The unchecked rise of malware could culminate in a massive global event that would change forever the way we use the broadband internet

This article titled “The cyberplague that threatens an internet Armageddon” was written by John Naughton, for The Observer on Saturday 30th April 2011 23.04 UTC In 1971, Bob Thomas, an engineer working for Bolt, Beranek and Newman, the Boston company that had the contract to build the Arpanet, the precursor of the internet, released a virus called the “creeper” on to the network. It was an experimental, self-replicating program that infected DEC PDP-10 minicomputers. It did no actual harm and merely displayed a cheeky message: “I’m the creeper, catch me if you can!” Someone else wrote a program to detect and delete it, called – inevitably – the “reaper”. Although nobody could have known it 40 years ago, it was the start of something big, something that would one day threaten to undermine, if not overwhelm, the networked world. For as we became more and more dependent on information and communications technology, we were also subjected to a plague of what came to be called “malware”. It’s an ugly term, as befits something that covers a multitude of sins, all involving computer code designed with destructive or malevolent intent. It includes not only viruses, which are programs that replicate by copying themselves into other programs, but also worms (self-replicating programs that use a network to send copies of themselves to other machines on the network, with or without human assistance) and Trojans (similar to viruses but instead of replicating they infiltrate a computer and perform some illicit activity, possibly under remote control). Malware also refers to other evils: the junk mail we call spam; “phishing”, or trying to hoodwink internet users into revealing bank account passwords etc; page-jacking, which makes it difficult or impossible for a victim to get rid of a web page; and other scams. The malware plague has gone through several phases. It began in a harmless and experimental way with the creeper and a worm released on to the internet in 1988 by Robert Morris, a student from New York State’s Cornell University. Morris wanted to find out how many computers were connected to the internet so he wrote a small program that would install itself on every machine it found and send back a “present and correct” message. But there was a flaw in his code that meant the worm replicated. On 2 November 1988, network administrators realised something was up because their machines – and the network itself – had slowed to a crawl. In the end, the culprit was identified and carpeted, though it doesn’t seem to have done him any lasting harm: Morris is now a professor at the Massachusetts Institute of Technology. Malware began on the internet, but its next phase involved the stand-alone machines we now call personal computers. In 1982, a Pennsylvanian teenager named Rich Skrenta created the “elk cloner” virus that infected the Apple II, then the most popular personal computer in upmarket US households. Skrenta’s virus covertly altered the floppy disk needed to boot up the computer, displaying some doggerel on the screen on start up. It was annoying but harmless. Early PC malware tended to be like that – irritating but not terribly destructive. And malware spread slowly, because most of these PCs were not networked; infections spread by “sneakernet” – ie users sharing floppy disks. The real trouble began when domestic internet use exploded in 1993. From then on, an infected PC was a potential menace not just to its owner, but to other machines with which it communicated. For many people, early malware was a baffling phenomenon. It was seen as something akin to physical vandalism in the real world – hooligans despoiling an environment for no obvious reason. What motivated them? Nobody knew, though several psychologists had a go at explaining it. The notion that malware was motiveless destructiveness was fuelled by the fact that much of it was imitative, carried out by “script kiddies” – non-programmers who downloaded DIY virus-construction kits. In the 1990s, malware development accelerated. When Microsoft released Windows 95, it rapidly became the de facto standard for the PC industry and the world’s IT systems came to exhibit the characteristics of a monoculture: millions and millions of PCs across the globe, all running the same software, all sharing the same security vulnerabilities. At the same time, domestic broadband connections became common. Suddenly, there were millions of machines, operated by people with little understanding of computer security, with shared vulnerabilities and fast connections to the network. Most importantly, malware found a business model in the late 1990s. The fragility of the monoculture could be exploited for profit. Spamming – junk emailing – could now be done on a truly gigantic scale. Hitherto, it had required identifiable servers with broadband access to the net. But the new broadband environment offered a better infrastructure. All you had to do was find machines with fast connections, unpatched security vulnerabilities and non-savvy owners and infect them with a Trojan that would turn them into relay stations for spam (and which could be turned off just as easily, to avoid detection). Spamming works because it can be very profitable. It costs very little more to send 10m emails than it does to send 100. If you’re selling a packet of Viagra for $20 and you have a response rate of 0.1%, you’ll make $20 from 1,000 emails. But if you send out 10m and have the same response rate you’ll be earning $200,000 a day. This is the kind of serious money that makes organised criminal gangs sit up. The idea of covertly suborning networked PCs was a critical breakthrough for malware because it enabled malefactors to set up “botnets” – networks of compromised machines that could be remotely