Archive for May, 2007

AACS stuff

Wednesday, May 30th, 2007

When Matasano recommends a blog, I read it. And, I just noticed this great post at a Matasano recommended blog.

There are a number of things to try when developing such attacks, depending on the device and countermeasures present. We’ll assume that the attacker has possession of several instances of the device and a moderate budget. This limits an attacker to non-invasive and slightly invasive methods.

Great discussion and something I commented on a while back when misinterpreting a prediction by Ptacek.

Besides all the stories of side channel attacks used by spies, side channel attacks went quite mainstream with research and attack demonstrations on smartcards a few years back. I can remember a couple of RSA conferences ago when there was a demonstration of SPA on the showroom floor, and most (all?) smartcard vendors have now tried to implement some sorts of countermeasures for the various attacks that have surfaced publicly (and not so publicly).[...]

Anyway, what I would really like to see from the creators of AACS is a discussion of this sort of attack.

It turns out that the attacker’s best strategy is to withhold any newly discovered compromise until a “release window” of size R has passed since the last time the authority blacklisted a player. (R depends in a complicated way on L and C.) Once the release window has passed, the attacker will use the compromise aggressively and the authority will then blacklist the compromised player, which essentially starts the game over. The studio collects revenue during the release window, and sometimes beyond the release window when the attacker gets unlucky and takes a long time to find another compromise.

This attack is based on these AACS design goals outlined by Metzger.

[...]In the high def video disk case, you have several quite different goals from the broadcast case. One is to enforce region encoding so that you can charge U.S. customers a large multiple of what you charge, say, a Chinese customer for exactly the same material. The second is to prevent people from retrieving the content in a form they can send to their friends over the internet. A third goal is to keep customers from being able to use content in unplanned ways so you can up-sell them to a newer format later on. (Note that the DRM scheme does *not* prevent actual commercial piracy of disks, since pirates can simply press bit for bit identical
disks.)

Metzger named the attack too.

As I noted, in the direct broadcast satellite case “slow leaks” of keys over extended periods of time are not of much use to the end users and are not of much damage to the system owners, but in the AACS case “slow leaks” are actually exceptionally damaging. Were the bad guys to release just one key every couple of months it would effectively destroy the system.

There are technical aspects to these “slow leak” key attacks, in that the attackers have to find ways to expose keys to leak, but, given that key exposure looks to have been assumed in the AACS design (and is certainly a reality), an attempt was made to mitigate these failures through limiting the damage done by key exposure, such as limiting the usefulness of a particular key and tracking its origins. This leads to a key revocation mechanism, but key revocation does not come for free. And, it seems the attacks on the key revocation process currently cost the attacker far less than the attacked. That makes the overall AACS an economic failure. And, since money was the driver behind AACS, that hits right at the heart of AACS.

So, what can be done here that bring the costs of key compromise back in favor of the attacked? Make key compromise more expensive to achieve? Make the key issuance more device specific? Increase key revocation roll out speed? This would be an interesting blog post from those that build these systems, and I wonder what steps are being taken to move in this direction.

Alternatively, is AACS DRM just dead in the water and media companies better off spending their money elsewhere? Is finding new revenue models not based on forcing consumers to buy the same content multiple times the way to go? Perhaps watermarking is more important here, such that people going “well beyond” beyond fair use can potentially be located but everyone else is let be?

Of note, there was a time when I thought about building an open source DRM system for alternative media. I talked to some sharp people about this, but, over many a beer, we established that the media in question relied on continuously distributing new content and advertising rather than depending on the same content being resold over and over to make money, making the whole point of DRM pretty much moot before we even moved on to pondering the technical challenges.

Posted in Crypto, Security | No Comments »

Tor and Xen and such, Flash BIOS

Tuesday, May 29th, 2007

So, I setup a Tor server in a Xen virtual machine on Ubuntu running on that J7F4-based system over the weekend. Right now, no custom kernel and no crypto hardware acceleration, but that will change when I have some more time.

