Computing in Adversarial Environments

Tech info for surveillance self-defense

Journalists online in hostile networks or who wish to protect sources through confidential communication methods—as well as cybersecurity experts—may find these explorations illuminating.

It is clear to me that much has been done since Snowden to get in the way of keeping sources entirely secure and confidential if digital networks mediate the contact.

---

Investigating Computer Crashes

Qubes OS relies on virtualization like cloud services and has a fundamental flaw.

The links and notes here can also be found on https:/defcon.social/@azuresaipan

This is why we need to find more Defenses for Sensitive Memory .State (R/W)

Compare booting live to SUID controls in Kicksecure and Whonix

Permission Hardener
https://kicksecure.com/wiki/SUID_Disabler_and_Permission_Hardener
https://kicksecure.com/wiki/Security-misc#SUID_Disabler_and_Permission_Hardener

User-SysMaint-Split
https://kicksecure.com/wiki/Dev/user-sysmaint-split
https://github.com/adrelanos – Patrick Schleizer

Flaws in Cloud / Virtualization (https://lemmy.world/post/24009127)
Ultravisor – can’t trust just hyper anymore… (24:45) “protected memory areas”
https://media.ccc.de/v/36c3-107-the-challenges-of-protected-virtualization
https://www.kernel.org/doc/html/v5.9/virt/kvm/s390-pv.html

RPC and IRQ
https://forum.osdev.org/viewtopic.php?t=23159

What is good/bad memory
https://en.wikipedia.org/wiki/Page_%28computer_memory%29

Could it have been the Oracle (VirtualBox) sovereign cloud AI “Sentinel”

An offensive AI?

. . . building a tech profile on Larry Ellison’s pursuit of digital totalitarianism

There is good reason to be circumspect about the AI.

https://jbs.org/audio/analysis/the-collusion-against-your-freedom/

If you can’t trust Oracle, who can you trust? KVM and Qemu?

https://www.whonix.org/wiki/KVM#Why_Use_KVM_Over_VirtualBox?

. . . is that world cop really just ballin’ or is it something else?

https://igniterefereeing.com.au/

Why 6.9GB for a netinst!?

Mateusz Chrobok – the Poles are Fighting for Freedom with their own firmware
https://3mdeb.com/why-fight-for-freedom/

State Considered Harmful

https://blog.invisiblethings.org/paper

Here is Chrobok (libre translator?) talking about OpenAI

---

But if they can't break your math, they may turn to Spectrum Dominance (EMI/EMC).

Anyone have experience working with Spectrum Analyzers?

The Swiss military (NATO) must but they don’t concern themselves with oligarchs.
https://www.roda-computer.com/technology/mil-std-standards/

MIL-STD 461 for electromagnetic compatibility (EMC)

Has anyone checked out the ramifications of EMC on EVs?
https://ieeexplore.ieee.org/document/8985599

If anyone has information about EMI testing labs, cyber ranges, or electronic proving grounds, please contact me (see “About” on this site).

Here are some links to the kind of folks with that capability:

https://electroscience.osu.edu/research/emiemc

https://www.nasa.gov/reference/jsc-emi-emc/

https://www.atec.army.mil/epg/

---

And here is some more info on Kicksecure’s security features

https://forums.kicksecure.com/t/live-kicksecure-host-live-whonix-vm/779/12

There are Oracle Extension Packs ‘EP’ for various needs including USB passthru. https://docs.oracle.com/en/virtualization/virtualbox/6.0/user/intro-installing.html

https://www.qubes-os.org/doc/how-to-use-pci-devices/

Exclusive Authentication Token (Buskill)

https://forums.kicksecure.com/t/exclusive-authentication-token/888

---