Circuit Writer Version 8.3

By Jim Scheef

No, your TV isn’t broken, the election is actually over, but never fear, we will soon hear “news” from Iowa as the “non-candidates” jockey for position. The Iowa caucuses are scheduled for February 6, 2012. Should we start an over-under pool on when campaigning begins?

Front Lines of Cyberwar

Before I could write about the Stuxnet Worm (see “Stuxnet Worm: Nine Facts Every IT Security Pro Should Know” on eWeek, a Congressional report has documented how China Telecom rerouted 15% of all Internet traffic thru servers in China. While some people do not call this a hijacking, it fits in the pattern of China testing and probing Internet security around the globe. The “incident” lasted about eighteen minutes. What happened was an exploit of a known vulnerability in the Border Gateway Protocol, the standard by which all major Internet routers exchange information about how they connect to the rest of the world. BGP is the basis for routing packets from one place to another. From the report:

“For about 18 minutes on April 8, 2010, China Telecom advertised erroneous network traffic routes that instructed U.S. and other foreign Internet traffic to travel through Chinese servers. Other servers around the world quickly adopted these paths, routing all traffic to about 15 percent of the Internet’s destinations through servers located in China. This incident affected traffic to and from U.S. government (‘‘.gov’’) and military (‘‘.mil’’) sites, including those for the Senate, the army, the navy...and many others.”

There is no way to determine what China did with all of these packets, but it is conceivable that sensitive information could have been captured or even changed en route. This is just how the Internet works right now and it is essentially impossible to protect against this threat. For some analysis see “China Internet Hijacking Accusation Fallout Continues” on eWeek, listen to the story on National Public Radio, or read the NY Times article. Naturally China Telecom denies the claims (see Computerworld). For a very brief explanation of how the exploit works, see Ars Technica.

This is scary on so many levels. First is the lack of major news coverage. Without outrage on national media, nothing will happen. But the really scary part is that this exploit not only reroutes regular IP traffic, but it reroutes secure tunnels, the “virtual private networks” used by industry, government, and even the military to “securely” communicate over the insecure Internet. By creating a “man in the middle” situation, an attacker can break these secure tunnels. And there is nothing to prevent another such “incident”. While not quite a cyberwar “shot across the bow”, because of the fact that this included U.S. Government and military traffic, I think this event should be considered an act of aggression by China.

Birthday News

The Web is no longer a teenager. Hard as it is to believe, most DACS members have no trouble remembering the days when there was no web. Dated 12 November 1990, a proposal by Tim Berners-Lee and Robert Cailliau called “WorldWideWeb: Proposal for a HyperText Project” found a better reception than Tim’s original paper entitled “Information Management: A Proposal”. Apparently alliteration made all the difference and the birth of the WWW was assured. The NY Times covered this in the “On Language” column, which you will understand when you read the column. The 20-year old ‘paper’, in its HTML 1.0 splendor, is a fascinating look back at computing and software projects in 1990. Naturally there are no pictures.

Speaking of Internet history

Not so long ago I gushed over the release of the Chrome browser. A new browser was actually news, or at least I thought so. Well, thanks to the open source code generated by the various forks of the Mozilla (Firefox) codebase plus other projects, new browsers are almost a daily occurrence. So what makes a new browser newsworthy, you ask? When the inventor of the original graphical browser is involved, then it’s news. Marc Andreessen, along with other Netscape alumni has released an “early access” version of the RockMelt social browser. Social is a key word here, because RockMelt is essentially a single-purpose browser: to use Facebook and Twitter. The browser will not open until you log into your Facebook account. I have yet to actually install and use the browser, so a personal evaluation must wait until next month, but you can get a feel for what it does from the video on the RockMelt website, a more thorough look in an eWeek slide show and a NY Times article for background. It will be interesting to see what share of the Facebook market – not the general browser market – RockMelt achieves.

Appleflation

Depending on how you first entered the world of personal computers, there is the one early computer that is the “most prized collectible” of all. For many people that would be the Apple-1.

The two Steves – Jobs and Wozniak – assembled about 200 in Steve Jobs’ parents’ garage and sold them for $666.66. Legend has it that not all 200 were sold and some were destroyed in anticipation of the Apple II in 1977. They are so rare, that there are several replica (or work-alike) kits (check out the Replica 1 at brielcomputers.com/wordpress/?cat=4). This example may be the same Apple-1 offered on eBay in 2009 had a starting bid of $50,000, so the vintage computer community awaits the November 23 Christies auction of this “perfect” Apple-1. This machine is so incredibly collectible that the return address still shows on the original shipping container. The lot includes the BASIC tape offered at the time and the original documentation. Christies expects a sales price of between $159,800 and $239,700. We’ll know what happened by the time you read this. I wait with a worm on my tongue.

The opinions expressed here are the author’s and not necessarily those of the Danbury Area Computer Society, its board or officers.

 


Click Here


DacsGear!
Mugs and more, visit CafePress to order

 

 
 
© Danbury Area Computer Society, Inc. All Rights Reserved.
Web Site Terms & Conditions of Use