Cameron prepares for U-turn on #ukuncat

ORLYBob1

Doubtless due to the pressure brought to bear by this blog yesterday, we now read that Cameron is preparing to do a volte-face on the disgraceful refusal to install a cat at Downing Street, in order to deal with the increasing problem of left-wing journalists scurrying around in the street.

image

The government says it is now considering bringing in a cat to deal with a rat spotted outside 10 Downing Street.

The prime minister’s spokesman said on Monday there would not be a replacement for Humphrey, the No 10 cat during much of the 1990s.

But after newspaper reports on Tuesday that the Cameron family might get a cat, the spokesman said there was a "pro-cat faction within the building".

No decisions have been taken, he added.

The Times, however, is reporting that the decision has indeed been taken.

image

One rat scuttling along Downing Street was a point of interest. A second looked like a public relations disaster.

So it was that the Prime Minister’s aides let it be known last night that David Cameron would be getting a cat.

The Prime Minister’s official spokesman, in between fielding questions about phone hacking, the Government’s alternative vote (AV) Bill and bank bonuses, was pressed to provide updates on rat developments.

Stoically, throughout the day, he stuck to the line that there were “no plans” for Mr Cameron to get a cat.

Then, in the evening, came a U-turn: the search was indeed on for a cat. A suitable rescue centre was being identified and living arrangements discussed. It would not be housed in the flat above No 11, where the Camerons live, but would be a “cat about the house”.

Victory is ours, my friends!

The Equality & Hoomin Rights Commission were not available for comment.

AJ

Never mind #ukuncut. What about #ukuncat???

After a January of utter apathy about cuts, socialists, resignations and assignations, finally a story has really caught my attention.

David Cameron has been responsible for some utterly disgraceful decisions since he took up residence in his new council house.

This, though, just tops the damned lot:

image

The government says it is not planning to bring in a cat to deal with a rat spotted running around Downing Street.

The prime minister’s spokesman said there would not be a replacement for Humphrey, nicknamed "Chief Mouser to the Cabinet Office", who died in 2006.

Outrageous and discriminatory, I think you’ll find.

I have contacted the Cat Protection League, whose lawyers are, as we speak, filing a complain with the Equalities and Hoomin Rights Commission.

Power to the pussies!

AJ

Calling Bullshit On The Newstweek Hoax

If you’re not a geek, move along.

It’s become apparent this this whole thing is some kind of art project.
I guess this what happens when geeks read about situationism.

My reason for writing this (apparently futile) takedown of the ‘spoof’ is that I’m fairly sure that, sooner or later, some dullard in the UK mainstream media will get all shouty and panicky about this insidious new ‘device’.

As you were.

There’s a thing doing the rounds today. I saw it via @LossOfPrivacy on Twitter.

image 

The site detailing this gadget is here.

image

The story goes that:

When plugged in the device boots up automatically, looking for an open wireless network or any network for which it already has a password – something often given for the price of a coffee. It then reverse SSH tunnels (using SSH keys) to a foreign server, allowing a remote user on that server to SSH back into the machine from afar, issuing commands as they see fit.

This however is just the beginning.

The device then performs a sophisticated modification of the Address Resolution Protocol (ARP) Table on both the hotspot hardware and the clients associated with it. These include iPhones, Android devices and laptop computers.

There’s some irrelevant shell scripting smokescreen.

newstweek_com

And there’s a neat Visio diagram that would have taken 2 minutes to put together from stock elements.

newstweek_com

Now to call

BULLSHIT.

First, go and click through to the article and view the video clip. (Sadly, I can’t embed Vimeo)

Now, with reference to the diagram above, they claim that:

1) The device when plugged in, powers up and attaches to any open WiFi network, or any it knows passwords for. This is perfectly feasible.

2) That the device alters the ARP table on the WiFi router, and on other devices on the network. It is possible to spoof ARP responses, thus poisoning the ARP cache on devices, but it is not possible to stop the genuine device responding to the ARP request and pre-empting or overwriting the response issued by the rogue device. The result would be a collapse of the Wifi network in chaos.

