Category: Geek stuff

If it involves physics, math, computer science, electronics or has general geek cachet, this is the place for it.

The Art of Intrusion

Ottawa war memorial

I bought Kevin Mitnick‘s book largely out of nostalgia for elementary school days involving 2600 Magazine and a phone system that still used in-band signaling. While it does demonstrate that computer hacking skills don’t translate brilliantly into writing ability, it is a quick and interesting read for security-inclined nerds.

The lesson for the general public is that decent security is very hard to achieve; there are just too many avenues of attack. When dealing with something as complex as a corporate or government network, there will virtually always be some obscure forgotten modem, some employee who can be tricked, some wireless signal that can be intercepted. Faced by opponents with sufficient time, resources, and risk aversion, pretty much any network is likely to fail.

Of course, that doesn’t mean we should throw up our hands and ignore security. It remains possible to stop many breaches, to notice the ones that happen, to limit the damage they do, and to improve our chances of catching those who pulled them off. For those whose business it is to do such things, the Mitnick book may provoke a bit of new thinking. For interested amateurs, it provides a decent glimpse into the real character of computer hacking: an activity apparently more akin to patient, precise occupations like archeology than to fast-paced daredevil stunts like those in Hackers or The Matrix. Overall, Bruce Schneier is more interesting and a better writer, but Mitnick has a lot more focus on (and perhaps more access into) the blackhat community.

Evolution and Ben Stein

Rusty bike parts

It is always surprising when a seemingly intelligent person adopts a hopelessly indefensible position. This seems to be the case with Ben Stein’s new anti-evolution movie. It is still possible to argue that some kind of deity must have created the universe. What is not possible is to argue convincingly against the central elements of the theory of evolution: namely how mutation and selection drive change and how all life on earth is descended from a common ancestor. There is simply too much evidence for both claims, and it is too good:

  1. The fossil record shows overwhelming evidence for a branched tree of life, connecting existing organisms to ancient ones that preceded them.
  2. Comparative embryology provides good anatomical evidence of both evolution and common descent.
  3. Concrete examples of evolution on human timescales can be easily found. These include plant domestication, moths that darkened in response to coal soot, and antibiotic resistant bacteria.
  4. The geographic distribution of species provides evidence for speciation and adaptation to new biological niches.
  5. Both nucleic and mitochondrial DNA provide excellent evidence for both common descent and evolution through selection.
  6. Common aspects of biochemistry are demonstrative of both claims: especially those features which are arbitrary yet consistent among living things

I haven’t seen the film, and it probably argues something more sophisticated than “the world is 6,000 years old and every creature that has ever lived is alive now, in the exact form in which it was created.” Even so, it is depressing to see someone commonly associated with intelligence fuelling a false debate centred around ignorance.

There are certainly many incredible mysteries that remain in biology – including many of the details on how evolution functions and has proceeded. Similarly, a questioning attitude is essential to scientific advancement. Those things freely admitted, purporting to challenge things with so many strong and independent collections of evidence supporting them is much more likely to retard the advancement of human knowledge than it is to advance it. This is especially true when a contrived debate runs the risk of forcing sub-standard education on children.

Build your own traffic jam

Those interested in matters of transport and urban planning will find this Java-based traffic simulator entertaining. The model – produced by the Swiss Federal Institute of Technoloy can simulate ring roads, highway onramps, the effect of lane closures, and other things.

It definitely demonstrates the existence of tipping points in complex dynamic systems like traffic. Often, you find that a very subtle change has a huge macro-level effect. While the simulation surely isn’t perfect, it does suggest that more capable versions could be excellent planning tools.

The Swiss group has other models, as well.

Useful A570 IS setting

Canon’s point and shoot digital cameras have many features to recommend them. Among the most important is the intelligent design of the controls. Critical things like exposure compensation, white balance, and flash status can be altered intuitively. The single setting I change most often is probably ISO (the sensitivity of the sensor). You want it to be as low as possible (to avoid graininess) but high enough to avoid blur from subject or camera shake. If you are working in changing light conditions, this is a balance that changes all the time.

One neat thing I discovered is that the A570 lets you program one of the buttons to be a one-touch shortcut to something you do very often. To do so, follow these steps:

  1. Turn the camera on and put it in photo shooting mode
  2. Press the Menu button
  3. Scroll all the way down to “Set X button…” (where X is a picture of a printer)
  4. Press FUNC / SET
  5. Choose from among: ISO speed (my choice), white balance, digital teleconverter (useless), display grid overlay, and display off
  6. Press FUNC / SET

Now, pressing the button in the upper right corner below the printer icon becomes a quick shortcut to whichever you do most often. It might only save a fraction of a second each time, but it amounts to a very worthwhile convenience in the long run.

Recovering encryption keys from RAM

Rusty icy truck

Most successful attacks against strong, well-designed encryption take the form of ‘side channel’ attacks: ones that aren’t based on breaking the strong cryptographic algorithm, but which are based or circumventing it or subverting it somehow. Common varieties include timing attacks, which examine the precise amounts of time cryptographic equipment or software takes to perform operations, and power monitoring attacks, which examine which parts of a piece of equipment are using energy when.

Researchers at Princeton have recently uncovered a potentially significant side-channel attack against whole-disk encryption systems like BitLocker (built into Windows Vista), FileVault (same for Mac OS X), and Truecrypt. The attack is based on analyzing the random access memory (RAM) of a computer system once it has been turned off. Despite the common perception that this clears the contents of the RAM, they have demonstrated that it is possible to use simple techniques and equipment to get a copy of what is inside: including the cryptographic keys upon which these programs depend:

We found that information in most computers’ RAMs will persist from several seconds to a minute even at room temperature. We also found a cheap and widely available product — “canned air” spray dusters — can be used to produce temperatures cold enough to make RAM contents last for a long time even when the memory chips are physically removed from the computer. The other components of our attack are easy to automate and require nothing more unusual than a laptop and an Ethernet cable, or a USB Flash drive. With only these supplies, someone could carry out our attacks against a target computer in a matter of minutes.

This is bad news for anyone relying on encryption to protect the contents of their laptop: whether they are a banker, a spy, a human rights campaigner in China, or a criminal. Other technologies exist to help foil whole-disk encryption systems when the attackers are lucky enough to find a computer that is turned on and logged in.

Researchers in the same organization have done some good work on electronic voting machines.

Pondering Mac succession

Three years ago today, I first turned on my 14″ G4 iBook. Since then, it has served me very well: progressing from Panther through Tiger to Leopard and from Photoshop 7.0 to CS2. The machine has served purposes ranging from editing every photo posted to this site to serving as the platform on which my thesis was written to initiating video calls through Skype. Unlike most of my electronics, it has never needed to be handed over to a technician for repair. That said, the machine is definitely showing its age – particularly in terms of processing power and hard disk space.

Three years is a decent lifespan for a laptop (especially one that was a value rather than a performance model from the outset) and I am planning to replace the thing within the next few months, finances permitting. While the MacBook is an obvious successor, I am leaning more towards one of the Intel-based iMacs. I will still have the old iBook to lug around for taking notes and writing emails, when required, and it’s a whole lot nicer to watch movies on a 20″ screen than on a 14″ one. I would also feel a lot more unconstrained with a 250 gigabyte drive than with an 80 GB one.

Setting up my mother’s system also provided a hands-on demonstration that the new iMacs are more than elegantly designed boxes. They are well-designed, well-integrated systems focused on doing the things for which any computer I use is essential. The Mighty Mouse may be fiddly and frustrating, but that’s the only element of the package I found to be less than excellent.

[Update: 1 April 2008] I was seriously thinking about buying a 20″ iMac this month, but the fact that the new ones will have inferior screens is giving me pause. Apparently, the new screens only show 2% of the colours the old ones did.

[Update: 22 August 2008] I got my new 24″ iMac today. It’s a gorgeous machine, and I especially appreciate how well the Migration Utility works for transferring files and settings from an old to a new Mac. In the tradition of naming my computers after characters from science fictions books, I have dubbed this one ‘Seldon’ after Hari Seldon of Isaac Asimov’s Foundation universe.

Stirling engines in space

During the course of several past discussions on energy efficiency, the issue of Stirling engines has arisen. These machines convert temperature gradients into usable kinetic energy which can be used to drive machinery or generate electricity. According to an article in this month’s Scientific American, they have found a new use. NASA is phasing out the radioisotope thermoelectric generators (RTGs) that have been used to power some space missions in favour of the older and non-radioactive technology.

RTGs work by using plutonium 238 decay to heat a thermocouple, which then produces usable current. The Stirling based system still uses plutonium decay for energy, but uses the heat more efficiently. The plutonium-Stirling combination is about 25% efficient at converting heat to electricity, compared to 6-7% for a conventional RTG. A prototype constructed by Lockheed Martin uses two Stirling engines to drive a generator and produce 100 watts of power. The unit that does so is about 1m long and 30cm wide, weighing 20kg – half as much as an RTG.

Extrapolating from space technology to more mundane uses is generally hazardous – for instance, satellites have solar panels with 35% efficiency, but they cost millions of dollars. That said, the technology does demonstrate that Stirling engines have a role to play in increasing efficiency in some circumstances.

Colour-shifting cephalopods

As discussed in comments previously, one of the coolest thing about octopodes and cuttlefish is their ability to camouflage themselves and otherwise control the pigmentation of their skin. An article from today’s New York Times discusses the phenomenon. The creatures certainly have some neat tricks:

Dr. Hanlon has watched octopuses perform what he calls the Moving Rock Trick. They assume the shape of a rock and move in plain sight across the sea floor. But they move no faster than the ripples of light around them, so they never seem to move.

The article also describes forms of visual deception used against other cuttlefish. Apparently, there are situations where a male cuttlefish “disguises its skin to look female, he can sneak up to the guarded female and mate. The sneaky male’s disguise may be so good that the other male may try to guard him as part of his harem.” An impressive and cunning trick, for any species.

Wikileaks and whistleblowers

My cousin Tamara and her SO

Wikileaks is a website that allows anonymous whistleblowers to disseminate sensitive or embarrassing documents online. These could be anything from evidence of corruption and bribery in government to corporate wrongdoings to secret military interrogation manuals. While the ability to publish anonymously does have potential for abuse, it is also a valuable public service. There are plenty of barriers that prevent people from becoming whistleblowers, even when there is massive evidence of wrongdoing. Having technological mechanisms to aid the process – and reduce the dangers of retribution – thus serves the public interest. Particularly in places where governments are undermining traditional forms of public and legal oversight, such as in the treatment of terrorist suspects, there is extra value in whatever sources of information remain accessible.

As of today, the site is suffering from a California court decision that required Dynadot – the domain name registry that associates the URL ‘Wikileaks.org’ with an IP address – to “prevent the domain name from resolving to the wikileaks.org Web site or any other Web site or server other than a blank park page until further notice.” This doesn’t make the site inaccessible, since the server can be accessed directly at http://88.80.13.160/, but it will prevent a good number of people from finding it. The ruling arose from proceedings involving Julius Baer – a Swiss bank that leaks have implicated in tax evasion and money laundering in the Cayman Islands. In addition to the DNS restriction, the site is apparently suffering from a denial of service attack, probably orchestrated by one or more organizations the site has embarrassed.

The final result of this will be an interesting development in the ongoing battle to control what kind of information can be distributed online, whether that can be done anonymously or not, and which jurisdictions are most accommodating towards such activities.