E-rant

Hear ye, hear ye!  Make way for the Great Seer, the Oracle of Truth and Justice, Master of all Things Electronic, and Ranter of Lunacy, Jim Jupiter the Omniscient shall hereby proceed to layeth upon you, the unwashed massess, several intrinsic and unopposable truths that shall be fortold duringthe forthcoming year:

1.  Schmidt sings Kumbaya.  Howard Schmidt’s soundtrack for the upcoming year will be a collection of campfire songs and little ditties about puppies and happiness so sweet and sticky they’d make a My Little Pony puke.  Not by choice, of course.  See, it didn’t take this long to name a Czar due to the administration’s indecisiveness, it took this long to strike a deal that ensures whoever’s named Czar won’t give the administration another black eye during Obama’s first term.   Sweet and harmonious music, even if sung through clenched teeth.

2.  Twitter is recognized for what it is – useless crap.  I hope beyond all hope that Twitter will die.  This is more wishful thinking than an actual prediction.  I’m sure some people find Twitter useful, but I just don’t get it. 

3.  Android will be a hacker’s playground.  All of those malicious code authors that have been waiting for an opportunity to invade the fertile mobile phone application market may have gotten their wish.  The open architecture without the appstore cover charge is just what it takes to open the floodgates.  That, and an audience, which it appears it may get with the new Nexus One.

4.  Michael Jackson sitings will rise astronomically.  Until he comes out of hiding for a resurrection tour, of course. 

5.  Cloud computing will suffer more serious reputation setbacks.  Yep, “the cloud” will get some bruises, but it will make it through the year without being laughed off the scene.  By my estimate, it’s on the verge of beinga viable solution – cloud computing(aka “software as a service”, aka “high performance computing”) reminds me of PKI – the technology that’s too good to die but too complicated to be done right.  I think one good round of rebranding (“dust computing”?) is what it’s going to take.

6.  Control systems security appliances will flood the market.  One will come out on top, but not for several years.  The solution that will come out on top?  The one that bridges the gap between control system engineers and IT engineers, that has an aggressive marketingand pricing schedule.  Tofino fits that bill, sans marketing and pricing strategies.

7.  Tiger Woods, Mark Sanford, and Charlie Sheen (who made it just under the wire into the 2009 scandal party), will all appear in a TV ad together.   I’d venture to say they’ll get their own reality show, but that market’s saturated. 

8.  Cyber crime will go way up.  Or I should say that the number of prosecuted cyber criminals will go way up.  Simple statistics:  In a crappy economy, there are a larger number of unemployed geeks who need money.  A portion of those unemployed geeks may try their hand at cyber crime.  Due to inexperience, they’re more apt to get caught – either due to sloppy crime scenes (or not-sloppy-enough crime scenes) or when “fencing” their goods. 

And here are the remaining predictions that I had to leave off the newsletter due to the financial crisis:

9.  Siobahn Gorman gets a job with CNN.  And parlays that into a correspondent gig for  60 minutes, Anderson Cooper style.   What a powerhouse of cyber security reporting that’ll make!  But it’ll be nice to at least have the fear-mongers coralled for once.

10.  Netbooks overtake the “smart phone”.  Let’s just face it, the owner of the current handheld device landscape is Apple.  Now they’re going to get in and change the game with the iSlate.  This is likely going to be a really f-ing big iPod Touch.  Once Apple realizes that an iSlate is uncomfortable to hold up to your ear, it will be sold with a bluetooth headset and an optional ”dial pod” (read: “your iPod”), creating the first commercial implementation of the “personal area network”.   …Then for 2011, bioelectrical implants for better power management!

11.  Hoverkraf saya penuh dengan belut.  … my apologies, I had some of this outsourced to a sketchy overseas company and had trouble translating them back.  Let me know if you can make anything of this one.  I think it has something to do with Rush Limbaugh.

That’s all, folks.  Got any to add?  Leave a comment!  I’ll revisit this next December and see how we did – as long as the fame and fortune that destiny clearlyowes me doesn’t finally hit, go to my head, make me a billionaire through endorsement deals, then make me sleep with dozens of beautiful women and wreck my Escalade.