3) That the rogue device is able to supplant an established WiFi network for existing clients. This is not going to be possible, because the client devices already HAVE the genuine ARP entry for the WiFi router in their ARP cache and will not, therefore issue an ARP request for several minutes, and only then after a period of making no internet requests.

Indeed, if you watch the video, you will see that the ARP entry for the default gateway in the cache shows exactly the same MAC address before and after.

4) That the rogue device acts as a transparent (if transformative) proxy. Yet, if the rogue device were to succeed in poisoning ARP caches and hijacking the IP address of the WiFi router, how exactly would it then forward requests for content to the internet, being as the rogue device, itself, is masquerading the IP address by which it would otherwise need to connect to for web access.

In summary, then, this ‘hack’ is not feasible, and if it could be implemented, it certainly would not be reliable, and would in most likelihood, if it did anything at all, just wreck the WiFi LAN until it was removed.

I’m happy, as ever, to be proved wrong.

AJ

UPDATE: It has been suggested to be that the notes beneath the video on this page explain the ARP results.

Again, I call BULLSHIT.

Those notes say:

This video demonstrates the technology behind this hack.

Two points:
1/ You will notice in the video, when we plug the device into the wall it takes a while to boot before the traffic is altered.

Innocuous, true and meaningless… carry on…

2/ We issue the ‘arp’ commands as forensic proof that the network layout was modified. As the spoofing uses ‘remote’ we are poisoning the gateway router who’s own arp table we cannot (and don’t need to see). With the second issuing of the command however, we see a new device in the arp table (the Newstweek module) that wouldn’t normally be seen without spoofing. This is the device through which traffic between router and client is passed. Note also that immediately after spoofing, the arp command can’t retrieve the hostnames, hence the "?".

Err no.

Two things.

image

1) We can clearly see that the MAC address against 192.168.12.1 does not change between  the before and after arp commands. This directly contradicts their explanation of how this ‘hack’ works.

2) The explanation for the “?” seen against the entries on the second arp command is the use of the ‘n’ switch, which is not used in the ‘before’ example.

This Laptop is running Ubuntu. The Ubuntu Man page for arp tells us that:

-n, –numeric shows numerical addresses instead of trying to determine symbolic host, port or user names.

The ‘n’ switch deactivates looking up the host names (‘wrt’ in the ‘before’ entry), not looked up in the ‘after’ entry, therefore the column entry is replaced by a ‘?’.

3) The 192.168.12.121 address appears in the ARP table of the laptop. This may be the IP address of this rogue device. It could have got into the ARP table of the laptop by a script running in the background on the laptop, continually pinging the 121 address. Or the rogue device could be running it’s WLAN interface in promiscuous mode, sniffing the laptop’s IP then pinging it. This would also put the 121 entry in the laptop’s ARP cache. This is someone unlikely, but it COULD be achieved by the device during the 15 seconds after it’s plugged in.

One last thing. In the video, we don’t see what keypresses are make on the laptop just before the refresh. This could have been a macro that was invoked to, eg, change the proxy settings in the browser, possibly even to point to a local proxy setup for the purpose. It’s all easy to do.

BTW, The MAC against the router belongs to a Cisco/Linksys device. The one allegedly belonging to the rogue device is for a ‘PLANEX Communications’ device. They make all kinds of wireless device chips, e.g. USB dongles, but it’s impossible to say what the device using that IP address is with any kind of certainty. It could be this rogue device, but that doesn’t mean anything.

DNA, DNA, DNA, DNA, Batman!

Charmless lefty Kerry McCarthy (@KerryMP) has apparently proposed that all 250,000 men in the Bristol area should be DNA tested, in pursuit of Joanna Yeates’ killer.

I have some thoughts and observations, in no particular order.

  • If a man were to refuse to submit to DNA testing, does McCarthy think he should be arrested, and if so, on what charge?
  • On what basis can McCarthy assume that no woman was involved in this crime, which she must since she only wants men to be DNA tested?
  • Why so certain that the culprit(s) live in the Bristol area?

And now, let’s consider the likely costs and logistics of such a scheme.

  • 250,000 men to be DNA tested.
  • I’m going to take a blind guess at the cost of £600 per test, based on the cost of the lab work, as well as police time, administration etc. (See update below for some reasoning behind my guess at the cost, which turns out to be pretty close, actually.)

