Less Radiation

According to Mast Sanity, the respected Swedish researcher Prof. Olle Johansson has been having problems finding lab space for his latest experiments. The labspace he planned to use, to replicate recent studies that led to the cancellation of city-wide WiFi in San Francisco, have been instead grabbed by very important ferret research. If ever you needed an indication that you were getting close to the truth, then this has to be it!

There’s loads of interesting stuff here, just read the
link.

Basically, you need to know that governments around the world are far more interested in how much money can be made from wireless services, than the well-being of their ill-informed populations!

GSM Mobile Phone Security is now practically dead. Anyone with a spare couple of grand can now do what was previously the exclusive preserve of national security agencies. Previously you’d have to spend £100K and prove you were a suitable government-grade customer.

According to the theregister.co.uk’s security pages, several talks at the Black Hat security conference in Las Vegas this week will take GSM hacking down to the script-kiddie level – all you need is enough cash for a modified USRP USB radio peripheral & a 2000GB hard drive to store the rainbow lookup tables.

With that kit you can grab big chunks of the mobile phone spectrum in real time and target individual IMSI numbers. The researchers reckon that 80% of mobile traffic passes over the old A5/1 GSM system. A5/3 & 3G phones should still be considered secure. But remember if your 3G phone isn’t near a strong signal it will be stepping back down to A5/1 anyway.

Think about all those corporate espionage guys out there, they must be salivating like crazy. The rainbow lookup tables are a hefty download at 2TB, but if you’re prepared to travel to Oslo, The Register reports that Frank A. Stevenson (guy who cracked the CSS encryption scheme on DVDs) will swop you a blank drive for one with the rainbow tables on. (Rainbow Tables are lookup tables with the answers to all the possible challenge answers for the GSM A5/1 algorithm – this saves lots of time working each one out indivdually, and crucially makes near real-time decryption possible).

Of course the GSM Alliance makes light of all this, still calling it theoretical – and in some ways they have a point, it’s not like you can do this on an old reprogrammed Nokia 3310 after all!

When Dect (the cordless phone you use at home) was hacked last year we didn’t see UK identity thieves having a field day, gathering up bank pins etc. Only a couple of thousand of the PCMCIA Dect cards were in circulation, and most were probably bought up by security researchers quite quickly. So the hardware to hack Dect became expensive & you had to be able to configure a Linux laptop yourself to use it – the barrier to entry was therefore set high.

With GSM it’s even higher. You needs lots of Linux knowledge & £1000 worth of USRP radio hardware + soldering skills too. Sure organised criminals, corporate spies & bent media companies will use this technology to spy on the rich and famous, but it won’t become a massive problem in the UK. If anything, it will just speed along the adoption of 3G smartphones.

I wonder where Karsten Nohl & friends will be heading next with their USRPs? Dect cracked last year, this year GSM. Airwave/Tetra next year, maybe?

http://en.wikipedia.org/wiki/IMSI-catcher

There’s an interesting piece by Adam Higginbotham in this months US edition of Wired magazine.

It’s all about the US military’s escalating game of wits with insurgents in Iraq & Afganistan.

The biggest problem for the US isn’t AK47s or rocket launchers, it’s IEDs – Improvised Explosive Devices or roadside bombs. These cause more mayhem & carnage than anything else, and are built for peanuts.

It’s not the explosives aspect that caught my eye, rather the ingenious ways that they are triggered. Anything which can send a wireless signal is fair game: garage door openers, remote doorbells, cell phones, walkie-talkies, CB radios. The US’s answer to this was to buy radio jammers, 40,000 of them in fact for Iraq alone. Then the insurgents start to use Frequency Counters as triggering devices – because they detect the jammers. Then they move to using PIRs that pick up the heat signature of the Humvees. Then a US army officer decides to stick a toaster on a 10 foot pole on the front of his Humvee, to confuse the PIR. Then the insurgents set the IEDs to target back 10 feet from the heat signature. Any so it goes on… it’s almost comical… like Road Runner & Wile E. Coyote. Except of course, it’s not funny at all.

Page 138 of Wired’s August 2010 US edition.

