samuri.co.uk

For those of you not in the know, the awfully geeky title refers to a reconnaisance attack on the nato website. nmap is a tool used by security people to determine what vulnerabilities might exist on a networked device.

Now, read this.

http://www.timesonline.co.uk/tol/news/world/article7144856.ece

Ok, so if it’s passed you by, what the proposal states is that people who carry out cyber attacks on NATO countries, could find themsleves to military action. Obviously we can substitute ‘China’ for people and ‘America’ for NATO countries.

So this is pretty much telling us that America intend to carry out military action against China in the very near future, all they’re doing now is getting the legislation in place prior to engaging.

I could of course be insanely paranoid about America’s stance here and I know better than most that the role that China are taking in today’s cyber crime is a severe and definate risk to a number of Western countries but I’d be loathe to suggest  actually bombing shit out of them to make them stop as an actual solution.  I presume they’ll target computer installations/data centres/ISP’s and transmission paths.

There is of course an alternative. The internet has grown into a very powerful tool, in doing so it has become a very open and entirely untrusted network through which these attacks can take place. It’s used by a great many corporations as a cheap network layer to stop them having to buy dedicated links and it’s this reliance on a public and unpoliced  network that has placed so many public, private and military organisations in danger.

It’s about time that these organisations accept that the internet is not a safe place, stop spending a fortune trying to stay one step ahead of bad guys and isolate their real inportant information from the day to day stuff. Yes, it’s going to cost more money, yes it’s going to be a right ball ache and yes it’s going to have a lot of sticking points but I’m confident it constitutes a better foreign policy than shooting anyone who tries to break in. Maybe if the Americans didn’t live in a culture where 28,000 people are killed a year by guns they might consider the alternatives with a more open mind.

I’ve long since been convinced of some very dodgy going’s on when it comes to Apple’s location delving for ipod touch’s. To put it in context, if you’re using your ipod touch which has no internal GPS or 3G antenna, it’s *knows* where it is physically. Not just close neither, it’s right on the money, within a couple of metres. Now when I raise this as a concern to people they start speaking to me like I’m an idiot and start telling me about trangulation of access points.

Yes, thanks, I do have a modicum if experience in this area ta.

Actually I’ve used this sort of technology a bit in the past, I’ve watched lab setups in use where access points all controlled by the same management tools which are designed to triangulate connected and transmitting devices. Now this is in a lab, and it’s carefully controlled, and all the access points are managed by the same people and it *still* only manages to get within a couple of metres. So how do apple get some damn close when none of the access points in question are managed by them?

In their ‘skyhook’ explanations they very quickly brush this under the carpet, ‘Oh, we get people to drive round collecting AP information’. Bollocks! Your guys have driven down our street? Bollocks. Google have just completed a three year program of driving around (most) of the streets in Britain and they’ve only just got enough information to carry out these sorts of triangulations.. In fact they’re currently being told off for collecting too much information.

http://www.theregister.co.uk/2010/05/21/google_halts_wifi_payload_data_deletion/

So Apple clearly haven’t gone down that path, even if they had driven round collecting AP name and MAC addresses, I’ve just changed my wireless router and I checked as soon as I turned it on, yep, they know exactly where it is. And it’s clearly not tied to internal or external IP address since the former will just be in the standard RFC 1918 range and the latter will be knowledge only availale to my ISP, all an IP whois will reveal is my ISP, not my home address.

So how are they doing it? Actually I wouldn’t put it past Google to be selling them information, that would make sense, although Google have not had this information for all that long.

Another thought I had would be that touch’s actually do have GPS technology inside but that would be silly and I’m sure someone would have worked it out by now by opening one up and looking for the appropriate chip.

There is another option. itunes has my home address. It’s got the home address of the chap across the road too because I know he has an ipod touch. My touch knows the name of my AP and it’s MAC address and it knows the physical location of my house (through simple postcode checks and quite possibly, Google information).

*Now* we have enough information to work out where my touch is to a couple of metres.

I’ll bring them down.

Every single one as far as the researchers can tell. The crack is pretty neat too.

It uses the hooks that are embedded in the windows kernel used by all windows anti virus programs (as far as they are aware), to trick the machine into executing malicious code by first presenting the system with some legitimate code and then once that has been security assured by the machine, swaps it for for some nasties.

Register article is here

The actual research paper is here

Now watch the panic as windows security product vendors desperately try to release a fix before the hacker community builds some in the wild exploits and releases them.

What’s way more interesting though is the poll on matousec’s website up there which questions whether Vendors should pay researchers when they discover exploits such as these. After all, this is vaulable information and will cost the vendors a fortune to rectify, paying a researcher to delay his announcements could take a lot of the heat off them. If we get even more paranoid, the researcher could approach one vendor and say they can have a heads up on the exploit but their competitors won’t. Once the exploit is made public the paper could say that the only vendor who is not vulnerable is  ‘SECULOCK’  or whatever thus raising the  reputation of that company as well as boosting sales.