(I have to assume significant police time would be involved in collecting and processing samples, due to the requirements of the rules of evidence, in the event of any prosecution based on a DNA match.)

  • So, the cost then. 250,000 x £600. That’s £150 MILLION.

A snip, I think you’ll agree.

But how long would this ambitious endeavour take?

Not an easy question to answer, but consider the bottlenecks:

  • Locations for collecting samples.
  • Space to properly store samples.
  • Police officers available for collection and processing work.
  • Capacity of laboratories to work accurately and consistently on the samples.

This last one is a particularly interesting one, since it’s been shown that different labs can easily return different results based on samples of the same DNA, that there are flaws in the process, and miscarriages of justice as a result, that the human element always introduces some degree of error, and that there are intrinsic statistical reasons why accuracy of testing will diminish across a larger sample group.

From 250,000 men, the police could still end up with a shortlist of thousands.

So how long would it all take? 1 year? 5 years? Well… finger in the air again:

  • 240 working days a year. 1000 samples processed a day. 250 days – just over a year.
  • But…1000 samples a day? Hardly possible, is it? To collect that many, let alone process them, is absurd.
  • So lets say 200 samples a day. That means the process could take over 5 years.

Will the police sit on their hands, waiting for a 5 year process to come up with a shortlist of (say) 2,500 men?

I think not.

So, in conclusion, can we agree that Kerry McCarthy is a fucking idiot?

Good.

AJ

UPDATE: Twittist @PME200 nudged me into trying to put some substance behind my figure of £600 per DNA test.

Well, I haven’t been able to find a definitive number, but:

UK Media report 1 says £500.

UK Media report 2 says (of the same case) £1000.

US Media report says $1000 -$1500 for basic testing, plus much more for further analysis.

Google shows that non-police DNA tests for paternity/heredity can cost £99. However, this cost provides for no police involvement, no chain of evidence, no compliance. Nor does it cost for the emergency logistics involved in such a massive operation, not for any overtime for police/labs working around the clock.

My correspondent, a lawyer, attests that his experience has shown that such basic and cheap DNA tests are worthless at law.

So, for the sake of the argument, will £600 do you?

UPDATE 2:

Via the Ministry of Justice list of approved DNA testing companies, I reached the site of Anglia DNS services, who undertake forensic DNA testing for purposes of investigative identification. They are on the MoJ site as approved for paternity tests. I assume from the wording of their forensic offering that they are also MoJ or ACPO approved for that as well.

For one test, they charge from £450 (dependent on peace of mind or legal), for a 5-10 day turnaround.

For 24hr turnaround add a further £200.

These costs are just for the lab work. They do not include any police time or logistics.

Epic Troll is Epic

There are some talking heads out there with laughably ludicrous views. It’s no conincidence that most of them write for the Grauniad.

I’ve been as indulgent as the next blogger in the pastime of rubbishing these imbeciles.

This particular column, though, is so unspeakably absurd, that I took it to be nothing but outright trolling.

Perhaps my ennui is showing, or perhaps I’m just no longer so easily trolled as Devil’s Kitchen and, as he links:

A great many bloggers have rightfully excoriated George Monbiot’s latest piece of arse-wibble,

Why? Why did you do that? Have a Scotch, skin up a joint, watch some porn, darn a sock for Christ’s sake, but don’t let Monbiot get a rise out of you with this comically calculated arse gravy.

image

If you want to read a fisking of Georgie’s nonsense, by all means, refer to the Devil, or Tim Worstall, or whoever else.

If you lack the critical skills to do it yourself in 0.2 of a second.

Otherwise, choose something important to get annoyed about. Fuck knows, there’s no shortage.

AJ

So What?

I’ve been a music enthusiast for most of my life, so it’s not often that I’m pleasantly surprised any more.

Ed West provided some enlightenment on Twitter this morning, and it speaks to so much that’s going on right now in the world of politics and affiliated fuckwittery.

Love it!

In the unlikely event that you’re interested, I may resume normal service sometime soon, if a topic comes up that cannot be disposed of using the above.

AJ

%d bloggers like this: