E-rant

A long time ago, in a career far, far away, I worked at a government facility that was just way over the top on security.  We didn’t really do all that much – plus there are guards with guns guarding us while we really didn’t do that much.  They even had a firing range, holding cells, a protected area (with buffer zone) controlled by biometric access.  Nutty stuff.  One of the rules that I had previously thought overkill was that you couldn’t bring cameras in.  Why would anybody care what we could possibly take pictures of here?

While having lunch, I found out why that rule was in place.  Sitting here, in the Jovian bunker, getting my daily fix of security newsfeeds, lotto numbers, and lolcats, I came across a link to pictures of somebody’s control systems.  Interesting, I thought and started looking at them since I’m just kind of dorky that way.  There a dozen photos of various parts of the control system.  In fact, if you’re interested, here they are (“here they “were” – they’ve been removed since lunch, but I dug them out of my browser cache for you all to enjoy and posted them here).

Pictures.  So what?  They’re low resolution and a bit difficult to make anything out.  Well, web 2.0 and Search Engine Optimization was kind enough to bestow upon us “tagging“, whereby a social networking site can make content more relevant to searches by allowing (typically) users to provide a phrase that helps describe a blog post, video, movie, or other “user-generated content” (read:”useless crap”).  Tags are great – it’s nice to add words to media so that you can categorize and filter your own useless crap, and your mother-in-law and her gossipy bridge club buddies can more easily see where you work and you can prove to her once and for all that you’re not a freeloading bum milking her daughter for all she’s worth as she’s been saying for years now.   

The images are ok, but the really good stuff lies in the associated metadata contained in the handy tagging features (they’ve been removed from flickr.com since lunch, so you’ll have to go see what they look like in Google’s cache to see what the tag info was).

Start with the user account name:  Sarasota_itsd.   Florida, maybe?  Matches the map on the wall.  Then there are the picture titles that include “Carlton Office” and “SCADA”.   Google up “carlton office sarasota scada”, and the first page of results are about a water treatment plant.  More easy Googling and you find it located here, in high resolution.  And there’s the picture captions and the “tags” that imply they run Allen Bradley ControlLogix PLCs and the Dynac control system suite running on OpenVMS (likely complimented by DynView workstation software).  Compound that with the org chart hanging on the wall and one can extrapolate this is at a pretty modern, yet slightly understaffed water treatment facility.  The org chart which seems to show 12 engineers on staff that report to six executives is probably correct, since the satellite shows 14 parking spaces ‘round back with a dozen or so up front.  That’s also evidenced by the satellite picture taken at roughly noon (shadows facing due north) and that there are (apparently) only three personally owned vehicles in the lots.

A little more googling gives this handy brochure that shows you, yes, that big tank without a perimeter fence around it really is the tank that holds the clean water ready to go into the system.  And if you’re still unsure what you’re doing you can get a tour of the plant as well - but you have to arrange it in advance, since they only have a dozen or so people to run the plant across 24×7 shifts, which means you’ve got only two or three guys on per shift usually.

Just a teensy bit more resolution in those pics and you’d have their IP scheme, too, since they had that printed to the screen for some ludicrous reason on both their XP laptop, their DynView station, and their IBM thinkpad, all of whihc are sitting right next to their DLink b/g/n wireless router.  But no such luck, unless we can find those guys from the TV spy shows that can “enhance” any blurry image enough to know what religion a guy is.

I’m convinced: cameras in sensitive areas are a risk, but not nearly as big a risk as trusting your operations to some moron posting pictures to social networking sites.

Hear ye, hear ye!  Make way for the Great Seer, the Oracle of Truth and Justice, Master of all Things Electronic, and Ranter of Lunacy, Jim Jupiter the Omniscient shall hereby proceed to layeth upon you, the unwashed massess, several intrinsic and unopposable truths that shall be fortold duringthe forthcoming year:

1.  Schmidt sings Kumbaya.  Howard Schmidt’s soundtrack for the upcoming year will be a collection of campfire songs and little ditties about puppies and happiness so sweet and sticky they’d make a My Little Pony puke.  Not by choice, of course.  See, it didn’t take this long to name a Czar due to the administration’s indecisiveness, it took this long to strike a deal that ensures whoever’s named Czar won’t give the administration another black eye during Obama’s first term.   Sweet and harmonious music, even if sung through clenched teeth.

