April 9th, 2009

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Thursday, April 9th, 2009 09:14 am

Got off lightly from yesterday’s little adventure with the garage door counterbalance spring.  To my surprise, there’s still essentially no visible bruising — just one single inkline bruise along the side of the second knuckle of my little finger.  The side of my hand is a little swollen, and the little finger’s a bit stiff, but that’s it.  That damn spring hit so hard, I really expected there to be a lot more sign of it this morning.

(Based on the weight of the door and the mechanical advantage of the pulley system, I’m estimating the spring had to have about 150lb of tension on it when it came off its anchor point.)

Oh yeah:  MYTH BUSTED!  ;)

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Thursday, April 9th, 2009 09:51 am

PC Magazine, ITWeb and the Register are all reporting that Conficker is actively downloading updates via P2P.  The Register, at least, is calling the new variant Conficker-E.  According to Trend Micro and Kaspersky Labs, the new version is also talking to servers known to be associated with Waledec malware and the Storm botnet, possibly downloading further code or content from them.  There’s still no evidence that the botnet is actually doing anything except update itself, though there is “circumstantial evidence” that it may be distributing the W32.Waledec trojan, which “steals sensitive information, turns computers into spam zombies, and establishes a back door remote access”, but is already well known to most antivirus software.

The really interesting development, according to Trend Micro, is that the current version of the worm apparently includes new code to clean itself up and delete itself from infected hosts on May 3.

I previously speculated that Conficker’s expanded host polling that began April 1 was a red herring, misdirection to distract attention from what it was really doing.  It appears possible that was the case — or possibly the Conficker authors simply laid low and cancelled that planned update route to avoid exposing themselves.  Now, seeing the reports of scheduled self-removal after allowing adequate time for the removal code to propagate to the entire botnet, I find myself wondering:  What if the whole purpose of the current Conficker infection is simply a proof-of-concept — a “dry run”, as it were?

Tags:
unixronin: Galen the technomage, from Babylon 5: Crusade (Facepalm lion)
Thursday, April 9th, 2009 10:44 am

The BBC and CBS, among others, reported on a suicide bombing at a mosque in Chakwal, Pakistan on April 5 that killed (depending on reports) 20 or 22 people and injured 35.  I missed it at the time, and didn’t actually look at it until I read the first of yesterday’s two STRATFOR updates.

The really odd thing about this one is that Fedayeen al-Islam claimed responsibility for the attack, saying it was part of a campaign against infidels.

Think about that a moment.  Islamic jihadists ... attacking Islamic worshippers at an Islamic mosque ... in a campaign against infidels.

Is it just me, or does this strike anyone else as a bit like fucking for virginity?


Yes, I know.  It was a Shiite mosque, and by implication Fedayeen al-Islam is Sunni.  Sectarian violence is nothing new.  But still ... it’s pretty head-slappy.

More info:  The Economist discusses the rising sectarian violence in Pakistan.  Pakistani President Asif Zardari says Pakistan is “fighting a battle for its own survival”.

Tags:
unixronin: The renowned Royal Navy battleship HMS Warspite (Warspite)
Thursday, April 9th, 2009 01:32 pm

“International efforts to thwart Somali piracy would appear to be floundering. Perhaps words from the 19th Century could offer a solution [...]”

A pretty good historical retrospective comparing the Somali piracy problem with the Barbary pirates and the suppression of the slave trade.

With Somali piracy still threatening shipping, it sounds as if modern navies need a few Captain Robert Denmans, or the like-minded American, Commodore Stephen Decatur.

...And I can’t find it in myself to argue with that.

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Thursday, April 9th, 2009 05:06 pm

SecurityWire weighs in with still more new information.

The important part here:

Unlike its predecessors, it is dropping a binary that connects to the malicious Waledac worm giving Conficker.E self-propagation abilities.  Previous versions, which exploited a remote procedure call vulnerability in Windows Server Services (MS08-067), spread only via peer-to-peer networks or downloads from a variety of URLs.

Waledac is capable of harvesting and forwarding passwords and spreads via email attachments with topical subject lines; previous iterations of Waledac used holiday-related subject lines and tried to lure users to open with promises of an e-card.

In light of this new information, we can speculate that sufficient systems have been patched against Conficker that it was unable to expand its botnet any further using its built-in infection vectors, so now it may be attempting to expand further by piggybacking on Waledac’s email-trojanning ability.

There’s some clues emerging as to the origins, too:

“Waledac is used mainly for spam,” said Orla Cox, security operations manager with Symantec Security Response.  “We believe Waledac is connected with Storm.  Waledac uses many of the same techniques as Storm; this one is a new iteration.”

[...]

Trend Micro advanced threat researcher Paul Ferguson said analysis of the variant has been difficult because some of the worm’s binaries have been encrypted.  He confirms the crossover between Conficker, Waledac and Storm.

“Some of us expected a new twist to appear at some point in time because it’s got the same fingerprints as the Russian Ukrainian organized crime operations that are probably pulling the strings behind both Conficker and Waledac and may even have been involved in Storm previous to Waledac,” Ferguson said.  “Most of this stuff is extraordinarily professionally designed.”

There’s been a historical tendency since the Second World War to underestimate the Russians in a variety of different arenas.  For instance, in the field of military aviation, Western military analysts heaped scorn on the “primitive” tube electronics of Soviet military avionics; but what they seldom considered was that the Soviet tube hardware was much more EMP-resistant than the contemporary US and European integrated circuitry.

