Blue Scream of Jeff: May 2012

Thursday, May 31, 2012

Will we get burned by our own Flame?

Screen shot courtesy of Alexander Gostev/SecureList

This code sample from the Flame virus shows where the malware got its name. It is 20 MB in size – huge by typical malware standards – and is an extremely difficult piece code to analyze.

Looks like the days of cloak and dagger are over.

Today’s espionage seems to be all about computers and data.

On Tuesday it was reported that thousands of computers in Iran and across the Mideast have been infected with a sophisticated new virus called Flame.

Unlike previous malware attacks on Iran which were designed to disable or disrupt the infected computers, Flame appears to be just snooping around and gathering as much information as possible. According to Alexander Gostev, the head of the Global Research and Analysis Team at Kaspersky Lab, a Russian information-technology security firm known for its antivirus software, Flame can steal data in some unique ways, like turning on a computer's microphone to record audio, scanning for Bluetooth-active devices and taking snapshots of computer screens.

“The recording of audio data from the internal microphone is also rather new. Of course, other malware exists which can record audio, but key here is Flame’s completeness – the ability to steal data in so many different ways,” he writes in his recent SecureList blog posting. “Another curious feature of Flame is its use of Bluetooth devices. When Bluetooth is available and the corresponding option is turned on in the configuration block, it collects information about discoverable devices near the infected machine. Depending on the configuration, it can also turn the infected machine into a beacon, and make it discoverable via Bluetooth and provide general information about the malware status encoded in the device information.”

“The malware [also] has the ability to regularly take screenshots,” he continued. “What’s more, it takes screenshots when certain ‘interesting’ applications are run, for instance, IMs.”

Prior to Flame’s discovery, the only “super-viruses” that existed were in the movies or on TV. They were usually the product of some super-rich megalomaniac bent on world domination or a small group of super-smart hackers or some shady cabal with nefarious goals. But now it seems some government has taken a page from Hollywood’s playbook.

I say government, because cybersecurity researchers interviewed by The Wall Street Journal said “the complexity of Flame's coding and comprehensiveness of its spy capabilities could suggest it was the work of a government.”

“Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states,” Gostev said. “Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group. In addition, the geography of the targets (certain states are in the Middle East) and also the complexity of the threat leaves no doubt about it being a nation state that sponsored the
research that went into it.”

Now I am not suggesting that our government shouldn’t be engaging in this type of cyber-espionage. On the contrary, I think we and our allies need to do anything necessary to stop Iran or any other governments controlled by radicals and/or fanatics of any sort from developing nuclear weapons.

But my fear is that we are releasing the proverbial genie from the bottle and are making ourselves vulnerable to the same kind of attacks. It’s well known that the Chinese military already employs hackers whose sole job it is breach the other country’s computer systems. According to some secret government documents which were leaked to WikiLeaks in December 2010, U.S. government agencies have been targeted several times with phishing attacks (social engineering attacks) since late 2002.

If we are going to engage in this kind of cyberwarfare, then we as a country need to be damn sure our critical computerized infrastructure systems are secure.

And they are not.

Just ask former N.J. governor Tom Kean and former Indiana congressman Lee Hamilton, who were co-chairs of the 9/11 Commission and now run the Bipartisan Policy Center's Homeland Security project.

"Much like the situation before the September 11, 2001, attacks, the federal government is not adequately organized to deal with a significant emerging national security threat," Kean and Hamilton said in a letter sent to Senate leaders urging action on cybersecurity. Both men cited recent statements by Director of National Intelligence James Clapper and FBI DIrector Robert Mueller warning that the cyber threat is expected to overshadow other terrorist threats facing the United States in the not-too-distant future.

If that doesn’t worry you, take a look at the U.S. government’s own Computer Emergency Response Team’s (CERT) web site. The number of patches issued by software vendors to close recently discovered security problems in the software we use everyday is staggering as is CERT’s list of current vulnerabilities.

This isn’t a problem that just affects Microsoft products. As demonstrated by the Flashback virus, even Apple products – which many believed to be immune to such attacks – are susceptible.

