Unstoppable Learning

Host Guy Raz talks with TED speakers about the different ways babies and children learn — from the womb, to the playground, to the web. (Original broadcast date: May 3, 2013)

* Duration: 52:23, Played: 11:01

* Published: 9/4/15 6:38:51 AM

* Episode Download Link (48 MB): http://podcastdownload.npr.org/anon.npr-mp3/npr/ted/2015/09/20150903_ted_tedpod.mp3?orgId=1&d=3144&p=510298&story=434385644&t=podcast&e=434385644&ft=pod&f=510298

* Episode Feed: NPR: TED Radio Hour Podcast – http://www.npr.org/rss/podcast.php?id=510298

Thoughts about RAKEL (TETRA)

[This post has been marinating as a draft for a while, I wrote it up as I got the idea some time back in 2013.]

In Sweden we have an encrypted (though encryption is not always on, for performance issues) digital radio network (based on and essentially the same as TETRA used by throughout Europe and US) for authorities, like police, customs, fire brigade, ambulance, for inter-communication between them in case of emergencies and major events.

Between 2006 and 2010 the Swedish network RAKEL (RAdioKommunikation för Effektiv Ledning, roughly translated to something like “radio communication system for effective governance”) was rolled out and effectively quieting the analog networks S70 and S80, though they are still in place as fallback. Many swedes had radio scanners (radios that swept through lots of channels in rapid succession, scanning for broadcast) and listened in on police/fire brigade/ambulance activity, some people also helped the police by being alert to broadcasts in and about their neighborhoods. With the digital radio system, they effectively shut out everyone not directly tied into that network.

I’m one of those swedes with a scanner, this has irritated me a little that we’re no longer “trusted” to listen in on the police (they work for us, the public, the taxpayers).

So, I’ve been playing with a thought for a while.

As electronics of different flavors has become readily available in many areas, no one has come up with a publicly available scanner for RAKEL/TETRA yet. The reasons is several, digital radio with encryption is one, authorized devices is another and there is probably more.

My thoughts has focused around the fact that they are radio-based, every radio broadcast and thereby it’s also locate-able by triangulation, two or more receivers can pinpoint a general location of a broadcasting device, add more and you get even more accuracy.

As radio waves are unidirectional (unless focused like microwave radio-links) they broadcast in all directions, which is possible to pick up with “simple” receivers. With a sectorized (passive) or a spinning (active) antenna one could passively listen for specific frequencies between 380Mhz – 430Mhz (where Swedish RAKEL resides) and register in what general direction (with a sectorized antenna) or specific direction (with a spinning antenna). If these “directions” are pooled together with other peoples readings, one could pinpoint individual devices pretty accurately.

Another use for such a set up could be to scan for flying drones (popular in the US) as they communicate in both directions too, commands for flying and/or telemetric/video-feedback.

To set up such equipment for listening, would require a few simple things;

GPS-device / Compass
Active/Passive antenna for a specific frequency-range
Analog/Digital receiver
Computer / Software for processing/analyzing signals
Internet-connection

It would only require to find a certain signal on a specific frequency to point out that it is something “there”, you would not need to know what the broadcast was about, just the presence of the signal is enough.

Taking it a step further, would be to analyze the signals, as it is digital, it is “packets” within a protocol, which could be broken down into headers and payloads for further analysis. Packets contain information about which device broadcasting, which makes it possible to point out a single device – along with triangulated position and second-by-second updates, it would be possible to passively following a single device/car/person around on a map.

This could be done on a massive scale to crowd-source data like this, with historical data, spanning several days, weeks or months, patterns would emerge.

Little brother could be watching Big brother.

Thought: A WPS-owner-upper with Tweets and Google Maps

I’ve been playing with this thought for a while, I do not have the skill set or the RaspberryPi necessary to actually put this into play. Yet.

A smallish board of Raspberry (I or II+) size together with a (few) USB WiFi High Powered dongle(s) and some piece of coding, the Blackjack attack could be used. With only 18 packets over the air, you could essentially get WPA/WPA2 passwords for each WPS-enabled device you could stumble across within seconds, there is a lot of them out there since most broadband router manufacturer thinks that WPS is the shit (and also reduces the pressure on their support).

What would be needed?

  • RaspberryPi or similar.
  • High-powered WiFi USB-dongles
  • Battery-pack to run devices off-grid, like in a backpack.
  • Airsnort-ng, Reaver and a few other packages
  • 3G/LTE USB-dongle for internet access

Anyone with a little time and effort could pull this off, as the equipment is cheap and available, the software is free and the desire to hack is endless.

Thoughts about distributed DNS

I’ll start off by saying that I ran two BIND9 DNS servers for about 5 year, in a master/slave configuration where the slave mirrored the master through zone transfers for about 200-250 domains. So, I’ve got some basic knowledge about the DNS system.

Peter Sunde (“Brokep”) posted somthing about distributed DNS on his blog twitter (articles here and here), I can’t find the original post anymore, but it set of lots of thoughts in this area and I’ve been juggling ideas the past weeks and months. I’ve got to get them out, to put them in writing.. and perhaps have them commented. A friend in the Telecomix cluster, Maloki blogged about Decentralizing DNS – Telecomix DNS, inspired me further by pointing me to thier wiki, where they had explored ideas and begun building test-software for proof-of-concept.

