How AV Researchers Deciphered Stuxnet

The fascinating story of the people who decoded the Stuxnet worm and how they did it.

"Stuxnet a one-shot weapon. Once it was discovered, the attackers would never be able to use it or a similar ploy again without Iran growing immediately suspicious of malfunctioning equipment. “The attackers had to bet on the assumption that the victim had no clue about cybersecurity, and that no independent third party would successfully analyze the weapon and make results public early, thereby giving the victim a chance to defuse the weapon in time,” [...]. In the end, Stuxnet’s creators invested years and perhaps hundreds of thousands of dollars in an attack that was derailed by a single rebooting PC, a trio of naive researchers who knew nothing about centrifuges, and a brash-talking German who didn’t even have an internet connection at home."

More at Wired.com ...

It's also being discussed here in Bruce Schneier's blog.

And the moral of the story is "If you find a USB stick lying around, do not plug it into your computer. Especially if you work for a super secret research facility."

Switching To Debian Testing

We've been using Kubuntu for a few years on all our home PCs, but on Monday Kubuntu on my main desktop machine suffered a "misfortune"; I was halfway through the 11.04 upgrade when the lights went out. When they came back on, Mr PC, he no boot no more.

I probably could have fixed it given enough time and inspiration, but my / partition wouldn't mount despite fsck assuring me it was fine and I've been wanting to try Debian Testing as my main desktop for a while.

Back in 2003 I ran Debian 3.0 Stable as a desktop before reverting back to SuSE and I've used Ubuntu for the last 3 years or so, so Debian isn't exactly a stranger to me. More recently, for the last several months I've had a non-gui Debian Testing VirtualBox client server and Testing seems stable enough for my purposes. The reason why I'm interested in using Testing is to avoid the whole upgrade process and simultaneously avoid Debian's release cycles ... For a production server their philosophy is correct, but I really want to play with newer software.

So far I've installed the base system and added KDE to it. As I refer synaptic, I've added in quite a bit of gnome. I'll probably be rebuilding for a couple of nights more before restoring my home directories. Fingers crossed that that goes smoothly.

I've had one incredibly annoying problem where my screen would flicker every 10 seconds or so and at the same rate all consoles received a message "[drm] nouveau 0000:01:00.0: No native mode, forcing panel scaling" A bit of Googling found me the solution to this on a Debian mailing list

edit /etc/default/grub

change the Linux command line to read
GRUB_CMDLINE_LINUX_DEFAULT="quiet drm_kms_helper.poll=0"

sudo update-grub2

reboot

I've also got another annoyance that "sudo kate" (or other X program) can't access the display. I'm working around that for now by running root commands through a terminal session that I've sshed back to localhost

ssh -X -l root localhost

Not the world's most elegant solution, but it works for now, I'm sure I'll find the answer when I budget time to look.

I suspect I'll be finding out more little annoyances as I go, but for now I'm quite happy with how things are going

A Link Builder's Guide To Directory Submission

SEO involves a lot of tasks and one of those tasks is link building, getting other websites to make quality links to your target website. There are only a few sources of quality incoming links, and internet directories are one of those sources.

What many SEO engineers don't realise is that directory owners are also actively involved in SEO, the successful ones have been around for several years and understand exactly what they are doing. They are fully aware that their directory is at least in part an SEO machine. I'm one of "Them", I own and run over a dozen directories, listed at http://www.hosted.co.nz/links/Internet/Directories/, that accept public site submissions; my oldest directory has been running since late 2006, my newest ones have been running just over a week.

You and the directory owner both want to get quality links into their directory and as long as both sides play by the rules, you are allies and not adversaries. This article is to explain the real rules and why those rules exist.