As recently as the late 80s and early 90s, when the latest generation of Russian fighters first appeared, many analysts still looked down on them and criticized them for having vastly inferior onboard computer systems to US fighters.  The problem with this is that aircraft such as the F-16 and F/A-18 are designed to be inherently aerodynamically unstable, relying on their onboard computers to adjust flight control surfaces up to a hundred times per second to keep them stable enough to fly.  Without the same sophisticated digital computers to rely on, Russian designers had to make their aircraft’s aerodynamics virtually perfect to compete.  And they succeeded:  the MiG-29/33/35 and Su-27/35 fighter families are capable of doing effectively everything an F-16 or F-18 can do, but they don’t need an onboard flight-control computer to do it.  Indeed, it was an Su-27 pilot, Sukhoi test pilot Viktor Pugachev, who invented the extreme maneuver now known as the Pugachev Cobra, a maneuver which cannot be matched by production models of the F-15, F-16 or F-18 (though the F-22 Raptor can do it, and heavily-modified experimental versions of the F-15, F-16 and F-18 exist which may be capable of it).

Don’t ever underestimate the Russians ... and don’t make the mistake of letting the fact they’re not technically Russian fool you into underestimating the Ukrainians, either.

unixronin: Rodin's Thinker (Thinker)
Thursday, April 9th, 2009 07:17 pm

Robert Anson Heinlein said, “An armed society is a polite society.”

This assertion has been widely disputed by many, and perhaps justly so.  Those who disagree raise such examples as Somalia, Zaire, Rwanda, or Ulster during the Troubles, none of which are what Heinlein would have considered “polite societies”.

The validity of this counter-argument cannot be disputed.  Their applicability is another matter; but I have realized that the fault of applicability lies in a failure to adequately specify the terms.

You see, the examples above — or any of many others, such as Cambodia or Kosovo — really are not what Heinlein had in mind.  In all the places we’ve named as counter-examples, a largely or completely unarmed population live, or lived, under the rule or threat of a much smaller minority of violent, heavily-armed, often homicidal thugs. The thugs, possessed of a nearly absolute monopoly on the use of lethal force, used it freely whenever the whim took them ... exactly the situation Heinlein was envisioning would not happen in an armed society.

But Heinlein made an important implicit assumption, which he felt was too obvious to need to be explicitly spelled out.  When one reads his writings, it’s clear that when he said “an armed society”, what he meant was “a uniformly armed society.”  And that one word makes all the difference.

You see, one violent thug — in Somalia, or Zaire, or wherever — with an automatic weapon can intimidate a crowd of forty or fifty unarmed people most of the time, because nobody wants to be among the first ten or a dozen who die before his weapon runs dry or he gets overpowered.  But if twenty, or ten, or five of those people are also armed ... well, that dramatically changed the odds, and not in the thug’s favor.  And the thug knows it.

That same armed thug, in a city full of unarmed people, can mug ten or a dozen people a day with impunity, and get away with it unless caught by the police.  As long as he chooses his times and places, and robs when the police aren’t there, he’s pretty safe.  But if one in ten of those people is armed, then roughly once per day he’s going to try to rob someone who’s armed, and the odds are good that within a few days at most, one of them is going to kill him.  That’s not nearly so enticing a prospect.

This is the crucial factor:  In a uniformly armed society, the violent thugs do not have the effective monopoly on force that makes their way of life sustainable.  And that’s what makes a society polite — when its violent thugs have to realize that they cannot live in it as violent thugs, but are going to have to either play by the rules, die, or find somewhere else to live.

So let’s slightly restate Heinlein:

“A uniformly armed society is a polite society.”

unixronin: Very, very silly. (Goonish)
Thursday, April 9th, 2009 10:49 pm

There was once a violin-maker, you see ... well, not just violins, he did cellos, violas, any of the bowed string instruments.

But I digress.

The violin-maker had a little shop on the main square of town, right by the town’s main cistern.  The area got little rain, and all water was precious.  Every drop of rain had to be saved in cisterns and catch-basins to get through the year.

One year, there was an earthquake.  Many buildings were damaged, and no few people killed in buildings that collapsed, but worst of all, the main cistern was cracked badly.  Not only were the cracks leaking, but a large section of the cistern wall between two deep cracks was unstable, and was threatening to give way under the water pressure.

Of course, the town guards’ first priority was to shore up the cistern wall.  To this end, seeking the closest source of makeshift repair materials, they went around all the shops on the square, grabbing everything that wasn’t bolted down to support the wall ... tearing off doors and shutters, taking barrels, sacks of flour, the violinmaker’s supplies of wood, even the instruments he was working on and several finished instruments awaiting collection.

The violin-maker protested bitterly at them taking the finished and nearly-finished instruments, having put hundreds of hours of work into them, but needs must when the devil drives.  The cistern wall had to be saved at any cost.

The violin-maker warned them, though, “You’ll regret taking those.  It’s a very bad idea.  You’ll see.”

Well, they successfully shored up the wall, and all was well until three days later, when a strong windstorm sprang up.  The town was no stranger to wind storms, but this time the town square was filled with the most unearthly shrieking.  It sounded like a hundred cats being skinned alive.  It sounded like demons pulling each others’ fingernails out.

People leapt from their beds and ran into the square, looking around for the source of the terrible, wailing sounds.  But the violin-maker walked calmly out into the middle of the square and pointed at the cistern, where the fierce wind was blowing through gaps and openings in the improvised shoring.

“See, I warned you!”, he said.  ... )

Tags: