The Good Wife

The Good Wife (reprinted from the Metro Spirit, 10-23-14)

So what does one do while you’re waiting for the new Apple OS to download on a Sunday evening?  There are several things actually.  You could hunker down in your man cave and watch Sunday Night Football.  You could review all the email that came in over the weekend.  Facebook, Twitter, Instagram – Those are all options as long as you use your phone.  In my case, you fix a sipping drink for yourself and your wife and turn on “The Good Wife.”

Yes, I know.  It’s very manly.  But those of you in the “Married…With Children” demographic will understand completely.  Sunday evenings possess unique qualities during the weekly routine.  The weekend is over, but the new week hasn’t yet started.  The kids possess a certain morose over having to start another school week.  The daily bedtime fight is less intense (unless someone forgot about a homework assignment – ugh!), and a certain calm settles over the house.  The wife busies herself with some mindless activity, and I can finally relax for a few minutes.

Yes, a sipping drink is appropriate.  And why not “The Good Wife?”  It’s a good show.  With the Yosemite download only at 23 percent, I don’t see any reason not to settle onto the couch with the wife and take a look.

This week, “The Good Wife “guest starred one of my personal favorite Internet threats, the cryptolocker virus.  What a treat!  The plot twist begins with Diane Lockhart standing in front of a computer and looking at an obviously fake email.  I caught myself yelling at the television, “No, Diane!  Don’t open the attachment!”  It was of no use.  She double clicked and instantaneously every desktop in the office started a 72-hour countdown timer.  “Pay now, or else all your files will be deleted.” 

Over the course of the next hour, viewers are treated to a wide sample of business IT fears.  Do you need a document for court?  Sorry, the computers are all down.  I’ll just use the copy on my laptop.  No can do…it got taken down with all the other computers on the network.  No worries, we can just pull it from backup, right?  Wrong, we spent the money allocated to backups to get the partner out of jail.  Well, darn, I guess we’ll just have to pay the fine…oops, did I enter the wrong email address and send that data to my competition?  This is not going well.  Wait – here’s a phone number for tech support…after four hours on hold, you would think that they could resend that email?  What buttheads!

(spoiler alert!) In the end, the amazing Kalinda drew upon her resources to track down the ringleader of the Russian crime syndicate running the cryptolocker scam.  After a simple reverse webcam hack and a few anti-Putin emails, the unlock code is safely in her possession.  Isn’t she awesome?

In reality, cryptolocker doesn’t play out very nicely.  We’ve only seen a few cases, none of which had anything as sexy as a countdown timer.  They all had data folders full of encrypted files.  The only solution short of paying the ransom is wipe the machine and restore from backup.  Most folks think you only need disaster recovery in case of fire or water damage.  It turns out that a simple click of an email attachment will put a recovery plan into action.

Still waiting for Yosemite to download.  After that I’ll need to upgrade my iPhone to 8.1.  Guess we’ll have to talk about the new Apple OS next week!

Until next time… @gregory_a_baker

 

 

 

For the Birds

For the Birds (reprinted from the Metro Spirit, 10-16-14)

Sometime during the summer of 2014, a group passionately opposed to the rising use of drones conducted a highly secretive meeting.  Attendees to this meeting flew in from all over the country and represented a broad cross-section of the flying population.  The problem is clear.  The prevalence of drones creates a hazard for those creatures indigenous to the air.  While opinions vary on the threat, the bird nation is unified on one point: something must be done.

(Editors Note:  Staff members from the Metro Spirit were unable to attend this meeting.  The following is an account that Augusta Tek was able to piece together from the various little birds that were whispering in my ear.)

“Order.  Please come to order.  Everyone.  Please quit your squawking.  My feathered friends, it’s now time to call to order this emergency meeting of the Avian Neighbors Growing in Rage and Yearning to Broadly Impair Robotic Drone Systems, otherwise known as A.N.G.R.Y.B.I.R.D.S.”

The meeting chairman was none other than Edgar, a grand Bald Eagle that resides in the northern Rocky Mountains.  Edgar possesses an extreme passion against the drones.  Quite frankly, he resents the intrusion of the humans into his territory.  Merely seeing them on the ground is unsettling.  Sharing the skies with their devices is absolutely intolerable.