controlled. Nobody knows how many of these botnets exist, but there are probably thousands of them worldwide and some are very large. A list of the 10 largest in the US in 2009, for example, estimated that they ranged in size from 210,000 to 3.6m compromised machines. In addition to spamming, botnets can be used for a wide variety of purposes. They can, for example, launch “distributed denial of service” (DDOS) attacks on e-commerce or other web sites. Each machine in the botnet bombards the targeted site with simultaneous requests, repeated incessantly, to the point where the site’s servers buckle under the load or the site becomes unusable by legitimate customers. More sinisterly, botnets can be used for blackmail, effectively extracting protection money from retail sites to ward off the threat of a DDOS attack. Nobody talks about this in public, but it goes on. Domestic PCs that have been compromised by Trojans can be put to other uses too. For example, they can covertly monitor their user’s keystrokes when logging into banking and other sites, thereby stealing passwords and credit card details. At a recent presentation by officers from Soca (Serious Organised Crime Agency), I was struck by a slide that showed how highly developed the online market in stolen credit card data had become. It showed a marketplace for “USA 100% APPROVED TRACK2 DUMPS” in which Visa debit card details were going for $8 and American Express details were $10. On another such marketplace, American MasterCard details cost $15 while European credit card details were going for $40 a pop. “Buying large quantities,” it said, “prices are negotiable for every customers.” (Grammar and spelling are not a speciality in this particular netherworld.) We’ve come a long way from the creeper and elk cloner. The driving forces behind contemporary malware are financial gain and organised crime, much of it with its headquarters in Russia and other parts of eastern Europe. One of the most blatant examples of an online marketplace in stolen credit card data was CarderPlanet.com, a website ostensibly based in Vietnam, but operated by people based in Russia and Ukraine, and now shut down. A senior US secret service official described CarderPlanet as “one of the most sophisticated organisations of online financial criminals in the world” which had been “repeatedly linked to nearly every major intrusion of financial information reported to the international law enforcement community”. Some of the principals behind CarderPlanet were arrested after an intensive campaign by the US authorities. But one of them, Dmitry Ivanovich Golubov, was subsequently released by the Ukrainian authorities and has allegedly started a political organisation called “the Internet Party of the Ukraine”. The latest round in the malware saga came in June last year when the Stuxnet worm finally broke cover. Stuxnet infects Windows computers and spreads mainly via infected USB sticks, so it doesn’t require the internet for dissemination. Once a USB stick infects a machine, it uses a variety of tricks to infect other machines on the local network and to take control of them, but with an added twist. It looks for a special kind of programmable logic controller (PLC) made by the German company Siemens. If a PLC is found, the worm infects it using a vulnerability in the controller’s software and changes its code and thus its behaviour. This is scary because these Siemens controllers play a critical role in virtually every industrialised plant in the world, including water treatment plants, electricity grids and oil refineries, and nuclear reprocessing facilities. One target of Stuxnet was Iran’s controversial nuclear weapons programme, specifically the gas centrifuges it uses to enrich uranium. It is claimed that the worm reprogrammed the Siemens PLCs to cause over 900 centrifuges to spin uncontrollably while at the same time feeding back “normal” data to the plant’s operators, thereby concealing the problem until it was too late. The fact that this has set back Iran’s nuclear programme by several years has led to speculation that the worm was the creation not of criminal hackers, but of a state agency (possibly Israeli or American). This hunch was supported by the fact that Stuxnet seems a pretty sophisticated piece of malware. Bruce Schneier, a leading security expert, estimates that it would have taken eight to 10 accomplished programmers six months to design, implement and test it under laboratory conditions. It’s difficult to imagine the criminal hacking fraternity having the resources to do that. Why has malware become so pervasive and so difficult to combat? The main reason is that malevolent innovation is the downside of the open architecture of the PC and the internet. The combination of an open, programmable PC and a network that is open to anyone created a “generative system” which was uniquely hospitable to what has come to be called “permissionless innovation”. This had some amazing benefits – it gave us the world wide web, for example, Wikipedia, the Linux operating system and the Apache web-server software that powers a majority of the world’s web sites. But it has also given us the malware plague. There is another, deeper, fear – that the mysterious botnets that have been assembled by the merchants of malware may one day be used in some co-ordinated way to engineer a massive global event – cyberspace’s equivalent of 9/11, if you will. If something like that were to happen, then the response of governments everywhere would be draconian. Just as civil liberties in western democracies were massively eroded by the aftermath of 9/11 and the ensuing “war on terror”, so the freedoms we have hitherto taken for granted in cyberspace would be correspondingly curtailed. The day might come when you’ll need a government licence to connect to the internet. Bob Thomas’s creeper could have a creepy inheritance.