Cybersecurity isn’t just a government matter. We need to get our private sector to take it seriously too. We need them to start producing better software that can’t be exploited by every hacker with a few hours to kill and hardware that is less vulnerable to being hijacked.

The general public also has a role to play. Everyone who uses a computer should make it their business to learn how to protect themselves online. And I’m not talking about just creating passwords that are harder to guess than your kid’s birthdates or your pet’s name.

As a computer technician you would be surprised by how many viruses I’ve had to remove from the computers of otherwise intelligent people because they fell for some scam that they never would have fallen for in real life, or because they just clicked on some link or downloaded some “program” or screensaver without thinking.

Flame should be our wakeup call that we need to strengthen our cyberdefenses now, least we get burned by it later.

Thursday, May 24, 2012

These are the voyages of Free Enterprise….

DRAGON FIRE: The Falcon 9 rocket soars into space from Cape Canaveral Air Force Station in Florida, carrying the Dragon capsule to orbit at 3:44 a.m. EDT on Tuesday, May 22, 2012. Photo courtesy of NASA

To listen to all the hyperbole, Tuesday’s launch of the Falcon 9 rocket marks “new era in [space] exploration.” It’s the first time a private company has launched a spacecraft to do something that previously only a government-run space agency has done before.

“We're now back on the brink of a new future, a future that embraces the innovation the private sector brings to the table,” NASA Administrator Charles Bolden said after the launch. “The significance of this day cannot be overstated. While there is a lot of work ahead to successfully complete this mission, we are off to a good start.”

Whether handing off the part of our space program to the private sector is a good thing or a bad thing remains to be seen, but it again got me thinking about what I had expected the space program to be like when I was a kid and what it has becoming today. It also got me wondering whether we should change the opening of “Star Trek” to:

“Space. The commercial frontier. These are the voyages of free enterprise. Its ongoing mission to exploit strange new worlds, seek out new products; and sell them to new civilizations. To boldly sell stuff where no one has sold stuff before.”

That’s not exactly as awe inspiring as the original and if I sound a bit cynical, then it’s probably just my fear that either businesses won’t see the profit in literally doing NASA’s heavy lifting or it will somehow sully my silly, idealistic notion that we should explore space simply for the sake of exploration.

Ads on the sides of space ships aren't as far-fetched as you might think. Just

look at the side of the bright yellow container on this freighter from the

TV show "Battlestar Galactica." It reads: "Colonial Movers.

We Move Anywhere."

Now I readily admit that I have drunk from the “Star Trek” cool-aid once too often its Utopian views of the future heavily color my expectations. It’s not just that I’m worried that future starship Enterprises will be made to look like today’s ad-plastered NASCAR stock cars (Use Crest Toothpaste for a smile as bright as the stars!) it’s that the private sector won’t stick with the commitment once they begin to realize the full cost of doing business in the final frontier.

Let’s face it, shuttling supplies to the International Space Station (ISS), isn’t like shipping a truckload of widgets from China to the United States. Space travel is still a risky, dangerous and expensive endeavor. Just ask the families of the Challenger and Columbia astronauts. And it seems to me businesses are currently too focused on short-term profits to take the kinds of losses and make the kinds long-term of investments a space program needs.

The day of the launch, I recall hearing a radio report or reading an article that said SpaceX, the company behind the Falcon 9, is taking a heavy loss on this mission and it’s only because of seed money from NASA and the promise of hefty contract that they undertook it in the first place.

But what’s going to happen when the government’s seed money runs out? Will the enthusiasm of companies like SpaceX dry up? Then what happens to the space program? Will we have to outsource our space missions it to other countries like we are doing now? How much further behind would that put NASA’s aspirations to launch missions to Mars or the asteroid belt or even deeper into the solar system?

I’m not the only one to have this fear.

So did the great the great astronomer and host of the wildly popular “Cosmos” TV show, Carl Sagan. In the book “Conversations With Carl Sagan” (edited by Tom Head, University Press of Mississippi, copyright 2006), Sagan said in an interview with Charlie Rose: “It’s too expensive to do by private industry or wealthy individuals. What we’re talking about, the advantages that accrue, are largely long-term advantages.”

