Email and Forum Questions Profiles in IT: Gary Arlen Kildall McCain campaign Sells Unwiped Blackberry Obama taps Nobel physicist for energy secretary Thieves Winning Online War Website of the Week: BotHunter Who Protect the Internet? Toy of the Week: FlyTech Bladestar from WowWee World Wide Grid Browser Interface IBM Announces Virtual Linux Desktop 2008 Year-End Google Zeitgeist
Email from Geek Chick: Dear Tech Talk, Maybe you saw this in Dec. 7 in the NY: Thieves Winning Online War, Maybe in Your PC, Internet security is broken, and nobody seems to know quite how to fix it.
As a person who uses the Internet daily on my personal PC at home, this is unfortunate to hear. What are the 10 best things one can do to make it harder on the bad guys who are out to ‘get me’? I do use NOD32 Antivirus, but, this article is a concern…Geek Chick
Tech Talk Answers: Dear Geek Chick. I will review that article later in the show. It sounds like you are on the right track.
Always use a firewall before connecting to the Internet.
Complete all your software security updates
Use an anti-virus and anti-malware program like NOD32
Monitor outgoing traffic through the firewall to detect malware behavior
Don’t open email attachments from unknown sources
Don’t click or download anything from an unknown website.
If a particular site seems to be taking control of your browser, just turn off the computer using the switch.
Keep backups or disk images available in the event you have to rebuild your hard drive
Profiles in IT: Gary Arlen Kildall
Gary Kildall founded Digital Research, Inc and created the CP/M operating system, which was almost selected for the IBM PC.
Gary Arlen Kildall was born May 19, 1942 in Seattle, Washington.
He died July 11, 1994 after falling in a restaurant.
Gary received his BS in mathematics from University of Washington in 1962.
He then taught at the Naval Postgraduate School in Monterey, CA to satisfy his draft obligation.
When Kildall heard about the first commercially available microprocessor, the Intel 4004, he began writing experimental programs for it.
He went to work at Intel as a consultant on his days off.
Kildall finished his doctorate UW in computer science in 1972.
In 1973 he developed the first high-level language for microprocessors, called PL/M.
He created CP/M (Control Program for Microcomputers) the same year to enable the 8080 to control a floppy drive, combining for the first time all the essential components of a computer at the microcomputer scale.
Kildall and his wife Dorothy established a company, originally called "Intergalactic Digital Research" (renamed Digital Research, Inc.), to market CP/M to hobbyists.
Kildall pioneered the concept of a BIOS, a set of programs stored in the computer hardware that enabled CP/M to run on different systems without modification.
By 1981, at the peak of its popularity, CP/M ran on 3000 different computer models and DRI had $5.4 million in yearly revenues.
IBM approached Digital Research in 1980, at Bill Gates’ suggestion, to license a forthcoming version of CP/M called CP/M-86 for the IBM PC.
Gary left licensing negotiations to Dorothy while he went to deliver software.
Before the IBM representatives could explain the purpose of their visit, they insisted that DRI accept a standard non-disclosure agreement. Dorothy refused to sign.
Gary returned in the afternoon and signed the agreement.
IBM lead negotiator Jack Sams related the story to Gates, who had already agreed to provide a BASIC interpreter and several other programs for the PC.
Sams left Gates with the task of finding a usable operating system, and a few weeks later he proposed using the CP/M clone 86-DOS from Seattle Computer Products.
Paul Allen negotiated a licensing deal with SCP and had 86-DOS adapted for IBM’s hardware. It shipped as PC-DOS.
Kildall concluded that PC-DOS infringed on CP/M patents, but did not sue.
PC-DOS was priced at $40 and CP/M-86 shipped for $240 a few months later.
Novell acquired DRI in 1991 in a deal that netted millions for Kildall.
In 1983 he started hosting a public television program on the side, called Computer Chronicles that followed trends in personal computing.
In his memoir, he called DOS "plain and simple theft" because its first 26 system calls worked the same as CP/M’s.
On July 8, 1994, Kildall fell at a Monterey, CA restaurant and died a few days later.
