Email and Forum Questions Profiles in IT: Robert Norton Noyce and Gordon Earle Moore Cyber Attack Preceded Georgian Invasion Air Force Cyber Command Established Teaching Malware in College Challenged by Industry Court blocks MIT students from showing subway hack Windows Exploit Serious Challenge for Vista Announced at BlackHat Olympic Security Update RFID goes prime time in Beijing Olympics Police Turn to Secret Weapon: GPS Device Group offers tools to evade China's Web censorship Food Science: What is Pickling?
Email from John: Dear Tech Talk: I have a computer run Windows XP SP2 and it keeps giving be a data corruption error. It keeps asking me to run Check Disk. What should I do? John
Tech Talk Responds: Hard disk problems can be classified into three categories.
Soft errors are errors in the data written to the disk. There’s absolutely nothing wrong with the disk itself, it’s simply that the data written to it has somehow become corrupt.
Hard errors are errors in the drive itself. Actual physical or electrical failure of some sort that would require the drive to be replaced or repaired.
Firm errors are those errors that are actual physical issues on the magnetic media of the hard disk, that can be repaired by software.
First open the Command prompt and run Check Disk (chkdsk).
Chkdsk’s primary function is to check for problems in the file system, in other words it checks for soft errors. If there’s a problem in the file system, chkdsk will attempt to correct it.
If the problem is not resolved by this, then run chkdsk/r. The "/r" switch instructs chkdsk to "Locate bad sectors and recovers readable information." "Chkdsk /r" takes significantly longer to run than regular chkdsk.
If the disk still has problems, then use SpinRite by Steve Gibson (www.grc.com). SpinRite is around $90 but worth every penny.
SpinRite actually pays no attention to the file system on the disk. It looks only at each individual sector, one at a time, and attempts to ensure that the sector is readable. SpinRite will not fix file system errors.
SpinRite uses some fairly intense data recovery analysis to try to get the data from sectors that are unreadable through normal means.
Profiles in IT: Robert Norton Noyce and Gordon Earle Moore
Noyce and Moore are co-founders on Intel.
Noyce is nicknamed the Mayor of Silicon Valley
Moore is creator of Moore’s Law, first published in Electronics Magazine in 1965.
Robert Norton Noyce was born December 12, 1927 in Burlington, Iowa.
Noyce received a BA in physics from Grinnell College in 1949 and a PhD in physics form MIT in 1953.
While a student at Grinnell College, Noyce stole a pig from a nearby farmer for a college luau and then slaughtered it in Clark Hall, a prank that almost led to his expulsion.
He joined William Shockley at the Shockley Semiconductor Laboratory division of Beckman Instruments, but left with the "Traitorous Eight" to create the influential Fairchild Semiconductor Corporation.
While at Fairchild, Noyce independently invented the integrated circuit in Silicon, some six month after Jack Kilby invented the IC in Germanium at TI.
Noyce died from heart failure in 1990, aged 62.
Gordon Earle Moore was born January 3, 1929 in San Francisco, CA.
He received a BS degree in Chemistry from UC Berkeley in 1950 and a PhD in Physics and Chemistry from Caltech in 1954.
He joined Caltech alumnus William Shockley at the Shockley Semiconductor Laboratory division of Beckman Instruments and was part of "Traitorous Eight" who formed Fairchild.
Noyce and Moore founded Intel in 1968 when they left Fairchild Semiconductor.
To obtain start-up capital, Noyce and Moore approached Arthur Rock, a venture capitalist, with a one-page business plan simply stating their intention of developing large-scale integrated circuits.
Rock, who helped fund Fairchild, provided $3 million.
At its founding, Gordon Moore and Robert Noyce wanted to name their new company "Moore Noyce". The name, however, sounded remarkably similar to "more noise."
The company was incorporated on July 18, 1968, as N M Electronics (the letters standing for Noyce Moore), but quickly changed its name to Intel, formed from the first syllables of "integrated electronics."