guardian.co.uk © Guardian News & Media Limited 2010 Published via the Guardian News Feed plugin for WordPress.

Thanks for subscribing to Andy Roberts blogThe cyberplague that threatens an internet Armageddon

Related posts:The internet is over Work PLEs internet futures and social relations Fixed: blog not displaying properly in Internet Explorer

Yes, it’s all about filters, recommendations and information management, but are there any new tips on offer here? Probabilism may have something to offer. I’m not sure it’s a good idea to wait for someone to email you again because you’ve simply deleted their email without reading it though.

This article titled “Information overload? Time to relax then” was written by Cory Doctorow, for guardian.co.uk on Tuesday 22nd February 2011 08.37 UTC The title of a fascinating Clay Shirky presentation has it that “It’s not information overload, it’s filter failure”, and though I rely extensively on filters to make my online life manageable, I find myself wanting to quibble with Shirky. After years of discovering a new information resource, being consumed by it, finding it too much to bear, then getting on top of it, only to find myself being sucked under by another, faster information resource, I’ve concluded that the real secret to beating information overload isn’t better filters: it’s cultivating a “probabilistic” frame of mind. The first online resources I used were dial-up bulletin board systems in the 1980s. At one point, I created accounts on every single BBS that I could connect to with a local phone call (in Canada, where I grew up, local calls weren’t metered, but long distance calls were charged by the minute). That was because most of my local bulletin board systems were hobbyist systems with one or two phone lines, and most of the time, a connection attempt would be foiled by a busy signal. In order to get my fill of online time, I’d have to create logins on dozens of systems and try to call them all until I found one that was free. Then the number of bulletin board systems increased, as did the number of lines the average BBS sported, and the number of users on bulletin board systems. Many of them joined up with syndication systems such as FIDONet, which imported the online discussions from distant bulletin board systems all over the world. I went from reading every word posted on every BBS to reading just a few choice forums. Then I had to winnow down the list of bulletin board systems I used, and then further winnow the list of groups I read. Finally, I had to content myself with skimming most of these groups and actively participating in a small number of groups that were right up my street. This was a real struggle at first. There is a world of difference between reading every word uttered in a community and reading just a few choice ones. But soon the anxiety gave way to contentment and even delight: it turned out that “overload” has a wonderful corollary: redundancy. Anything really worth seeing wouldn’t just appear once and vanish. The really interesting stuff would find its way into other discussions, and early conferencing systems made it easy enough to back my way through the forums I was ignoring or skimming to find the important thing I’d missed. This pattern went on to repeat itself again and again. Once, I could read all the Usenet discussion groups my ISP carried, then only a selection, and then only one or two plus a longer list of groups I’d dip into now and again when time allowed. Once I could read every new website that went online and was posted to Jerry and David’s Guide to the World Wide Web (now called Yahoo). Then I could only visit the interesting ones; then I could only visit the last three or four interesting ones, then I had to abandon the project altogether and just discover new sites piecemeal. Again and again, this pattern re-emerges: once I could read all the tweets emitted by everyone I followed on Twitter; now I just skim the last 20 or 30 a few times a day and rely on retweets to bubble the good stuff to the top (I do my bit by retweeting things when I think they deserve it). Once I could read every item in my list of RSS feeds; now I periodically mark them all as read without looking at any of them, just to clear the decks: if there’s something good in the missed material, someone will repost it and I’ll see it then. This is even true for my email, the most “deterministic” of media for me. Now I’ve got a mailbox for people I’ve corresponded with in the past and another that collects mails from previously unseen addresses – the latter gets a lot less attention than the former, but if I miss something and accidentally delete it, the sender often figures it out and resends the message (I keep a list of the people from whom I’m awaiting email replies and give them a nudge every so often, on the assumption that other people probably have similar probabilistic approaches to their mail). There are fascinating implications for a world of probabalistic resource use: for one thing, it points up the importance of “signal amplification” through retweets, reposts, and other recycling of interesting tit-bits – these are critical to the successful use of a medium that can’t be consumed by any one person from tip to tail. It also suggests that the most important strategy for coping with information overload is to simply relax and not worry about missing the once-in-a-lifetime opportunity lurking somewhere in one of your inboxes – it’ll be around again shortly.