CNN’s senior editor for Middle East Affairs proclaims “Yep, they’re shiites” in reference to the Twitter DNS hackers in this story. I’m sure he’s done a full forensic study to determine who the actual people that performed this stunt were.   C’mon, now.  Really.  I would expect this out of the Wall Street Journal, but CNN?  Geez.  Maybe they’re trying to get in on the tabloid-news racket to compete with 60 minutes.  Heck, Octavia’s got a BA in Communications from the 1980′s (by my guess) which isn’t actually an accredited institution.  What better qualifications do you get than that to opine willy-nilly on an as-of-yet-incomplete cyber security forensics investigation?

Speaking of the Wall Street Journal, my fave reporter, Siobahn Gorman has conspired in another winner about Insurgents hacking of unmanned drones.  Not a bad article, but the whole premise of it is that the satellite video feeds were intercepted using a tool that is known to be a web traffic sniffer.  I have a hard time imagining that the actual tool used was skygrabber.  Full disclosure:  I have no direct experience with skygrabber.  But just from an academic standpoint, I would think it needs a MIME header to capture a file.  Which would imply email or web activity.  I don’t entirely doubt that this is the case (yep – that’s right, I said it – I don’t entirely doubt something written by Gorman), but I find it interesting that they’re implying that they got it streaming live from the drone.  As far as I can tell, skygrabber doesn’t “grab” streams, just files. 

That said, perhaps the files were intercepted some other way.  Which kind of gives me the creeps – since now we wouldn’t exactly know how they were obtained.  Maybe some commander located somewhere in the gulf emailed them to his webmail account using a satellite connection.   An even scarier concept.  … maybe.

Google announced today they’re launching a public DNS resolver.  Nice idea, serving the Internet in general, providing a service apparently secure from DNS hacks and vulnerabilities.  They picked a winner of an IP address(es) for it, too:  8.8.8.8 and 8.8.4.4 (even easier than Verizon’s 4.2.2.2). 

I get why this is a good idea:

Centralized security – only one “system” to have to query blackhole lists, and a whole load of resources to keep on top of keeping blackhole lists updated.

Less headaches – your internal servers can use Google’s servers as a DNS and hey, presto, you don’t have to manage an external resolver.  Admittedly, there’s not a lot of headache there, but it’s something.

But one thing is nagging at me (other than Mrs. Jupiter): 

Why?   Why is Google bothering with this?

I get the uneasy feeling this might be a philanthropic start to something that goes against their mantra of “don’t be evil”.  

First:  They’re not redirecting requests for non-existent domains to another page (like many ISPs, including Comcast), so they’re not getting more hits to their advertising.  … Really?

B:  They’re collecting data but they say they will be sharing it.  … All of it?

3:  They’re going to collect ISP and Location data to make their service better.  … How?

And finally:  They’ve developed their own DNS server.  … Why?

I’m suspicious.  Not the black helicopters, Ruskies in the bushes, tinfoil hat wearing kind of suspicious, but I would guess that Google is going to use this feature to drive traffic to it’s own search results based on typo’ed domain names, thereby increasing the exposure of it’s pay-per-click advertising, and sell listings based on specific “keywords” associated with domain typos to localized businesses.  Here’s an example:

You type in expedi.acom.  Instead of answering with an NXDOMAIN record, the engine realizes that’s a typo’ed request for a travel agency web site and it redirects the query to a google search results page with the typical google paid-ad-above-freebies layout containing the results for a travel agency search.  The paid ads are from advertisers that have opted to have their results displayed to dns typos in a specific location.

If they can do that, they may just have monetized typo-squatting without the bother of having to purchase a bunch of typo’ed domain names.  Impressive.

Or:

Their long range plan is to introduce a new record type.  A “G” record, which will contain addresses of other sites just like the one you’ve requested.  It’ll be used in the ChromeOS DNS client and Chrome browser to suggest other sites like the one you’re accessing, that pops up just as soon as you finish typing a domain name.  Instant exposure to their paid ads based on a valid DNS response, thereby piggybacking monetized search results on the existing DNS system.  Also impressive.

So whaddya think:

 Loading ...