecimal code, the 4 number groups separating the blocks could have all kind of uses and the hash in the middle is a check number keeping it all in balance and offer some kind of stage to repair the unclear image of such a code.

My initial use was to encrypt medication so that an image could help doctors when needed, but its use is much larger as I am imagining it. 

These elements are connected, but not essentially so. I was brainstorming on the use of different approaches to keep usage of data private. The approach could become larger, but that is what we all think of our ideas. Will it work? I cannot tell, there is a direct market to keep private for everyone, these so called providers come up with an idea and then place it in the cloud where EVERYONE can get a hand on it. There is a need to change things and others are seeing that stage evolve right now. 

 But it was an idea I have no real intentions to pursue and as such it made for a nice story on my blog. So have at it and have a great day

Advertisement

Leave a comment

Filed under IT, Science

Tagged as , , , , , , , , , ,

June 21, 2022 · 03:00

What the NSA overlooked

OK, it is not only them, or at least I think they overlooked it. You see, about 25 years ago I stumbled upon something. A person of (alleged) Russian origin had an encryption method that allowed out in the open messaging that remained hidden. He used a BBS system for this. I merely by accident stumbled upon it as I was looking for a file to use in an article and I think it was an image of the Kremlin (or one of those buildings on that square). I found it because I was playing with PhotoPaint to show people a few tricks in that program. So as I was looking I noticed something odd, at first I thought I had done something wrong, but after a few attempts I noticed something off. It was easy to see because my origin was in Merchant Navy, many others would have ignored it, and in addition, the man used a setting too strong, or compared to today, he used too strong a grade.

Look at the first example. It is easy to see as I used a complementary colour. 

So we can easily see what is going on. Yet there is another method

In this example we are using 2 layers and we can use 2 colours. The layers are CMYK, here we have one restraint, for some reason it does not work as good when we use Cyan (no idea why), black we cannot touch, but Yellow and Magenta we can. Now we need to make it clear in another way what the offset is. I tend to use the 2 points, but it can be anything from 1-6. So if the code for magenta is #FF00FF, I have that one and #FF00FD, the brain and eyes cannot differentiate, the computer can and here we have a nice way to remain hidden. For Yellow we have #FFFF00 and #FFFF02, and if we complete the image no one is the wiser, and if we know the offset (I tend to use the same offset for both colours) we can decrypt it decently easy too. Combined the image is so perfect that no one will see it. I also learned that straight lines when overlapping tended to make the code pop up too easily, or better stated the straight lines were broken due to the CMYK offset and this came to a solution in the simplest of ways. The naked lady has no straight lines and if there was a straight line, the people would be focussing on something entirely different (what a surprise). 

So why am I telling you this? Well as my health diminishes too few players would be able to vie for my IP and it is safely on 4Chen the release date is at present September 30th, If I do not make it a dozen mails to certain people and certain forums will be released. Yet as I see it the pool of people who would have a clue is slightly too small, as such I am placing the first clue here, hoping to enlarge the pool.

It will still be a puzzle to find the images and there is one other place where straight lines are seldom found. In addition, when the codes are correctly decrypted a set of three images and around 30 sets will give you billions in IP, or at least it is my claim that it will be worth billions. It is all up to you, I am too tired and that is the steeple chase. And the fun part is that the images have been there for months, per set all uploaded at different days using a fake ID, an asian ID no less (thanks to a friend I used to know at Uni). My only wish is that it will not be found by some Microsoft Dodo, but that is the risk I am willing to take. 

Frank Herbert once stated (in 1965) “He who can destroy a thing, controls a thing”, there is truth in that and I made the setting that if I leave it to public domain the larger corporations will stay away and the individuals get a fair shake for a change. A stage often overlooked but that is the nice thing about creation, it could foster new innovators, I can only hope that this will be the case here too.

Leave a comment

Filed under IT, Science, Stories

Tagged as ,

March 7, 2021 · 02:00

Science in art, deception through science

Just as I got past the first female night-horse (read: nightmare) I got into another one. I am not sure why, but for some reason it matters, in this there is a CIA wet work operative played by Graham McTavish, there is a spotter with him, he minds the listening system. They are watching a man seemingly talking to himself, but it is too much of a one sided conversation, the sniper (McTavish) changes the scope to thermal, now he sees a shimmer, one he had seen before, it was digital cloaking. He signals the spotter, who starts changing the dials on a small box and after several seconds he nods, he listens. He says ‘the other person is whispering Greek’, and he listens, they are looking at an almost surreal setting, it is almost 30 seconds until the spotter states ‘I cannot be here’ McTavish looks around, the man is absolutely pale with fear “I cannot be here” he states again, puts his sidearms in his mouth and pulls the trigger. The sniper gets out fast, they were both using suppressors, as such there was too little sound to set the alarm off. He grabs all the gear and he gets out as quickly a possible, all whilst sending the alert signal.