guardian.co.uk © Guardian News & Media Limited 2010 Published via the Guardian News Feed plugin for WordPress.

Thanks for subscribing to Andy Roberts blogInformation overload? Time to relax then

Related posts:Teaching Assistants Community The Art of Threading Are junk information diets killing us?

Shady characters employed by corporates are trying to nobble Wikileaks supporters after failing to take down the main website.

This article titled “WikiLeaks: Big business has wised up and it ain’t pretty” was written by John Naughton, for The Observer on Sunday 20th February 2011 00.05 UTC In January 2008, someone uploaded to WikiLeaks a cache of documents, including hundreds of pages of internal correspondence of a major Swiss bank, Julius Baer. On closer inspection, the cache appeared to show that large amounts of money – sums ranging from $5m to $100m per person – were being, er, shielded in the Cayman Islands from tax authorities in various jurisdictions. It was all, of course, perfectly legal: wealthy people put capital into trusts based in the Cayman Islands. This allows them lawfully to avoid paying tax on profits from investments, because legally those profits belong to the trust which, as a Cayman “resident”, itself pays no tax. But the trustees can distribute money to the trust’s beneficiaries, who may be residents of the UK and indeed, for all I know, pillars of society or even members of the Tory party. Legal it may be, but mostly these folks don’t like knowledge of their ingenious wheezes to enter the public domain. It’s so vulgar, don’t you know. And the banks that handle their money like it even less. So Julius Baer went apeshit about the leaks. Its lawyers persuaded a judge in California to shut down wikileaks.org and that, it thought, was that. You can guess what happened. In no time at all, mirrors of the WikiLeaks site popped up everywhere. The First Amendment crowd in the US started taking an interest. Suddenly, the whole world knew about Julius Baer’s wealth-management services. The California judge had second thoughts, wikileaks.org was restored and CBS News reported the decision under the headline “Free speech has a number: 88.80.13.160″ – the IP address of the WikiLeaks site. And a major Swiss bank retired to lick its wounds. What’s instructive about the Julius Baer case is how clueless the bank and its agents were about the net. They looked like blind men poking a tiger with a stick. It was amusing at the time, but it was too good to last. It was inevitable that the corporate world would wise up and in the past few weeks we’ve begun to see some of the results of that re-education process. And it ain’t pretty. What’s driving things now is the conjecture that the next big WikiLeaks exposé concerns Bank of America. And deep in the lush undergrowth of corporate America, security, consulting and PR companies have perceived lucrative business opportunities in helping putative WikiLeaks targets get their retaliation in first. We got a glimpse of this twilight world when the activist group Anonymous hacked into the servers of an internet security firm, HBGary Federal, and posted on the internet a huge cache of internal emails. Some of these messages discuss how the firm, in conjunction with two other companies, Palantir Technologies and Berico Technologies, might pitch for work from the law firm that represents Bank of America and other prominent outfits. Among