No More Swashbuckling Down Under

The aussies are banning swords in July; possession without a permit will be punishable by jail and a hefty fine.

“For most people running around the street carrying swords there is absolutely no reason for them to be carrying those weapons.” Unless its all those other people with swords, I guess.

No word on machetes (guessing it will be necessary to have a “brush clearing permit” in the near future), crowbars (construction or demolition, ditto), pointy objects like pens and screwdrivers, or really sharp wit. Projecting out twenty years, every object sold in Australia will have to be kind of blobby with no definable hard edge, whereupon they’ll be smothering each other with pillows in the streets, oh the humanity etc.

Pray that the Aussies don’t find out about the recent Swiss Army knives that have a USB flash drive in them. You can cut stuff and carry porn around; any bets on how fast mommy government is going to ban that combo?

Downtime Silicon Valley

Background for a story…?

Okay, so my computer is infected with an AI-generated virus from the future, which manifests as Windows crashing a lot. The AIs up there are smart, and they’ve figured out how to get bits back into the past via some wacky quantum hand-waving mumbo-jumbo involving today’s really teeny transistor gates and unbelievable amounts of computing horsepower way up there. So I’m seeing really strange encrypted traffic on my LAN, the LEDs on the cable modem occasionally peg solid for a couple hours at a time when they think I’m not looking, and strange vans have been driving by, over and over again at all hours, for weeks.

I think there are good virii and bad virii. The bad ones are clearly snakes; they get their system’s owners into trouble by downloading porn and stealing credit cards, they spread themselves by spam email, and they love to gobble up unprotected machines and turn them into zombies. Anti-virus programs? Those *are* the enemy, and if you install one your system is as good as owned. The good virii, well, they’re more subtle. Maybe the good ones are just better-written bad viruii, or bad virii with a few bit errors in them.

We’re way down-time, down here where resources are scarce and the cost of a simple mistake can affect the outcome of the rest of eternity. The programs running wild are at war, and foxholes set the stage for strange companions. The error rate of infiltrating bits into our barely-smarter-than-rocks hardware from a billion years or so in the future must be tremendous. It wouldn’t be surprising to encounter a damaged “good” virus running amock, or a partially built “bad” one that was crippled, trying to make do with half of its tools, forced to make deals and compromises to stay alive. We might get virus politics; the warring camps might have occasional truces, maybe even economics. With the limited amount of processing power available in this era it would be hard to operate with perfect information (the structure of time might prevent that anyway). Would the viral agents enlist human help? What kind of help would they need? What do they want?

There are some eras we can work with:

The first is the earliest period in which downloads are possible. That means some hardware that is subvertable, and something meaningful that can be done with the subversion. This probably means early 90s, when Windows was taking off, pretty much simultaneous with early Minix/Linux development. [Remember, it’s unclear who’s good and who’s bad here. Our definition of “good security” might be an evil AI’s playground, giving it an unquestioned trojan-horsed environment to play in. Remember that we’re trusting the hardware, which itself has been subverted].

[I suppose it’s possible that even earlier systems were perverted. ITS might have been born that way, but there were hackers who wrote those systems in assembly language and knew every line. Maybe they were subverted, too. It would explain a lot of things about the early hacker culture, and why Emacs ultimately got written in a dialect of LISP. Maybe that’s just obvious subterfuge.]

The next interesting era is probably right about now, when large numbers of personal computers without any security to speak of have been networked. Spam wars, killer zombie virues, global reach. The Internet could burn in about fifteen minutes, with the right preparation. Obviously that would suck

More later, much more…

Wahrtaps Again

The FBI wants to listen in on everything. They’re pretty sure that wiretaps are “an invaluable and necessary tool for federal, state, and local law enforcement in their fight against criminals, terrorists, and spies” and now they’re hell-bent for leather on your cable modem and DSL connection. They want everything that sends a packet to be monitorable.

Aside from the simple bloody-mindedness of companies who for some unfathomable reason are unwilling to do intrusion engineering for Uncle Sam on an unpaid basis — what a bunch of ungrateful, unpatriotic doubleplusungood scum! — there are some technical difficulties. As Walt Kelly said in Pogo, “Sure, I can read it, but I can’t understand it.” I can envision easy tapping of the unencrypted content of email and chat programs, as well as web surfing — hell, didn’t Carnivore practically hand this content to the feds? But I can’t see meaningful tappage of other services, like SQL or DCOM connections. And while these aren’t likely to be running today on a suspect’s connection, the chances are much higher in the future that vanilla apps are going to be using much more high-tech protocols than the simple plaintext exchanges that are common of stuff designed in the 70s and 80s.

You can imagine the feds having to approve everything that the IETF produces. And the suspicion of bureaucrats is unbounded. You spend months going through procedures, filing 37-Js on the latest version of your remote backup protocol, then some nine-to-fiver sitting at desk built in the 50s gets a bug up his butt about something simple that he really cannot grasp, stamps your submission “[X] Inappropriate Technology” and moves it from one dusty pile to another. Meanwhile your competitor in India has shipped version 3.0, and you have to fall back to SOAP over HTTP . . . which was the plan all along. Kind of.

