Safely Sageish
133 stories
·
3 followers

VCF East: Enigma Machines In The Flesh

2 Shares

At the end of World War II, the Germans ordered all Enigma cipher machines destroyed. Around the same time, Churchill ordered all Enigma cipher machines destroyed. Add a few decades, neglect the efforts of Polish codebreakers, and make a movie about Alan Turing and an offensively historically incorrect love interest, and you have a mystique around these rare, innovative cipher machine.

At the Vintage Computer Festival East, I was privy to what is probably the largest collection of Enigma machines on the planet. The exhibit comes from [Tom] and [Dan Perera] of Enigma Museum. Right now, they’re they only place where you can go out and simply buy a real, wartime Enigma machine. The price? Well, there is a pair of million-dollar Apple I boards at VCF. The Enigmas go for about a fifth of an Apple I.

Most Enigma machines were destroyed at the end of the war by the most expedient possible means. This could mean throwing the machines into a lake, into a fire, or simply shooting them. Still, there are a few survivors, but most look something like this:

Fortunately, [Tom] and [Dan] restore Enigma machines. Their bread and butter comes from repairing battlefield finds, bringing them back to operational condition, and selling them. Yes, it’s a lot of work, but with the price these things fetch it is worth it.

Somewhat surprisingly, rotor-based code wheel technology didn’t stop advancing in 1945, and the Enigma Museum has the machine to prove it. There were two post-war Enigma-ish machines also on display, one from the Swiss, and one from the Soviets.

The Swiss NEMA cipher machine was first produced in 1947 and used through the cold war. This machine used four rotors and improved the Enigma design by irregular stepping of these rotors. This machine could also be connected to a teletype machine.

The Soviet efforts to reverse engineer the Enigma machine resulted in the M-125 Fialka cipher machine. This machine used ten rotors, with adjacent rotors turning in opposite directions. The Fialka was used by all Warsaw Pact countries until the collapse of the Soviet Union.


Filed under: classic hacks, cons



Read the whole story
Share this story
Delete

The Case for Preserving the 20th Century Tollbooth

1 Share
article-image

Massachusetts is destroying its toll plazas. By the end of this year, every single one on the Massachusetts Turnpike will have been demolished. Drivers will still pay to use the road—they will zoom through the metal arches of electronic tolling infrastructure—but the routine of slowing down, stopping to grab a ticket, and waiting for the barrier to rise will be gone.

Massachusetts is being more aggressive than most places about sweeping away its old tolling infrastructure, but all across the country, from New York to Florida, Texas to California, road authorities are switching to all-electronic tolling. While it’s too soon to declare the tollbooth dead, it’s easy to imagine a future in which roads are unencumbered by boxy plazas and simple gates.

If toll plazas are an endangered species of infrastructure, though, no one seems worried. Most of the time, when familiar landscapes are altered, people who have become accustomed to them kick up a fuss. But in this case there’s little love lost. When toll plazas are gone, will anyone miss them? Will future generations think ours shortsighted for letting this piece of history be demolished? Is there anything about tollbooths worth preserving?

article-image

It’s not that Americans are entirely lacking in nostalgia for toll-collection infrastructure. Along the historic roads of the United States, it’s possible to find toll houses dating back to the 1830s. “Especially when you go to the 19th century, there’s more interest in the toll houses than the road itself,” says Paul Daniel Marriott, who specializes in preservation planning for historic roads. The original toll houses of the National Road, for instance, were built by the federal government before it handed over operation of the country’s first major artery—from Cumberland, Maryland, to Vandalia, Illinois—to the states. Each had a hexagonal second floor with windows on all six sides, so the toll keeper could look up and down the road for travelers.

But it’s rare for preservationists to pay attention to more modern toll structures. A representative of the Society for Commercial Archaeology, which is devoted to preserving motels, neon signs, and other aspects of the 20th century’s “commercial landscape,” asked around but could find no member who’d done any work on tollbooths. In fact, there may have been only one major preservation effort to save a 20th century toll plaza—a 1988 campaign to save the tollbooths of Connecticut’s Merritt Parkway.

article-image

As high-speed roads go, the Merritt is extraordinary pleasant, a leafy, tree-heavy drive that meanders under dozens of bridges, each with a unique design. The parkway, which was completed in 1940, was meant to be more than “another highway catering to the burgeoning commuter population,” writes Bruce Radde in The Merritt Parkway. “It was lauded by design professionals and critics for its excellent engineering, it respect for the natural environment, and its inherent beauty.”

The tollbooths were added to the parkway before its second half was finished, and were designed by George Dunkelberger, who was also responsible for the road’s iconic bridges. The booths looked like log cabins that might not be out of place in a National Park. Like most newly imposed tolls, this one was celebrated by public officials and met with some public skepticism: A contemporary news story describes how one Matthew E. Scully sped through a new toll booth at 30 miles per hour and tossed his 10-cent fare at the attendant. (He was arrested immediately by a police officer waiting on the other side.)