In March 1995, Kildall was posthumously honored by the Software and Information Industry Association for his contributions to the microcomputer industry.
McCain campaign Sells Unwiped Blackberry
A Blackberry containing sensitive information belonging to the now-defunct presidential campaign of John McCain has made its way into the hands of a reporter, who was able to purchase the unwiped device for $20.
The Blackberry, which was sold this week during a liquidation sale, contained some 50 phone numbers of people connected to the campaign and hundreds of emails that spanned from September until a few days following the November 4 election.
The campaign also sold laptops for $600.
Obama taps Nobel physicist for energy secretary
President-elect Barack Obama has chosen Nobel prize-winning physicist Steven Chu, to be his energy secretary..
Chu is the son of Chinese immigrants and a former member of Stanford University’s faculty
Chu won the Nobel Prize for Physics in 1997 for his work on the "development of methods to cool and trap atoms with laser light."
As head of the Lawrence Berkeley National Laboratory since 2004, Chu has focused on climate change.
The lab’s website said he has sought to make the center "the world leader in alternative and renewable energy research, particularly the development of carbon-neutral sources of energy."
Thieves Winning Online War
New York Times article my John Markoff
Criminals thriving on an underground economy of credit card thefts, bank fraud and other scams rob computer users of an estimated $100 billion a year, according to an estimate by the Organization for Security and Cooperation in Europe.
With vast resources from stolen credit card and other financial information, the cyberattackers are handily winning a technology arms race.
?Right now the bad guys are improving more quickly than the good guys,? said Patrick Lincoln, director of the computer science laboratory at SRI International, a science and technology research group.
The percentage of online computers worldwide infected by botnets is likely to increase to 15 percent by the end of this year, from 10 percent in 2007.
As many as 10 million computers are being used to distribute spam and malware over the Internet each day.
Modern worms are stealthier and they are professionally written. The criminals have gone upmarket, and they’re organized and international because there is real money to be made.
The gangs keep improving their malware, and now programs can be written to hunt for a specific type of information stored on a personal computer.
Recently, Microsoft antimalware researchers disassembled an infecting program and were stunned to discover that it was programmed to turn on the Windows Update feature after it took over the user’s computer. The infection was ensuring that it was protected from other criminal attackers.
Microsoft has monitored a 43 percent jump in malware removed from Windows computers just in the last half year.
The biggest problem may be that people cannot tell if their computers are infected because the malware often masks its presence from antivirus software.
The cyber-criminals appear to be at least as technically advanced as the most sophisticated software companies. And they are faster and more flexible.
Researchers note that the global cycle of distributing security patches inevitably plays to the advantage of the attacker, who can continually hunt for and exploit new backdoors and weaknesses in systems. This year, computer security firms have begun shifting from traditional anti-virus program designs, which are regularly updated on subscribers’ personal computers, to Web-based services, which can be updated even faster.
BotHunter is a passive network monitoring tool designed to recognize the communication patterns of malware-infected computers within your network perimeter.
Using an advanced infection-dialog-based event correlation engine (patent pending), BotHunter represents the most in-depth network-based malware infection diagnosis system available today.
BotHunter, sponsored by the U.S. Army Research Office and developed by SRI International, helps to discover bots, malicious programs that aim to make fraudulent use of computers.
What sets it apart from other devices is it looks for malware activity in both incoming and outgoing data.
The program can be downloaded without charge for Linux, Unix, and Windows XP.
Who Protect the Internet?
General Kevin Chilton, US STRATCOM commander and the head of all military cyber warfare.
According to Chilton, the Internet is not protected.
The alleged Russian DoS attacks on Estonia in 2007, and on Georgia this summer, highlighted the potential damage of state sponsored attacks.
China has also been developing cyber warfare capabilities for some time, mounting online intelligence operations against Taiwan, and almost certainly against the US.
The Chinese military has openly stated that it plans to be able to win an ?information war? by the middle of this century.
Russia, Israel and Romania are also alleged to have high-level cyber warfare capabilities.