Edgar continues.  “As we all know, the humans have engaged in the development of a flying robot that threatens our territories.  Yes, it makes the humans more productive.  And yes, it can be a tool to monitor and protect our habitat.  But they are annoying and potentially dangerous to the young.  I think we all agree that they need to go away.”

Unfortunately, there wasn’t a firm consensus among the birds.  Some wanted to attacks these drones and drive them from the sky, but many simply wanted to find a way to live in peace with these new human machines.  The first day of the meeting was filled with accounts of the many close encounters between bird and machine.  Most of the accounts described interactions that were simply annoying.  One story by a seagull named Nancy was fairly typical.

“That flying thing cut me off while I was on my way back from the beach.  There it was – it said Amazon and it was going this-a-way and that-a-way.  I went down to swipe some pizza for my little hatchlings and it dang near cut me off.  It scared the poop out of me, it did.  I never did get the pizza.  The little kid that was holding it saw me coming and dropped it on the sand.  Now you know me, I’ll eat anything.  But I couldn’t stand to feed my little babies that sandy pizza.  It’ll get all in their gullet, and the next thing you know we’ll have regurgitation automation all over the nest.  Edgar, you’ve got to do something about them and you’ve got to do it now!”

Later in the day, however, many of the birds-of-prey were angered after the story of an eagle from Bali, Indonesia. 

“Everyone in the flock was curious about the device.  It’s simply going up and down.  No one knows what to think about it.  After a few minutes, I flew over to take a closer look.  The humans may have thought I was attacking it because it started moving differently.  All I wanted was to take a look at it close up, but it kept moving around.  After a while I gave up, and the humans left.  About a week later, my Twitter account blew up.  The humans posted this picture of me.  They most certainly didn’t have permission to use my picture.  The stupid paparazzi.  The humans can’t be trusted, and these machines have to go.”

Credit: capungaero http://www.dronestagr.am/bali-barat-national-park-indonesia/

In the end, the birds ended the meeting with as much confusion and indecision as before.  Most flew home trying to figure out how they would co-exist with these devices.  The hunters, however, returned with a resolve to take action.  That’s just how birds-of-prey are.  Sometimes you just have to take matters into your own hands (so to speak).

 http://youtu.be/AhDG_WBIQgc

 Until next time…@gregory_a_baker

 

 

 

Windows 9? Forget About It!

Windows 9? Forget About It! (reprinted from the Metro Spirit 10-9-14)

How does the old saying go…It’s not easy being green.  Well, it turns out if you really want to get snubbed, try being the number 9.

You wouldn’t think that it would be that way.  The number 9 has had a great run over the years.  For example…

  • Number 9 is the largest single digit number, and it stands for completeness and eternity.
  • In ancient Chinese culture, the number 9 held an esteemed position as the “trinity of trinities.”  Its use was exclusive to the emperor. 
  • The fact that cats have nine lives is widely regarded as a positive (unless you are a dog).
  • We refer to someone wearing a particularly nice outfit as being dressed to the nines.
  • While I agree that Conjunction Function has the catchiest tune, in my humble opinion, the best Schoolhouse Rock song is Naughty Number Nine.

So when it comes to naming a new operating system, one would think that 9 would be the perfect release.  After all, who wouldn’t want their product to be the greatest among equals and provide users the complete experience?  It kind of makes sense for a company that has a vision for unifying the operating system across desktops, smartphones and tablets.  Sure, the first attempt had some issues, but the magic version 9 is going to get it right.  Right?

Not so fast.

Microsoft decided to skip all the greatness that is the number 9.  At a preview event last week (BTW – held on the last day of the 9th month), Microsoft announced that its new client operating system is going to be called Windows 10.

Officially, Microsoft skipped 9 because they wanted to emphasis that the new operating system represents a change in how Windows works.  The days of large, monolithic upgrades that occur every three to five years are over.  From this point forward, updates will be rolled-out incrementally in smaller chunks.  Supposedly, Windows 10 will be the last major version release.

