Pages

Sunday, February 5, 2012

You might be a terrorist if you have two cell phones, use Web proxies


Are you concerned about your digital privacy enough to use proxies and encryption software? Do you voice chat with fellow PC gamers? If so, you might be a terrorist, according to FBI and DoJ. Public Intelligence has discovered a federal document outlining a "Communities Against Terrorism" initative that describes various "suspicious" activities and offers tips on reporting them to the government.
The guideline (PDF) lists many perfectly normal behaviors but tries to validate their inclusion by emphasizing extremes that are completely open to interpretation. For instance, someone involved in terrorist activities might be "overly" concerned about their privacy and attempt to shield their screen from view of others. Such an individual might also travel "illogical" distances to visit an Internet CafĂ©.
You might also be a terrorist if you use multiple cell phones, switch SIM cards in the same handset, mask your IP address, download information on "timers, electronics or remote transmitters/receivers", or partake in "suspicious" communications through VoIP services. The list goes as far as to mention logging on to a residential-based Internet provider, such as checking your Comcast or AOL email.
Naturally, it's virtually impossible to define what constitutes being "overly" private, traveling "illogical" distances or making "suspicious" VoIP calls. By making such broad strokes, it could be argued that anyone engaging in such activities is suspect, regardless of how innocuous they may be. Nonetheless, if you feel compelled to report your neighbor or coworker, the FBI and DoJ suggest that you:
  • Gather information about the suspects without drawing attention to yourself
  • Log license plates, vehicle descriptions, names, languages spoken and ethnicities
  • Don't collect metadata, content or search the individuals' electronic communications

Researchers: Don't trust satellite phones, encryption broken


Two researchers, Be­ne­dikt Dries­sen and Ralf Hund, managed to break the proprietary ciphers used for satellite phones, GMR-1 and GMR-2. In a public talkabout their discovery, the researchers said, "Don't trust satellite phones".
While satellite phones have been mostly replaced by GSM/CDMA phones in consumer markets, such telecommunications devices are still used today by governments, military, relief and non-governmental organizations, businesses and even individuals in remote locations where cell phone towers are not an option. According to the researchers, there are current several hundred thousand satellite phone subscribers.
The researchers were able to reverse engineer the cryptographic algorithms utilized by the phones after analyzing freely-available firmware intended for updating their DSP (digital signal processor) chips. Because the ciphers are completely mathematical and don't employ the use of private keys, anyone who can receive a satellite phone transmission and knows the cipher's algorithm can easily eavesdrop on an intentionally private conversation.
"Even though a niche mar­ket com­pa­red to the G2 and G3 mo­bi­le sys­tems, there are se­ver­al 100,000 sat­pho­ne sub­scri­bers world­wi­de. Given the sen­si­ti­ve na­tu­re of some of their ap­p­li­ca­ti­on do­mains (e.g., na­tu­ral di­sas­ter areas or mi­li­ta­ry cam­paigns), se­cu­ri­ty plays a par­ti­cu­lar­ly im­portant role for sat­pho­nes. In this paper, we ana­ly­ze the en­cryp­ti­on sys­tems used in the two exis­ting (and com­pe­ting) sat­pho­ne stan­dards, GMR-1 and GMR-2. The first main cont­ri­bu­ti­on is that we were able to com­ple­te­ly re­ver­se en­gi­neer the en­cryp­ti­on al­go­rith­ms em­ploy­ed. Both ciph­ers had not been pu­bli­cly known pre­vious­ly. We de­scri­be the de­tails of the re­co­very of the two al­go­rith­ms from fre­e­ly avail­able DSP-firm­ware up­dates for sat­pho­nes, which in­clu­ded the de­ve­lop­ment of a cust­om di­sas­sem­bler and tools to ana­ly­ze the code, and ex­ten­ding prior work on bi­na­ry ana­ly­sis to ef­fi­ci­ent­ly iden­ti­fy cryp­to­gra­phic code."
ETSI and Immarsat are the two companies responsible for the GMR-1 and GMR-2 stream cipher standards, respectively. The inherent flaw found within these systems appears to be their disregard for Kerchoff's Principle. This 129-year-old axiom basically states that in order to be truly secure, a cryptosystem should be effectively indecipherable even when the algorithms and processes to generate the obfuscation are exposed. To achieve this, cryptographers have typically employed the use of private keys. Private keys, which are only known by the sender and/or recipient(s), provide a way to "unlock" the encryption so that only intended parties can decipher the information. This thinking also allows open-source cryptosystems to be just as secure as their commercial counterparts even though the inner-workings of such systems are fully exposed to the public.
"The se­cond main cont­ri­bu­ti­on lies in the cryp­t­ana­ly­sis of the two pro­prie­ta­ry stream ciph­ers. We were able to adopt known A5/2 ci­pher­text-on­ly at­tacks to the GMR- 1 al­go­rithm with an aver­a­ge case com­ple­xi­ty of 232 steps. With re­spect to the GMR-2 ci­pher, we de­ve­lo­ped a new at­tack which is power­ful in a known-plain­text set­ting. In this si­tua­ti­on, the en­cryp­ti­on key for one ses­si­on, i.e., one phone call, can be re­co­ver­ed with ap­pro­xi­mate­ly 50?65 bytes of key stream and a mo­de­ra­te com­pu­ta­tio­nal com­ple­xi­ty. A major fin­ding of our work is that the stream ciph­ers of the two exis­ting sa­tel­li­te phone sys­tems are con­s­i­der­a­b­ly wea­ker than what is sta­te-of- the-art in sym­me­tric cryp­to­gra­phy."
 Comments
government, search, hacking, security, research, military, benedikt driessen, ralf hund, encryption, satellite phones, gmr-1, gmr-2, cryptography, etsi, immarsat

