Thursday Feb 18, 2010

Music for the Laptop Generation?

I freely admit to being something of a hi-fi nut (although it's about time I upgraded my old CD player, to something which will handle DVD-A with MLP).

Still, I ripped my first CD to iTunes, this evening. I won't reveal what it is, as that's something of a guilty pleasure (just that it was released in the last 12 months), but I was staggered to discover that it sounds just as good, out of the tiny little speakers of my MacBook Pro, as it does out of my mighty Dali Skyline 2000s, which are driven by monobloced Meridian 557s.

Are artistes now mixing their songs with laptop speakers in mind, or as I approach 40, is my hearing heading into terminal decline?

I'm an Inventor! :-)

Check out the attribution on US Patent 7650501, here :-).

Sun owns the patent (as part of my terms of employment, Sun owns the bits of my brain which think about computing), but mine's one of the three names, on the front page.

Glenn's around and continuing to do good stuff, however, Bart was RIFfed last summer. The patent probably wouldn't have happened, without his significant contribution, and I miss him "being around the place, to talk to".

Still, we continue to shoot the breeze.

There's another patent application which appears to have fallen down an administrative crack, which Glenn is chasing up. Here's hoping it lands; given that 7650501 did, I think the other one also deserves to.

FWIW, there was considerable brinksmanship, around the submission of what became 7650501; I went to California a few days in advance of our expected presentation of this stuff at RSA 2005, and with the assistance of Glenn and Bart on the 'phone, literally spent the two days prior to RSA's opening, with our patent lawyers; we submitted, literally the day before we presented our invention to the world :-).

Naturally, huge kudos to Bart and Glenn. We wouldn't have landed the patent grant, without one huge team effort.

Saturday Nov 28, 2009

Charitable fellow Britons, it's time to put your hands in your pockets again.

Following the recent flooding in Cumbria, I started to ruminate about what folk might be able to do, to help. When natural disasters befall foreign lands, the Disasters and Emergencies Committee (DEC) usually springs promptly into action, to solicit funds. This has not happened, with regard to Cumbria.

However, when the question was asked on Radio 4's PM programme earlier this week, the Cumbria Foundation was identified as the appropriate beneficiary. See the link to their site in the entry on the PM Blog, here.

I've chipped in. I hope my British readers outside Cumbria, will, too.

The Cold War may be over, but some things don't change; only the threats do...

I mark the end of the Cold War, as the day that SAC NORAD's Cheyenne Mountain facility was put into "warm standby".

Still, it looks like Mount Weather remains alive and well...

"Tactical Nuclear Penguin"

It's a beer - but only if you stretch the definition a bit.

Specifically, it's the world's strongest, at an eyball-popping 32 percent abv.

I can't help but think, "Linux just got a new mascot" :-).

Thursday Nov 19, 2009

"Dear Santa"...

Yes, I know, it's been \*way\* too long since I blogged anything, let alone anything useful.

Still, it's time to reboot this blog. I hope the last entry, will prove interesting.

Also, I know what I'd want for Christmas, if UK legislation didn't stop me from having it.

I've already blogged a little, about shooting; I find it very relaxing, as it's necessary to be relaxed, to be any good at it.

I'd be entirely happy if UK legislation required me, if I could own a firearm, to keep it locked in a safe at a local gun club, when I wasn't using it, and buy ammunition through their channels, so said ammunition purchases might be audited; also, I could readily be required to use said firearm in an entirely responsible fashion (with appropriate instructors around) only on said gun club's controlled range.

Having used one (chambered for .44 Magnum) briefly, and thoroughly enjoyed the experience (see my article, here), Dear Santa, I'd like one of these, and the ability to keep and use it in an appropriately secured and controlled shooting environment, near my home.

Even our Olympic shooting team, is forced to go to Switzerland to practice, owing to the UK's current firearms laws; Switzerland is the nearest place they are allowed to keep their competition guns.

Something has to change.