If Microsoft can pull off managing the client operating system as a service, I’ll be their biggest cheerleader.  It’s exactly what a company that claims to be “mobile first” needs to do.

However, a number of unofficial reasons for snubbing 9 are floating around the Internet.

  • One theory states that Microsoft wanted to line up the version number with the number of actual releases.  This theory depends on what you call a release.  According to Wikipedia, you could be justified in calling this new version Windows 25.
  • Microsoft wanted to follow the Xbox paradigm and call the new operating system Windows One.  However, Windows 1.0 was already released in 1985, and the duplicate name might cause confusion.
  • Initial testing demonstrated that a significant number of third-party applications contain legacy code that checked for the Windows 95 or Windows 98 operating systems.  The check is performed by verifying the operating system name begins with “Windows 9.” When these third-party apps were installed on Windows 9, the applications crashed after inserting code needed to be compatible with Windows 95/98.  After some research, Microsoft determined it was far easier to change the operating system name than it was to change all the third-party applications.

While an element of truth probably exists in all the above, I believe CNET Blogger Nate Ralph identified the true reason for skipping versions.  It’s the same reason that Windows Vista was afraid of Windows 7.

Windows 7 ate 9.

Until next time… @gregory_a_baker

 

 

Staying Ahead of Murphy

Staying Ahead of Murphy (reprinted from the Metro Spirit, 10-2-14)

If anything can go wrong, it will.  -Murphy’s Law

This simple phrase is by far the most important axiom in engineering, and for that matter, any technical field.  At its core, Murphy’s Law depicts a very cynical and cruel view of how the world works.  Nature itself is portrayed as man’s adversary – an adversary actively seeking to thwart the functionality of any device created by man.  Poor designs will undoubtedly end in failure.  Only disciplined and well-executed approaches have any chance of success.

Now, most readers of this column understand that nature is not really out to get you (although, yes, some days I have my doubts).  In practice, Murphy’s Law provides a constant reminder of two immutable facts that must be addressed when working on a complex project:

1.     Nothing will even occur as planned.

2.     Even engineers are not smart enough to know how everything works.

As a result, even the most well thought out design possesses numerous uncertainties when released to the wild.  Most complex products are actually composites of other products that may not be tested outside their primary Use Cases.  And no matter how many Use Cases are written, some random soul will use the thing in a completely different way.  Once new products are released to general distribution, it’s safe to say that Murphy will have plenty of opportunity to strike.

The discovery of the Shellshock vulnerability is a great example of how Murphy subtlety works his way into a project.  Shellshock is similar to the Heartbleed vulnerability discovered earlier this year.  Both vulnerabilities are rooted in widely used open source packages.  In the case of Shellshock, the vulnerability is caused by a programming error in the shell utility Bash.

The original Bash programming was written in the late 1980’s as part of the Free Software Movement.  Since then it has evolved into one of the Internet’s most ubiquitous command line applications.  The Terminal application on the Mac is based on Bash, and a copy of Bash exists on virtually all Linux servers.  Any software application that uses scripts to send data to a Linux server is likely touching some form of Bash.

At first look, what could be more secure than open source software that’s been around since the late 1980s?  Proponents of open source software often state that security is inherent in open source projects.  Since the source code is publically available, open source software allows more opportunity for review and accelerates the speed of fixing errors.  Unfortunately, this tenant of open source is not working out in practice.

The lead developer of Bash estimates that the defective code was introduced into the Bash baseline sometime around 1992.  Since that time, a countless number of individuals and organizations have created applications using Bash.  Did any of those groups understand that Bash is maintained by a small group of volunteers with limited resources?  Did anybody think to ask if a security audit had ever been performed?  Or did they just grab some software that came bundled with a “certified” distribution and go crazy with it?

For over 20 years, software groups around the world blindly incorporated Bash, OpenSSL and other open source packages into their applications.  And by doing so, these coders have unknowingly invited Mr. Murphy to participate on their development teams.  It’s impossible to determine the actual risk posed by unknown vulnerabilities in open source software.  Given the widespread use, the impact will be severe when it occurs.  So far we’ve been able to stay ahead of Murphy.  Hopefully, we can keep it that way.

Until next time…

@gregory_a_baker