The scene was weird, I do not remember seeing it on TV or in the movies, but it got me thinking on communication, and soon thereafter encryption, do not ask why, I have no idea, but the slithers of one, connected to the idea of another. To show this here is an image

As you can see, it is in foundation a sudoku setting, an 81 figure number (nine times nine), yet the stage is to some degree predictable, every number used once, per square and no number the same in a row or column, even as there are only nine combinations, there is a larger stage for encryption systems to work on, but what if we look at killer sudoku?

As you see in the image, the stage becomes a little different, we get a combination of puzzles and it is that combination that could give reality to a new encryption method. A stage where the sudoku itself is merely part of the puzzle, it is the other part that gets us the encryption. Is it a 2H box, a 2V box and so on, but in that stage it becomes a lot harder to figure out the numbers. The shapes can be anything, a letter, numbers, any combination. The numbers are numbers but there are ways to encrypting that too, and as every level is larger the computer undoing the cypher will take more and more time, all whilst there is an optional setting to reset that setting, a solution in apps that makes any high end encrypted system a much larger option for diplomatic staff to keep encrypted data with them, without them knowing what they are carrying, or anyone for that matter. If they are not part of it, they are merely the vessel that the channel carries.

Or in humorous terms (an ode to Danny Kaye) “The pellet with the poison’s in the vessel with the pestle; the chalice from the palace has the brew that is true!”, as such the issue is not the servant, that person has no idea what they are carrying, a new stage where 2-3 apps set a larger stage and with the security out of the way (thanks to Microsoft and Epic) anyone can be a courier. Yes, when you (optionally) saw ‘Microsoft sides with Epic in its fight with Apple, promises a more open MS Store’ with the text “Microsoft filed a declaration in support of Epic’s request for an injunction against Apple’s plan to remove its access to iOS development tools. The company said in the filing that the Unreal Engine is “critical technology for numerous game creators,” and that taking away Epic’s ability to support it on iOS and MacOS devices “will harm game creators and gamers.”” Most people do not see the larger picture, all this was merely a way for Epic to shun its duties, duties that allow smaller players to avoid larger costs, yet once greed sets in there is a larger stage and they paved the way for organised crime to take much larger steps for people to be tempted to quick cash only to learn at a much larger stage that they became mules. It is that stage that also allows for a new encryption systems, with people having 1-2 apps, that the person with the third app will be able to capture what they need, sometimes it will be with the persons consent, but not always, and that is where we are at. The rich taking what they want and not wanting to be held responsible, no matter what damage they are at the head of, what a world we live in, it seems that my nightmares are a much more pleasant place to be soon enough.

Leave a comment

Filed under IT, Military, Science

Tagged as , , , , , , , , ,

October 4, 2020 · 18:33

A coin with 2 sides of greed

This morning started out alright, I was still pondering on what I had wrote yesterday and I still stand by it. Any voices on complexity are not dimmed, the issue is larger than I wrote about it, but to take the full scope makes the matter too complex, I was all about oversimplification, as that tends to show things, but it also polarises any view (including mine). This is what was in my mind when the news on Proton-mail and Andy Yen hit me. You see the moment any firm goes into some preaching stage of ‘App Fairness’ mode, the hairs in my neck tend to rise to the occasion. Now, those who read my blog regularly will have seen that I have no issue slapping the big boys silly whenever I can. So like the proverbial pitbull, I have had a mouthful of pants with Apple, Google, IBM and Microsoft logo’s and a chunk of their asses. No matter how big they are, I do not pull my punches (much more fun the way), so let’s have a look at Andy Yen, actually, let’s do something else first, it helps you to understand the station where I am at.

In 2008 Apple launched the App store, initially with around 500 apps. Apple saw in the early days the third party developers would bring home the bacon, but in those years it was not easy being a developer. Those developing for windows had well over a decade of experience and in those days the Software Development Kit would cost a developer $1500, with the additional programming packages and consultancy lessons. So ANY developer would be out of pocket between $3,000 and $5,000 and they would not have anything to show for it. The cost would drastically increase when the program was ready, but the was for another time. So in those days Apple got clever about it and gave us “To publish apps on App Store, developers must pay a $99 yearly fee for access to Apple’s Developer Program”, now consider the first setting of $99 versus $3,000, a new stage that allowed the dreamers and the wickedly clever to publish without a setting of some bulk investment and there was another part, “The income app stores take is 30%. Apple started setting that as a standard – they weren’t the first, but the iOS app ecosystem has been used as a model by many other players in the mobile app space”, now consider the you are a small developer, selling your software will need servers, protection software, shopping kart software, income checkers and go on from that. Apple delivered a system that does it all, so the developer will only need to upload their readied product. Thousands of dollars saved and the small developers get an almost free ride and they pay later through every sale. 