The general setup was easy enough. I had one primary disk for booting the box’s OS (or dom0 when booting for Xen), and then a separate disk array for data (and domU’s). I used LVM to slice up the disk array.

General setup process:

  • Installed Ubuntu on the primary disk.
  • Installed Xen from the Debian/Ubuntu packages.
  • Used LVM to create volumes for root (512MB), swap (512MB), and var (2048MB) for my VM to run Tor.
  • Used mkfs (and mkswap) to pop the fs on the volumes.
  • Used debootstrap to install the base Ubuntu feisty OS files on the root volume I created for the VM to run Tor.
  • Created a tor VM configuration. Gave it 128MB of RAM, and one ethernet device with static MAC. The three volumes I created above are configured as ioemulated disks. Used root volume as root device and left it writable for now.
  • Mounted root volume. Modified basic system configuration installed by debootstrap in the VM’s root volume. Modified fstab properly mount the ioemulated disks configured in the tor VM configuration – root volume at /, the swap volume as swap, and the var volume at /var. Setup networking.
  • Rebooted system, booting from Xen kernel upon startup.
  • Booted the VM and logged in.
  • Downloaded and installed Tor (the Tor developers provide Ubuntu packages) in the VM.
  • Configured Tor to be a middle-man node (not willing to run exit as this location). Setup iptables here too, but not really worth the effort – only Tor daemon was listening for network connections, and you basically had to allow all TCP out.
  • Once all was working, halted the VM. With VM halted, changed the VM root device in the Tor VM configuration to be read-only, as only swap and var needed to be writable.
  • Restarted VM and was good to go.

I found this page useful as providing some bare minimum for setting up Xen with Ubuntu (note: I didn’t follow this setup exactly), and the Xen user manual useful for everything else. I found this FAQ useful for Tor server configuration. I found this page useful for iptables, something I hadn’t played with in quite some time (we have pf in the BSD world).

Next steps:

  • Build custom kernels for Dom0 and DomU. Be sure to support Padlock.
  • Enable Padlock support in OpenSSL.

Possible other next steps:

  • Wrap local network access of Tor client functionality with stunnel.
  • Use encrypted swap for Tor VM.
  • Store var volume used by Tor VM encrypted on disk, then rekey Tor node.

Annoying issue:

Only 512 megs of RAM is detected by the BIOS, when I actually have 1 gig installed, the maximum supported by the chipset. The RAM looks good and the board looks good, so I guess there is a compatibility issue. My plan was to run just two VMs anyway, but now the memory allocated to them is a bit smaller than expected.

Anyone out there running have J7F4 series board with the RAM maxed out? Did you experience any quirks?

Update: I never followed up on this. The compatibility issue I noted turned into a known issue with memory density. This sums it up.

[...]You need 16-chip (64M) low density memory, as the cn700 won’t support the 8-chip hi density (128M) memory. You’ll
just see half the memory otherwise.[...]

Unfortunately the 128Mx64 specification is essentially useless, as it’s applied to both two-rank 16-chip and one-rank 8-chip 1GB sticks.

If you have a stick with 8 chips on one side only, then that’s 1Gbit technology and it won’t work with a CN700. If you have a two-sided 16-chip stick then most likely it will.

-

As part of my attempts to get the full amount RAM recognized, I flashed the BIOS on the system discussed above. This system was running Ubuntu GNU/Linux and had no floppy drive. The general process I used to flash the BIOS was as follows, which was based on the steps outlined in this and this.