That sentiment was acknowledged in a political blog post on the LiveJournal blog site, where Sagan is paraphrased as saying that “if humans [are] to expand out toward the rest of the solar system and one day populate the stars [then] it would be because a government, or a consortium of them.”

Yet despite all my misgivings, I too can’t help but be excited by this turn of events. While I loved the idea behind the space shuttle program and creating humanity’s first reusable spacecraft, in retrospect, I think it was a mistake. From 1981 to 2012, all we really did was fly into Earth orbit, launch some satellites and build the ISS – all things that could have been done using Apollo-era rockets.

Now just think what we could have accomplished in those same 31 years had we had companies like SpaceX doing that work for us, letting NASA concentrate on returning to the moon or going to Mars. Even if NASA’s pace of technologically innovation had only been half that of the personal computer industry, we’d still probably be on Mars by now.

Two other comments also give me hope that we are headed down the correct path on our quest for the stars.

The first is from SpaceX founder Elon Musk, who compared Tuesday’s launch of the first commercial, for-profit space flight with the dawn of the internet. “This mission heralds the dawn of a new era of space exploration, one in which there is a significant commercial space element. It is like the advent of the Internet in the mid-1990s when commercial companies entered what was originally a government endeavor. That move dramatically accelerated the pace of advancement and made the Internet accessible to the mass market. I think we’re at a similar inflection point for space. I hope and I believe that this mission will be historic in marking that turning point towards a rapid advancement in space transportation technology.”

The second was made during a radio interview with a reporter from the nasawatch.com website, who pointed to historical precedent as to why such ventures work. He said that during America’s expansion westward, the U.S. Government would go out explore the land and establish an outpost on the new frontier. Almost as soon as that fort was established, who would come behind them, but the saloon-, inn- and shopkeepers.

For our sake, let’s hope both Musk and the guy from NASAWatch are right.

If they are, and space travel becomes available to the average person within my lifetime, then I think I am willing to accept the occasional ad plastered over my favorite starship hull.

Thursday, May 17, 2012

Where’s my flying car?

FLYING CARS: I'm still waiting for one to show up in a showroom near me!

When I was a kid in the late ’60s and ’70s, I looked forward to the year 2000 and the shiny new future it was supposed to bring.

Watching TV shows such as “The Jetsons,” “Lost in Space,” “Star Trek,” “Space: 1999” and “The Thunderbirds,” I was promised a future with robots and space travel where people zipped around in jet packs through domed, gleaming cities floating in the sky.

Well the year 2000 has come and gone and 12 years on, I can’t help but feel cheated.

Sure we have a host of cool new technological gadgets that no one had imaged way back then and thanks to the Internet, we have a world of knowledge, trivia and mindless entertainment at our fingertips. And like most everyone else, I’ve become so attached to all these gadgets that I don’t know if I could really live without them anymore. I know for a fact, that I would NOT be able to earn my living if it wasn’t for the technology boom that brought us personal computers, the Internet, smartphones and iPods and iPads.

But what I really want to know is: Where the frak is my flying car?!

And my robot maid?

And my jet pack?

And the moonbase and space ships and all the other stuff we were promised?

How and why did we give up on those dreams?

Yes, I realize that some of those things are impractical. After all I live in New Jersey which is home to the nation’s biggest collection of bad and/or distractible drivers (a group to which I must admit to occasionally belonging), and the thought of a bunch of “Jersey Drivers” haphazardly flying these vehicles around and the havoc that they could cause makes me shutter. But the technology to build a flying car isn’t out of our reach. As recently as this past April, a Dutch company demonstrated its latest prototype, the PAL-V. However I don’t think it will take off with consumers anytime soon.

Like all previous attempts at flying cars, this vehicle fails to find the perfect balance between car and flying machine. It looks too much like a helicopter with the car part added as an afterthought. Other attempts, like the Convair Model 116, were too much like a car with the airplane parts literally just stuck on.