Intel gathered another $2 million in capital before going public in 1971.
Noyce is nicknamed the Mayor of Silicon Valley.
Moore is creator of Moore’s Law, first published in Electronics Magazine in 1965.
Within a few months of its startup, Intel produced the 3101 Schottky bipolar memory, a high-speed random access memory (RAM) chip.
A year later Intel introduced the a 1-kB dynamic RAM, or DRAM, which was the first chip large enough to store a significant amount of information.
In 1971 Intel introduced the 4004, the world’s first microprocessor, which had been produced as a calculator chip the Japanese company Busicom.
The 4004, which crammed 2,300 transistors onto a one-eighth- by one-sixth-inch chip, had the power of the ENIAC computer, which used 38,000 vacuum tubes.
Intel changed focus from memory to processor chips and the rest is history.
Cyber Attack Preceded Georgian Invasion
The July attack may have been a dress rehearsal for an all-out cyberwar once the shooting started between Georgia and Russia.
Before Georgia and Russia started shooting at each other, they were already fighting on the Internet.
Georgian government and media websites had been almost paralyzed by hackers following the so-called ‘Distributed Denial of Service’ attacks that began weeks before on July 20th.
Distributed Denial of Service (DDoS) attacks are intended to shut down systems or parts of networks by flooding them with traffic.
Some messages included the words: win+love+in+Rusia.
In Georgia, the attacks left government and media websites almost totally unreachable.
A Russian-language Web site, stopgeorgia.ru, also continued to operate and offer software for download used for DDOS attacks.
The attacks on the Georgian servers were most likely the work of Russian hackers, who may well have had the support of the Russian secret service: the FSB. But finding evidence of this is not easy.
Systems that took part were invaded by cybercriminals and they can be found all over the world.
The Internet attack on Georgia was probably committed with the aid of a ‘botnet’, a network of several thousand computers taken over – without the owners knowing it – by hackers.
The first worldwide coordinated cyber attack took place in 1998. With the aid of the Electronic Disturbance Theatre’s (EDT) Floodnet tool, the Zapatista independence movement in Mexico used a network of botnets to carry out DDoS attacks on the Mexican government, the Frankfurt Stock Exchange and the US Pentagon.
In response to this attacks such as this, NATO has set up a 30-person institute for Cooperative Cyber Defense (CCD) in the Estonian capital Tallinn.
General William T. Lord, the Air Force Cyber Command (Provisional) commander
October 1, 2008, he command will have initial operational capability, followed by full operational capability in October 2009.
The mission of the organization will be to organize, train and equip combat forces for the conduct of cyber-operations.
According to General Lord, the command is looking for a different kind of cyber-warrior. Maybe it’s the young American men and women today who are quite tech-savvy. They can get on a cell phone with Bluetooth, text-message, listen to iPhones and iPods, and are familiar with avatars in Second Life–and they do it all simultaneously! [We] want to harness the brain power of the type of employees that Google, Yahoo and Microsoft and other companies have, with lots of different skills. The other thing is that it’s not all about computers.
Teaching Malware in College Challenged by Industry
Over five years ago, several colleges started offering new computer science classes in writing computer viruses. At that time, various anti-virus companies went ballistic, claiming how dangerous it was.
On August 2, Newsweek reported on a very similar course being taught at Sonoma State University by George Ledin, where students are tasked with creating their own malware. They operate in an isolated network to make certain that none of their creations will escape into the wild.
He is trying to teach students to think like hackers so they can devise antidotes. And yet the security companies are condemning the technique.
They compare the instructor to A.Q. Khan, the Pakistani scientist who sold nuclear technology to North Korea.
As Ledin points out, that it appears that this is really more about the security companies wanting to keep the world more scared than they need to be of malware.
Ledin contends that because anti-virus firms keep their code secret, the community can’t improve it.
Ledin is trying to do is help more people understand the enemy so that better defenses can be developed.