  • Download a bootable floppy image for FreeDOS. (e.g., fdboot.img is what I downloaded.)
  • Mount the image. (e.g., mount -o loop /home/flash/fdboot.img /home/flash/tmp)
  • Copy the “flasher” and flash to the image. fdboot.img had about 1 meg of free space, IIRC. (e.g., cp <flasher>.exe /home/flash/tmp; cp <flash>.bin /home/flash/tmp)
  • Unmount the image. (e.g., umount /home/flash/tmp)
  • Create an bootable ISO image, which will use fdboot.img for booting. Make sure fdboot.img is in the directory tree the image is created from. (e.g., cp /home/flash/fdboot.img /home/flash/tmp; mkisofs -r -b fdboot.img -c boot.cat -o /home/flash/bootcd.iso /home/flash/tmp)
  • Burn to CD.
  • Boot from the CD in the system to be flashed.
  • Choose option 2, which is FreeDOS safe mode. No drivers and such are loaded.
  • Flash the BIOS. (Of note, my BIOS was write-protected. This involved changing CMOS settings, but could easily have been jumpers.)
  • Remove the CD and reboot.

Posted in Anonymity & Privacy, Off-topic | 2 Comments »

Short trust ramble, SSL and RSA quickies

Tuesday, May 29th, 2007

A mini-ramble…

Someone said to me recently, “Trust is the root of all evil.” At first, I thought they were making fun of PKIs; however, they actually meant it quite broadly, due to the emotional blinding caused by the collapse of a recent relationship.

Their point was picking upon something I said in a ramble recently, namely that trust implies vulnerability and vulnerability implies risk, and agreeing with me. So, they claimed, if you remove the trust, you remove vulnerability. Done and done, they said, except, well, I disagreed.

First off, not all vulnerability comes from trust, which shoots holes right through this logic itself – trust can’t be the root of all evil, if all evil does not stem from trust. For example, a person can still rob you whether you trust them or not. And, trust itself can be used to mitigate risk, I think more so than it creates risk, which again brings to question the root of all evil sentiments, if trust does indeed prevent more evil than it creates. For example, family and friends can help you when you fall on hard times. (My ramble said “Trust is often at the root of an attack,” not “Trust is the root of all evil.”)

Every meaningful relationship revolves around trust. Trade requires trust. Marriage requires trust. You buy food and trust that it won’t make you sick. You put money in the bank and trust it won’t be lost. You tell your friends’ things that you would not want made public and trust them to respect your privacy.

Sometimes that trust is misplaced, but we make corrections and go on with life. Trust is not blind faith, and trust is not static. It is a metric, and it changes, influenced by experience. (This is much like security, which should be no surprise – security is built around trust.)

There are lots of inputs to trust – inputs like direct experiences, such as not dying when eating food from a particular restaurant or how you build friendships, or indirect experiences, such asking a friend about what plumber to use or credit ratings. We use these inputs to calculate levels of trust, which are basically estimates of how much vulnerability we are willing expose to the trusted. This leads to trade-offs, such as limiting the amount of trust you place in someone/something – you might only take a nibble of that unknown food to limit the risk of getting sick if it disagrees with you, or divide tasks amongst a group of people to limit the risk of any one person having too much access – versus the costs of these limitations – that nibble is not enough to meet your nutritional requirements forcing you to seek out additional food, and all those people/processes mean less work getting done. This is a balancing act, if you will.

Anyway, end of the day, I claimed the opposite to this person, saying “Trust is the root of all good.” It is what makes the world go round. It is the foundation of every relationship, personal and professional. And, it is what makes family, friends, and security possible. Without it, this world would be a far more dangerous place, in my opinion.

-

As always, Metzger’s cryptography mailing list is a gem. This post let me point to some old material on here.

Now, the original SSL infrastructure was to verify that the URL that the user entered (into the browser) corresponded to the website that the browser was talking to (i.e. the website that the user thought they
were talking to was the website they were actually talking to). However, most electronic commerce sites fairly quickly found that SSL was costing them something like 90percent of their thruput. The result was that most websites transitioned to no longer using SSL for the initial user connection but reserved just for the payment process (to hide the account number
information). Now the user clicks on a button (provided by the webserver) which generates a URL (provided by the webserver). Now instead of checking the URL provided by the user against the webserver … most use of SSL now checks the URL provided by the webserver against the webserver (invalidating the original SSL security assumptions). lots of past posts about ssl digital certificate infrastructure http://www.garlic.com/~lynn/subpubkey.html#sslcert