the ideas discussed is a focus on WikiLeaks supporters in the media such as Glenn Greenwald of salon.com. “I think we need to highlight people like Glenn Greenwald,” writes Aaron Barr of HBGary in an email dated 3 December 2010 and reproduced on salon.com. “Glenn was critical in the Amazon to OVH transition [in which WikiLeaks moved to another hosting service after being dropped by Amazon] and helped WikiLeaks provide information during the transition. It is this level of support we need to attack. These are established professionals that have a liberal bent, but ultimately most of them if pushed will choose professional preservation over cause, such is the mentality of most business professionals. Without the support of people like Glenn, WikiLeaks would fold.” One of the most interesting documents unearthed by the Anonymous attack is a PowerPoint presentation outlining the proposed pitch and the competencies of the three companies involved. Among the “Potential Proactive Tactics” is “Cyber attacks against the infrastructure to get data on document transmitters… Since the servers are now in Sweden and France putting a team together to get access is more straightforward.” Since the story broke, Palantir has apologised to Mr Greenwald and severed its contacts with HBGary. Shortly afterwards Berico did the same. HBGary issued a terse, non-committal statement when withdrawing from a trade show. The company did not respond to phone and email queries about the authenticity of Mr Barr’s message of 3 December. I could go on, but you will get the point. Bank of America and its lawyers are, of course, horrified by all of this and point out that they have had nothing whatever to do with it. Which is just as well, because they may soon have their hands full dealing with other matters.

guardian.co.uk © Guardian News & Media Limited 2010 Published via the Guardian News Feed plugin for WordPress.

Thanks for subscribing to Andy Roberts blogWikiLeaks: Big business has wised up and it ain’t pretty

Related posts:BBC NEWS ¦ Business ¦ Indian firm ‘eyeing UK graduates’ WikiLeaks cables: Saudi Arabia cannot pump enough oil to keep a lid on prices Business as Usual in the US

A free .co.uk domain name with free web hosting and website building tools Does that sound too good to be true? The site is called “Getting British Business Online” and is run by a collaboration between Enterprise UK, Google, BT and e-skills UK, with the support of the Department for Business, Innovation and Skills. So it’s like the British Government giving away free websites to local businesses, but paid for by BT and Google. All you need is an address in the UK and a mobile phone and they register a .co.uk domain name for you and hook it up with Google sites. Then it’s yours for free for two years to promote your business, and after that you can renew the domain through BT or possibly transfer it out. In fact it looks as if you can transfer out after only 60 days if you don’t want BT to administer the domain, but you don’t have to redirect it to free Google Sites, you can redirect it to the web hosting of your choice by dialling a freephone number listed at the terms and conditions. Getting British Business Online

Thanks for subscribing to Andy Roberts blogFree UK Domain with Free Hosting

Related posts:Divshare – Free file hosting for mp3s and blog pictures Best UK Web Hosting Wiki Web Hosting at Servage

