Thursday, November 11, 2010

The New Generation of MacBooks...

I was rather surprised by Apple's tagline for the new MacBook Air, 'The New Generation of MacBooks' (Apple - Mac).

As a means of selling MacBooks, fine. But what does it say about their other models?

I have the first generation MBA. It is a great design apart from the design fault on the hinges. But my original plan was to get the 17" model which is great unless you don't mind carting a large, heavy slab of aluminium round with you.

No doubt some of the people who go for the 15 and 17" models really do need the extra performance of a 2.5 GHz processor over 1.8. But some would surely find a smaller machine more than made up for a modest reduction in speed.

Monday, November 08, 2010

Stuxnet: After the hype

By now most readers of this blog will be aware of the now infamous Stuxnet virus that allegedly targeted the Iranian nuclear program, was allegedly written by Israel, Russia, China, the US and Iran itself, had no fewer than 4 zero day attacks, cost over a million dollars to write, but was clearly an amateur job, which succeeded and failed. It has disabled security systems throughout the world and there are no confirmed reports of it breaking anything.

As with many media firestorms, the analysis has tended to run in advance of the facts. And when the facts didn't fit it was the facts that were ignored rather than the analysis.

I have not looked at the Stuxnet code directly, but I have spoken with several experts who have and they all tell me the same story: The code consists of a distribution mechanism and a payload. Both are targeted to a particular group of machines but the distribution mechanism is set to infect particular groups of windows machines while the payload appears to be set to target one very specific installation.

The code appears to have been written in a modular fashion with different attacks being written by different hands. The code is layered and we are not sure that all its secrets have been revealed even now.

As with many high profile attacks, various parties have taken the distribution vector and repackaged it to attack targets of their own choice. Those parties may or may not include the original authors.

The only firm geographic information we have is that the code has employed signed code components signed under two separate code signing certificates, both issued to Taiwanese companies. I think this is a particularly significant piece of evidence since there are not very many code signing certificates in circulation. It is not something a hacker is likely to come across unless they are looking for it. And whoever was looking for the code signing certs was almost certainly able to read Chinese.

That said, the modular nature of the code suggests that the virus was written by many hands. I suspect that the task of writing the code was outsourced to several independent contractors, none of whom would have needed to know the ultimate purpose. They may well have outsourced the task of obtaining code signing certificates to Chinese or Taiwanese hackers to throw investigators off the trail.

Anyone with sufficient money and criminal connections could have written the distribution code. The payload is rather different. It appears to be very closely focused on one single target. This was initially suggested to be the Iranian centrifuge enrichment plant but my sources suggest that the Iranian Bushehr nuclear power plant is a more likely target.

One of the reasons for thinking that the target was Iran was that the Iranians themselves complained about being subjected to a Western cyber attack. Then they suddenly stopped complaining and denied that there had been any impact whatsoever.

Whatever the target was, we are pretty sure that the code did not target any major installation that the operators were willing to admit was the target. It is possible that Stuxnet targeted a European or US plant, but I very much doubt that this could have been kept secret. We are also fairly certain that whoever wrote Stuxnet had a very good reason for wanting to disable the plant, even though this was unlikely to succeed for more than a few months.

This last aspect of the attack makes it very unlikely that Israel or any Western country would be responsible. Whatever the target, it is highly unlikely that any cyber-attack against a well designed control system can achieve more than a temporary denial of service. Whoever wrote the Stuxnet code was revealing that they knew a very great deal about the design of the target. It is not very likely that any intelligence agency would want to put such a valuable strategic asset at risk for the sake of some casual vandalism that would be repaired in a few months.

Even more compelling is the fact that the Bushehr plant is not yet operational. Disabling a running plant is one thing, disabling a plant that is not yet commissioned would require considerably greater and more detailed inside knowledge.

If the target was the Iranian centrifuges, the knowledge could only have come from inside Iran itself. That is not impossible, there is certainly a complex power struggle going on within the regime. But it seems very unlikely.

The Iranian Bushehr reactor seems a much more likely target than the centrifuges. At least two parties had access to detailed knowledge of the plant's design - the Iranians and the Russian's who designed it. It is also possible that there are plants in other countries built to the same design and that a third party could have learnt some of the details from them. I find this unlikely however since respect for Russian nuclear engineering was severely damaged after Chernobyl. Other than the Iranians, it is unlikely that the Russians have had many recent customers.

Why would Russia sabotage a plant they built themselves? Well it used to be standard operating procedure during the days of the Soviet Union. Countries would buy all manner of technology from Russia and then learn that it was not so much an outright purchase so much as a lease. Selling the Iranians a power plant and then sabotaging it to force the Iranians to pay for repairs is the way the Soviet Union did business and is the way that Russia does business today - as European countries buying Russian natural gas have found to their cost.

We certainly do not have conclusive proof, but the Russia theory is the only one that fits all the facts we know and is the best fit to those facts. Russia has built its cyber-warfare capability through an alliance with organized crime, commissioning the deployment code is certainly well within the type of favor that Kremlin-sponsored criminal groups such as the Russian Business Network have performed in the past.  The payload was probably written separately and tested out on an actual Russian power plant with the identical control system - presumably with the plant shutdown or otherwise safe.

In conclusion, the Stuxnet attack appears to me to be a highly professional attack perpetrated by the Russian government on their ally to coerce Iran into agreeing to accept Russia's proposal to reprocess Iranian fuel. This would allow Russia to recoup the cost of the attack through revenues from the reprocessing and would ensure that Iran remained dependent on Russian technology in the future.

Iran agreed to the reprocessing deal in 2005 and then backed out. A few months ago Iran changed course again and agreed to honor their earlier agreement. The Bushehr Nuclear plant began to be loaded with fuel on 21st August and is scheduled to begin generating power in the near future.

Sunday, October 31, 2010

Dalek Halloween

My halloween costume this year. It is a full scale dalek hero prop replica made from fiberglass, aluminium and rubber.

I did not quite manage to finish it on time due to a disaster with the trundling mechanism. The eyepiece is dodgy and dalek aficionados will not the absence of plunger and gun. Given that fitting them requires careful measurement and is a one time thing, I did not want to rush it.

The voice is produced by an authentic Moogerfooger ring modulator as used by the BBC that I bought off EBay. 

Monday, August 30, 2010

Red Cells

What is it about terrorism that makes US Commentators talk nonsense (Washington Post)?

Wikileaks recently obtained a document which asked what should be the rather unsurprising question 'Does the US export terrorism'.

Of course the US exports terrorism, for the simple reason that the US is a rich county with a very large population of second and third generation immigrants who can afford to engage in the irredentist politics of what they imagine to be their homeland.

The UK has the same problem. The causal nexus of the strife in the Punjab that led to the 1984 siege of the Golden Temple in Amritsar was almost entirely located in Birmingham England.

Until September 11, Rudy Giuliani would never pass up an opportunity to attend an IRA fundraiser. But support from New York City flowed to both sides of the sectarian conflict in Ireland, just as they do to both sides of the Israeli/Palestinian issue.

Expatriate irredentists are often the biggest obstacle to a peace process. They fund the conflicts but experience none of the consequences. They collect the money to buy bullets and bombs to murder and maim, but they only every acknowledge the injuries caused against their side. So the expatriates are always the last holdouts.

This is of course known to anyone who specialized in counter-terrorism before 9-11. But since then everyone in the security world has declared themselves an expert in counter-terrorism, most basing their models on the experience of the cold war era when the most visible terrorist groups were state sponsored.

Sunday, August 22, 2010

How an Israeli attack on Iran might proceed.

Glenn Greenwald is engaged in another argument with Jeffrey Goldberg over the latter's article in the Atlantic in which he is very clearly beating a drum for a US war on Iran.

Greenwald initially pointed out that Goldberg had something of a credibility problem given his earlier role in peddling some of the stories used to claim a casus belli for the US invasion of Iraq. Since then it appears that he has caught Goldberg in an outright lie. Even so, Goldberg appears to have been largely successful in framing the debate on war with Iran as to whether the US should attack first or let Israel start the war.

The argument from Goldberg et. al. appears to be that if Israel attacks Iran, Iran will retaliate and that this will force the US to come to Israel's defense following Iran's inevitable retaliation. I find this a rather unlikely scenario as it leaves out of consideration the reaction of China, Russia and US public opinion and the fact that any US response would be constrained by time and logistics.

Planning for wars takes a considerable amount of time. Even if the US was minded to immediately declare war on Iran, it could not do so immediately and the costs of doing so would be rather obvious. The US public would wake up to the possibility of being drawn into a third neo-con war in defense of the country that was unambiguously the aggressor. It is doubtful that a majority of Republicans would support that proposition, let alone Obama's base.

When Obama addressed the nation from the oval office, his only real option would be to call on all sides to accept a cease fire on the basis of a US-Russian-Chinese plan being voted on by the UN security council and look to take credit for saving Israel from its own foolish leaders.

Netanyahu is no fool, he knows that he can't launch an attack against Iran and then go run crying to the US's skirt after the inevitable retaliation. Those are the tactics of cowards and schoolyard bullies. Netanyahu would only launch an attack if he is certain he knows where the nuclear material is and he is certain that Israel would win the inevitable war that would follow. Since only a lunatic would be certain of either proposition the prospects of an Israeli attack on Iran are rather small.

Wednesday, August 11, 2010

BadB and anti-Americanism

Its good to hear that Alleged Carder ‘BadB’ has been busted.

But take a look at his business card and remember that this is a Ukraine/Israeli citizen. Then ask yourself if the people who are doing Internet crime are purely in it for the money.

While the money is certainly a large part of their motivation, there is clearly a nationalist motivation as well. While the fall of the Soviet Empire was considered a very good think in the West, some people in the East were not so happy. And Horohorin, 27 was 8 when the communist system collapsed. He probably does not remember the secret police or the gulags.