So perhaps the real reason the flying car never really took off is because it tries to combine two very different things and does neither well. But you can’t tell me the same is true of the robot maid.

ROSIE MEETS ROOMBA: We were promised Rosie the

Robot Maid but only got Roomba. Is it any wonder

that I feel cheated?

No one I know likes cleaning his or her own house, so almost everyone would want to buy a robot maid. We already possess the technology to build robots that can do very complicated and delicate work. Just ask any assembly line worker who has lost his or her job to one. So why the heck don’t we have them?

Sure there is the Roomba, but it only vacuums. I want something that also dusts, scrubs the bathroom, mops the floors, does the dishes and laundry and picks up and puts away my clothes. (Thanks to Microsoft, I’d still be doing Windows).

It’s not like I’m demanding the thing look like Angelia Jolie in a French Maid’s outfit. (If it did, my wife probably wouldn’t let me have it anyway!). Rosie from “The Jetsons” would be just fine. Heck, even the WED Treadwell Septoid Repair Droid from “Star Wars” would be fine.

Yes they would be expensive at first. But so was the television set, personal computer, iPod and cell phone. Today all those products are nearly ubiquitous and relatively affordable. So why isn’t some company looking into this. (I’m looking at you Dyson and dare I say it, Apple).

But perhaps my biggest disappointment is that the moonbases and missions to Mars everyone predicted we’d be making by now back in the ’60s and early ’70s have never come to pass.

SO CLOSE, YET SO FAR. Looking at The Eagle Transporter from "Space:

1999" (top) and the Apollo space capsule side by side, it's not hard to see

why I thought the fictional craftcould become a reality.

I guess we can blame that on the end of the Cold War. The race to get to the moon and to claim mastery over space was really all about showing our military might to the Russians. And while I’m thankful not to have the threat of the A-bomb literally hanging over our heads anymore, I’m disappointed that our desire to travel to other planets within our solar system evaporated with those threats too.

As a 10-year-old back in 1975, I couldn’t imagine a future where we weren’t already zipping around the solar system in craft that looked suspiciously like the Eagle Transporter of “Space: 1999.” Just image if the pace of development of spacecraft had mirrored that of the personal computer between 1975 and 2000. In that 25 years period we went from the kit-based computers like the MITSAltair 8800 to hand-held computers like the Palm m100. At that same rate of advancement, the Eagle Transporter, which bore a strong resemblance to NASA’s Apollo era capsules and rockets, didn’t seem that inconceivable.

Now as a 47-year-old with two young nephews, I wonder what they expect of their future and if they’ll be able to succeed in making their dreams a reality. Perhaps they’ll be the ones to perfect the flying car or robot maid.

I hope so.

Friday, May 11, 2012

One OS to rule them all….

Becoming obsessed with creating one operating system for all
our tech devices may not be such a good idea. Just ask Gollum.

Ever since I started playing with Windows 8 Consumer Release Candidate 1 about a month ago I have been thinking about wisdom of having one operating system for all our tech gadgets.

The idea is intriguing. Master one set of rules and no matter what device you are on – whether it be your smartphone, tablet, laptop, desktop, or even a refrigerator with a touch screen – everything works the same. No more having to break out the manual – if there even is one — to decipher some instructions that are so arcane that even the wizard Gandalf would have trouble following them.

But the more I think about it, the more I am beginning to think that this is a bad idea.

A very bad idea.

An idea so bad that it – and Windows 8 – could only have come from some volcano in the heart of Mordor. (Which, come to think of it, Microsoft is kind of the Mordor of SoftwareLand…)

My thoughts were confirmed after trying to use Windows 8 to do the things I've always done on my desktop computer. And if your experience turns out like mine, then I think that instead of making things easier for consumers, a single operating system for all devices will ultimately make things much more difficult for the average consumer.

Why?

Because each of our favorite tech devices has a specific use and function, and it is that function that should dictate how the device’s software works, not the other way around. It’s a matter of form following function, not the other way around.

Let’s take the smartphone for instance. It’s primarily a communications device. It was designed to be used for making phone calls, texting and for checking your e-mail and/or calendar. Sure today’s smartphones can do other things too. They make pretty decent point-and-shoot still- and video- cameras, can play music and with millions of “apps” floating out there in cyberspace, smartphones can do tons of other stuff. Heck, I have one app on my phone that even turns it into a pretty useful flashlight. But it is still my phone first. It only serves as a flashlight when I can’t find a real one around when I need it.

Tablets on the other hand are what I’d call “entertainment devices.” With their big screens, they are excellent for watching videos or browsing the web, reading an e-book and even composing a short e-mail or two. They’re even pretty good for playing simple yet addictive games (Angry Birds anyone?). Like their smaller smartphone cousins, a tablet’s capabilities can be expanded with any of a million apps, but without the addition of at least a keyboard, I wouldn’t want to do anything that required extensive text entry. That’s why we have laptops or desktop computers.

Laptops and desktops are the real workhorses of all our tech devices. They are best suited for writing long-winded articles like this, or creating and manipulating complicated spreadsheets or editing video. Some even make pretty decent gaming machines. Of course you could do all those things on a smartphone or tablet, but given a choice, I’d rather type a story or work on a spreadsheet on a device with a full-sized, physical keyboard; mouse and a nice big LCD monitor. I think you would too.

Again the form something takes should be derived directly from its intended function. I believe the popularity and intuitiveness of Apple products came from Steve Job’s strict adherence to this idea.

Now I have never been an Apple fanboy and probably never will (I don’t like their snobby, superior attitude), and I am more comfortable in the world Microsoft created, but Microsoft could learn a thing or two from Apple on this score. An operating system should be designed around the function of the device and since computers, tablets and smartphones are all different animals, I don’t think it’s possible to unite all three seamlessly. There are too many compromises that have to be made to get everything to work and Windows 8’s usability proves this beyond a shadow of a doubt.

I give Microsoft full credit for trying to push boundaries and exploring the idea. But what they've come up with just doesn’t work.

A better idea would be to build an OS that would recognize what kind of device it’s on and adjust its interface and capabilities accordingly instead of foisting a touch-screen based interface on desktop/laptop users, who have no need for them because keyboard and mouse input works just fine for them and is more practical.

Designer Prashant Chandra has already demonstrated how something like this could work with his hybrid Lifebook mockup. It contains a removable tablet, smartphone and camera that can be plugged into a notebook shell. As each of these devices is plugged in to the notebook, they seamlessly share data though a master OS running on the notebook. Unplug one of the units, like the tablet or smartphone, and you are now running a thinned down version of that OS specifically made for a smartphone, tablet or camera.

The concept is not unlike the concept behind Microsoft's Office suite or Adobe’s Creative Suite. Each of the programs in Office – Word, Excell, Powerpoint, Outlook and Access – are made to do different things – like writing a letter, creating spreadsheets or building small databases – but share a very common interface so users can move between them with ease. The same is true of Adobe's product. Photoshop is for pictures, Illustrator for drawing and InDesign for page layout, yet all three share the a common interface that makes it easy to jump between those programs without thinking. Seems to me the same can be done between the different hardware platforms.

In fact, I’d go as far as calling an idea like that…Precious.

Thursday, May 3, 2012

Why we need another “Star Trek” on TV

The U.S.S. Enterprise: Boldly optimist going where no TV show had gone before.

Mr. Spock, Yeoman Rand and Capt. Kirk: Unabashedly heroic
even if they were only armed with colored flashlights.

With times the way they are, I have been thinking how badly we need another “Star Trek” on TV.

And no, I’m not talking about yet another “reboot” of the classic 1960s space opera, although I did enjoy the 2009 J.J. Abrams movie.

And I’m not taking about another “Next Generation/Deep Space 9/Voyager/Enterprise” –type spinoff either. In fact, I’m not even talking about a show set in the same universe Gene Roddenberry created.

What I am talking about is a return to a good old-fashioned, rollicking, space adventure-show set in an optimistic future where humanity has overcome its often self-destructive ways.

So what got me thinking about this?