Graphics Card Overclocking: Is It Really Worth It?


Graphics Card Overclocking: Is It Really Worth It?
Overclocking plays a vastly different role in the computer industry today than it did 10 years ago, a time when overclockers were considered outlaws by manufacturers. Back then even mentioning overclocking could void your warranty and industry leaders like Intel were working to eliminate it all together.
In contrast, nowadays processor and graphics cards manufacturers have embraced the practice, touting high 'overclockability' as a feature and in the process using it to sell enthusiast oriented products at a premium.
Take the popular mid-range GeForce GTX 560 Ti as an example. Base model non-overclocked cards start at ~$229, but finding them isn’t so plain and easy as most manufacturers prefer to push their overclocked counterparts. While the Nvidia specification calls for a 822MHz core clock speed, you shouldn't be surprised to see outgoing models running at 900MHz or more for this particular GPU series.
Sounds too good to be true? It probably is. Often these factory overclocked models cost 10 – 20% more than the standard models, while only offering half that amount in extra performance. The alternative is to overclock manually and thankfully that's easy to do as both AMD and Nvidia drivers provide their own custom overclocking facilities.
Here's another scenario that begs the question of whether overclocking is worth it... You go out to buy a new graphics card, set a budget, and it'd seem that for another $30-60 you can always go with the next step up that performs a little better. Or, you could save those extra dollars, go for the budget model and overclock it and basically match the next step up's performance.
With that in mind, we have hand-picked three graphics cards that represent select price ranges to see just how much extra value can be obtained through overclocking. For the $100+ range we have the Radeon HD 6750, the GeForce GTX 560 Ti has been used to represent the $200+ market. Then at the top of the food chain we have the Radeon HD 6970 going for $300 and up.
Each of these graphics cards will be overclocked to their maximum stable frequency using the stock air cooling. The comparison will be drawn using their non-overclocked results as well as a number of competing products, usually the ones costing a little bit more.
Our test system specs look like this:
- Intel Core i7-3960X Extreme Edition (3.30GHz)
- x4 2GB G.Skill DDR3-1600(CAS 8-8-8-20)
- Gigabyte G1.Assassin2 (Intel X79)
- OCZ ZX Series (1250w)
- Crucial m4 512GB (SATA 6Gb/s)
- Microsoft Windows 7 SP1 64-bit
- Nvidia Forceware 285.62
- AMD Catalyst 11.12
The graphics cards tested include (from least expensive to most expensive):
- Radeon HD 6750 (1024MB) stock and overclocked at 800/1300MHz
- GeForce GTX 550 Ti (1024MB)
- Radeon HD 6850 (1024MB)
- GeForce GTX 560 Ti (1024MB) stock and overclocked at 955/2250MHz
- Radeon HD 6950 (2048MB)
- Radeon HD 6970 (2048MB) stock and overclocked at 955/1470MHz
- GeForce GTX 570 (1280MB)
- GeForce GTX 580 (1536MB