It is strange but true that some people find the most bizarre, abominable things imaginable to idolize. When I was in college some students used to love to shock people by declaring their support for General Pinnochet, a man they knew to be responsible for several tens of thousands of murders.

Sunday, July 11, 2010

How to bias a poll

Selection bias free, I am sure.

Take Our Obama Socialism Survey And Receive Free "Impeach Obama" Sticker | The Conservative Caucus

Thursday, July 01, 2010

Spies amongst us

Yesterday I discovered I have been living near to a pair of Russian spies for the past ten years and never noticed. Today we start to discover just how lame those spies were. Shoddy tradecraft, falling for ridiculous ruses, what clowns!

I beg to differ.

Looking at the tradecraft described in the complaints it does not appear to be markedly different from the methods used by the KGB in the Soviet era. Some of the tools had changed, wireless laptops had replaced the old dead drops. But they were using the exact same methods that they had used in the Soviet era when the KGB successfully infiltrated both MI5 and the FBI.

And that for me is the real reason why the Russian spying antics were so pathetic: the times had changed, they had not. Which at root is the whole problem with the Putin crowd and its attempt to turn the clock back to the Breshniev era of 'Stalinism-Lite'.

First off, lets get the terminology right. The spies that were just caught were not agents, they were operatives. That is the field level spy masters. A real life James Bond does not go and steal the information himself, he recruits locals who have already have access to the information to act as agents. The division between operatives and agents is an important one in intelligence work: the agencies will generally do whatever they can to protect operatives, agents are generally considered expendable.

The Russian ten spies did not attempt to burrow into government agencies or perform classified work directly. Their covers were only designed to be good enough to fool immigration and would almost certainly have been exposed in a positive vetting process. To be effective as spies following the old KGB model the Russians would have to recruit agents with access to the information they wanted.

We yet don't know if the spies were successful in recruiting agents, though we may well find out if there are further arrests. While the tools of the operative are money, ideology and blackmail, it is only the last one that is practical with respect to cold-calling in a democratic society. Mercenaries such as Hanssen and Ames are typically walk-ins. They decide they are going to betray their country by themselves and then make contact. The same is typically true of ideologues.

Lets say you are an NSA employee and have been identified as a target by a Russian operative who approaches you with an offer of money in return for secrets. Even if the amount of money on offer is tempting (a million dollars say), the risks are enormous and the approach is very likely to be a trap. The competent traitor knows that they have to reject any unsolicited offers and be the party that makes contact themselves.

This leaves blackmail, which has always been the primary tool of the field operative. An offer of money is likely to be rejected and reported, an offer of money coupled with a threat is much less risky. Later this year the IETF will be holding a meeting in Beijing. As a somewhat senior information security professional I would consider it something of an insult if I was not targeted by a honey-trap operation. A few years back a police raid on an 'Asian massage parlor' in Silicon Valley uncovered hidden cameras in all the rooms. While it is possible that the owner was merely a pervert, many of the clients captured on the tapes would have access to technology that China would very much like to acquire.

In the Soviet era, the KGB could use a very powerful form of blackmail: reprisals against relatives still in their power. Co-operation might mean permission to live in Moscow for a parent or sibling, refusal might mean loss of a job, internal exile or being denied critical medical care.

Putin's modern day spies had much less to work with. The US is a far more open society than it was ten or twenty years ago. Exposure as an adulterer or homosexual might damage personal relationships but is not going to end a career or result in prison unless your job happens to be running an anti-gay bigotry association.

Its not just the tools that have changed, the objectives have as well. Twenty years ago an operative who obtained an internal telephone directory for a government agency would be a hero. Today the information is most likely up on a Web site (and more likely to be up to date). Want a background profile on the new assistant director for widget command? His kids are probably on Facebook, his classmates certainly are.

For the past couple of years I have been attending weekly seminars at MIT on cybernetic aspects of international relations. In a nutshell the Internet is having major effects on national security, diplomacy and the way that wars are fought in future. Russia, China and the US are each attempting to work out what military and foreign policy doctrine is going to be in the Internet age. The MIT/Harvard project funded by the Minerva Institute is looking into these issues.

Isn't this exactly the sort of stuff that Russia would want to send a spy to sit in on? Is it likely that any of them did? Well not if they were illegals unless they wanted to attract quite a bit of attention.

And here we get to the real incompetence of the whole affair. We do not know what the spies may have acquired but the fact that they were allowed to operate, observed for over a decade shows that they probably didn't acquire very much that was damaging. How much more could the Russians have acquired if they had spent the same amount of money on a room full of clerks searching Google?

The Chinese espionage activities leave me equally skeptical. I do not doubt that they exist, the documentation is conclusive. I just think that they are more likely harming the Chinese economy as helping it. As long as China focuses on stealing foreign innovation, development of their own technology base will suffer.