Well for starters, there is a complete lack of any space opera shows on TV. During the late '90s and early '00s it seemed you couldn’t switch a channel without finding one. We had several “Trek” spin-offs, “Babylon5,” “Farscape,” “Stargate SG1” and its spinoff “Stargate: Atlantis,” “Andromeda,” “Earth: Final Conflict,” and to a lesser extent the short lived “Space: Above and Beyond,” “Earth 2” and my favorite, “Firefly.” However most, if not all of these shows, went off the air ages ago.

There have been some newer attempts, such as ABC’s “DefyingGravity” and SyFy’s “Stargate: Universe,” but they’ve either been cancelled or never found an audience beyond their pilot. There were even a few proposed shows that never made it to the pilot stage.

In fact, the last attempt at a space opera TV show that actually ran for any length of time was SyFy’s updated “Battlestar Galactica” series, and that ended three years ago. And that “Battlestar Galactica” was hardly what I’d call optimistic.

It was dark and gritty and held up a mirror showing us our society at its absolute worse.

I don’t know about you, but in these days of bad economic times, terror alerts, wars in the Mid-East and what seems like a complete lack of civility not only among our politicians but between anyone who dares to have a different opinion, the last thing I think we need is another “dark and gritty” science fiction TV show. If I want to watch society self-destructing, I’ll watch the news on my 60-inch wall hung flat screen TV or read the latest e-edition of my newspaper on my iPad.

What I want is some escapism – pure and simple – and reassurance that the world isn’t going to hell in a handbasket. And in the late 1960s this is exactly what “Star Trek” provided the nation.

Late 1960 TV ad promoting "Star Trek"

During the height of the Cold War, the emerging Civil Rights movement, the Vietnam War and the generation gap, “Star Trek” showed us a future where everything worked out for the best. We didn’t manage to nuke ourselves into oblivion, there was equality among the sexes and the races, there was no more war, hunger or poverty and we were out doing what mankind always does best—exploring.

Why can’t we have another TV show like this?

I’m tired of dystopias and morally ambiguous protagonists who are hard to root for. I want my heroes to be truly heroic, who fight for the greater good, and make me cheer “hell yeah!” when they finally succeed when all the odds have been stacked against them.

Now as an aspiring writer myself, I know having characters who are paragons of virtue who live in some utopic society makes for some pretty boring stories. But I’m not asking for perfect characters. Let them have flaws, show them making mistakes and occasionally being selfish, but when push comes to shove, they should always do the right thing.

Kirk: He wasn't always perfect but always
knew the right thing to do.

Captain Kirk was a good example of this. He was by no means perfect. He was shown to be fallible – the episode “Obsession” comes to mind. In it, Kirk becomes so focused on killing a creature from his past, that he puts his current crew in danger and jeopardizes his career. He’s also shown to be such a womanizer that it even becomes the butt of at least two jokes in the final original series “Star Trek” movie, “The Undiscovered Country.” The first time is after he's kissed by the sexy shape-shifter Martia, and McCoy asks him, “What is it with you, anyway?” and the second time when he’s fighting Martia, who now looks like him. “I can’t believe I kissed you,” the good captain exclaims, to which Martia retorts: Must have been your lifelong ambition.”

I am also not asking for my new show to be quite as preachy as the original “Star Trek” or to solve all of today’s hot-button issues in an hour episode. If our problems were really that simple to solve, we could’ve solved them already. But our new show could show the heroes struggling to find the right thing to do and then doing it, even knowing that their solution may not be perfect. You could then show the cast having to live with consequences of those decisions.

This new show wouldn’t even have to follow the “wagon train to the stars” format “Star Trek” used. It could be a police procedural with our heroes space detectives or travelling from planet to planet solving crimes (CSI: Space), or a medical drama with the heroes doctors in a space station that deals with mysterious and deadly new illnesses (Babylon House) or even be a political thriller about what it takes to govern a vast space empire (West Wing World). Or it could be a combination of all these things.

Or none of these things.

I wouldn’t care.

Really.

As long as the show leaves me feeling optimistic that the human race has a bright future ahead of it, I’d be happy.