Ones and Zeros

Wired is reporting that an intelligence analyst is facing federal hacking charges for using his security clearance to see data (about military intelligence operations against demonstrators in the US) that:

1. he wasn’t supposed to see because of a short text warning in an email
2. he had been given both the password and access rights to see

Hm.  If the account in Wired is true then it seems that he’s being made a scapegoat for someone else’s violation of security in giving him access.  Not to mention there’s some real legal and ethical problems with military intelligence operating inside the US investigating people who are exercising their constitutional right to free speech!

Hacking is word that is routinely misused.  It started out as a word of praise for someone’s high level of abilities, at least in the technical world.  Since people breaking into computers and networks had a higher level of skill, this word was used to describe them back in the countercultural ’60s and ’70s eras when the word came into being.  Today of course, “script kiddies” use hacking tools they can’t write and perhaps don’t understand and are called hackers when they break into systems.  This is a misuse of the word.

Hacking is still used as praise in some circles of technically-minded people.  “Crackers” is what we call the black hats that abuse and break systems.  (Which is also another overloaded term if you’re an old Florida resident.)

But, calling a person a hacker for using a password to access a system he had authorization to use, well, that’s just abuse of English.  Which is also called distorting the truth, or more simply lying.  It’s hard to communicate if we just make a word mean whatever we want it to.  No one else knows what we’re talking about then.

I’ve recently installed Snow Leopard on all three of our Mac OS computers. (We’ve simplified and are down to just three now. And I don’t run a mini server farm anymore either.)

The install went well on the MacBook Pro and the Desktop machines The MacBook Air wouldn’t establish a connection over the WiFi to do the install. I bought a USB-Ethernet converter dongle from Apple and used that instead. I used an old D-Link WiFi router as an ethernet router and just turned off the router’s WiFi features. (I had to hard-reset the router since I no longer remembered its password.)

When I talked to an Apple Genius she mentioned that it would be pretty slow for the MacBook Air over WiFi and didn’t recommend it. But, she hadn’t heard of any other problems with it not connecting. However, James Fallows and I are in the same boat on this. The dongle was only $30, and I should have one on hand anyhow.

I did the “optional install” after the regular OS install. This installs and updates some apps. The timing estimation algorithm for that install seems to be borrowed from Windows as it says “4 minutes” remaining for 2o minutes or so on the Pro and Desktop, and closer to 40 minutes or so on the Air. So, stay calm when it happens to you.

Snow Leopard is worth the update, I’d do it again. The smaller OS size (in memory as well as on disk), and the snappier speed is worth it alone, especially with the low cost ($30, or $50 for the family pack). There are cool some new features, but robustness, “future-proofing”, and stability and reliability improvements are important. Much of these changes are technical and not visible unless you’re a software developer.

There are some the changes to make the Mac immune, or at least resistant, to a number of common virus and hacking attacks. I consider this well worth the cost. While the Mac OS is not a big target for this sort of thing I applaud Apple for focusing on substance instead of simply feature glitz that, while flashy, don’t really help anyone. And, these sorts of changes help keep Mac OS from becoming a big target for malware.

Update: In light of a Shashdot post today about Windows 7 upgrade taking a day to install, I thought I should mention that hte whole Snow Leopard process took about three hours, and that includes the optional install after the actual OS installation.

I’m lousy with dates.  So this is a belated birthday notice for the 40th birthday of the internet.

It was born on September 2, 1969 at UCLA when two computers in a lab passed data using an very early version of IP (Internet Protocol) using a short cable.  This was part of an ARPA-funded research project lead by BBN in Cambridge.  By the end of the year, a nascent network was formed with SRI, UC Santa Barbara, and University of Utah.  This was the beginnings of the backbone of the internet.  Years later, at the University of Florida, I helped connect up some Computer Science Dept machines to this backbone network through first a daily, then an hourly dialup.

Most machines were not continuously connected at that time.  By the time I started using the ‘net the major uses were email and “netnews” traffic traveling in a store-and-forward manner.  This was also before the name@domain email address format was widely used.  You had to know the route your email was to take and manually put it in the address like name!machine!secondmachine!thirdmachine!…!ultimatedestinationmachine.  This was called the bang path address (the “!” is referred to as a “bang”) and used UUCP instead of the more recent sendmail system.  We would use this to route mail from our own accounts, around the country, then back to our account to learn the network.  It was like you had to be able to tell the postman how to deliver mail.

Netnews was the Usenet network.  It was (and is) a large connection of, well, basically internet forums to trade information, discuss various topics, etc.  In those days it was largely content driven and not full of spam and malicious cross-postings as it is today.  I’ve not looked at it for years as it became largely unusable when the web browsers vastly expanded the internet population. Today Google and others have put it on the web.  Old tech doesn’t go away, it just becomes a niche in the new tech.

The protocols have changed, in some cases drastically changed.  (See the early RFC (Request For Comments - the internet standards documents) sometime to understand some of the technical history.  They’re fascinating reading if you’re into that!  One large part of my eduction in network protocols was reading all of those.)  There’s been vast expansions in capabilities, in people using the ‘net, and resulting changes in the culture of the ‘net.  The biggest change was of course Tim Berners-Lee’s introduction of the web server and web browser.  He’s often credited with the browser, but one with out the other is like having syrup, but no pancakes.

Change is inevitable of course. In fact as the curious mammals we are, we might say change is required for us to live.  However it is nice to once and a while look back and examine our path to where we are now.  Doing so provides lessons for our future choices sometimes, and just appreciation for what we’ve done.

On one random day recently a small computer that I maintain at work for some remote access received 1088 attempts to log on with 602 different usernames. This is not a particularly special machine, it’s address is not known or linked to from anywhere, it’s not large nor does it carry many logins. It is a smaller unremarkable computer in a small and lower-profile company. Important to the few people who use it but that’s all.

This isn’t unusual. It’s a bit of a slow day perhaps. There are also at least several hundred attacks on other services too, like attempts at using FTP. No matter, most services are turned off (as we don’t use them), and there are protections on logins and other services that I won’t fully detail here.

High profile services like Twitter, Facebook, etc will receive many more hack attempts naturally. Orders of magnitude more. In fact they were recently both unreachable due to a DDOS (Distributed Denial of Service) attack from a botnet probably. There’s a whole specialty of security for computers and IT networks now. This is not my field. I like to write software and security can be more admin-related. Besides, in my thinking at least, security work requires a level of paranoia which I don’t want to develop.  Fortunatly, others feel differently.

A botnet is a collection of compromised computers that can all be directed to bombard a target site - Twitter perhaps - with requests over and over again. If your computer is part of a botnet, a zombie, you notice it a bit slow, but the cumulative effect of all those requests funneling in on the target is overwhelming.

All those attempts on that computer at work were automated attempts at making it part of a botnet. Something I don’t want to be part of. A permanently-connected home computer (DSL or FIOS perhaps) could have the same level of attacks.  Make your passwords good, and turn off network services you don’t need. Avoid being a zombie in a botnet yourself.

That work machine is running linux, if you’re running Windows (and according to my web statistics you probably are), you’ve got a bigger problem.  Windows has as number of services that are defaulted on, and a few that can’t be turned off.  (That’s one of the reasons I don’t like Windows.) You will require a firewall in your DSL modem, fortunately, most have them.  Configure it to only allow just what you need and no more.