"How I got into doing Security for a living"

...or, if you want to put it another way, "Limited Confessions of a Security Geek".

It's been almost precisely a decade, now, since I found myself working in computer security.

I've been asked, on occasion, how I ended up doing what I do - after all, for the most part, security folk can be divided into two categories; those who started out trying to prove a point by doing things to expose inadequate practices (such as my pal Alec, who wrote Crack to expose standard 8-char Unix passwords for the insecure things they are), or my pal Darren, who came from a background of formal security training in terms of protective markings, etc, and now gives us civilians the benefit of his knowledge.

(There's also the crypto illuminati and general anomalies such as Whit, but it's to our misfortune that such folk surface so infrequently.)

I wonder whether security folk are made, or born. I note with considerable interest that a course on "thinking like a security geek" is now being taught at Washington Uni, and I was also pointed at an interesting article comparing the mindset of a security geek, to that of a mathematician skilled in formal analysis. It's also interesting to note that, of the many security folk I know, few took degrees in CompSci.

In my case, interest in security, followed from interest in networking. I may be showing my age by admitting to being a Micronet 800 subscriber, back in the early to mid '80s . My interest in communications was such that I got my first modem before I even got a floppy disk drive, for my BBC Micro - CommStar had to be modified on my behalf, to fix bugs associated with saving things to cassette tape - but once I realised that one computer could talk to another, it's wasn't long before I figured out that, where a computer had multiple levels of privilege on various accounts (hey, bear in mind that I was in my early teens, and back then and there wasn't such a thing as a remotely-affordable home computer with a time-sharing environment), then nefarious things could be done, to elevate one's privilege on the system at the other end of the 'phone. Of course, while I figured this out in theory, I was a good boy, really :-).

I didn't go hacking while at University - indeed, I was a sysadmin for the Computer Society's shared Unix box, for a while. Granted, I expect it was completely riddled with security holes and hope it has long since been removed from JANET, but it worked.

I first really got interested in security during my last couple of years in my first job at Acorn; if you remember Larry Ellison jumping up and down and getting hugely enthused about thin-client computing in the late '90s, it's a little-known fact that the Oracle Network Computer (abbreviated NC; the original post-dumb-terminal thin client) was a reference design from Acorn, based on an ARM 250 and running a cut-down and embedded RISC OS.

Guess who used to do a bunch of work on the demo-environment server end, where the servers were frequently Risc PCs running RiscBSD :-). In fact, pretty much the last thing I was doing before I was RIFfed, was working on securing NC-to-server communications.

However, I'll hold my hands up and say I'm sad to admit, that's actually the last occasion on which I did any Real Programming. After my days (5 and a half years, come to think of it) at Acorn, I haven't written any actual code. I can still readily go down to the level of designing and debugging state machines, but it's not the same.

After Acorn effectively imploded in the Autumn of 1998, I went through some doldrums and small-time contract work before being picked up by Sun, at the start of '99 - and Sun is where I've been, ever since.

I joined Sun as a general jobbing Project Engineer; after a bit of a learning curve, I was sent off doing Solaris installs, various builds and generally delivering standard services, etc, until I ended up on a gig at one of the UK national newspaper publishers, initially doing enterprise-wide Y2K patching. Their security was, frankly, appalling - some systems didn't even have root passwords, and others had root passwords known to almost the entire IT element of the organisation, and these passwords were which were never changed. It's the latter case, which nearly cost them their business.

Once I'd done all the patching - involving being in their offices at very strange hours and often at weekends, owing to the downtimes they were able to schedule for their systems (the Sunday editions have to come out, after all) - I basically became recognised as "a face in the office of the internal IT group", and started to overhear all sorts of discussions around security. When the Sun project manager was replaced, for political reasons (the replacement, Kevin, became and remains a very good pal of mine), the security agenda was escalated so Kevin had visibility of it; so, a contractor was hired in to develop a security strategy and policy, for the enterprise.

After a few weeks, the contractor submitted a draft security policy. I asked to see it, and saw it for the pile of cut-and-paste crap that it was. I told Kevin that I could give him something better by close of business that Friday, and at 16:50 on the Friday, I hit "Send" on my mail client.

Kevin, bless him, agreed I'd done a better job, got rid of the consultant, and took me on as a security proto-geek. Fundamentally, that's why I'm where I am, today.

However, much more amusement was to come.

The customer's senior management, decided that they liked the new security strategy and wanted it implemented. So, this being in the days before JASS the Solaris Security Toolkit (SST), system hardening was done to a manual - and time-consuming - script that I'd written.

About halfway through configuration roll-out, we found that a sysadmin in the Output Services group, had resigned under "something of a cloud" when he was advised that his shift patterns were being changed to something that he considered unreasonable. He had subsequently approached a rival newspaper, with his knowledge of operating practices and access controls, and offered to disable the systems of his former employer, such that there would not be any January 1st, 2000 editions of any of their newspapers.

(A note to my readers; UK newspapers operate on extremely tight financial margins, which are governeed by their advertising revenue. In the event that a paper does not hit the news stand before or at the same time at its rivals, the contractual clauses with the advertisers are really punitive. For a group which produces several titles, a day's outage on all their titles could result in financial damages so huge, that the enterprise is effectively taken to the cleaner's.)

So, our Bad Guy (let's call him Fred, as it's not his name) was basically handing his former employer's competitor, a bankruptcy of their primary rival, on a plate.

Fortunately, newspaper editors do have some integrity. Our Man at the rival publication, notified the police.

The first I knew about any of this, was when I and the on-site Sun Technical Project Manager were summoned to the IT Director's office.

We were sworn to secrecy (even from our own Project Manager), and introduced to a couple of extremely cool gentlemen (a Detective Sergeant and Detective Inspector, respectively) from the local police force's High Tech Crime Unit.

Kevin was, therefore, shut out of everything which was going on, for a fortnight; we were still being paid for, but he couldn't know what we were doing. I consider it a measure of his character, that he trusted us to get on with the job in hand.

Forensics gigs (and I've done a few, but don't need to use more than one hand's worth of fingers to count them, even now), tend to run one of two ways; the customer either wishes to mitigate the risk of someone compromising their systems by the same attack, or they want to find the perpetrator and nail them to the fullest extent of the law.

The newspaper firm in question, wanted to do both. Usually this is next to impossible, but we had the extreme luxury of already knowing who our Bad Guy was. So, what we needed to do, was protect the systems he had access to, as best we could, and encourage him to make another attack, so we could find out where he was entering the network from and gather evidence.

Fortunately, Fred was a known entity; it was definitely known which systems he had root access to, and fortunately, these were environments which only processed transient data. For folk outside the newspaper industry, Fred had worked in Output Services; the function of this unit is to take the fully-formatted pages which emerge from Editorial, and work a little magic on them. Specifically, Output Services is where medium-resolution images, as manipulated in Editorial, are substituted for the high-resolution images from Image Services; also, it's where page pairing takes place. "Page pairing" is the process by which 4 newspaper pages are put together into a double-sided sheet a little more than twice the width of an editorially-output page; this dictates what the printers print, and also adorns the pages with the day's date and the page numbers.

So, we set about our forensics gig. We knew Fred wasn't the sharpest tool in the box, but we knew he still potentially had root access to systems vital to next-day publication. So, we got radical. As the systems Fred potentially had root access to, were both resilient system-wise - there being multiple boxes configured as failovers, to do the same job - and had mirrored disk arrays, we removed a layer of resilience by breaking the disk mirrors and offlining one set of disk arrays; even if Fred decided to do an "rm -rf /" on a system, we could potentially have it back up in the next 5 minutes and ready to receive data, in a manner which would only adversely affect data flow for less than half an hour, and would most likely confound Fred's efforts.