Bookmarking the https login pages for sites is a good way to get back to these security assumptions. I do it and recommended you do the same.

however, in X9A10, a detailed end-to-end vulnerability and threat analysis was performed … and divulging account information was identified as major exploit (requiring SSL to hide transaction information). However the majority of exploits had never been capturing information in transit (before SSL, even before the internet) … it had always been capturing information at end-points and/or logs of previous transactions. As a result,
a primary objective of X9.59 financial standard was to eliminate havesting/skimming of previous transactions as a (replay attack) vulnerability. The result was that X9.59 effectively “armors” every transactions … in effect replaces “privacy/confidentiality” as a countermeasure with “authentication” and “integrity”.

Reminds me of this diagram.

-

Also via Metzger’s cryptography mailing list, five years to the month after Lucky Green spoke out and said no more to 1024 bit RSA keys, the gap continues to close on 1024 bit RSA keys.

We are pleased to announce the factorization of the 1039th Mersenne
number (2,1039- in the Cunningham table) by SNFS.
The factorization is:
2^1039-1 = p7 * p80 * p227 where
p7 = 5080711
p80 = 558536666199362912607492046583159449686465270184886376480100\
52346319853288374753
p227 = 207581819464423827645704813703594695162939708007395209881208\
387037927290903246793823431438841448348825340533447691122230\
281583276965253760914101891052419938993341097116243589620659\
72167481161749004803659735573409253205425523689
The factor 5080711 was already known.

Special and a few bits off, but getting closer.

Posted in Crypto, Security | 1 Comment »

Influence and nightlife

Monday, May 21st, 2007

While it is now Monday, this is a weekend post. Nightlife and stories grab a great deal more attention than many other posts here, so this is for the readers.

-

A bit of background… Between work and the talent at Pacha (e.g., dt, Boris, and now VC), I have been absent from many of the usual suspects (i.e., particular hipster parties).

So, I was in Emerald a few days, when a group of hipster kids came in. They saw me and ran over to chat. It seems I am somewhat noticeable, and the early portion of the conversation revolved around how they had not seen me in a long time. They wanted to find out what I was up to, and, in particular, where I was going these days. They looked at me as a sort of thermometer of what is in and were trying to find out what parties they should be attending by virtue of what parties I was actually attending. I found it strangely disconcerting that my IT geek self has crossed over into being “cool” at some point and now people I don’t know actually notice whether I am at a party or not. It also felt like I had a responsibility to support parties I enjoy by attending them regularly just for the sake of being seen at them.

Parties hire or promote certain key social figures to attend their parties. I clearly see why.

Moving along, I was in Pacha the other night. I have a particular section of the main dance floor that I inhabitant. It is off to the side, in this nice little chunk of real estate that not only fills up last and opens up first, but also has a big fan blowing on it that keeps it quite a bit cooler than the rest of the dance floor. It is the perfect location, in my opinion. (I refer to this as “my section” and such among people that know me.)

Now, I like lots of room to really get down. So, around 10AM, I returned to my section to find it had opened up fully. There was a ring of people outlining this area standing around, hanging out, but the space itself was unpopulated. So, I took over the space and started dancing in my usual form, a big grin on my face bouncing around in my awkward, flat-footed style.

Then this group of women ran out and started dancing too. They were followed by some other ladies and some gay guys. With a bunch of women now dancing, the straight guys followed suit and a bunch of men ran out and started dancing. With all these people dancing, others joined in. Soon, my space vanished in a sea of people.

During a breakdown in one of the songs, one of the ladies from the initial group to join in the dancing ran over, hugged me (quite bravely, mind you – I was dripping sweat and had been for hours), and said I was “inspirational” and got the floor moving again (not quite accurate, as the center of the main floor never stopped dancing – I just inspired my section).