I’ll try to describe my ideas in a simple form and from a macro perspective, in a speculative way as I haven’t got all the pieces of the puzzle.

TLD and TLDcc
There is a system of TLDs at use that reflect how they are used, some well known is .MIL – the US Military, .EDU – US Universities and colleges, .GOV – the US government. The most common TLD today is .COM – Commercial, .NET – Networks .. and .ORG – Organisations. See the pattern? Most of them are US-centric, as the internet was born/invented in the USA.
TLDcc are Country-specific, they often reflect which country they belong to. I live in Sweden which have the .SE TLDcc, Norway got .NO and France have .FR as their TLDcc.

In a distributed DNS-environment (not depending on the global root-servers) there could be just about any TLD registered, .PIZZA, .UNCENSORED or .GAYPORN. TLDs could be your name, .JOESCHMUCK or .MIRANDAESTEVEZ, there really is no practical limits (AFAIK). There is of course limits to what people can remember and enter into and address bar in a browser.

IPv4 & IPv6
It’s important to cover both standards, the one in place (IPv4) and the up and coming (IPv6) as the IPv4 address space is near depletion and IPv6 allocation will spike soon after IPv4 has run out of allocations. Also, with IPv6 every man, woman and their dog each has enough address space that there still will be plenty for everyone.

The concept of distributed DNS
Distributed DNS (hereafter called ‘dDNS’) builds upon the idea of decentralizing the domain name system completely, to make it more resilient against attacks from governments, organizations or commercial interest groups who have taken it upon themselves to govern the internet, often globally as they often think that their local legislation is world wide. With a distributed DNS system, it would be very hard to take down domains, if not impossible.
Every participant/user in the system could register his/her own domain under just about any top-domain, for free.

Web of trust
With every server/client comes a user generated cryptographic key, a public key (known by everyone) and a private key that is password protected and should be kept secret. The key is used for authentication and signing of domain names. The web of trust is created by letting people who know each other in the meatspace sign each others keys, this could be simple as entering your keys fingerprint onto a web page and sign your friends keys, an operation that could be done off-line too.
By assigning each friend a level of trust, the network of trust forms clusters, friends and family are often trusted and get a high trust-level, acquaintances or people you barely know get a weak trust-level. Your friends then repeat the process with their friends and so on. Friend-of-friends are somewhat trusted, through trust between you and your friends.

Redundancy
Information stored in a lot of places, geographically separated, are more safe than if stored on servers in the same datacenter. It is also less sensitive to attacks if mirrored across several countries or even continents.

Second-opinion
A system with second-opinions is a way to implement a certain level of security-by-peers, where a local query that has not been cached before, is sent to a number of random peers, when the replies arrive they are compared and checked for authenticity, then passed back to the system. Failing comparison from a few peers, should trigger another round of queries to random peers. Time-sensitive.

Self-tests
To strengthen the security of the system, each and every server/client should perform self-tests, to ensure that the cached data is accurate. By asking other servers/clients around them for information and comparing the results to what is cached locally, errors and/or false information can be found and reported. If a server/client has 15 neighbors and 14 of them reply identically and a single one replies with something else, the result of the faulty reply should be discarded and reported. Ongoing/periodical maintenance.

Distribution
What method of distribution is not really important, as long as the data is protected by encryption when it is transported. The data is then tamper-proofed by the encryption layer and eventual attempts to tamper with the data is discovered.
DHT or Kademlia has it’s pros and cons, to connect for the first time to either type of network, a seed IP is needed. Once connection with the network is established, there is a list of nodes saved and cached.

The transparent dDNS client
Most of the people on the internet today are running Windows on their computers, to ease the usage of the dDNS with it’s twists and turns over the Internet, it has to be very easy to install and run. It should be “Fire-and-forget” type of installation, you set it up once and you’re done. The dDNS client loads itself between the systems ordinary DNS client and the network stacks, to intercept DNS queries from the software installed on the computer.

A query’s life
A query is created when you need to reach another computer on the internet, normally your computer asks the DNS server your ISP has assigned you. That server could be compromised by either the ISP itself or by contract/law to block or filter queries for sites that your ISP/government has agreed to block. May it be copyright infringement or freedom of speech.
With dDNS server/client the query is intercepted and queries sent to the dDNS network first, if the network knows anything about the domain name, replies arrive and returns it to the system, if not, the query is passed the normal way and your ISP assigned DNS server does query dance, possibly giving you a wrong or completely false reply.

Stuff already there, or almost..
I’ve researched a bit on this subject, I found that Apples Multicast DNS (mDNS or Bonjour) client software is open source and available online. This package handles Zero-Configuration, network discovery of gateways, computers and printers. It also is capable of DHCP and other LAN-specific functions across several subnets.
The Freenet Project has the infrastructure to carry zone-information and queries, anonymously and cryptologically signed, over the internet.
A marriage of these two software bundles would create a drop-in replacement (as long as the core functionality in mDNS is kept in place) with a potential to overnight obsolete or put the existing DNS-infrastructure on the second violin, so to speak.

Several people have blogged about this:
Will DHS actions inspire a successor to DNS?
Telecomix take on distributed DNS

… this is just a text-blurb I’ve had marinating for a while (since January 2011), it’s not complete or technically fact-checked or anything. It’s meant to be some sort of blob of ideas for further discussions.