This is very interesting stuff.

If you’re not aware, the government are using the ‘wash up’ period prior to dissolvement to rush a digital econmy bill through which has significant impact in many areas, but the one that affects normal people the most is the online copyright infringement section. Namely, they’re trying to stop people downloading illegal media. It’s all here if you want to read it.

http://www.publications.parliament.uk/pa/cm200910/cmbills/089/2010089.pdf

But the gist of it, that affects us, is that if we have an internet connection, we have to

a) avoid copyright infringement by not downloading illegal stuff
and
b) protect the connection from others.

The first is fair enough, you’re breaking a law of sorts so it’s your call. The bill states you could get a letter from your ISP telling you to desist followed by technical controls to stop you doing it if you carry on such as slow connection and disconnection. Finally they’re permitted to take you to court.

The second is reasonably vague but is as follows:-
(6) The code must provide that, where a ground mentioned in subsection (3) is relied on, the appeal must be determined in favour of the subscriber if the subscriber shows that—
(a) the act constituting the apparent infringement to which the report relates was not done by the subscriber, and
(b) the subscriber took reasonable steps to prevent other persons infringing copyright by means of the internet access service.

That last clause says you must take reasonable steps to protect your network. What the fuck does that mean?
I reckon it means, you’re responsible and if your network connection is used to infringe copyrights then no more bleating about someone else hijacking your network (which has been the case many times in the past). If it comes from your connection then it’s your fault.
What does this mean for normal users? Protect your network, in particular your wireless connection. Use encryption as good as you can support and use a strong password.
Yeah? Well, not really. That’s all a load of bollocks. The vast majority of users aren’t ever going to have someone use their network to download stuff. The bill is there to effectively close that loophole and provides the government the leverage to make the ISP’s take action against persistant bittorrenters. Of course, they have to prove copyright infringement has taken place.
Bittorrenting in itself is not a crime and neither is hosting a site that host the torrent files. (The phrase used is ‘file sharing’ but typically the technology is torrents – where an initial information and tracking file is held on a central site and then the files are downloaded from users machines who have an association with that torrent file). I foresee an explosion in encrypted torrent sites. If ISP’s can’t determine which files you’re downloading, they’re on shaky ground giving you a bollocking and taking action subsequently.
And then where do they go? Make file sharing illegal? That would be illegal. Start carrying out warrants to search and seize? Seems a bit dramatic to stop some guy watching Lost or 24 before they’re screened in the UK.
The whole thing is an appalling piece of badly thought out and badly implemented legislation and stands on seriously loose ground before it even gets through parliment. In short it’s a big old bucket of cock, but lets not let that stop them. You can’t even vote for the right lizard either as all parties with the exception of the wonderful pirate party, seem to be for it. Join them now.

http://www.pirateparty.org.uk/

Bike: Roly
Dstance: 23 miles

Lovely ride out with my son. I was going to do a pre-son ride but really couldn’t be arsed due to excess alcoholage the previous night and the clocks gong forwards and the need to end up getting up for about 6 to fit the rides and family visiting in all in the same day. Plus a visit to my sisters in the afternoon ment no track today. Still, this is the last three day week in Newcastle for quite some time (ever) so hopefully Sunday nights are now my own again, I’m hoping to be able to cycle to the track, do the track and then cycle back through the warmer months but we’ll see.

Sundays could be insanely cycle intensive if I start doing a big ride in the morning, then take my son out for a ride, then cycle to the track, then cycle at the track and then cycle back.

Anyway, this ride was great. My son moves nice and quick and is gaining road confidence quickly. Very, very windy though. We rode to the barn and then rode up over the big Chorley Old Road hill out of Horwich which is a nasty climb for anyone but my son seemed to cope OK, he only flagged a bit at the very top. And then we went downhill and he got to 40mph for the first time. Splendid.

In outher news I now have some trial contact lenses and have finally twigged on how to get them out easily. The method they showed me at the opticians blew goats. The way I do it now (as found on the internet), is pull my bottom lid down, look up, gently pull the lens down off my cornea with my thumb and forefinger and then pinch it. The opticians were saying I might have to press quite hard but once I was using this technique I hardly had to use any pressure at all. Obviously they forgot to write which lenses were for right and left on the boxes so at the moment I’m back to glasses until they can phone me back with the details. My son said I looked ‘ten times cooler’ without my glasses.

Next stop is somewhere that sells way cool sunglasses. I want some little black John Lennon style glasses, jet black. And some big aviators. And some big aviator mirrors. And some proper cycling glasses. A whole new set of fashion accessories has been opened up to me.