We couldn't apply any obvious security lock-down to the systems Fred had access to, though, as it was reckoned that he would run rampant and destroy any systems he might have access to, before we could shut him out of them, if he saw any obvious modifications. Talk about playing cat and mouse... Next, the team (comprising Muggins here, Ray the Sun Technical Project Manager, the customer's Head of Networking, the contact point for a particularly important networking application, and our two new friends from the Police) identified network segments that Fred might attack our environment through, and posted network sniffers (interesting boxes from Dolch) on them, to detect any anomalous connections.

We were also very fortunate to be able to persuade the editor of the rival paper, to contact Fred and ask for proof of his hacking capability. This seriously brave guy wore a wire, and recorded his conversation with Fred; the challenge was for Fred to hack the page pairer systems such that on a particular day, and on a particular page, "Thursday" would be changed to "Thrusday", and that would be the evidence that Fred could do what he liked, with Output Services.

The page was hacked, the change was made. The readers didn't notice.

We did, though :-).

It turned out, that Fred had got a new job with the maintainers of the newspaper printers. Now, I don't know how many of my readers, have seen a newspaper printer in action; they're pretty impressive beasts, standing up to 3 storeys high, constructed out of skyscraper-style steel I-beams and running paper at significant width, tension and velocity. Anyway, Fred had joined a firm which manufactured and maintained these beasts, and was using the dial-home fault alert line, to dial-in to the printer and hence bridge out to the enterprise IP network.

We spotted the traffic to the page pairers, once we had Output Services ring-fenced with Dolch boxes.

We had everything in Output Services not only set up for short-term service resumption in the event of system destruction, but had logging seriously cranked-up to detect Fred attempting access.

We also had an out-of-band channel detecting differences between pages submitted by Editorial and pages as paired, but that's a little bit of a trade secret, as to how we did it :-).

Anyway, Fred spent 18 months being housed by Her Majesty (for readers outside the UK, this is a euphemism for a prison sentence).

So, that's how I properly got into security. It's so interesting, I've wanted to stay there there ever since. I've pretty much succeeded, in doing so, too.

Tuesday Oct 07, 2008

init 6

Dear reader, I'm sorry.

It's been an age - 6 months, I can hardly believe it - since I last posted something, here.

Work have been madly busy, for the last few months, but that's no excuse. The pressure is easing a little, so I'm hoping to find a bit of time to post stuff, again; and there's a lot of stuff to post, once I actually get to writing it up :-).

Much more, hopefully shortly!

Saturday Apr 05, 2008

Bad Phorm

Ad-profiling firm Phorm, is "considered illegal" by FIPR.

Kudos to Ben Laurie, for finding the whistle early, and blowing it.

Thursday Mar 13, 2008

Mifare Classic cracked

Mifare Classic, the budget RFID card which uses the proprietary Crypto1 algorithm, has been cracked.

While I'm not that surprised that the crack has been achieved, especially given what the disclosure paper says, it would appear that the researchers went to lengths the likes of which I've only seen Ross Anderson and his electron microscope- (and laser-) wielding friends go to, before. In particular, deducing the algorithm by 3D modelling of the silicon from electron micrographs, in order to produce the gate pattern, is a new one on me.

Well done to the team involved, especially over their care to state that only Classic, rather than other Mifare products, are associated with the crack, and that some simple changes to Classic would mitigate against their attack method.

Still, once again, they have proved that if a user has physical control over a device and its operating environment, DRM is a non-starter.

Saturday Mar 08, 2008

Smartphone? Sun Ray!

As smartphones increase their memory capacity and implement increasingly sophisticated apps, losing (or being relieved of, under duress) your smartphone is rapidly becoming as serious a disaster as losing (or being relieved of) your laptop. Samsung even ran a billboard ad last year around Heathrow, to the effect of "how could people imagine running their lives without their Samsung smartphone" - to which my obvious reaction was, "what happens if someone nicks it, then?"

So, wouldn't it be excellent if - on parting company with your smartphone - you could make one 'phone call, either from home or a public 'phone box, to both turn your missing smartphone into something about as useful to a ne'er-do-well as a brick, and order a new smartphone which, once you receive it and get it registered, will automagically have access to your address book, documents, music, browser favourites, etc?

This is why, what you really need isn't actually a smartphone, but a smartphone-form-factor Sun Ray.

Admittedly, there are one or two downsides to having a Sun Ray instead of a smartphone. You'll need a continuous 3G connection, if you want the unit to be usable wherever you are - this would currently limit the take-up of such a unit to folk who very rarely stray outside metropolitan areas with major 3G coverage, such as central London. However, there's enough such people, that a device could probably be justified.

Also, while the fundamental point of smartphones, and indeed 'phones in general - the ability to make and receive voice calls - is still (AFAIK - my information may now be out of date...) "not quite there yet" on a Sun Ray in terms of being able to do interoperable VoIP, I've seen working VoIP implementations on Sun Ray which aren't quite production-ready yet, but which appear very close to being so.

Still, I've also been doing some thinking. While a bunch of applications specific to smartphone-form-factor Sun Rays would clearly have to be written bespoke and designed for a small-screen user interface, how might "something which is being used as a smartphone, yet which is being served from Solaris" benefit from security technologies such as Trusted Extensions?

Let's start by considering the 'phone book app. If I run my 'phone book app at a label which strictly dominates the label at which the apps which make my 'phone calls, handle Bluetooth connectivity, etc, are made, and I give my 'phone book app the privilege to write data down across labels, then I can set things up such that a connectivity app will only have a number or other connectivity details exposed to it, when a connection needs to be made.

Thus, practices such as Bluejacking would cease to be feasible, as the connectivity apps don't have the privilege to access 'phone book data.

Now, let's consider my 'phone-based web browser, or my 'phone-based copy of iTunes or similar. Where I want to run an app which needs to make external connections and upload data, I could run it at the same label as the rest of my connectivity apps, but give it the privilege to write data up, across labels. For a browser, it would still need to be able to read up (unless I had a separate "Favourites" app, which had the privilege to write URLs down and launch my browser at a lower label, much like GlennF's "safer browsing" prototype) which is, on consideration, probably the better way to go.

In fact, splitting apps into separate "uploader" (with write-up priv) and "player" (run at higher label, with "Favourites" potentially having write-down so that updates may be checked for) components, is probably the definitive way to go.

Suffice to say, if such an environment was built, nobody would be getting their hands on my 'phone book or my copies of S&M or The Ring, any more :-).

Does this have mileage, or what?

Friday Mar 07, 2008

Idle Speculations on Type 2 Hypervisors

Following Sun's purchase of Innotek - suppliers of the reasonably-fine VirtualBox Type 2 hypervisor - I've been thinking.

OK, so VirtualBox for OS X is still very much beta - shared folders don't work, and networking only works in NAT rather than Bridged mode - but it's still stable and full-featured enough for me to build a Solaris 10 Update 4 image on top of it, complete with Trusted Extensions. In short, "not bad at all" :-).

However, my thinking is taking me down an interesting line of reasoning. Our press release states that VirtualBox is primarily aimed at developers, so I can only hope and assume that one of the things we are going to do with it shortly in terms of enhancements, now we've acquired it, is thoroughly enhance and decorate it with DTrace probes and providers.

Here's where things potentially get fun - although I must first add, that all my musings in this regard, are currently hypothetical.

Consider a system running Solaris 10, or OS X, as a host OS.

Now run VirtualBox, on top of it.

Now run another DTrace-enabled OS, such as Solaris or OS X (again), in a VirtualBox as a guest OS.