Steve Jobs gave a video interview today with Sky News that admits that not all their products are perfect. This of course is all about the iPhone4. Apple have sold 3 million units in 22 days – which is a million a week.

Steve refers to the problem with iPhone 4 as ‘Antenna-Gate’. Apple have now said they’ll issue rubber iphone covers to anyone having a problem, or they can have their money back if they prefer.

The price gap between Apple smartphones and HTC Android phone is huge. A second hand iPhone 3G costs £250 from eBay, but a comparable and equally functional HTC G1 can be had for less than £100. Apple have a huge cash-cow franchise with the iPhone G4, and good luck to them, they deserve it all.

Just remember Steve J, it’s Woz that helped put you where you are today…

Reports on The Register & BBC websites suggest that early adopters of the latest iPhone 4 are having trouble with signal strength if they hold their phones.

The phones appear to suffer big drops in signal strength when held by human hand. Apparently, a small metal band on the outside of the chassis acts as the antenna – in most other phones that part is internal.

This might have something to do with skin resistance, as using a leather or plastic case seems to mitigate the effect. Previous versions of the iPhone didn’t use external metal parts of the case as an antenna – the antennas were inside behind plastic panels in the otherwise metal chassis.

Others have suggested that touching the iPhone 4 shorts the WiFi & 3G radio parts somehow – we don’t think so … it’s much more likely that your body is acting like a signal sink, try wearing rubber gloves… You’ll find big differences in natural skin conductivity between different people – if I touch a badly earthed piece of electrical equipment I can feel a buzzing where some others can’t. I’ll be surprised if this problem is fixed by a software upgrade!

The simple act of holding the phone appears to cause the user to absorb maybe half of the RF power output of the phone. Using it hands-free causes no such problem. Maybe Apple are trying to get us all to use phones several feet away from our heads – a highly commendable goal!

Others are moaning that the screens scratch easily and that edges of the screen suffer discolouration, allegedly.

Article from The Register

Article from the BBC

Pictures of queues for iPhone V4 in London.
(Reminds me of when Windows 95 launched… so very, very, long ago…)

The biggest study ever into whether cellphones give you brain tumours has finally published something. After 10 years and $25 million plus US dollars it’s a …. maybe.

Some interpretations of the data look like cellphones absolutely protect against cancer, some show a small increased risk.

A lot of in-fighting has gone on within the group of scientists drawing the conclusions. Originally the Interphone study was going to be more wide ranging, and research was carried out into areas other than just increased risk of  glioma & meningioma. So Interphone actually has much more information in its’ vaults than has been released now. It will just take some scientists to agree what it all says and then that could be published too.

Here’s our interpretation: if you talk on a mobile or Dect phone for more than an hour every day you may well increase you risk of something (poor sleep perhaps)… If you don’t then you are abiding by the precautionary principle advocated by The Stewart Report of 2000.

Lots of interesting posts on The Register and other sites about Google’s collection of WiFi Router info while out taking photos of your road for their Street View project.

A couple of things need clearing up. Google have absolutely no use for your data traffic. They only want to know the unique MAC address in your router and the corresponding GPS position it was spotted at.

Whether you have an Open Network, WEP, WPA, WPA2 or any other more impressive encryption system in place is completely irrelevant to them for the purposes of this project. WiFi routers tend to sit in a static location.

Unless you turned Beacon Frames off, your router is announcing its presence to the world between 1 and 100 times a second (a great reason not to have that router next to your bed or office desk BTW).

They aren’t really interested in your PC’s MAC address, because it could be a laptop and they move around.

You could easily perform your own version of this experiment by driving around your local neighborhood with a laptop running Kismet and a GPS USB module attached. (Wardrive for the Google Nexus One smartphone does exactly the same thing & can be downloaded from the Android Market on your phone for free) There’s nothing overly clever about it and it certainly isn’t evil…

But when you take the unique MAC address of each WiFi router and it’s GPS position you do have a useful location marker, where a smartphone’s GPS is turned off but WiFi is available.

Google never need to show you the WiFi router address they spotted at a certain location – they just show you where you are.