Following on from the Podcast idea a few weeks back I promised to post again telling you how to subscribe in iTunes or get the podcast automatically delivered to the podcast player of your choice. We’ve had four podcast prototypes broadcast and published already and the show is ready to go live on Tuesday July 6th, at 7.00pm UK time so this is quite short notice for anybody who didn’t manage to keep up over at ustream

subscribe in iTunes

RSVP on Facebook at facebook.com/event.php?eid=131126593587441 The website hosting the podcasts is over at andyroberts.me and there’s a post about the official opening night which says:

After 4 weeks of prototyping, the music podcast goes LIVE in July and we’re celebrating with an official opening night on Tuesday July 6th. So come along to the ustream page promptly for 7.00pm UK time to get your requests in, hang out with other podcast listeners and be part of my opening night recorded for posterity here at http://andyroberts.me/

Podcast Launch

Building the Opening Night It would be nice to have a bit of a crowd along for the opening night just to get the regular weekly podcasting off to a good start so I’ve created a facebook Event for this particular show which you can invite people to. I’ll also be making a post over on my long established blog site at DARnet Andy Roberts and one or two other places if I can think of them. The podcast opening night will also be part of the Cafe Noodle July Ustream Festival, a great music community organised by Matt Stevens Loop. I think it should be possible to embed the ustream show here on this site – so that’s something I’ll be having a go at too.

Thanks for subscribing to Andy Roberts blogPodcast Live

Related posts:Podcast Ustream.tv Tuesday Nights Andy Roberts Music 7.00pm Gordon Brown Never a Frown

Following on from the Podcast idea a few weeks back I promised to post again telling you how to subscribe in iTunes or get the podcast automatically delivered to the podcast player of your choice. We’ve had four podcast prototypes broadcast and published already and the show is ready to go live on Tuesday July 6th, at 7.00pm UK time so this is quite short notice for anybody who didn’t manage to keep up over at ustream

subscribe in iTunes

RSVP on Facebook at facebook.com/event.php?eid=131126593587441 The website hosting the podcasts is over at andyroberts.me and there’s a post about the official opening night which says:

After 4 weeks of prototyping, the music podcast goes LIVE in July and we’re celebrating with an official opening night on Tuesday July 6th. So come along to the ustream page promptly for 7.00pm UK time to get your requests in, hang out with other podcast listeners and be part of my opening night recorded for posterity here at http://andyroberts.me/

Podcast Launch

Building the Opening Night It would be nice to have a bit of a crowd along for the opening night just to get the regular weekly podcasting off to a good start so I’ve created a facebook Event for this particular show which you can invite people to. I’ll also be making a post over on my long established blog site at DARnet Andy Roberts and one or two other places if I can think of them. The podcast opening night will also be part of the Cafe Noodle July Ustream Festival, a great music community organised by Matt Stevens Loop. I think it should be possible to embed the ustream show here on this site – so that’s something I’ll be having a go at too.

Thanks for subscribing to Andy Roberts blogPodcast Live

Related posts:Podcast Ustream.tv Tuesday Nights Andy Roberts Music 7.00pm Gordon Brown Never a Frown

Free FTP Client Software for Windows Filezilla is a free and open source FTP client software program used for connnecting to a webserver to update websites. Here’s a short tutorial video which deals with downloading, setting up and connecting Filezilla FTP to a website. I describe the twin pane approach, and show you how to download a website file, edit it , test and then re-upload so the new version is live on your website.
This Filezilla video can be watched from right here below as an embedded YouTube video, do try the HD (High Definition) and full screen options:

Or you can download the full original 84Mb video file onto your computer using the free file hosting service at divshare: Download Filezilla FTP Video Tutorial Filezilla FTP client software is available in Windows, Mac OS X and Linux versions.

Good alternative FTP clients apart from Filezilla are Cute FTP for Windows and Mac (small charge) , and on a Mac there are also Fetch and Cyberduck.

Thanks for subscribing to Andy Roberts blog Free FTP Client Software - Using Filezilla to update Websites

Related posts:Reclaim your lifestream feeds with SweetCron softwareBest UK Web Hosting