2.  Twitter is recognized for what it is – useless crap.  I hope beyond all hope that Twitter will die.  This is more wishful thinking than an actual prediction.  I’m sure some people find Twitter useful, but I just don’t get it. 

3.  Android will be a hacker’s playground.  All of those malicious code authors that have been waiting for an opportunity to invade the fertile mobile phone application market may have gotten their wish.  The open architecture without the appstore cover charge is just what it takes to open the floodgates.  That, and an audience, which it appears it may get with the new Nexus One.

4.  Michael Jackson sitings will rise astronomically.  Until he comes out of hiding for a resurrection tour, of course. 

5.  Cloud computing will suffer more serious reputation setbacks.  Yep, “the cloud” will get some bruises, but it will make it through the year without being laughed off the scene.  By my estimate, it’s on the verge of beinga viable solution – cloud computing(aka “software as a service”, aka “high performance computing”) reminds me of PKI – the technology that’s too good to die but too complicated to be done right.  I think one good round of rebranding (“dust computing”?) is what it’s going to take.

6.  Control systems security appliances will flood the market.  One will come out on top, but not for several years.  The solution that will come out on top?  The one that bridges the gap between control system engineers and IT engineers, that has an aggressive marketingand pricing schedule.  Tofino fits that bill, sans marketing and pricing strategies.

7.  Tiger Woods, Mark Sanford, and Charlie Sheen (who made it just under the wire into the 2009 scandal party), will all appear in a TV ad together.   I’d venture to say they’ll get their own reality show, but that market’s saturated. 

8.  Cyber crime will go way up.  Or I should say that the number of prosecuted cyber criminals will go way up.  Simple statistics:  In a crappy economy, there are a larger number of unemployed geeks who need money.  A portion of those unemployed geeks may try their hand at cyber crime.  Due to inexperience, they’re more apt to get caught – either due to sloppy crime scenes (or not-sloppy-enough crime scenes) or when “fencing” their goods. 

And here are the remaining predictions that I had to leave off the newsletter due to the financial crisis:

9.  Siobahn Gorman gets a job with CNN.  And parlays that into a correspondent gig for  60 minutes, Anderson Cooper style.   What a powerhouse of cyber security reporting that’ll make!  But it’ll be nice to at least have the fear-mongers coralled for once.

10.  Netbooks overtake the “smart phone”.  Let’s just face it, the owner of the current handheld device landscape is Apple.  Now they’re going to get in and change the game with the iSlate.  This is likely going to be a really f-ing big iPod Touch.  Once Apple realizes that an iSlate is uncomfortable to hold up to your ear, it will be sold with a bluetooth headset and an optional ”dial pod” (read: “your iPod”), creating the first commercial implementation of the “personal area network”.   …Then for 2011, bioelectrical implants for better power management!

11.  Hoverkraf saya penuh dengan belut.  … my apologies, I had some of this outsourced to a sketchy overseas company and had trouble translating them back.  Let me know if you can make anything of this one.  I think it has something to do with Rush Limbaugh.

That’s all, folks.  Got any to add?  Leave a comment!  I’ll revisit this next December and see how we did – as long as the fame and fortune that destiny clearlyowes me doesn’t finally hit, go to my head, make me a billionaire through endorsement deals, then make me sleep with dozens of beautiful women and wreck my Escalade.

Google announced today they’re launching a public DNS resolver.  Nice idea, serving the Internet in general, providing a service apparently secure from DNS hacks and vulnerabilities.  They picked a winner of an IP address(es) for it, too:  8.8.8.8 and 8.8.4.4 (even easier than Verizon’s 4.2.2.2). 

I get why this is a good idea:

Centralized security – only one “system” to have to query blackhole lists, and a whole load of resources to keep on top of keeping blackhole lists updated.