We do not yet know, we may never know the reason that the arrests happened now, but one possibility is that the spies were so incompetent that they were actually hurting US interests. This may sound odd to someone brought up with the notion that being spied on is a bad thing. But in international relations terms there is a real value in transparency. If I do not have anything to hide, I want my adversary to know that I do not have anything to hide. If I stop him from confirming that I have nothing to hide he is going to go off and invent an explanation for my refusal and plan against it. that is going to make his behavior more random (bad) and possibly more aggressive (very bad).

We may never know, but it does not look like the Russian ten were doing much to improve transparency. The Russians probably knew less as a result of their efforts than they would have without them.

Saturday, May 22, 2010

Rand Paul: Worse than a racist.

Rand Paul's tortured explanation of his opposition to parts of the civil rights act is being taken by some to indicate that he is either a covert racist or wishes to send a covert signal to racists that he is on their side.

Rand Paul's supporters are attempting to show that Paul's interest in positions that have traditionally been shout out to racists is in fact due to his deep and sincere belief in the rights of the individual and not a continuation of the covert-racism that many GOP figures such as Trent Lott and Jesse Helms engaged in for decades.

While there are many reasons to be skeptical of these claims, the counter-claim that Rand Paul is a rigid ideologue rather than merely a racist is actually a lot worse.

If Rand Paul is taken at his word, he is such a rigid ideologue that he would have opposed the real improvement in personal liberty provided by the civil rights act in favor of an abstract, theoretical definition of liberty. In Paul's world only the government can threaten liberty. No action by a private citizen can ever threaten liberty unless it involves coercion. In Paul's world, liberty matters above all else, but the term liberty has a fluid meaning that can be adapted to any purpose.

In the real world of course, the private individuals in the South could only discriminate by calling in the force of the state to remove blacks from whites-only lunch counters. As with Paul's assertion that 'tort law', not government regulation is the answer to the Deepwater Horizon spill in the gulf, libertopia is only achieved by ignoring state involvement in the favored case. Tort law is created by government legislation and (in common law jurisdictions at any rate) the decisions of government courts. Paul is not insisting on an absence of government regulation, he is insisting that the government is only allowed to regulate through retribution.

Libertarians are fond of the notion that the political spectrum is two dimensional, with a libertarian/authoritarian axis in addition to the left-right divide. The claim being that authoritarianism rather than any particular economic theory was the common factor in the totalitarian governments that came to power in the 20th century.

Rand Paul would clearly like to be placed on the libertarian end of the spectrum. But if we look at the consequences of his ideology rather than his purported principles he starts to appear distinctly authoritarian. Like Lenin he insists on placing a theoretical liberty defined by his rigid ideology above actual liberty.

Libertarians like to claim that they had no part in the totalitarian regimes of the 20th century. But this is only true if we ignore Latin America where a series of generals insisted on the need to defend liberty by replacing the democratically elected government through a military coup. And the fact that stalwart 'libertarians' such as Milton Friedman could support such murderers in the name of 'liberty' is certainly proof strongly suggests that it is a rigid commitment to ideology that is the defining enabler of totalitarianism above all others.

Thursday, April 15, 2010

Stupid political arguments of our time

John McCain says it is 'Time To 'Pull The Trigger' On Tougher Iran Sanctions' [TPM LiveWire].

There is just one teensy little problem. The US already has a full economic embargo on Iran. It is illegal for any US citizen to engage in any form of commerce with Iran including buying Iranian made goods and selling goods to Iran. So when McCain is saying that the US should pull the trigger, he is referring to a gun that has already been fired.

The only way that the US can bring any greater pressure to bear on Iran is by getting other countries to support the sanctions regime. And that in turn is made rather difficult by the fact that US credibility is rather poor after the lies told by Obama's predecessor to gain support for the US invasion of Iraq.

Saturday, April 03, 2010

Waiting in line not for an iPad, but for a new shell - Local News Updates - MetroDesk - The Boston Globe


Waiting in line not for an iPad, but for a new shell - Local News Updates - MetroDesk - The Boston Globe

Using field studies, lab experiments, and computer models, the biologists discovered that hermit crabs join together in what is known as a "synchronous vacancy chain" when they are looking for a new home.

Friday, April 02, 2010

Cry Anti-Semitism

There are still a large number of people who ascribe to a wide variety of bigotries. But I think rather few people will agree that current criticism of the Pope's handling of priests who raped children is in any way motivated by sentiments comparable to anti-Semitism [BBC News].

At the root of the current crisis is the fact that the current Pope was determined to suppress criticism of the church by any means, even if doing so would inevitably lead to offenders being left to rape yet more victims. And now the claim of anti-Semitism is being made in the faint hope of bullying critics into silence.

The claim might be received a little more sympathetically if the Vatican had actually managed to apologize for its failure to condemn the holocaust as it was happening. Likewise it is rather hard to see an institution as being victimized by bigots when it spends so much time and effort promoting the cause of anti-gay bigotry.

Monday, March 29, 2010

Scholarship at the AEI

In the wake of the firing of Frum, Charles Murray makes an unintentionally revealing post on the nature of the AEI and AEI scholarship.

Murray is also an AEI fellow, but he purports to be posting independently. In particular he states: I do not have any certain information to convey about David’s departure, except what Arthur Brooks has already said publicly: David resigned.