Almost 50 years later, though, after highways had become bigger and faster, those tollbooths began to evoke a certain nostalgia. “I had fond childhood memories of Sunday drives on the Merritt, slowing down and dropping the dime into the little log cabin,” says David Carris, who was working at the time as a preservationist in New Haven, Connecticut.

By 1988, parts of the original Merritt Parkway had been converted into more modern interstate, and the rest was under threat. “You could see it was already being chipped away,” Carris says. When the Merritt tollbooths were slated for removal, he and a coalition of other preservationists decided to fight for them. They began trying to convince the government to keep demolition crews at bay and looking for museums or parks that might agree to adopt one of the old toll plazas.

article-image

They didn’t encounter opposition, exactly. “If somebody wants to preserve [the tollbooths], I have no problem with that … Just get them off the darn highway,” the president of a commuters’ group told the Hartford Courant. The government was also happy to let preservationists have the tollbooths. Carris, along with the Committee to Save the Merritt Parkway and other preservation organizations, found a home for part of the Merritt’s first toll plaza at the Henry Ford Museum, in Dearborn, Michigan. Another tollbooth went to Connecticut’s Boothe Memorial Park, an eclectic collection on the site of the Boothe family estate. The campaign was, overall, a success.

Often, in cases like this, the leader of a successful preservation project will hear from other people waging similar campaigns. But as far as Carris knows, this is the only preservation effort of its kind. “I’ve never heard of anyone else trying to save tollbooth,” says Carris. “They disappear, and you don’t even really notice it.”

article-image

The effort to save the Merritt tollbooths wasn’t only about the actual toll infrastructure. Carris and the rest of the coalition saw their campaign as part of a longer fight to save the historic landscape of the Merritt from being folded into a modern highway. To the extent that tollbooths catch preservationists’ interest at all, it’s often because they’re part of larger projects.

“Many toll facilities were associated with significant engineering undertakings,” says Marriott, the historic road specialist. “It’s there where you find the higher level of investment and tollbooths that are part of the overall design and aesthetic.” One toll plaza that caught his eye, for instance, is the one on the Golden Gate Bridge, where not just the bridge but the lighting, the booths, and other details were carefully considered. When people like him try to capture a breath of the past, these details help complete the picture, he says.

Tollbooths, though, are so overlooked that they’re usually badly maintained. Both Carris and Marriott mentioned the New York State Thruway toll plaza—a “piece of international modernist infrastructure strung out over I-95,” in Carris’ words—as striking and worthy of more attention. “They’re not taking care of it,” says Marriott. “It’s really shabby. There’s missing letters. It’s not been cleaned or cared for, for a long time.”

The Thruway toll plaza represents a recent-enough past that few people probably think of it as in need of preservation. Further, when infrastructure is badly cared for, it becomes less noticeable and attractive—and therefore less likely to receive the outpouring of affection that preservation campaigns often depend on.

article-image

Even unloved tollbooths, though, may one day be missed if they disappear. “Why care about tollbooths? I can make the case,” says Carris. “They make you stop. We have a 12,000-year history of city-making and one of the unique experiences of entering and leaving a gated city was going through the city gates. In a way, there was a ritual associated with tollbooths of entering and leaving the city, and it’s an important human experience that we’re losing in this age of E-ZPass.” Tollbooths help mark the boundaries of place, and they can be monuments to human achievement.

“When the interstate system was so magnificent and futuristic—the Thruway tollbooth captures that,” says Marriott. Today, our highways are more likely to be worn and in need of repair. Maybe it would be worthwhile to remember the moment when we cared enough about them to make even the toll plazas a little bit magnificent.

Read the whole story
Share this story
Delete

Swan: Better Linux on Windows

1 Share

If you are a Linux user that has to use Windows — or even a Windows user that needs some Linux support — Cygwin has long been a great tool for getting things done. It provides a nearly complete Linux toolset. It also provides almost the entire Linux API, so that anything it doesn’t supply can probably be built from source. You can even write code on Windows, compile and test it and (usually) port it over to Linux painlessly.

However, Cygwin’s package management is a little clunky and setting up the GUI environment has always been tricky, especially for new users. A project called Swan aims to make a full-featured X11 Linux environment easy to install on Windows.

The project uses Cygwin along with Xfce for its desktop. Cygwin provides pretty good Windows integration, but Swan also includes extra features. For example, you can make your default browser the Windows browser with a single click. It also includes spm — a package manager for Cygwin that is somewhat easier to use, although it still launches the default package manager to do the work (this isn’t a new idea, by the way).