Court blocks MIT students from showing subway hack
A federal judge ordered three college students to cancel a presentation at Defcon.
They planned to show security flaws in the fare system used by Boston’s subway.
The Electronics Frontier Foundation, which is representing MIT students Zack Anderson, R.J. Ryan and Alessandro Chiesa, plans to fight the order.
The Massachusetts Bay Transportation Authority said in a complaint filed Friday that the students offered to show others how to use the hacks before giving the transit system a chance to fix the flaws. MIT is also named in the suit.
The students contend that they were simply trying to share their research and planned to omit key information that would make things easier for anyone who actually wanted to hack the payment system.
Electronic copies of the 87-slide presentation circulating the Internet disparaged the transit system’s physical security and showed photographs of unlocked doors, turnstile control boxes and exposed computer monitors at subway stations.
One slide explains that the presentation would teach attendees how to generate fare cards, reverse engineer magnetic stripes on cards and hack radio frequency identification (RFID) cards.
The next slide says: "And this is very illegal! So the following material is for educational use only."
The presentation was distributed to conference attendees on CDs on Thursday, before the conference officially began and the transit system filed suit.
The MIT students’ presentation was supposed to demonstrate hacks for the system’s primary two payment cards – CharlieCard and CharlieTicket – which work on the system’s subways and buses.
Windows Exploit Serious Challenge for Vista Announced at BlackHat
In a presentation at the Black Hat briefings, Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. discussed methods they’ve found to get around Vista protections such as Address Space Layout Randomization(ASLR), Data Execution Prevention (DEP) and others by using Java, ActiveX controls and .NET objects to load arbitrary content into Web browsers.
By taking advantage of the way that browsers, specifically Internet Explorer, handle active scripting and .NET objects, they been able to load essentially whatever content they want into a location of their choice on a user’s machine.
The attacks themselves are not based on any new vulnerability in IE or Vista, but instead take advantage of Vista’s fundamental architecture and the ways in which Microsoft chose to protect it.
This stuff just takes a knife to a large part of the security mesh Microsoft built into Vista.
If you think about the fact that .NET loads DLLs into the browser itself and then Microsoft assumes they’re safe because they’re .NET objects, you see that Microsoft didn’t think about the idea that these could be used as stepping stones for other attacks.
Microsoft officials have not responded to Dowd’s and Sotirov’s findings.
The techniques Dowd and Sotirov use do not rely on specific vulnerabilities. As a result, there may soon be similar techniques applied to other platforms.
Olympic Security Update
U.S. government, cybercriminals will be on the prowl for credit card information to steal, and security forces could well direct snooping efforts at unsuspecting travelers.
The worrisome problem is the pattern of "relentless and ongoing" identity theft.
"Somebody with a wireless device in China should expect it to be compromised.
U.S. officials are offering a blunt reminder that any electronic transmission–from PDA, fax, computer, or phone–can be intercepted.
Their travel tips include the following: change your passwords frequently; update antivirus and spyware programs; and avoid wireless networks whenever possible.
RFID goes prime time in Beijing Olympics
Radio frequency identification technology will be facing one of its first major tests during the Beijing Olympics, taking care of ticketing for the estimated 3 million athletes, journalists, and spectators.
Despite the Chinese government’s current uptight security measures, the RFID chips embedded in Olympics tickets will be not carrying personal information.
Instead, they’ll be linked to a remote database, designed primarily to combat counterfeits, facilitate check-in, and so on.
Following the recent food scare originating from China, local authorities will also be using an RFID-based food management system to maintain close tabs on food production, processing, and deliveries.
Police Turn to Secret Weapon: GPS Device
Across the country, police are using GPS devices to snare thieves, drug dealers, sexual predators and killers, often without a warrant or court order.
Law enforcement officials, when they discuss the issue at all, said GPS is essentially the same as having an officer trail someone, just cheaper and more accurate.