In other words the only "certain information" that Murray is stating is best described as a lie. While Murray's statement may be technically a true statement, it is intended to deceive and thus a lie. Murray is no doubt aware that the condition under which Frum could remain was to go from being paid what Murray describes as a 'handsome salary' to being unpaid. To insist of calling this a 'resignation' is dishonest.

Once we understand that this is the game Murray plays, we can see that the apparent denial of donor pressure influencing AEI policy in Murray's third paragraph is in fact nothing of the sort. Murray describes a very specific scenario in which donor pressure does not take place "The idea that AEI donors sit down to talk with AEI’s president...". The scenario is presented as being a 'fantasy', but nowhere is there actually a denial.

Murray is again being intentionally deceptive. As he must know, Frum alleged only that he was told not to write on Health Care Reform as it was likely to upset the donors. He did not allege that the donors made any complaint, which is the charge Murray decides to rebut.

After stating that he has no information, Murray theorizes that the reason for Frum's departure is his lack of work for the Institute. Murray himself admits to drawing a salary on the same basis, but gives no explanation for why Frum was forced to resign and he was not.

In making this complaint against Frum, Murray unintentionally admits one of the principal charges critics make against the AEI: it disburses patronage to Conservatives who toe the party line without expecting anything in return beyond use of their name on the letterhead. But for the pseudo-academic patina of his AEI 'fellowship', Charles Murray would be just another crank who wrote a covert racist screed.

But then look at how Murray finishes his piece:

I think that’s what happened. I also think that for David to have leveled the charge that Arthur Brooks caved in to donor pressure, knowing that the charge would be picked up and spread beyond recall, knowing that such a charge strikes at the core of the Institute’s integrity, and making such a sensational charge without a shred of evidence, is despicable.

Here Murray unintentionally demonstrates a complete lack of any capacity for self-examination. The next sentence after making a charge he admits he has no evidence for, Murray accuses Frum of having made a charge without a shred of evidence.

As Murray himself admits, he has no evidence other than what is in the public domain. While Frum has provided no evidence to support his assertion that members of the AEI were told not to write on health care, the AEI has made no attempt to refute the charge and no evidence has been presented to show the contrary. Since it is implied that Frum himself was one of the people told not to write on Health Care Reform, his own testimony is evidence. Now whether the word of Frum alone is persuasive (he was an AEI scholar after all), it is clearly not true to claim that there is no evidence.

If Charles Murray is representative of AEI 'scholarship', it is an institution whose integrity is not so much compromised as non-existent.

Thursday, March 18, 2010

Police: Fired worker disabled cars via Web

Hot on the Pensylvannia school webcam case, another case of what happens when companies only think 'what is the worst that could happen to me'.

An auto dealership fitted radio GPS systems with a function that enabled the engine to be remotely disabled. The company only worried about getting the car back if the customer didn't pay. They didn't consider the possibility that a fired employee might use the system to get back at the employeer.

The dealership is now facing demands for compensation from the owners who were denied use of the cars for several days. Some had their cars towed, all suffered unnecessary inconvenience. the dealer has suffered damage to its reputation and will almost certainly end up paying substantial compensation to the customers.

It does not look as if the dealer has learned its lesson either. Changing passwords won't help as the real cause of the problem was that the employee had too much authority. Since disabling a customer's car should be a last resort, the system should probably require authorization from more than one employee. Velocity controls to prevent one employee disabling hundreds of cars at the same time would be a sensible additional control.

Saturday, March 13, 2010

Truth in Power Lunching

I am particularly interested in two little mentioned new features of the new MacBook Pro. The features of interest are all on the back edge:

The first change is that Apple has finally seen sense and decided to support an SD card slot. the ability to transfer photos and video from camera to computer without additional dongles is a major hassle eliminator for professional and serious photographers.

But the more important change for me is that there is now an indicator of remaining battery power on the back edge where the user is unable to see it.

Why is this so important?

Well a very common situation in a conference room is that you have n available sockets on a power strip and n+1 (or more) people with laptops to plug in. This inevitably creates a situation where various people attempt to gain access to the plug by pleading imminent exhaustion of their battery.

The power strip meter is a dead giveaway. Now we will know whose machine is about to croak and who is merely bluffing.

Friday, February 19, 2010

What should the School District have done?

The Pennsylvania school district being sued for allegedly spying on students now claims the feature was only used to recover stolen laptops.

Recovering a stolen laptop is an objective that most people would accept as valid. But at the very least the school district implementation has created a major legal liability. Even if they 'win' the lawsuit they could easily spend a million dollars in legal costs.

What should the school district have done instead?

Disclosure: Any security mechanism that you would not want to disclose to your users is likely to be a bad idea. A mechanism that is kept secret to avoid controversy is a very, very bad idea.

Dual controls: Banks require every important operation to involve at least two people. Its not just to reduce the risk of embezzlement, its to provide protection for the personnel. If one employee could open the safe by themselves they would be a target for kidnappers and if any money did go missing they would be a suspect.