Regardless of the impact of an offensive cyber attack, everyone appears to agree on the insidious danger from online intelligence gathering. Former counter-terrorism chief Richard Clarke eloquently summarized this in Foreign Policy:
People tend to think about attacks that change things?turn off power grids, or whatever. And while that’s possible, what is happening every day is quite devastating. What’s happening every day is that all of our information is being stolen for one one-thousandth of the cost that it took to develop it.
The US military and intelligence agencies defend government networks and track targets online. The Department of Homeland Security’s National Cyber Security Division is tasked with threat response.
A number of loose confederations of computer scientists and engineers who seek to devise better protocols and practices ? unincorporated groups like the Internet Engineering Task Force and the North American Network Operators Group.
No one really owns security online, which leads to gated communities with firewalls.
The future of internet security really lies in the hands of the community.
For instance Dan Kaminsky, a computer consultant who discovered a fundamental flaw in DNS, allowing him control over any website online. Dan Kaminsky didn’t turn to a government agency or organization. Instead he made a phone call to Paul Vixie, one of the creators of the BIND9 DNS routing software, and they assembled a team of civilians and private companies to resolve this apocalyptic vulnerability.
The way that the internet community reacts and operates with state apparatus in defending against cyber threats will be a crucial indicator of our future security.
Toy of the Week: FlyTech Bladestar from WowWee
It comes with a 3-channel digital IR remote controller so you can take control that way too
Safe for indoor use in Autopilot mode or use the remote controller in Pilot mode
Built-in Sensor Detection helps you to avoid ceilings and other obstacles
Made from ultra lightweight and flexible/EPP materials.
Has 2 wings that spin to provide a helicopter-like movement
Choose between beginner and expert level settings so it’s fun for all ages
Street price: $25 from many vendors
World Wide Grid Browser Interface
A World Wide Computational Grid running on top of the internet is still probably years away from being a reality.
At the moment there are a series of isolated grids which allow the resources of clusters of computers, at different universities to be shared. Each of these grids is usually based on its own proprietary middleware which makes interoperability impossible.
EU-funded g-Elipse project has been developing an easy-to-use, Windows-like graphical interface which allows access to grid resources with a few mouse clicks.
The idea is to develop a system which is middleware independent, so a user can access any grid in exactly the same way using the same actions and commands on the GUI.
The g-Eclipse system also aims to allow users to work with different grids at the same time and switch data between them.
You can think of g-Eclipse as a browser for what will become the World Wide Grid.
The project is making use of the Eclipse open-source ecosystem, which has thousands of developers and a very large user base and is host to numerous application development projects from around the world.
The middleware-independent g-Eclipse core architecture has been configured to work with two brands of middleware.
The scientific gLite middleware which is used by European scientific institutions.
GRIA middleware which is in commercial and industrial use.
Amazon.com’s Elastic Compute Cloud
A few years down the road g-Eclipse could be a part of everybody’s desktop.
Perhaps there will be a layer in computer operating systems which allows applications to be executed on the grid rather than the local desktop.
If and when that happens, every PC user could well have access to all of the computing power and speed they could possibly require.
IBM Announces Virtual Linux Desktop
IBM has teamed with Virtual Bridges and Canonical to offer a new Linux-based virtual desktop solution.
The three companies announced the general availability of Virtual Linux Desktop (VLD) Thursday, calling it a cost-effective alternative to Microsoft’s desktop software.
VLD runs open standards-based e-mail, word processing, spreadsheets, unified communication, social networking and other software to any laptop, browser or mobile device from a virtual desktop login on a Linux-based server configuration.
VLD is based in part on Virtual Bridges technology that allows users to take the desktop, client side portion of a software stack, substantiate it in a virtual machine on a server and then remote interface to any device on which a customer chooses to use it. It is called virtual desktop infrastructure (VDI).
Using VLD instead of Microsoft Office and its related products, businesses will save US$500 to $800 per user IBM claims.
It also claims a $358 per user savings in terms of hardware because there is no longer a need to upgrade hardware to support Windows Vista and Office 2007.
Typical pricing for a 1,000-user deployment is $49 per user, according to IBM. Using the Linux-based technology makes such low pricing possible.
Analysts are skeptical whether Linux can compete in the corporate desktop market.