Places like Pacha hire good-looking people to dance the night away. I clearly see why.

This reaffirms my belief that leading is do as I do. Of course, I should note I have become highly “do as I do” biased in my old age.

Posted in Off-topic | No Comments »

Quickies – start page, HUMINT manual, search again and again

Saturday, May 19th, 2007

A few quickies…

Just a tiny note about an annoying feature of Thunderbird 2.0. It loads a start page from Mozilla’s web site every time it starts up by default. This does not appeal to me at all in general and is particularly slow for me because it is piped through Tor.

Anyway, there is no magic to turning this one off. To disable it, go to Preferences->General and uncheck “When Thunderbird launches, show the Start Page in the message area”. Like “search from address bar” in Firefox 2, good riddance.

-

Since I have been talking a lot about people and security, this USA Army manual on HUMINT seemed relevant. [ via Balkanization]

This manual provides doctrinal guidance, techniques, and procedures governing the employment of human intelligence (HUMINT) collection and analytical assets insupport of the commander’s intelligence needs. It outlines–

• HUMINT operations.
• The HUMINT collector’s role within the intelligence operating system.
• The roles and responsibilities of the HUMINT collectors and the roles of those providing the command, control, and technical support of HUMINT collection operations.

Among other things, there is a nice diagram of the intelligence process…

Intelligence Process Diagram from USA Army HUMINT Manual

…and this list of traits for a person that is trying to elicit information from other people.

• Alertness. The HUMINT collector must be alert on several levels while conducting HUMINT collection. He must concentrate on the information being provided by the source and be constantly evaluating the information for both value and veracity based on collection requirements, current intelligence, and other information obtained from the source. Simultaneously, he must be alert not only to what the source says but also to how it is said and the accompanying body language to assess the source’s truthfulness, degree of cooperation, and current mood. [...]
• Patience and Tact. The HUMINT collector must have patience and tact in creating and maintaining rapport between himself and the source, thereby enhancing the success of the questioning. [...]
• Credibility. The HUMINT collector must provide a clear, accurate, and professional product and an accurate assessment of his capabilities. [...]
• Objectivity and Self-control. The HUMINT collector must also be totally objective in evaluating the information obtained. [...]
• Adaptability. A HUMINT collector must adapt to the many and varied personalities which he will encounter. [...]
• Perseverance. A tenacity of purpose can be the difference between a HUMINT collector who is merely good and one who is superior. [...]
• Appearance and Demeanor. The HUMINT collector’s personal appearance may greatly influence the conduct of any HUMINT collection operation and attitude of the source toward the HUMINT collector. [...]
• Initiative. Achieving and maintaining the initiative are essential to a successful questioning session just as the offensive is the key to success in combat operations.[...]

Yes, you may recognize some of these traits as being leveraged in my rambles. You may also think back to last solid salesmen you met and how they exhibited these qualities. Or you may ponder if security people might do well to have some of these traits. Good stuff.

(Also, I couldn’t help but notice this.

• Neurolinguistics. Neurolinguistics is a behavioral communication model and a set of procedures that improve communication skills. The HUMINT collector should read and react to nonverbal communications. He must be aware of the specific neurolinguistic clues of the cultural framework in which he is operating.

The word “neurolinguistics” always makes me chuckle, as I start thinking of pick-up artists – in particular, a salesmen friend of mine who used to say “the game is a science.” For those looking for an amusing read about people like my friend by people like my friend, you might take a look at “The Game”.)

-

And, as it is a weekend, let’s look at some recent search hits.

We begin here.

WHAT+COLOR+IS+LISTED+ON+THE+DRIVERS+LICENSE+OF+A+BALD+MAN

My bald self laughed at this. My license says I have brown hair.

Wow, these go way back to one of the first posts here.

system+running+slow+after+mcafee+install

mcafee+bloat+OR+kludge

mcafee+bloat

I guess nothing has changed.