Audit Trail: Every system that could be misused should generate a tamper proof audit trail.

Security people don't just ask 'what is the worst that can happen', they think 'what is the worst that someone could be accused of'.

Adding the necessary controls does not need to create excessive overheads. Simply generate a unique access code for each end point and seal the access codes in tamper-evident bags. Make the custodian of the bags a different person to the one that has the password for the recovery system. Alternatively use a software based mechanism to enforce dual controls.

This problem has been solved for a decade in key recovery systems. There really is no excuse for not applying that technology.

Tuesday, February 16, 2010

Clueless pundits

What I find most depressing about the state of the Washington Post is the sheer political cluelessness of some of their pundits. Lane argues that Bayh's last minute withdrawal from the race has set himself up for a Presidential run against Obama.

There are many problems here, not least the fact that there really isn't a constituency in the Democratic party base that thinks Obama has failed to be sufficiently open to working with the Republicans.

I suspect that his timing was designed to prevent a big name GOP candidate from entering the race. But most party activists seem to have assumed that his real objective was to ensure that the party apparatus would install a blue dog candidate. That has pretty much made the Bayh brand toxic as far as national politics goes.

Bayh's departure appears to be driven by pique as the loss of the supermajority and the GOP tactics of total obstruction have transformed his role from cloture power-broker to a marginal player in the reconciliation-rules 51 vote game.

Monday, February 15, 2010

Human Error

According to the Olympic committee it was 'Human Error' that caused the death of luger Kumaritashvili.

I beg to differ. Human error was merely the cause of the crash. The crash was fatal because the luger collided with an unprotected steel support.

Every corner on a Formula One track is protected with walls of rubber tires. The speeds are faster, but the drivers are riding in reinforced chassis designed to withstand high speed impacts. It might be that no amount of protection would have been sufficient, but failure to provide any would seem to be negligent.

But whatever the cause is ultimately determined to be, any judgment made at this point is premature.

Friday, February 12, 2010

Woods not a good Buic salesman

One of the things I could never understand about GM was why they paid Tiger Woods to be the pitchman for Buick. It always seemed an odd fit, seems that I was right [USA Today].

My impression of Buick was that it was little more than an excuse to charge a slightly higher price for a range of uninspiring sedans made from standard GM parts. That is not an impression that you break by paying a celebrity to drive it when they would obviously be much happier in a Porsche or a Ferrari.

Seeing Woods step out of a Buick was never going to make people think 'hey I want to drive what he drives'. To the extent the brand of the car registered at all most people would think either 'rental' or 'being paid to drive it'.

People understand that Woods is also paid to tout the goods Nike makes in low wage sweatshops of course. But there the idea is that the spokesperson has at least some input into the goods on sale. It is unlikely he would stay with Nike clubs and balls unless they were amongst the best in the industry, there is the expectation that he at least sees the clothing range before it launches.

Arnold Palmer was a very successful spokesperson for Rolex for the simple reason that it was totally believable that a Rolex is what Palmer would choose to wear. It is hard to imagine many spokespersons that that would be true of for Buick, which is probably why the brand is best buried.

Tuesday, February 09, 2010

Everything you need to know about shooting the news…. « Photo Traveler

All you need to know about news journalism [h/t Bob Krist]

Friday, February 05, 2010

No Flash on the iPad

The New York Times joins the long list of journals who fail to mention the most likely reason that Apple refuses to implement Flash on the iPad.

Apple has made clear that it's intention is to control both the platform and the applications that run on the platform. Like the Video Game console makers, Apple wants to tax every application provider.

Support for Flash would provide another means of putting applications on the iPhone. And so Apple will refuse to support Flash whatever the status of the specification or the implementation until they abandon the 'application tax' model.

Is there any chance Apple will change? As with every other first generation Apple product, the iPad lacks rather a lot of features that appear essential. It is pretty obvious that the next version will have a camera for doing video conferencing. I think that they are going to find they are forced to support real USB and an SD card as well.

Apple does quite well spinning the fact that obviously essential features are missing. When the first iMac was launched it lacked a floppy drive because the box had originally been made as a 'Network PC' and repurposed as a home PC. Jobs argued that the lack of a floppy or a CDRom was because people would download programs from the Internet. This story has even been repeated this week as evidence for how 'prescient' Jobs has been in the past. Which is rather silly since there was an optical drive on the next iMac and every model since.

When the iPhone came out the big question was not whether it would make a good computer but whether it would be a usable phone. Experience of the HP iPaq range was that computer company phones were to be avoided. Rival phone makers have spent the three years since trying to catch up with the first iPhone. The fact that the iPhone is a vendor locked application platform was not a big deal to me as it was the first phone that you could run a useful application on without the thing crashing (yes, I mean you Palm).

The iPad is a computer and this time Apple is up against the rival computer makes. I don't much care how good Apple's eBook store is, I am going to buy my eBooks from Amazon which lets me read them on my Kindle, my PCs or in the very near future my Macs. The first generation iPad clones will probably be somewhat nasty. But if they have an SD slot and a proper USB port and let me write my own applications they are already looking like a better buy.

