Data network connectivity developments, networking business news, and related computing items.
Ken Novak's Weblog
Wednesday, November 30, 2005
Mind-machine communication: "Recognizing that many people who have lost the ability to move their limbs due to spinal cord, nerve or muscle damage have intact brains, Donoghue and his colleagues devised a way to translate thoughts into computer commands. In Cyberkinetics’ BrainGate system, now being tested in two patients, a silicon array the size of a baby aspirin is implanted into the brain’s primary motor cortex, which is responsible for limb movement. The chip--which contains 100 gold electrodes, each thinner than a human hair--is wired to a computer that interprets electrical signals from the neurons, allowing the subject to control a cursor and, by extension, other equipment.
Within two months, the first subject, a 25-year-old who had become paralyzed three years earlier, was able to open e-mail, channel surf on a television and turn lights off and on. By enabling the man to control a computer merely by thinking about it, Donoghue and his team provided him with increased autonomy. .. “Someday, the technology may allow the paralyzed to move their own muscles,” says [fellow Brown professor Roy] Aaron." 10:09:14 PM
Hackers Admit to Wave of Attacks: "An Ohio computer hacker who served as a digital button man for a shady internet hosting company faces prison time after admitting he carried out one of a series of crippling denial-of-service attacks ordered by a wealthy businessman against his competitors. " Quite a story: Hackers used an Ohio ISP to discover vulnerable windows machines. One found 15,000, and used spybot to take them over. A Los Angeles business man hired the ISP manager for $1000 to orchestrate a DoS attack on his competitors. "The FBI described the ensuing attack as a tenacious, 10-day deluge that tracked RapidSatellite through three ISP changes, and briefly blocked Amazon.com and the website of the Department of Homeland Security, which had the poor luck of sharing service providers with Echouafni's rival. "
The businessman liked the results so much he bought the ISP and went after other targets. "Jay Echouafni, the 38-year-old satellite TV mogul who allegedly ordered and funded the cyberhits, went on the lam last year, and remains a fugitive from a federal indictment out of Los Angeles. .. Echouafni skipped out on $750,000 bail secured by his house in Massachusetts last year. Law enforcement officials believe he's now living in his native Morocco. " [Via Scott Lemon] 10:39:40 AM
Monday, November 21, 2005
Keylogger Threats Rise 65%: " Threats from keyloggers, the stealthily installed programs that record computer keystrokes to help steal personal information, grew 65 percent this year, a study said Tuesday, marking a growing trend in hackers using malware for financial gain. About 6,191 keyloggers were recorded this year, up from 3,753 in 2004, said iDefense, a security intelligence provider that is part of VeriSign. iDefense recorded 3,753 keyloggers in 2004, a huge leap over the 300 released in 2000." 8:22:12 AM
Friday, November 11, 2005
History's Worst Software Bugs: Cool story of software bugs with bad effects. First, why "bug"? In 1945, "engineers found a moth in Panel F, Relay #70 of the Harvard Mark II system. The computer was running a test of its multiplier and adder when the engineers noticed something was wrong. The moth was trapped, removed and taped into the computer's logbook with the words: "first actual case of a bug being found."