Less headaches – your internal servers can use Google’s servers as a DNS and hey, presto, you don’t have to manage an external resolver.  Admittedly, there’s not a lot of headache there, but it’s something.

But one thing is nagging at me (other than Mrs. Jupiter): 

Why?   Why is Google bothering with this?

I get the uneasy feeling this might be a philanthropic start to something that goes against their mantra of “don’t be evil”.  

First:  They’re not redirecting requests for non-existent domains to another page (like many ISPs, including Comcast), so they’re not getting more hits to their advertising.  … Really?

B:  They’re collecting data but they say they will be sharing it.  … All of it?

3:  They’re going to collect ISP and Location data to make their service better.  … How?

And finally:  They’ve developed their own DNS server.  … Why?

I’m suspicious.  Not the black helicopters, Ruskies in the bushes, tinfoil hat wearing kind of suspicious, but I would guess that Google is going to use this feature to drive traffic to it’s own search results based on typo’ed domain names, thereby increasing the exposure of it’s pay-per-click advertising, and sell listings based on specific “keywords” associated with domain typos to localized businesses.  Here’s an example:

You type in expedi.acom.  Instead of answering with an NXDOMAIN record, the engine realizes that’s a typo’ed request for a travel agency web site and it redirects the query to a google search results page with the typical google paid-ad-above-freebies layout containing the results for a travel agency search.  The paid ads are from advertisers that have opted to have their results displayed to dns typos in a specific location.

If they can do that, they may just have monetized typo-squatting without the bother of having to purchase a bunch of typo’ed domain names.  Impressive.

Or:

Their long range plan is to introduce a new record type.  A “G” record, which will contain addresses of other sites just like the one you’ve requested.  It’ll be used in the ChromeOS DNS client and Chrome browser to suggest other sites like the one you’re accessing, that pops up just as soon as you finish typing a domain name.  Instant exposure to their paid ads based on a valid DNS response, thereby piggybacking monetized search results on the existing DNS system.  Also impressive.

So whaddya think:

 Loading ...

Did you see 60 minutes on Sunday night?  Yet another bit about hackers in our electric grid – but this time, it’s for real, it’s on 60 minutes.   60 minutes!  I used to have vast respect for these guys – put ‘em right up there with the Washington Post and Carrie Muskat. 

Don’t get me wrong (it seems this phrase shows up frequently in these posts) - I take cyber security very seriously.  And I’m a red-blooded American that loves his mother, believes in his country, likes baseball and girls, enjoys southern rock, beer, and nascar (sorta), and doesn’t have an anti-patriotic bone in his body.   I’m not advocating that we ignore security concerns in the electric grid.  Or in any industrial system, for that matter.  I’m just not convinced that something this grave can possibly be tossed about this openly without either generating a deluge of requests for information from the public to divulge sources or a gag order enforced with the FBI – and guns.  I still firmly believe that this information is 1) made up, and 2) being purposely accidentally leaked to fire up the community to get behind efforts to bolster our infrastructure.  You know, accidentally on purpose just like Carrie Prejean leaked her sex tape three days before her book release to generate some buzz instead of trying to ride that fizzling “boob reimbursement” story - timing is everything.

So I’m sooooo done with 60 minutes now.  Except Andy Rooney - I still dig that curmudgeonly old guy, regardless of whether he actually provides anything useful or not.  He’s actually one of my journalistic influences:  Woodward and Bernstein, Andy Rooney, Howard Stern, and Dave Barry.  But thanks to the other guys (yep, I’m talkin’ about you, Kroft, Sahl, and Safer), 60 minutes has now established a solid reputation for tabloid-like rabble-rousing and alarmist reporting. 

First there’s the Conficker piece - lets us know how it will “disrupt the entire Internet” – except for those things that it doesn’t impact.   Silly details.  And there’s this movie bootlegging article, which amounts to an advertisement for the MPAA.  Of course it’s the Internet that will bring down the movie industry via Bit Torrent, not the guy with the handi-cam behind you.

And now it’s on to fearmongering over the electric grid.  Citing hackers as the source of the Brazil blackout.  Sources un-named, of course.  Here’s Brazil’s response, based on a year and a half study, via Google Translate.  Caused by dirt, not Hackers.   And it alludes to the 2003 Blackout in the northeast.  Turns out that a little study (read: Googling) would show it’s caused by trees, not Hackers.  Hacker-trees, I’m sure.  TSA is onto those wily evergreens, too – that’s why you don’t see any knotty pines on airplanes anymore.

“60 minutes”…  Maybe that’s the amount of time they spend fact-checking.  I bet Siobahn Gorman’s just green with envy that she didn’t make this up first.

Here’s wise words that 60 minutes should take to heart:

“People will generally accept facts as truth only if the facts agree with what they already believe.” 

  - attributed to Andy Rooney

Update:  @crash: i didn’t steal your opening line on your blog – great minds think alike, and, coincidentally, so do ours.

We’ve all heard about the catastrophic effects of the recession.  Bank calamities, real estate woes, no more Pontiac.  Hopefully if you’re reading this, you’re still gainfully employed and you’re just worried about it like about 90% of us.   But while helping out Mrs. Jupiter bringing in groceries this weekend, it finally hit me.  Times truly are tough, and no matter what our situation, we all feel the effects of these large companies facing their own hard times.  Some of the effects benefit you and I, the meager consumer, like deals on escorts to deals on escort services, but others have a much more terrifying effect.

While putting away a 24-pack of Quilted Northern Toilet Paper, something just didn’t feel quite right.  It felt…  Smaller.  Lighter.  I started to panic.  Although I have embraced my inner cheapskate and am a self-proclaimed “low-roller”, toilet paper is one of my few extravagances.  Has something dastardly happened to the one thing in this world I splurge on?  I stopped dead in my tracks, wondering what this world has come to (again), and immediately called for an emergency inspection of the household toilet paper supply.  Lo and behold:

Shocking!  I couldn’t believe my eyes.  It might look small, but on closer inspection, it turned out to be a difference of about half an inch or approximately 11%.  11% means that Northern can now produce 10 rolls for the price of 9.  And a packaging cost reduction of approximately 3.7%. 

Really, you can’t blame them – it’s just a smart business decision.  The question it begs is this: does that extra 11% width per sheet really make a difference?  According to a study by Charmin, people use 8.6 sheets per usage on average, using up an entire roll (for an average household) in 7 days.  The 11% width difference equates to 2 square inches per sheet, for a total loss of 17.2 square inches in that 8.6 sheet wipe.   Almost one sheet!  In order to compensate for this loss, we’ll now be forced to use 1.1 additional of the smaller sheets – for a 9.7 sheet wipe.  At this increased usage rate, you’ll get 7 less poops to a roll - a loss of a full day per roll, equating to an additional 7.5 rolls per year.  The 24 pack of Quilted Northern costs about $15 at my local Safeway, which means that 7.5 rolls per year will cost me an additional $4.67.  Over the rest of my (long, long, healthily pooping) life, that comes out to just over $200, not adjusting for inflation.

And just so you know, I’ve performed my own empirical data gathering and experimentation -  my own personal usage patterns (based on a sample set = 3 poops, no spicy food), I use 8 sheets.  I will now have to use 9, incurring that inevitable roll reduction penalty over my lifetime.  Quite a crappy outcome.

Now for the inevitable slew of puns:

Certainly this company doesn’t want to be the butt of jokes here.  They’ve taken on this cheeky move solely to improve their bottom line.  They tasked their crack engineering team to re-work their production facilities as well as their packaging, certainly causing quite a rumpus.   I’ve heard they don’t even know who was behind this but they were probably just in it for the booty and I hope they get canned.  I don’t want to come off as some kind of potty-mouth, but I feel this is truly ass-tonishing and I’m literally flushed with anger.  This change is causing an uproar in the community – even more than the recession failures of Freddy and Fannie!  It truly makes me believe the company is run by a bunch of bums.  Heck, this is one of the most important commode-ities of our lives – even if you live off the grid up in the mountains in a … TP.

Ok, rant over.  Time for a beer.  I think I’ll have a Heinie.