Apple is certainly going to try to roll their iPhone/iTouch application tax model onto the iPad but this time its going to fail. And when it does we will probably see the model starting to unwind on the iPhone as well. If Google Android based pad computers beat out the iPad they are going to establish a developer base to make them competitive with iPhone.

Wednesday, February 03, 2010

Word Stupidity

For years, the defaults for making references to other parts of a document in Microsoft Word have been insane.

First off there is the stupid dialog box.

There are eight default objects that Word lets you link to but the drop down menu only shows the first six. For some reason the options for 'Table' and 'Figure' - i.e. the types of object people are most likely to be adding a cross reference to appear at the bottom so you have to scroll down to see them.

The other bizarre choice is that the default is to insert a reference to the Entire Caption. Does this ever make sense?

The net is that the user has to scroll through two drop down menus every single time they insert a reference. Word does not seem to have an option to add in a shortcut. And the default options are reset each and every time the dialog appears.

Abdulmutallab speaks

So, Abdulmutallab, the 'crotch bomber' has been co-operating with investigators 'despite' the use of standard FBI process [ NY Times].

This should hardly be a surprise. Police are trained to perform interrogations, they have years of experience. CIA agents are not.

Even so, the latest Republican Party talking point is the rather weird claim that reading Abdulmutallab his Miranda rights may have persuaded him to stop talking.

Let us recap the circumstances of Abdulmutallab's arrest. He was taken off the plane he had attempted to bomb. He had severely injured himself in the attempt to detonate the bomb. The passengers and crew had at a minimum removed his trousers and underwear. It seems quite likely that after discovering the bomb in his underpants, the passengers/crew had stripped him completely naked.

Given those circumstances, it seems rather unlikely that Abdulmutallab would have any expectation of a not-guilty verdict.

How could talking to the investigators possibly make Abdulmutallab's case any worse? He can't claim mistaken identity, he can't plausibly deny carrying the bomb, being aware of carrying it or attempting to detonate it.

Abdulmutallab is certain to receive a life sentence regardless of what he says. This is not a difficult case where a confession or an unintended slip is going to make the difference between conviction and acquittal. It is as close to being an open-and-shut case as they come.

The only chance Abdulmutallab has to improve his living conditions during his life sentence or to earn the possibility of parole in the distant future is to co-operate.

Incidentally, the man appears to have burnt away his penis in the attempt. How could torture do anything more than give him something else to think about? If he is being waterboarded he is going to blame his captors for his situation. If he is being being treated as an ordinary criminal he has plenty of time to build up resentment against the group who caused his injury.

At the time of his arrest Abdulmutallab was probably expecting to be taken to Gitmo and subjected to torture. The point at which his Miranda rights were read would be the first point at which the actions of the authorities significantly departed from his expectations.

Wednesday, January 27, 2010

iPad - missing the point

All the reviews for the Apple iPad seem to be positioning it as a Kindle competitor.

This is rather silly as the point of kindling is that you use it to start the fire. It is the first fuel to be consumed.

To understand where Amazon is going with Kindle people should look to the fact that there is already a Kindle viewer for the iPhone which according to the Apple site should work on the iPad unless Apple is silly enough to attempt to block it. There is also a Kindle reader for the PC and a reader for Mac is promised.

The point of the Kindle was to allow Amazon to build an early lead in the eBook market and to prevent Apple from dislodging it in the way that Apple has managed to dismantle the power of the record labels. Kindle has clearly met that objective.

The iPad is simply a logical extension of the Kindle concept that is optimized for video, games and pictures rather than a dedicate book reader.

Rather too much is also being made of Amazon's recent 'change' in their pricing policy. Under the old pricing policy the publisher got 30% of the recommended retail price which Amazon routinely discounted by a third. So the publisher would recommend a price of $15 which Amazon would discount to $10 and receive $4.50 per copy. Under the new scheme the publisher gets 70% of the sales price provided they agree to a recommended price of $2.99 to $9.99 that is at least 20% lower than the hardcover price and agrees to enable text-to-speech. So the royalty rates are actually rising from 45% to 70% and only if the publisher is also willing to take a considerable price cut. The net result is that it makes little sense for a publisher to charge more than $9.99 for a Kindle book unless they are going to charge a minimum of $23.33.

Amazon is still making a nice profit from Kindle sales, but their cost of sales is no longer negligible. Associate fees are 10% of Kindle sales and the costs associated with payment processing and running the Amazon site and brand are likely to take up another 10%. Kindle royalties might rise a little further in the future, but any rise is going to significantly cut into Amazon's profit.

Why charging illegal entry?

Someone asked me why O'Keefe has been charged with illegal entry rather than wiretapping.

The answer is that this is likely a holding charge. The prosecutors have all the evidence they need to win a conviction for attempting to gain entry to Federal property for the purpose of committing a crime. That alone carries a sentence of ten years. Burglary is the act of breaking and entering for a criminal purpose. The actual taking of property a separate offense: theft.