My favorite story was an intentional bug placed by the CIA in 1982. The background refs are worth reading. "Operatives working for the Central Intelligence Agency allegedly (.pdf) plant a bug in a Canadian computer system purchased to control the trans-Siberian gas pipeline. The Soviets had obtained the system as part of a wide-ranging effort to covertly purchase or steal sensitive U.S. technology. The CIA reportedly found out about the program and decided to make it backfire with equipment that would pass Soviet inspection and then fail once in operation. The resulting event is reportedly the largest non-nuclear explosion in the planet's history." 11:19:26 PM
Discover Music - Pandora
: Neat service that generates a radio station by picking music that resemble a single artist or song. Way cool. An outgrowth of the Music Genome Project
: "Over the past 5 years, we've carefully listened to the songs of over 10,000 different artists - ranging from popular to obscure - and analyzed the musical qualities of each song one attribute at a time. This work continues each and every day as we endeavor to include all the great new stuff coming out of studios, clubs and garages around the world." [Thanks, Scott
] 10:57:13 PM
NearlyFreeSpeech.NET Web Hosting: Hosting with "long tail" pricing. "no contracts and no commitments .. If you'd like to talk to one of our sales reps to get a quote, you're out of luck. We don't have any. We also don't have any commissions, referral payments, or kickbacks. With NearlyFreeSpeech.NET, your money goes straight to the services you actually use"
- Data Transfers (Bandwidth): $1.00 per gigabyte
- Disk Space (Storage): $0.01 per megabyte-month
- DNS at $0.02 per registered domain per day, no matter how active your domain gets.
- Domain registration at $7.45 for a one-year .com and $7.68 for .net or .org.
Tuesday, November 08, 2005
New Worm Plupii Targets Linux Web Service Holes: "The three vulnerabilities it attacks through are the XML-RPC for PHP Remote Code Injection vulnerability; the AWStats Rawlog Plugin Logfile Parameter Input Validation Vulnerability; and the Darryl Burgdorf Webhints Remote Command Execution Vulnerability.
When Plupii is successful in infecting a server, it then sends a notification message to an attacker at a remote IP address via UDP port 7222 or 7111. .. Next, it opens a back door through one or the other of these ports. This enables an attacker to gain unauthorized access to the compromised system. Once in place, Plupii generates a variety of URLs .. in an attempt to find and infect other vulnerable systems.
The worm itself is easy to destroy. One need only delete the file: /tmp/lupii. The more significant problem is what the attacker may have downloaded to the server while it was active. Indeed, Symantec's Deepsight Alert Services recommends that, "Due to the ability of the remote user to perform so many different actions on the server computer, including installation of applications, it is highly recommended that compromised computers be completely reinstalled." " 8:11:15 PM
Mobile Comms Satellite Launches Into Orbit: Inmarsat bGAN broadband network nearly complete. "The second step in a $1.5 billion program to create a mobile broadband communications network spanning the globe for users at sea, in the air and on land roared into space today. .. When [The Inmarsat 4-F2 satellite] enters service from geostationary orbit 22,300 miles (35,888 kilometers) above Earth next year, the craft will join the Inmarsat 4-F1 satellite that was successfully launched on Lockheed Martin's Atlas 5 rocket in March from Cape Canaveral, Florida. Together, the two craft will deliver broadband communications to 85 percent of the world." Connections are expected at around 400 kbps in each direction.
Also interesting is how it got there. It was launched SeaLaunch, a private company using a floating platform and Ukranian and Russian rockets. 8:07:35 PM
The Federal Government Isn't Ready for Avian Flu. Are you? An trade magazine for CIOs asks if corporations should have their own avian flu plans. Actions to consider:
- "Work remotely. In a flu pandemic, the fewer people who are physically together, the better. Create a virtual private network or add new employees to it.
- Demand a plan. Once public health officials have established a plan, communicate it throughout your company.
- Automate. Online transaction functionality for customers and vendors keeps people isolated.
- Assess demand for raw materials and supplies in advance. If a supplier is hobbled and transportation networks are down, just-in-time inventory arrangements will falter. "
One BellSouth facility is "planning a mock emergency drill based on a flu pandemic scenario. Lathram's 19-person hazardous-materials team completed a mock emergency event for an anthrax outbreak shortly after the Sept. 11 terrorist attacks in New York and Washington, D.C. He says that team would be ideal to respond to a pandemic flu outbreak. "We would have them don their protective gear and enter a contaminated area or a quarantined area to do maintenance on our computers and other critical infrastructure," he says. "In that way it would be similar, but that would also be dependent on a healthy hazmat team." " 10:00:38 AM