Look at this…

Please+provide+specific+examples+of+how+you+%E2%80%9Cbreak+the+ice%E2%80%9D+and+build+rapport+in+a+first+conversation+with+clients%2C+coworkers%2C+etc.

You might poked around at the beginning of this post or perhaps the book referenced in this post.

Coupling the previous search with these…

being+beautiful+is+socially+desirable+to+many+people%2C

beautiful+person+giving+speech

impact+of+beauty+bloggers

Leads to a story…

I was meeting up to discuss IT with a home office business owner over beers a while back. Prior to arriving at the cafe (with a bar), I met up with someone I was dating at the time. She wasn’t a model, but she easily could have been. I introduced her to the potential client and she stuck around chatting for a couple of minutes, before heading off to do her thing while I had my meeting.

Our next roughly half hour of conversation revolved for the most part around my date. My value just by virtue of being associated with this beautiful person soared. Not only did we not end up talking much about my ability to do the job, but my competence to do the job was just assumed by what appeared to be the impact of being associated with this beautiful person. My date completely disarmed this person and short-circuited normal relationship building. (Mind you, this was a tiny IT support gig lasting a couple of days.)

Now, I am not recommending building rapport by showing up with a beautiful person, but I do note it is a viable tool. Beauty can almost be thought of as a zero day here.

Finally,

panty+throwing+ascii+art

Ok, umm, what is that?

Update:

The client discussed in my story about beauty and rapport had a clarification. They did not ask about my technical competence because the person that referred them to me already established that competence for them. However, the establishment of my social value and the desirability of allowing me into their home to perform the work was bolstered by my date and, in particular, her beauty and charm.

Posted in Off-topic, Security | No Comments »

Posts to reality

Saturday, May 12th, 2007

Nothing to see here folks. This is just a weekend post.

-

Sometimes I am amazed how things move forward. I noticed an old blog post recently where I documented a talk about virtual machines, but I hadn’t actually used them for anything useful at the time. These days, I live in VMWare.

About a year ago, I changed my primary machine from dual boot to VMWare, and I have never looked back since. That desktop was not stable, and I rounded the issue down to the motherboard eventually, after testing everything from the RAM to the cabling. But, VMWare with regularly snapshots combined with disk write caching being disabled worked like a champ – after lockups, I’d just reboot, disk check, and then revert to the last snapshots.

The end of last year, I bought a new machine to get back some stability in my life and migrated everything over to it. (I still have the flaky machine – I use it to store things like music.) The general process was install the base operating system, install VMWare, copy over the virutal machines, and run them. Some of the Windows virtual machines needed to be reactivated (new CPUs, optical drives, etc.), but that was about it as far as transitioning went. Everything has been running stably for about six months now. (The newer system itself is an Intel Core Duo 2, nicely over-clocked, not that it matters any. Two hard drives RAID mirrored for data, plus a third hard drive for the operating system.)

So, my primary desktops are running in virtual machines. One runs Windows XP, the other runs FreeBSD. My SVN repositories have their own dedicated virtual machine too, as does most everything else. I find I run 4 VMs at once these days, up from the 2 that was commonplace when I first started with VMWare.

With the exception of some work done on my laptop, which is single boot and FreeBSD, all of my recent development work has been done in virtual machines. Debian, FreeBSD, and Windows (well, CE emulated on XP) have the been most recent environments, but it matters little, unless architecture comes in to play.

Almost all of my testing is done in virtual machines. I no longer have a bunch of junk machines lying around to setup annoying little networks, although I still need junk machines to cover testing on certain architectures. I just use virtual machines, and sit back waiting for architectures to converge and/or emulation to get better.

I have guests setup for FreeBSD, Debian, Windows XP, Solaris, CentOS, etc. When I actually have to install a new OS, I cringe, as it is so rare. Normally, I just clone a virtual machine.

Backups have become trivial, as I just backup the vitual machine’s data, which comes down to just a few files for each virtual machines. (Of course, some of these files are quite large.)