I did read something today that suggested that Google never really authorised this and it was a lone engineer that fitted the project to the Street View car. That’s complete rubbish. The information they collected is freely available to anyone and doesn’t invade anyones privacy. Collecting it isn’t illegal and politicians are getting hot & bothered about it to fit their own political ends. The UK data registrar doesn’t have anything to be concerned about, and if he did then all the cell mast sites in the UK should be closed down immediately too!

Hope that clears up all the confusion. Google really have no interest in your home WiFi traffic, just the GPS position of your router.

Of course, people move house & also change their routers when they move internet providers, so the information they collected is only useful for a couple of years.

UPDATE
On the 19th Sergey Brin went on record as saying that they did collect some traffic data from open networks, but that it would be destroyed. The extra traffic gives them nothing tangible for the project, only the Mac address of the router & GPS location are useful.

I stand by my comments about the mobile phone networks being far more intrusive: the physical location of your mobile phone (and by default you) is recorded every 20 minutes & kept in a database for at least 12 months – great if you need an alibi, but if you’re that smart maybe you sent your phone out with someone else, doh!

I just read an interesting article about office photocopiers. All the larger models made post-2002 have hard drives inside them. Each time you copy a document it saves a copy to the internal hard drive.

Researchers were able to recover all sorts of business, legal, medical & personal information from a random sample of machines. Even if a machine has a wipe button it often just wipes the index and not the actual file from the drive.

Using the free Testdisk forensic recovery software you can most likely retrieve documents the same way you would from a PC’s hard drive or camera’s SD memory card.

Links:
CBS News Story & Testdisk

There was an interesting feature this week on BBC’s Watchdog programme about mobile phone text message spoofing. Two American researchers demonstrated how they are able to send fake MMS/Text messages that look like they’ve come from your bank to a smartphone.

This is a variation on phishing emails, but now on mobiles. All mobile network operators responded by saying that they weren’t aware of any real world use of this exploit that had so far left a single customer out of pocket – and they’re quite probably right. This seems like an awful lot of effort to go to if you want to get your hands on someones bank details & security passphrases.

I detailed on this site about 16 months ago that Dect cordless phones were now completely insecure. Anyone with a laptop, PCMCIA Com-On-Air Dect card & a decent antenna can record all you household phone calls from anywhere within a 200 metre radius of your home. Lots of older people now do home banking by telephone and over a series of calls you’ll be handing over full pins & security details. Even if you don’t give them to the bank you’ll be reusing them when you’re confirming your identity to insurance, utility & credit card providers – maybe you use that same 4 digit pin code for your home alarm & cashcard. Maybe you’re just paying for stuff with your credit card over the phone. If you live in a block of flats where tenants come and go every 6 months you’d be an easy target.

Ten years ago criminals could use an analogue radio scanner to record all the traffic on the old fashioned cordless home phones, perhaps to a computer for later analysis. They could use a DTFM decoder to figure out which number you’d called, and build up a profile that would leave them knowing you better than your best friend. Well now with the supposedly secure Dect phones they can take this further. Because each Dect phone has its own unique identifier – like the MAC address in your PC or the OUI number in a Bluetooth chip – it’s easy to zone out all the people you don’t want to listen to. Okay, only about half the Dect phones in use are insecure, but which half are you in? It’s not very reassuring is it? We’re nearly all using these Dect cordless phones at home these days.

Anyway, I saw not one article 16 months ago in the UK press or on TV about the Dect threat (although lots appeared in the German media), but now we need to worry about spoof texts. Go figure. If you really care about your health and security use a wired home phone.

As regards unusual text messages from your bank, apply some common sense – if it looks wrong, it’s because it is wrong. Wait until you get home and log onto your account there. Don’t ring numbers or use web links in these messages. Open a new browser window & check your balance from your 3G phone that way.

Pop into the bank and ask them about the real state of your account. If money diasappears from your account by a fraud that’s not your fault they’ll be giving you that money back anyway.

Smartphones are like mini PCs and they can get infected with malware and other nastiness, just like your home PC (for instance it’s now quite common for untrusting partners to secretly install tracking software on their partners smartphones to keep tabs on your whereabouts with GPS accuracy).