Depending on the degree of complexity involved in VirtualBox, particularly regarding its memory management, I wonder whether it might be possible to DTrace activity in the guest OS from the host OS, potentially without the host OS knowing about it. Being able to do this, could have both good and bad repercussions:

The Good:

  • If, from the host OS, you could trap a guest OS' calls to fork() and exec(), you could potentially do Validated Execution for an OS at the hypervisor level, rather than within the OS itself. This not only potentially gives you much greater security - even root on a guest OS can't turn vaidated execution off - but it means that validated execution could potentially be made OS-heterogeneous.
  • You could use DTrace to supplant Solaris Audit, gathering audit information about OS activities at the hypervisor level, where nothing which happens at the OS level can touch it.
  • It would make for a great kernel-level debugging tool, where you might not necessarily want (or be able) to use DTrace within the OS itself.
The Bad:
  • All of a sudden, "Satan's Computer" becomes real. If you're root on the guest OS, you can still have All Manner of Strange Things happen in your environment, if your hypervisor is pwned, and there's nothing you can do about it. For example, if you take a look at Jon Haslam's posting on how DTrace can be used to read an environment variable for an arbitrary process, consider what DTrace might be able to do, in terms of changing the value of an environment variable, under the feet of the application. If you can make such a change without the app crashing, and such that it notices the new value, Life Gets Interesting.
Food for thought. Don't get me wrong, I'm not saying DTrace is bad - far from it - but certain OS-intrinsic capabilities can be considered sufficiently double-edged that the ability to use them at given levels in a virtualised environment, must be very carefully controlled...

Friday Feb 15, 2008

Labelled Desktop Lockdown, Part 1: Trusted JDS

While Trusted JDS is a reasonably well-featured desktop (although there are some new features which we're expecting to deliver in Update 5), some customers are likely to want to use TX as "the ultimate, luxury KVM switch" from the perspective of allowing access to very few intrinsic capabilities. I've been on something of a voyage of discovery in my lab for a couple of days, figuring out how all this works; I'd like to give a very big tip of the hat to Joerg Barfuth, for his assistance with a number of issues I came across.

I cut my Unix GUI teeth nigh on a decade and a half ago on twm, moved (briefly) to mwm, settled happily into CDE on Solaris, and fvwm2 on Linux, before going significantly Aqua when Apple went OS X. I'd hardly used Gnome at all, until I was asked to strip features out of Trusted JDS for a demo we're showing at an exhibition, next month. So, here we go...

If you've used a Trusted desktop before (and if you haven't, and have the time, download Solaris 10 and give it a go), you might have noticed that the X server in such an environment is a fascinating thing; different elements of the screen as you see it, are rendered by different parts of the platform.

Specifically, in Trusted JDS, the Launch menu, toolbar, trusted screenstripe (which gives you the trusted shield, the password change tool, label builder, graphical role changer, object label display and, privilege permitting, device allocator) and screensaver are all rendered by Trusted Path (in other words, the Global Zone). The desktop workspace, icons and any user apps which are started up, are rendered by the various labelled non-global zones.

The way this works, is that the X server uses multi-level ports (see /etc/security/tsol/tnzonecfg, and you'll see the familiar 6000-range ports included) to move X data between non-global zones and Trusted Path. When a workspace is opened at a label, or a label is changed by the label builder, the X server uses a TX-specific zone_enter() call to implicitly log the user into the zone so that they can do work there; a major way in which zone_enter() differs from zlogin, is that a zone responding to a zone_enter() trusts Trusted Path to have appropriately authenticated the user, so a zone_enter() call doesn't traverse the non-global zone's PAM stack.

So - as the Launch tool runs at Trusted Path we need to remove access to apps from it, there, and as the workspace runs in the labelled zone, we need to restrict access to apps, from there.

It's always best to do this as a scratch user. Another point worth being aware of, is that a user has a home directory on Trusted Path and in every zone corresponding to a label within their clearance range; some configuration steps will need iterating across zones.

Anyway, here's where Joerg introduced me to the delights of gconf-editor. Launch it from a terminal running at a label in a non-global zone.

Under apps/nautilus/desktop, are the tunables (ending in '=icon_visible") which can prevent the display of "This Computer", "Documents", "Network Places" and "Trash"; removal of "StarOffice" and "Help" is most readily accomplished by highlighting the icons and selecting "Move to Trash".