Here’s a screenshot of Windows 10 (you can see Word running native in the background) with top running in a Bash shell and Thunar (the default file manager for Swan). Notice the panel at the top with the swan icon. You can add things there and there are numerous settings you can access from the swan icon.

Swan is fairly new, so it still has some rough edges, but we like where it is going. The install process is in two parts which doesn’t make sense for something trying to be easier. Admittedly, it is already easier than doing an X11 install with normal Cygwin. However, on at least one test install, the virus scanner erroneously tripped on the wget executable and that caused the install to fail.

The project is hosted on GitHub if you want to examine the source or contribute. Of course, Windows has its own support for Linux now (sort of). Swan isn’t quite a finished product and, like Cygwin, it isn’t a total replacement for Linux. But it is still worth a look on any machine that you use that boots Windows.


Filed under: linux hacks



Read the whole story
Share this story
Delete

Team Chat

8 Comments and 28 Shares
2078: He announces that he's finally making the jump from screen+irssi to tmux+weechat.
Read the whole story
Share this story
Delete
7 public comments
stsquad
253 days ago
reply
Truth
Cambridge, UK
hooges
257 days ago
reply
IRC, never die!
Topeka, KS
encolpe
257 days ago
reply
Si true
Lyon, France
emdeesee
257 days ago
reply
OK, fine. When the galactic singularity becomes an option, I'll consider switching from IRC.
Lincoln, NE
beowuff
257 days ago
Don't worry. It'll still run irc as it's back end, so you can still connect.
Fidtz
257 days ago
reply
2051, solid 1960's style future prediction there!
Covarr
257 days ago
reply
What if I'm only still on IRC because the rest of my groups are?
Moses Lake, WA
alt_text_bot
257 days ago
reply
2078: He announces that he's finally making the jump from screen+irssi to tmux+weechat.

Security Risks of TSA PreCheck

3 Comments and 9 Shares

Former TSA Administrator Kip Hawley wrote an op-ed pointing out the security vulnerabilities in the TSA's PreCheck program:

The first vulnerability in the system is its enrollment process, which seeks to verify an applicant's identity. We know verification is a challenge: A 2011 Government Accountability Office report on TSA's system for checking airport workers' identities concluded that it was "not designed to provide reasonable assurance that only qualified applicants" got approved. It's not a stretch to believe a reasonably competent terrorist could construct an identity that would pass PreCheck's front end.

The other step in PreCheck's "intelligence-driven, risk-based security strategy" is absurd on its face: The absence of negative information about a person doesn't mean he or she is trustworthy. News reports are filled with stories of people who seemed to be perfectly normal right up to the moment they committed a heinous act. There is no screening algorithm and no database check that can accurately predict human behavior -- especially on the scale of millions. It is axiomatic that terrorist organizations recruit operatives who have clean backgrounds and interview well.

None of this is news.

Back in 2004, I wrote:

Imagine you're a terrorist plotter with half a dozen potential terrorists at your disposal. They all apply for a card, and three get one. Guess which are going on the mission? And they'll buy round-trip tickets with credit cards and have a "normal" amount of luggage with them.

What the Trusted Traveler program does is create two different access paths into the airport: high security and low security. The intent is that only good guys will take the low-security path, and the bad guys will be forced to take the high-security path, but it rarely works out that way. You have to assume that the bad guys will find a way to take the low-security path.

The Trusted Traveler program is based on the dangerous myth that terrorists match a particular profile and that we can somehow pick terrorists out of a crowd if we only can identify everyone. That's simply not true. Most of the 9/11 terrorists were unknown and not on any watch list. Timothy McVeigh was an upstanding US citizen before he blew up the Oklahoma City Federal Building. Palestinian suicide bombers in Israel are normal, nondescript people. Intelligence reports indicate that Al Qaeda is recruiting non-Arab terrorists for US operations.

I wrote much the same thing in 2007:

Background checks are based on the dangerous myth that we can somehow pick terrorists out of a crowd if we could identify everyone. Unfortunately, there isn't any terrorist profile that prescreening can uncover. Timothy McVeigh could probably have gotten one of these cards. So could have Eric Rudolph, the pipe bomber at the 1996 Olympic Games in Atlanta. There isn't even a good list of known terrorists to check people against; the government list used by the airlines has been the butt of jokes for years.

And have we forgotten how prevalent identity theft is these days? If you think having a criminal impersonating you to your bank is bad, wait until they start impersonating you to the Transportation Security Administration.

The truth is that whenever you create two paths through security -- a high-security path and a low-security path -- you have to assume that the bad guys will find a way to exploit the low-security path. It may be counterintuitive, but we are all safer if the people chosen for more thorough screening are truly random and not based on an error-filled database or a cursory background check.

