Olympic Sized Ego

Picture this:

Security Bozos are happy to welcome you to the 2012 Olympics. Please excuse us while we limit the size of your drinks, run you through bomb detection equipment, search your belongings and in general disrupt your ability t0 enjoy the games. Please note that there will be a number of winners that will receive full body cavity searches.

Or this:

The 2012 Olympics are brought to you by [put major soft drink here] and [put major athletic shoe maker here]. Please remember for faster entry and bypassing the normal security checks pre-order either a case of [put major soft drink here] and [put major athletic shoe maker here] on line for pickup at the Olympics. Please present your receipt to the security guards for expedited entry into the games.

What is all this babble about? It has been decided that Security for the the 2012 Olympics will be provided by a Major sponsor of the 2012 Olympics. The incredible arrogance.

• What real security company would buy their way into the job and provide acceptable security?
• What previous sponsor has any clue on how to provide security for an event of this size?

The Dark Side

Now that I talked about the Internet culture in general in Out of the Mists of Antiquity... I will discuss the inevitable dark side,

In the beginning there trust and sharing, but alas this was not paradise, just another place for humans to interact.

One of the earliest, and well know, examples of the dark side is the flame war. This is the term given when two or more parties disagree on a topic and the "discussion" becomes heated. Per Goodwin's Law a lengthy flame ware will end up with at least one Nazi. A few factors seem to be a major cause of these wars:

1. Anonymity - when no one knows who you really are some people will say things that would not in a face-to-face situation.
2. Lack of body language can cause misunderstandings. Somewhere I read an article on a study that boiled down to about 80% of the time we assume we know the "tone" of written communication, but in reality we are only right about 10% of the time.
3. Until recently with digital recording devices something spoken virtually disappeared once it was spoken, but once something is typed it is, or can be, saved word for word. Hence the old adage of don't e-mail or send a message that you wouldn't want printed in the newspaper.

Now on to what everyone thinks of as the real dark side hackers. In the early days a hacker was someone of great skill and ability a hacker could create a short powerful script or program in a short time and get something useful done with it. One of the most famous, and politically active, of these is Richard M. Stallman. Many would consider him eccentric, but consider his article originally written in 1997 titled The Right to Read where there is no such thing as a library and scholars require government reading grants to be able to afford the fees for research... talk about derailing scientific discovery.

The natural curiosity of these hackers lead to exploring systems they where not granted access to. Thus the cracker was born.

NOTE: To the purest calling a cracker a hacker is like calling a sniper a marksman.

Some of the people breaking into systems began leaving began signs that they had been there by destroying or damaging files and the most visible of these being web site defacement. The hey I'm cool look what I did phase. Web site defacement while still done is not where the dark side is concentrating the motivation has changed from fame to financial gain.

One of the easiest, most entertaining, ways to understand this is through the "Stealing the Network" Series by Syngress. This series contains fictional short stories written by well known security experts that are technically accurate unlike the depictions shown in movies.

Stealing the network: How to Own the Box shows the "cottage industry" stage of the early crimes for profit.

The subsequent titles move in to the more sinister organized crime stage that we are currently experiencing, while still staying technically accurate. The books, in order, are: Stealing the Network: How to Own a Continent, Stealing the Network: How to Own an Identity and Stealing the Network: How to Own a Shadow.

I personally recommend the entire Stealing the Network series.

Out of the Mists of Antiquity...

The only way to really understand something is to go back to the beginning, and the dark side of the Internet is no different. Without light there can be no dark so that is where I'll start.

In the beginning there was ARPANET (Advanced Research Projects Agency Network) which begat the Internet.

First understand that in sharp contrast to the standard mainframe centric standard of the day (1960s) one of the main requirements was that it should be able to sustain 80% failure and the remaining portion or portions had to continue to function. The original project was designed by university students, and in order to document standards, but not offend the professors, the new standards became know as RFCs or Request For Comment.

From these humble origins sprang Richard Stallman, Open Source, VoIP, peer-to-peer (P2P) networks, and the Internet we know and love.

