In practice you can infer a lot. The payload of a TLS stream is formally indistinguishable from random data, but you can still tell on the wire that it's TLS. There aren't a lot of widely-used TLS implementations. It's been a while since I looked at the specifics, but I bet there's a lot of more specific signature data in the plain-text parts of the protocol like supported ciphers. You can make some good guesses from the metadata.
In the case of a physical interception, you can probably infer more. If you, after reading this article, spot an enemy drone that doesn't have any obvious emissions, then, well, there might only be one option for the software running on that drone, namely The Software that your enemy uses on their drones.
Anyway, it's not clear to me from the article whether the source object from the signal will necessarily be invisible. I think every transmitter still at least looks like a point source of blackbody radiation. The signal may not be detectable from thermal background radiation, but if the background itself is coming from a big obvious drone, well, you know it "exists nearby".
> transmitter still at least looks like a point source of blackbody radiation
The whole trick is that on average it is a source of blackbody radiation exactly like any other piece of matter next to it, same temperature. It does not produce a light or dark spot on an IR camera image. It turns hotter ("positive light") and colder ("negative light") with a very high frequency, in a controllable way.
Yes, in particular emotional trust is key. Maybe a few people can just declare their own emotional reactions away and have that stick, but you can't ask that of other people. We're still just apes. So if you want brief, clear communication, you need people to actually believe in their guts that when you tell them something they did is broken, it's not a personal attack.
> You end up with tribal knowledge to the extreme if you communicate like this.
Wait, what? How does a team habit of bluntly stating facts result in "tribal knowledge"? If anything it should be the opposite. The approach in the article has problems but I don't believe that's one of them.
Yeah, skip the fluff about my having a good weekend if you need me to fix something, but a lot of those uncertainty markers aren't fluff, they're essential to honest, accurate communication.
Similarly, many times when you say a variation on "I know you're the expert on the codebase" or whatever, that's because it's true and important. Something I think is a problem, which this article wants me to phrase as a short, plain declaration, might actually just be a misunderstanding on my part. If I get one of those messages, I'm not going to see my time being respected. I'm going to see an arrogant jerk too lazy to learn what they're talking about before shooting off their mouth.
And as a writer: I find that my instinct to write caveats like "I know you're the expert on the codebase" corresponds to a process I need to follow to verify the information. Emails like this can take me hours to write, as I scour the codebase, logs, etc for the missing pieces of information demanded by "mere politeness". Here's an example of a reply I got:
> Thank you for your careful report, I will attend to it asap.
The response was short and to the point, because no other information was relevant. And, indeed, I have written emails like that in the past. But, from the article:
> The fact that you were stressed, or that you had inherited the config from someone else, or that the documentation was unclear3, or that you asked your lead and they said it was probably fine, none of that is relevant to the incident report.
Those things are often all relevant. I beg the author to read a book about system-theoretic process analysis (STPA). Some are freely-available from the MIT PSASS website: https://psas.scripts.mit.edu/home/books-and-handbooks/. Nancy G. Leveson's CAST Handbook is perhaps most directly applicable.
Those are at least big enough that you don't have to eat the shells. (Fun aside: Technically, the grouping is closer to the other way around: insects are classed under crustaceans these days.)
It's probably something like, here are the environments where we've done comprehensive surveys, here are the kind of different situations where we expect to find different species (decomposers of various types, mycorrhizal, within plants, within animals, on surfaces, specialists, generalists, climates, etc). Multiply the species from places where we've probably found most of them by the number of places where we've only found the most obvious fungi. However it works it's going to have big error bars, reflected in the fact that 12M species is the upper end of a range starting at 2.2M.
Calling Eurasia a continent would make more sense. "Asia" doesn't have a really sensical physical boundary. May as well say Mexico is a different continent from the US just because there's a big cultural and ethnic difference across the border.
The term "North America" almost always means US or US and Canada, hardly ever the technically correct "US, Canada, Mexico" except in things like NAFTA.
And "Central America" often means "Mexico and countries south that speak Spanish" even though LATAM might be a bit closer.
Other nonsensical terminology also existing would imply nothing about the usage of "Asia". That said, I'm not sure I see the same incorrect usage of North America as you do, either.
Sensible boundaries for dividing continents? Do the Rocky Mountains count as dividing North America into east and west subcontinents? Does the Baltic Sea partition the Nordic countries into their own continent? Are you really expecting that logic to work even a little bit?
> Do the Rocky Mountains count as dividing North America into east and west subcontinents?
The east part would be a bit small, but after a bit more seismic activity that may be sensible.
> Does the Baltic Sea partition the Nordic countries into their own continent?
Could be a subcontinent border yeah, it is a common division in Europe.
> Are you really expecting that logic to work even a little bit?
Yeah, there are multiple aspects of continents and topology is one part. Others are cultural and political and I think there the division is even more clear.
That won't work for long. I've already seen reddit karma farming bots that introduce typos into repost titles to avoid duplicate detection. It'll be pretty easy write a program that takes a piece of slop text and swaps one word or so in every few hundred with a typo just a small Hamming distance away.
I've been using the ~. shortcut for a while, but somehow escaped learning about the help menu.
Another neat thing I noticed while playing with it just now: there's an option to enter ~ twice to send a literal ~, but usually you don't have to do this when typing something like 'ls ~' in a regular session. Not only does the ~ have to be the first character on a line to start an escape sequence, but typing on a line, backspacing all the way to the start and then typing ~ also sends a literal tilde. It only triggers the escape sequence if the ~ is the chronologically first character after a newline (or first in the session), which is an unlikely thing to type into a shell in a normal session. Good choice of UI, both the character and the state machine.
> typing on a line, backspacing all the way to the start and then typing ~ also sends a literal tilde
for the younger readers, yes, because in terminal echo mode, "backspacing" does not clear your terminal line buffer, those characters backspaced are already sent on the line. if you ever seen a misconfigured terminal, it hints what's going on, like:
user@host$ ls ~/^?^?^?^?^?~/a.out
^? is backspace's control char.
that is ssh watches what you type, not what is on the screen (terminal).
The drawback is that if you think your session is hanging and want to bail with ~., you have to press enter, which might actually make it to the server and execute something.
In the case of a physical interception, you can probably infer more. If you, after reading this article, spot an enemy drone that doesn't have any obvious emissions, then, well, there might only be one option for the software running on that drone, namely The Software that your enemy uses on their drones.
Anyway, it's not clear to me from the article whether the source object from the signal will necessarily be invisible. I think every transmitter still at least looks like a point source of blackbody radiation. The signal may not be detectable from thermal background radiation, but if the background itself is coming from a big obvious drone, well, you know it "exists nearby".
reply