$100+ Price Point
The Radeon HD 6750 comes by default with a core clock of 700MHz and RAM speed of 1150MHz (4.6GHz GDDR5). We were able to reach 800MHz core and 1300MHz (5.2GHz) memory speeds. This means the core was boosted by 14% and the memory 13%, so in the best of scenarios we are expecting a ~14% performance increase.
Playing Battlefield 3 at 1920x1200 the Radeon HD 6750 rendered just 17.1fps. Overclocking provided a frame rate increase of 13% which is just 2fps. While a 13% performance gain sounds substantial, at 19.3fps Radeon HD 6750 owners will still need to turn the visual quality down in this game.
Again we find that the Radeon HD 6750 is too slow to enjoy the latest games in all of their visual glory as it produced just 14.1fps when testing with Crysis 2. When overclocked we saw a 15% performance boost but this represented too little of a change. By lowering the visual quality perhaps that 15% performance gain could come in handy.
Dirt 3 was better able to exploit the benefits from our overclocking efforts. The Radeon HD 6750 saw a 14% performance increase which worked out to be a 4fps gain. Nonetheless, going from 27.8fps on average to the 31.8fps of the overclocked configuration, lag was considerably less noticeable when we pushed for the extra MHz.
The Witcher saw modest gains in our gameplay test. The Radeon HD 6750 averaged 24.9fps which was then increased to 28.1fps, a 13% performance increase that nonetheless went unnoticed.

$200+ Price Point
The GeForce GTX 560 Ti which by default comes with a core clock of 822MHz and a memory frequency of 1002MHz (4.0GHz) reached a core clock of 955MHz and a memory speed of 1125MHz (4.5GHz) when overclocked. This is a 16% core clock increase and a 12% rise in memory frequency.
The GeForce GTX 560 Ti rendered 39.2fps without the overclock, but the 14% gain meant that the GTX 560 Ti was now faster than a standard Radeon HD 6970.
The GeForce GTX 560 Ti went from 28.9fps to 32.6fps in Crysis 2 which worked out to be an additional 4fps on average.
The GeForce GTX 560 Ti was already sitting pretty with an average of 60.5fps, but the additional 10fps were not knocked back as the overclock yielded a 16% performance increase.
The GeForce GTX 560 Ti saw an 11% performance increase as it was able to render 4fps more in The Witcher 2
$300+ Price Point
Finally the Radeon HD 6970 which comes clocked at an already high 880MHz for the core and 1375MHz (5.5GHz) for the memory provided very limited headroom for overclocking. The core maxed out at 955MHz while the memory went on to 1470MHz (5.8GHz) for a 9% core and 7% memory overclock.
Our mild 9% overclock allowed for a shy 6% performance gain as the frame rate increased by just 2fps. This didn’t do a whole lot for the Radeon HD 6970 and still meant that it was much slower than the GeForce GTX 570 in this game.
The Radeon HD 6970 only saw a 1fps performance gain when testing with Crysis 2.
On Dirt 3 the Radeon HD 6970 enjoyed an extra 5fps for a 7% performance gain. This was enough to knock out the GeForce GTX 570 running at stock frequencies.
The Radeon HD 6970 also managed an extra 4fps in The Witcher 2 for a 6% performance increase
Final Thoughts
Is graphics card overclocking worth it? In short, yes it can be. Certain configurations respond well to the change and after all, it's free and mostly safe. However game changing results should not be expected.
In our tests we saw modest gains all along, and the mid-range GeForce GTX 560 Ti seemed to be the card benefiting the most from bumping the stock specs. In the best of scenarios your games will play a bit more smoothly if you are not pushing the GPU beyond its real capabilities. In the worst of cases, you won't gain anything and you can dial things down back to normal.
In the four games that we tested the Radeon HD 6750 delivered on average 3fps more when overclocked, a 14% performance gain. The GeForce GTX 560 Ti averaged an extra 6fps for a 13% increase, and the Radeon HD 6970 averaged 3fps more for a 6% performance boost.
AMD and Nvidia are being extra very careful about how they build their GPU series now. They almost never offer a card that can be overclocked to replace the model above it, you can only close the gap. You might be able to overclock the GPU higher but other factors like memory bus width will always hold the performance back. This goes in stark contrast with the latest CPUs which appear to be wide open to enthusiasts' abuse and potentially huge performance gains.
 
Going to these extremes for the sake of overclocking is probably not worth your while with the current crop of GPUs -- at least not if all you care about are raw performance gains. Image credit: xtremesystems.org
But back to the GPU world, where overclocking may not make sense is when it is carried out by the manufacturer. Factory overclocked cards almost always cost more than the performance gain provided. For example, last year we reviewed the HIS Radeon HD 6850 IceQ X Turbo which was priced 15% above that of a standard Radeon HD 6850 graphics card, yet only provided a 4% performance improvement.
While it's true that more expensive factory overclocked cards usually come with upgraded coolers, an added bonus that goes beyond raw performance, there are many similar upgraded cards without the overclocking that retail for less.
What's been your own experience? Do you overclock your graphics card these days? Did you use to? (please keep the Crysis jokes to a minimum :)).