BBC Watchdog Story

On page 20 of the New Scientist’s 3rd April 2010 edition you’ll see an article entitled ‘Search’s dirty secret’ by James Clarage – it’s all about how much power each Google search uses. The same as leaving a 100-watt light bulb on for an hour, according to James. I just hope this isn’t an April-Fools joke…

I was sat up reading the article in bed, when a little 100-watt light bulb came on in my own head! That can’t be right, I thought…

According to the article, ‘IT research firm Gartner estimates that Google’s data centres contain nearly a million servers, each drawing about 1 kilowatt of electricity. So every hour Google’s engine burns through 1 million kilowatt-hours of electricity. Google serves up approximately 10 million search results per hour, so one search has the same energy cost as turning on a 100-watt light bulb for an hour’… Sure!

That would mean that each of those servers only does 10 searches per hour, or 240 searches in 24 hours, times 1 million servers. That’s just silly.

In fact, I found that Google process 87.8 billion searches a month (see links below), which is about 2.88 billion-a-day. So that means the number of searches quoted in the article is less than 10% of the real total – so now we’re down to a 10 watt light bulb on for an hour. But wait , there’s more…

I remembered from previous reading (might be the Google biography) that Google use regular PC boxes for each of those servers. In fact they’re even tighter with their money than that. The article states that each Google server uses 1000 watts per hour, when in fact each server only has a 300 watt PSU in it (see links below), and can only supply a maximum load of 280W. The Google servers feature a Magnatek 300W PSU with only a 12V supply (the 5v stepdown being done by the mainboard or a separate inverter circuit, instead of the PSU), that is supplemented by a 12V battery (not a UPS, just a battery). This makes each PC very efficient. Each of the PCs has a custom Gigabyte motherboard with twin Xeon processors, 8GB of RAM, and 2x 1TB SATA Hard Drives – this server can easily process 240 searches a second, never mind a day.

Also, these servers are each 3 inches high and stored in regular racks. Each of these racks is housed in a standard ’1AAA’ shipping container. Each container holds 1160 PCs. They can be moved around by crane. Google have thoroughly researched how to make each server as energy efficient as possible – after all, it’s in their financial interest if they have a million of them.

Anyway, the upshot of the 300W PSU and various other calculations is that each PC is really only using only 250 watts of power per hour. So our 100-watt lighbulb, that became a 10-watt lightbulb, now becomes a hypothetical 2.5-watt lightbulb.

It’s even better than that because Google aren’t really using a million servers all for search. Those servers are crunching through uploaded YouTube videos and all sorts of other really processor-intensive work. Spewing out a page of text-based search results is easy for these boxes. It’s also worth mentioning that these boxes are running a highly tweaked version of Linux, so there’s very little OS-bloat, it isn’t like they’re running Windows.

So, back to the original 100-watt light bulb for an hour claim. How much electricity would that be? Well, in the UK right now a kWh of electricty costs about 10p, which is enough to run that light bulb for 10 hours – or 1p per hour. But as we already pointed out that light bulb is really 2.5 watt and not 100 watt. Plus, when you factor in how many searches each server can really run it’s loads less. If they say a server can run 10 searches an hour and it can actually run 10 searches every second, then that’s 3600 times more searches per hour.

How about Google’s electricity bill? Well, if each server uses 250 watts of electricity per hour (including external cooling), then that’s 10p every four hours (at 10p per kWh). So in a day a Google server will use 60p worth of electricity, at most. Lets assume they’re on a bulk-user tariff and not stuck with a domestic Manweb tariff. Let’s round it down to 50p and apply that to one million servers. That’s £500,000 per day in electricity costs, or £182 million per year to keep a million servers running. But don’t feel too sorry for them. Advertising revenue in 2009 was almost $23 billion US dollars (a billion being one thousand million).

Google Facts & Figures:
http://royal.pingdom.com/2010/02/24/google-facts-and-figures-massive-infographic/

Inside a Google server:
http://news.cnet.com/8301-1001_3-10209580-92.html

Close up photo of a server:
http://i.i.com.com/cnwk.1d/i/bto/20090401/GoogleServerLarge.jpg?tag=mncol;txt

Here’s another interesting page about Google, although I think it’s all 20x bigger now…
http://www.linesave.co.uk/google_search_engine.html

http://www.newscientist.com/article/mg20627546.700-search-engines-dirty-secret.html