In a companion blog post, Hawley has more details about why the program doesn't work:

In the sense that PreCheck bars people who were identified by intelligence or law enforcement agencies as possible terrorists, then it was intelligence-driven. But using that standard for PreCheck is ridiculous since those people already get extra screening or are on the No-Fly list. The movie Patriots Day, out now, reminds us of the tragic and preventable Boston Marathon bombing. The FBI sent agents to talk to the Tsarnaev brothers and investigate them as possible terror suspects. And cleared them. Even they did not meet the "intelligence-driven" definition used in PreCheck.

The other problem with "intelligence-driven" in the PreCheck context is that intelligence actually tells us the opposite; specifically that terrorists pick clean operatives. If TSA uses current intelligence to evaluate risk, it would not be out enrolling everybody they can into pre-9/11 security for everybody not flagged by the security services.

Hawley and I may agree on the problem, but we have completely opposite solutions. The op-ed was too short to include details, but they're in a companion blog post. Basically, he wants to screen PreCheck passengers more:

In the interests of space, I left out details of what I would suggest as short-and medium-term solutions. Here are a few ideas:

  • Immediately scrub the PreCheck enrollees for false identities. That can probably be accomplished best and most quickly by getting permission from members, and then using, commercial data. If the results show that PreCheck has already been penetrated, the program should be suspended.

  • Deploy K-9 teams at PreCheck lanes.

  • Use Behaviorally trained officers to interact with and check the credentials of PreCheck passengers.

  • Use Explosives Trace Detection cotton swabs on PreCheck passengers at a much higher rate. Same with removing shoes.

  • Turn on the body scanners and keep them fully utilized.

  • Allow liquids to stay in the carry-on since TSA scanners can detect threat liquids.

  • Work with the airlines to keep the PreCheck experience positive.

  • Work with airports to place PreCheck lanes away from regular checkpoints so as not to diminish lane capacity for non-PreCheck passengers. Rental Car check-in areas could be one alternative. Also, downtown check-in and screening (with secure transport to the airport) is a possibility.

These solutions completely ignore the data from the real-world experiment PreCheck has been. Hawley writes that PreCheck tells us that "terrorists pick clean operatives." That's exactly wrong. PreCheck tells us that, basically, there are no terrorists. If 1) it's an easier way through airport security that terrorists will invariably use, and 2) there have been no instances of terrorists using it in the 10+ years it and its predecessors have been in operation, then the inescapable conclusion is that the threat is minimal. Instead of screening PreCheck passengers more, we should screen everybody else less. This is me in 2012: "I think the PreCheck level of airport screening is what everyone should get, and that the no-fly list and the photo ID check add nothing to security."

I agree with Hawley that we need to overhaul airport security. Me in 2010: "Airport security is the last line of defense, and it's not a very good one." We need to recognize that the actual risk is much lower than we fear, and ratchet airport security down accordingly. And then we need to continue to invest in investigation and intelligence: security measures that work regardless of the tactic or target.

Read the whole story
Share this story
Delete
3 public comments
rtreborb
257 days ago
reply
I was frustrated when I found that there was a non-trivial fee for getting PreCheck certified. I'm going to take measures to provide extra information and you're going to charge me for it? No thank you
chrishiestand
259 days ago
reply
Not to mention that Hawley's suggestion would nullify the whole reason that people sign up for pre-check. I've been "randomly selected" for a more thorough search about two out of the last five times of using pre-check and it's quite annoying
San Diego, CA, USA
chrishiestand
259 days ago
In terms of airport security if we return to a pre-9/11 system and just added cockpit doors that lock the whole country would be better off, I think
mxm23
267 days ago
reply
What if this project isn't about security, but rather gathering information about people?
San Rafael, CA

Holiday Train Show at New York Botanical Gardens in Bronx, New York

1 Share

A miniature New York

Every year, from mid-November to mid-January, a most extraordinary train yard is erected inside the Enid A. Haupt Conservatory at the New York Botanical Gardens in the Bronx.

Artist Paul Busse and his team at Applied Imagination in Kentucky have been responsible for creating buildings, bridges, gardens and a Coney Island boardwalk–all in model train G-scale–since the exhibit began in 1991.  Every structure is a replica of an actual New York place (some old, some still with us), and the annual tradition is now over 150 landmarks strong.

The twist is that everything is made out of organic materials. Nuts, seeds, leaves, fungus and branches are all used to create the miniatures, down to the tiniest of cherubs above a doorway.  They even use tree resin for window glass.

The 2016 show (Holiday Train Show number 25) includes almost half a mile of track zipping through the city scenes. If you ramped that up from G-scale, it would be over 11 miles of real life clickety-clack.

Read the whole story
Share this story
Delete
Next Page of Stories