Most of the time, judges have sided with police.
Most police departments in the Washington region resist disclosing whether they use GPS to track suspects. However, details on how police use GPS usually become public when the use of the device is challenged in court.
Arlington police said they have used GPS devices 70 times in the last three years, mostly to catch car thieves, but also in homicide, robbery and narcotics investigations.
GPS devices receive signals from a network of satellites, then use the information to calculate their precise location. By taking readings at different times, they can also calculate speed and direction.
The Defense Department operates the system, which was made available for civilian use in 1996. The technology’s price has dropped since then, with new dashboard models available for less than $200. Some cellphone models are equipped with GPS, and many companies and local governments rely on GPS to track vehicle fleets.
Two types of GPS trackers are available
Real-time tracking
Real-time tracking reports location every ten seconds.
Data is on a map via the Internet. Real-time tracking is available from $29 to $39 per month.
Real-time tracking devices cost a few hundred dollars
These devices cost between $300 and $500.
Stored tracking
Devices record the GPS location and store it on internal memory.
Typically around 250 hours of tracking can be stored
Device is connected to USB port on your computer for display
These devices can be less around $250.
Group offers tools to evade China’s Web censorship
Global Internet Freedom Consortium’s tools help Chinese users circumvent their country’s Internet censorship
Reporters covering the Beijing Olympics who are frustrated by Chinese Internet censorship can use free software tools developed to help Chinese users circumvent these controls, according to a representative of a group that develops such software.
The group claims approximately 1 million people in China use its tools to access the Internet.
Internet censorship has dominated recent coverage of the Beijing Olympics, which get underway this weekend. Many reporters were surprised to find that Chinese censors were blocking access to sites deemed undesirable by the government, despite promises of unfettered access for reporters covering the Games.
GIFC members have developed a range of tools that can be used to circumvent Chinese censorship efforts. The group’s aim is to allow Chinese Internet users to visit any site they like, without government interference.
But their efforts have turned into a technical game of cat and mouse, with Chinese censors working to block tools created by GIFC members.
When that happens, the group typically release updates that once again allow its software to evade these controls and the game continues
GIFC is an association of nonprofit organizations and companies based in North America. Many of its members are Chinese and include practitioners of Falun Gong, a spiritual sect that was banned in China following a government crackdown that saw some members jailed, while others fled overseas,
Food Science: What is Pickling?
Pickling is a global culinary art.
If you were to go on an international food-tasting tour, you’d find pickled foods just about everywhere.
You might sample kosher cucumber pickles in New York City, chutneys in India, kimchi in Korea, miso pickles in Japan, salted duck eggs in China, pickled herring in Scandinavia, corned beef in Ireland, salsas in Mexico, pickled pigs feet in the southern United States, and much, much more.
What makes a pickle a pickle? On a most general level, pickles are foods soaked in solutions that help prevent spoilage.
There are two basic categories of pickles.
The first type includes pickles preserved in vinegar, a strong acid in which few bacteria can survive. Most of the bottled kosher cucumber pickles available in the supermarket are preserved in vinegar.
The other category includes pickles soaked in a salt brine to encourages fermentation?the growth of "good" bacteria that make a food less vulnerable to "bad" spoilage-causing bacteria. Common examples of fermented pickles include kimchi and many cucumber dill pickles.
For thousands of years, our ancestors have explored ways to pickle foods, following an instinct to secure surplus food supplies for long winters, famine, and other times of need.
Historians know, for instance, that over two thousand years ago, workers building the Great Wall of China ate sauerkraut, a kind of fermented cabbage.
But pickling foods does much more than simply preserve them. It can also change their taste and texture in a profusion of interesting ways. It’s no surprise that cultures across the globe enjoy such an assortment of pickled foods.
The evolution of diverse pickled foods in different cultures has contributed to unique cultural food preferences, such as spicy sour tastes in Southeast Asia and acidic flavors in Eastern Europe.