This is beyond fair, because the one million programs that came in the first decade would evolve, these people had a second option. They would sell their program for $0.99-$5 and Apple merely takes 30% of the sale, 70% remains with the makers and that contribution setting was already in play with software houses from the 90’s, yet those programs were often $299-$999. A mobile with the option of programs costing less than $5 are more easily sold and these makers suddenly made thousands of dollars, most of them massively happy. In that same light under Microsoft these developers would never exist. The cost of being up and running would strip all revenue away. As such Apple (and Google too) would create a wave of people creating the thousands of dollars to fuel the system would basically be paid for by the more successful players in this field.

So when I see the headline ‘Why we joined the Coalition for App Fairness’, I merely see a greed driven non-truth that is (as I personally see it) fuelled by greed.

So now the you have some of the background, we see the real deal, people like Epic Games and Proton-mail, they had an idea and they used that system to get ahead, which is nice for them, yet now, now that they made it, they want to avoid fees, they want the 30% that they initially signed up for as well. It is basically the same with Epic Games, once they made the numbers, their success went to their heads and they are now fishing (or is that phishing) for the 30% they signed up for? They want to avoid the apple fee and for one player it makes sense, yet this system was designed so that the small players would get a chance to become big, a stage that many faced. So when I see these ‘displays of fairness’ I merely see greed driven players merely wanting more.

The setting is however larger. The quote “First, to be clear, our mission at Proton is to foster an open, free, private, and secure internet. We exist today because a large community of people agree with these goals and support our work. Helping to found CAF does not in any way signal a deviation from these core values. Proton will always remain fiercely protective of our independence in order to put user interests first” gets to be ripped to shreds when we see “to foster an open, free, private, and secure internet”, yes they do have a free option, but it is limited, which might be fair enough, their goal is to be ready for the 4.00 € and 24.00 € a month users, whilst their free accounts are limited, the paying ones are driving this and so far they got 10 million people in their accounts, I am not aware how many constitutes free accounts.

Another point was “Our purpose for joining CAF is not about advancing the goals of Spotify and Epic, but about making sure that you, our community, have a voice in this important debate”, is the so? I find it debatable, for the simple reason that we are also handed “ProtonMail is run by Proton Technologies AG, a company based in the Canton of Geneva, and its servers are located at two locations in Switzerland, outside of US and EU jurisdiction”, whilst this sounds nice, outside of jurisdictions comes at a price and one could argue the organised crime finds the approach appealing, as do some people the want to avoid data accountability, but for the most, I am on the fence of how reliable data safety outside of jurisdictions tend to be (I am not making any statement on the security they run). So the app store has them as a free app, which implies that they are free, but they offer ‘Offers In-App Purchases’, and their own Twitter account gives us “We actually don’t understand the significance of paid account here? ProtonMail doesn’t offer in app purchases on Android, so purchases need to be made through our Swiss website”, and there is the kicker, they want it via their own website to avoid the 30%, exactly how Epic Games set it up, once they have the foundation of users, they want to avoid Apple (and/or Google) fees. 

I need to admit that Andy Yen is in a slightly different setting (as is Epic Games). You see, he started with the backing through kick-starters and ended up with a beginning capital of $500K, 5 times of what they needed to get started, a lot do not have that option, which I admit is not the stage that Andy Yen cares about (yet he claims the opposite), we get it, but when we see ‘a better internet that puts people first’, we need to realise the this was exactly what Apple did (Google too), by setting the contribution cycle almost EVERY developer had their chance at stardom, and whilst we see ‘free app’, how many people would have taken it up when the app had to be bought at $9.99, or $19.99? You forget that if we avoid the contribution cycle, we see the the funds need to be found somewhere, do they not? You really cannot get it both ways and for the most the contribution cycle is the most fair, because it is only taken from actual sales, so the newbies get to be there for free or for nothing (or both), and the big players basically pay for the little people.

Consider that and the fact that there is a price for being able to chose from 1.75 million app on a store. If that setting did not exist these store would end up having well over a million apps less. And this year, in the covid year, there is suddenly the need to avoid paying because the investors need to be appeased. As I personally see it greed is the final equaliser against choice, because these players want to be the only provider and the current stage allows new developers deploy their system, optionally a real innovative one, but they get a to because the costs of starting are not there, not like it was anyway.

Happy now?

Leave a comment

Filed under Finance, IT

Tagged as , , , , , , , , , , , ,