Once you have a workspace devoid of any icons, go to desktop/gnome/lockdown and enable whichever lockdown options you need, with the exception of disable_save_to_disk (otherwise, you won't be able to do the next bit :-) ).

Using the terminal you launched gconf-edit from (as you may not want to be able to launch a terminal in your new profile :-) ):

$ gconftool-2 --direct --config-source xml::$HOME/.gconf --dump /desktop/gnome/lockdown > mylockdown.xml

$ gconftool-2 --direct --config-source xml::$HOME/.gconf --dump /apps/nautilus/desktop > mybackdrop.xml

Log out, log back in as a user with appropriate privilege on Trusted Path, and cp /zone/<zonename>/root/export/home/<username>/mylockdown.xml and mybackdrop.xml back to somewhere on Trusted Path which labelled zones loopback-mount; hand-edit mylockdown.xml if you wish, to add:


...between the similarly-formatted entity for "disable_printing" and the one for "restrict_application_launching".

As the Launch tool runs on Trusted Path, mylockdown.xml only needs to be imported into gconf once; at Trusted Path, do:

# gconftool-2 --direct --config-source xml::/etc/gconf/gconf.xml.mandatory --load mylockdown.xml

...and then, at each label within the user's clearance range, connect to the appropriate non-global zones (via zlogin, label change, take your pick) and:

# gconftool-2 --direct --config-source xml::/etc/gconf/gconf.xml.mandatory --load $WHEREVER/mylockdown.xml

# gconftool-2 --direct --config-source xml::/etc/gconf/gconf.xml.mandatory --load $WHEREVER/mybackdrop.xml

Note that this assumes you are looking to lock the desktop down for all users, which is normally the case; I'll re-edit this posting shortly, to indicate how different degrees of lockdown can be achieved for different users or roles, at a given label. Of course, if you wish to vary the available applications on a per-label basis for the same user, you just need to create multiple lockdown and backdrop profiles as appropriate, and deploy the relevant profiles at the relevant labels, as above.

Part 2, if all goes to plan, will cover what you can do to achieve the same ends, with Trusted CDE; this will also (very likely) act as a "belt and braces" approach to what I've described above...

Tuesday Feb 12, 2008

"Plans to sever Internet connectivity for media pirates"

This is thought-provoking, and I think the Internet Service Providers' Association have it spot-on with their comment on the article.

Specifically, I'm wondering how easy, putting a notional Black Hat on, it would be to prevent an ISP from finding out what I was downloading.

Torrent technology isn't something I'm intimately familiar with (not having used it), but I would hope that it incorporates something akin to IM's OTR.

If it doesn't, I'd need to VPN into some bastion host outside my ISP's remit - ideally getting there using Tor or something very much like it - and run whatever Torrent peer app from there (where "there" equals "a country which doesn't have Internet piracy laws").

If the bastion was used for things other than piracy of copyrighted media, an ISP would have a major job on its hands to prove that the heap of ciphertext traversing their infrastructure was the latest Hollywood blockbuster rather than, say, the latest .iso of Solaris 10.

Also, I expect the test case will happen shortly after any new law in this area is enacted; if I can prove I have paid my TV licence fee continually since it started showing in its current format, would it still be illegal for me to download, via a Torrent system, what is supposedly the third-most popular TV series on the P2P networks; "Top Gear"?

Tuesday Jan 29, 2008

Blackbox now shipping :-)

The "official production" version is now known as the Sun Modular Datacenter S20.

I still think that most of these boxes will ship in olive drab or light sand, rather than black - if we could get the shock tolerance up past 9G (equivalent to a drop from 6"), customers who want them in these colours could even Chinook them to site.

I'd would also not be surprised if a bunch more ended up with the (awful) London 2012 logo on, to handle all the temporary media feeds.

On the other hand, some cunning folk over here have some very interesting other ideas with useful consequences - more, when we can pull the wraps off :-).




« June 2016