Much of the culture remains a mystery to the majority of the world, even those that participate in it.

There are a few books that help understand the culture.

One of these is The Wisdom of Crowds by James Surowiecki. This book gives evidence that averaging the responses of a group of average people can be more accurate that a single or small group of experts. While this concept is counter intuitive, an least to me it was, Mr Surwiecki provides evidence to back theory.

Another is The Starfish and the Spider: The Unstoppable Power of Leaderless Organizations by Ori Brafman and Rod Beckstrom. Here the authors show how decentralized organizations can overwhelm centralized entities. As an example take Napster and it's descendants...

And this last one may be surprising, but I submit Blink: The Power of Thinking Without Thinking by Malcolm Gladwell as well. Anyone that has ever know something without knowing why has experienced this. I submit with the anonymity of the Internet more people are following their "instincts" with out fear of ridicule.

Next I'll use the light provided here to explore the dark side

Licensed to SPAM by Uncle Sam

Shame on me after complaining about MS and their marketing hype, on the other had you can start sending SPAM to one of the lesser know TLA governmental agencies.

Now getting serious the Securities and Exchange Comission (SEC) wants pump and dump SPAM forwarded to them.

The Internet Storm Center (ISC) has a diary entry here that contains additional information and information about other non-US governmental agencies that are asking for the offending pump-and-dump SPAM be sent to them.

The One, The Only, The Vulnerable Vista

Lets start this out by saying that Vista was designed to be more secure, and it appears to be headed in the right direction there. Just don't get me started on DRM.

Once again Vista, the impenetrable, that is according to the marketing hype has been proven vulnerable. There was the ANI vulnerability that MS rushed a patch out for last week, and now during the regular update there is a second vulnerability designated as critical by MS for Vista.

Once the all the hype is removed it is just another operating system by Microsoft that has it's flaws. Once is has had time to mature I'll consider adding it to one of my systems. For now I'll only "play" with it as a virtual machine.

Vista Smista & ANI Exploit

OK, I've gotten it out of my system. I'm not a fan of Vista I have two main issues in regards to Vista:

1. The fact that Digital Rights Management (DRM) has some control over my system, and can degrade or disable viewing "premium content" when someone else feels that there is a potential for me to steal premium content. I'd call that guilty unless proven innocent.
2. Then there is the marketing, I shouldn't call it scam, hype that Vista in invulnerable.

Issue 1 has been beaten to death by many people including myself.

For issue 2 I'll mention Microsoft Security Advisory (935423). This was commonly referred to as the Microsoft ANI vulnerability, and Vista was one of the version that was vulnerable.

ANI Details

In short this was disclosed to Microsoft in December of 2006. Apparently the first report of this vulnerability was used as an exploit was March 28th. Due to the wide spread use of the exploit several third parties released interim patches, including my favorite Zeroday Emergency Response Team (ZERT). Microsoft reacted, as it tends to do when third party patches are released, and the news media starts to publish... Microsoft released the official patch out-of-cycle on Tuesday the 3rd of April (instead of today the 10th of April)

Malware the New Common Cold

Everyone has had a cold and everyone will continue to get colds. Science, and your doctor, have tried to eradicate the common cold, but to no avail.

Why are we still saddled with the common cold. Lets go to the root cause, which is, excuse me, are viruses, and by viruses I mean uncountable millions. Common cold viruses are so numerous that no one has attempted to even count them, common cold viruses can literally appear and die off or mutate into a different strain without anyone knowing.

In the old days viruses where unique digital organisms that would appear and never change. After a while viruses would "mutate into sever distinct strains, as their original creator or another entity made changes.

Nowadays malware writers cross-pollinate between different malware code attempting to create the uber malware. Then there was the so called storm worm which spread through a barrage or constantly changing e-mails with different intriguing subject lines and different executables.

The bottom line is that malware is here to stay with us for the foreseeable future, and just like real life there are some times where we must take extra care to avoid infections.