But the FBI and the prosecutors will almost certainly be adding additional charges before taking the case to a grand jury. They will also be looking to see if the group have attempted any other breakins and in particular the possibility that they might have succeeded.

What charges are likely? Well the Pellicano case is a fairly close comparison. Pellicano was eventually sentenced in December 2008 to 15 additional years in prison, and ordered (with two other defendants) to forfeit $2 million [Wikipedia].

Pellicano was engaged in his activities for several years and so he was charged with RICO Conspiracy. He also attempted to cover up his activities and so he was charged with witness tampering, false statements and destruction of evidence.

Of the Pellicano charges, the charge of Interception of Wire Communications does not apply on the basis of the facts set out in the indictment. It would apply if the conspirators had been allowed to actually place the wiretap and it was used to intercept a communication. But had that happened I would expect it to have been reported in the affidavit and charged as per the indictment. It may turn out that the conspirators intercepted other communications in which case they would be liable for either a one year or a five year sentence depending on the circumstances.

A count of Posession of an Electronic Communication Interception Device (18 USC 2512) seems likely, but that only has a sentence of five years.

According to the facts as we currently understand them, the activities of O'Kefee and his conspirators were nowhere near as extensive as those of Pellicano, nor did they succeed. But against that there is the fact that they attempted to bug the telephone of a United States Senator.

Another third rate burglary

The FBI Affidavit provides some very interesting information on what Democrats are now referring to as the 'Louisiana Watergate'. Conservative propagandist James O'Keefe and three accomplices were caught allegedly attempting to tap the phones of Senator Landrieu.

As the Senator's office is on Federal property, the holding charge of attempting to gain entry to Federal property for the purpose of committing a crime carries a maximum ten year jail sentence.

The affidavit itself reads like a bad script for an episode of the A-Team. Two members of the group dressed up as telephone repairmen and attempted to gain access to the telephone closet. They headed for the Senator's office, attempted pretexting and were directed to the GSA office down the hall where the plot was uncovered when the pair were asked for identification and claimed to have left it in their van.

Now it is quite possible that a GSA employee would have been trained to recognize a telephone company ID badge, but I don't know what one looks like and the typical security guard at a non-government facility wouldn't either. For a few hundred bucks the conspirators could have bought a second hand badge printer on EBay to create their own badges and greatly reduced the chance of getting caught.

Using fake ID reduces the risk of being caught but increases the penalties if caught. Possession of a fraudulent access device is a federal crime, as is possession of means to create fraudulent access devices. Using real identification greatly increases the risk of being caught, but some do so anyway.

So how does a facility protect itself against this type of attack?

At this point we do not know where the conspirators first aroused suspicion, it is quite likely that they were considered suspect from the minute they walked in the door. A well designed security process has multiple layers and multiple checks:

  • Check Government ID
  • Confirm Corporate ID
  • Check contact name
  • Confirm with contact
  • Escort visitor
  • Defined process

The first line of defense is to ask for government issued ID. With fifty states, there is considerable variation in driving licenses, but they are at least a closed set and a telephone repairman handing over a New York drivers license in Louisiana should be asked for an explanation. Most state driving licenses have anti-counterfeiting measures built in and are printed on distinctive stock.

Corporate ID provides an additional check but is not a substitute for government issued ID. Corporate ID should of course match the government ID.

My experience of government buildings is that government issued ID is required to enter the building. This alone would make the conspirator's claim that they left their ID in their van very suspicious.

Another thing that is required to enter a government building is a contact person. It is quite likely that the conspirators bypassed this requirement by giving the Senator's Office as the contact. 'Walk-ins' are a common occurrence at politician's offices of course, but a tradesman coming to perform work without a specific contact name should be a red flag.

In most government buildings, visitors require an escort unless they are visiting a separate area that is specifically designated as public access. Most of the newer corporate offices in Silicon Valley now have meeting rooms that connect directly to the lobby. This allows employees to meet visitors without bringing them into the part of the building where company confidential material might be on display.

Security procedures of this sort have become standard practice in most US companies in the wake of 9/11, at least with regard to the form which is easily copied. What is not easily copied are the less visible parts of the system such as what should happen when work needs to be done on the telephone system.

The most important security control is to have a defined procedure so that the person responsible for implementing it knows what to do. In the case of a GSA facility, there will be a written policy describing precisely which individuals should have access to the telephone system and under what circumstances. That process will anticipate the possibility that a bogus telephone repairman would turn up attempting to place a wiretap, not least because the process will have been extensively reviewed and quite possibly red-teamed by CIA teams responsible for attempting similar operations against foreign powers.

Tuesday, January 12, 2010

Crotchbomber changed return flight

Much is being made of the failure of the authorities to catch Farouk AbulMutalab aka the 'crotchbomber' despite suspicious activity such as flying on a one-way ticket.

Only according to the Nigerian press, Farouk's ticket
was a return and he even went so far as to change the routing on the return leg.