It’s a wonderful life.

Moving along, I have this lovely board in my possession. A thing of beauty…

jf4 pic

-VIA CN700 Northbridge + VT8237RP Southbridge Chipsets Chipset (MCP51G)
-Support VIA C7 Nano-BGA processor
-Support Front Side Bus 133MHz
-Single Channel DDR2 400 Memory DIMM
-Support 2 Serial ATA Devices with RAID 0, 1
-Support 2xAD Connector With Expansion Daughter-boards
-Ethernet LAN Supported
-AC’97 6 Channel Audio CODEC
-17 x 17CM Mini-ITX Form Factor

I originally mentioned the C7 in this blog a while back. It is good to finally have one in my hands.

I had a couple of days of vacation this week, and so I took some of this time to put together a basic system around this board. There was one issue (RAM related), but the basic system is now up and running. I crammed a lot of power into that little Thermaltake case.

The plan is to setup a Tor middle-man node, an f2f overlay node, a media server, etc. on this little guy. The C7 has hardware crypto, and most of the applications I am looking at running eat processor due to crypto. Since most of these applications also rely on OpenSSL for crypto, I am hoping the work can be offloaded using engines to the hardware crypto.

My first thought was to run NetBSD on here, but it didn’t play nice – 3.1 does not support the onboard LAN or Padlock, 4.0Beta2 does not look to support Padlock, and I do not want to track current. So, I have base Ubuntu (gasp) installed on there now, and I might go with Ubuntu with Xen and then group applications, such as anonymizer and f2f overlays, into isolated virtual machines in my final setup. Processing power and memory will probably be the deciding factor here.

Good stuff.

Finally, there is beauty. I have learned quite a bit here, such as narcissistic Wall street types being easy fodder for beauty-based attacks. It might be interesting to hit a security con and see what beauty can do.

Posted in Off-topic | No Comments »

Brains

Thursday, May 3rd, 2007

Looks like I am breaking a trend (“So, this is probably the last post for a while, unless I break from that trend.“). It probably has something to do with free cycles when the Windows CE emulator is slowly doing (or not doing) its thing. So, why not a weekend post on a weekday?

-

I found this post interesting.

Interesting research at Yale:

Dr. Brennan argues that elaborate female duck anatomy evolves as a countermeasure against aggressive males. “Once they choose a male, they’re making the best possible choice, and that’s the male they want siring their offspring,” she said. “They don’t want the guy flying in from who knows where. It makes sense that they would develop a defense.”

There are some researching biology and psychology that believe that we have evolved the brains we have because of the competition around sexual reproduction. Some part of these views says that our brains serve as a means to both impress potential mates and select from potential mates. Courtship provides one means of communicating these brainy capabilities, establishing whether someone really is worthy of reproduction. And, there is lots of advertising of these capabilities, like music, poetry, paintings, maths, etc.

Side note, this is even more interesting in combination with things like the reality it generally takes couples trying to have a baby on the average of a few months to achieve pregnancy. Such drawn out periods seems to protect against a number of attacks, such as misrepresentation and quick judgement – for example, it exposes potential mates that seem good at first glance but aren’t quite so good once a closer look is provided.

Anyway, ignoring the multitudes of other factors around this sort of evolutionary understanding, it can be said that at least some part of our brains evolution seems like the result of a bit of an arms race. Our brains evolving more and more powerful capabilities for impressing potential mates (offensive capabilities) while at the same time evolving more and more powerful capabilities for selecting from potential mates (defensive capabilities). It could be that we are a product of “our own” attempts to secure reproduction. Cool beans.

And, even looking at the brain as much more than just an arms race, it can easily be acknowledged that reproduction is a drive wired into our brains. Which means, take physical beauty and combine it with a brain particularly adept at impressing others (e.g., charm), and you have an attacker that can strike at the core of the human factor. Somewhat amusingly though, that human factor is also our best defense at preventing such attacks.

Posted in Off-topic, Security | No Comments »