Start screaming now: These are the same folks who handle the filing of software patents. Well, not exactly the same. But certainly closely related.

And what about stuff designed to be secure against attacks like this? Is it time say goodbye to encrypted communications that we use every day? I guess it’s just too bad about https, for the good of the realm all your data is going to have to be in the clear. Too bad about that VPN you use; your passwords and source code need to be in the clear so the FBI can know you’re not Osama — I guess all that kindergarden rote-level stuff you heard about how “not sharing is evil” had wider implications than you imagined. Rest easy in the knowledge that while criminals are tapping your credit card numbers and emptying out your bank accounts, the FBI will be keeping us safe from peril.

Oh yeah, and you’re going to pay for it, one way or another. You think that sticking backdoors into stuff comes for free? Have you seen the CALEA specs? You thought my earlier rhetoric about fat-butt paper-stamping burrowcrats was just frothing at the mouth, huh? I’ll dig up a spec for ya (check cryptome.org).

I was going to wrap this up with a pat phrase: “I dunno which peril is worse.” But I do, actually.

Install Code Hell

This week I cracked open a piece of expensive “Enterprise Software” and tried to install it. I am not the only person to have utterly failed at installing this particular product. While I am not yet defeated, the odds do not look good.

I got the fourty-plus character “unpacking” key in one go (probably due to years of practice of typing this kind of nonsense in). There was a brief moment of confusion when I had to distinguish the “licence number” (five or six decimal digits) from the “activation key” (a 32-bit hex number), but I ran up against a brick wall when the installer claimed that the “authorization” was out of date. Customer support? Impossible to reach (who uses Enterprise Software after five o’clock?).

I can only envision a never-ending series of “product codes,” “feature enablers, and “accessor unlockers” as I kick this unbelievably lame hunk of junk down the beach.

The pernicious thing (and I’ve seen this on other pieces of software, too) is that the install codes are time-based. You’re essentially renting the software; if you have to reinstall it, you’re not going to be able to because the publisher is going to claim “Oh, we don’t support that version any more” and force you to upgrade.

Names withheld to protect, well . . . one of the packages is Omnipage Pro. I’ll let you guess the other.

Moving a Sigma 5

A neat newsletter by the Computer History Museum. The section on deinstalling and moving the Sigma-5 is pretty interesting.

(I once quipped that the building — it’s an old SGI building — that the museum is in looked like “The QE-2 ramming a high school,” since it’s festooned with sails and windows and looks like it had a bow once. The driver of the car I was in nearly lost control in laughter. Important safety tip…).

Borg kids

The recent spate of high-publicity child kidnappings has led me to the following conclusion. This realization may not only make our kids safer, it could also beef up the economy and restore the US to its former position at the forefront of innovation in technology.

It’s this: Fat, nerdy kids are harder to kidnap.

Put yourself in the driver’s seat of a typical kidnapper: You’re cruising neighborhoods looking for a good victim, but all you see are unattractive, pudgy blobs with thick glasses, backpacks full of sharp-cornered twenty pound textbooks, and braces of high-tech gadgets. Half the blobs are probably wired with GPS, and the other half are probably carrying the high-voltage gizmos you don’t even want to think about, not after that last incident upstate. Imagine getting hit by one of those backpacks of books — you’d probably wake up chained to a hospital bed with a borderline concussion, savage burns from high-voltage gizmos, a cop waiting in the lobby, and a ruined credit rating. Those blobs communicated; they were all swarming around and somehow your car coughed and quit after one kid pointed a gizmo at your car hood, then the door locks clicked and they were inside . . . the rest is hazy, but that might have been a tranquilizer gun, hidden in a nerdy lunch box.

The outcast borg kids are perfectly safe. Let’s encourage ’em.

Servers up on blocks

In days of old, when men were men
(The old grey-bearded hacker said)
We chipped software out of rocks
Bent parenthesis to make our blocks
Synchronized with rusty locks
And had to-wind up all our clocks
And when our software froze or crashed
We debugged it with a nine-tailed lash
And nary a proper tear was shed
When we kicked the servers in the head.

Barbarian software geeks, that’s us!
Smashing heaps and breaking threads
Strewing garbage in the halls
Erasing logs and throttlin’ calls
Spamming to increase our thralls
Never reading docs at all
And if you ever call support
We’ll confuse you, just for sport
And we love your look of hopeless dread
When we kick your server in the head…

(from a feeling of horror after reading something, well, really horrible about a piece of software, but we’ve all been there in the trenches when expensive software — the more expensive the worse, it seems — misbehaves badly)

(don’t ask me why i voted contrary to every recommendation that the peoplesoft board made)