Domain Admin for Drupal 7

With over 100 small sites deployed using a mix of technologies, I'm always on the look-out for things that will make my life easier. I currently have 3 Jojo CMS installs, 8 phpLd directories, 6 active blogs on b2evolution and manage 2 Wordpress installs for family members. Each of these pieces of software has limitations and a lack of scalability so the other 100 odd sites I have are created with straight php, but sharing menu structures within the sites and templates and a simple library in a cross-site back-end. There's no database, no CMS, I edit them with the kate text editor on my home PC and then publish them using rsync. Horrible as this sounds, this scales remarkably well. I can manage it pretty well and see myself being able to manage 2 or 3 times as many sites but eventually it starts to get limiting. Currently I can grep the source for common strings I will want to update, but ....

Fossil fuels deadlier than nuclear power

Interesting snippit.

"Yet again, popular perceptions are wrong. When, in 1975, about 30 dams in central China failed in short succession due to severe flooding, an estimated 230,000 people died. Include the toll from this single event, and fatalities from hydropower far exceed the number of deaths from all other energy sources."New Scientist

So hydro power is more dangerous than fossil fuels which are in turn more dangerous than nuclear? At least the nuclear people don't just dump their spent fuel in the oceans the way the hydro people do :)

New Zealand, Three Countries in One

Today is the first day of Blog4NZ (Facebook) (Twitter #blog4nz). I'm all in favour of this campaign, but what can I say to you about why New Zealand is a great country to visit? I've been pondering it for a couple of days and have come to the conclusion that there isn't really a New Zealand, there's three almost completely different things covered by the concept. And there are three different places.

---

Best Interest Rate Home Loans Online

In a bit of a follow-up to yesterday's piece about competitive insurance quotes, what do I find on-line but mortgage services like this one Five Star Mortgages in the US that help people find the lowest cost mortgages. They proudly proclaim "We Specialize in low rate lending across the united states. Lowest Interest rates online!" and go on to say "Our professionals specialize in helping people just like you find the right type of mortgage loan to suit their needs. In addition, our goal is always to find the right program and the right lender to help you save money on your home purchase." In other words they are like an on-line version of Mike Perro with no need to go into the office and with the ability to go through the process at your own pace. Anything like this here? The best I could find was a spreadsheet-like display of current bank mortgage rates, sorted alphabetically.

On a roll

I seem to be on a roll tonight. I had a good day at work documenting a part of our development process ... normally, like most developers, I can't stand doing documentation but this was developer documentation and partially involved writing some skeleton code to improve the way we develop.

The evening started off badly though, after cycling home I got straight off the bike to go for a 6km walk in practice for the Round the Bays this Sunday. I got about a kilometre down the road when the heavens opened. I sheltered under a shop awning until it eased to light rain and then walked briskly home arriving more than a little damp.

Competitive Quotes Car Insurance

There's obviously a lot of margin in car insurance. You only need to look at how much AA Insurance and Tower have spent on their recent TV ads, or if that doesn't convince you go over to clixGalore and have a look at the affiliate scheme offers by major insurance companies, you can see the offers without having an account or logging in. One (I won't name them) are currently on the front page and offering 12% commission.

The Rat Is Back

Sometime around 1995 I started using "Kiore", the Maori word for "Rat" as my nickname for on-line bridge. It became my off-line nickname as well then my ISP email address and in 2000 I registered Kiore.com to get the email address I wanted. The url of this blog comes from the same source, the original name for the blog was My name/Kiore.

Starting a few months before I created the Muffins blog I had Kiore.com set up on my PC at home as a simple php-Nuke CMS that was mostly a blog as an experiment, I eventually exposed it (dynamic IP and all) to the public internet so I could demo it to friends. Eventually it migrated to the same storage as I later set the muffins blog on. Like a rat crossing the motorway, disaster befell it a couple of times, like the muffins site it had to be restored and rebuilt, eventually becoming a Drupal site before dieing badly early in 2007 leading to the, I won't say "abandonment" as I always intended to restore, but failure to actually restore. I still used the domain name, but only for mail until yesterday.

Revision 3 - R3: b2evolution server

After a not very fortunate attempt to set up the b2evolution blog software a few weeks back that was cut short by the 9:37 event, I had another go during the week. As always with these things it took quite a while to get it right. When I did I blew it away & started afresh.

The b2evolution software has multiple domain support built in, but based on what I learned from my experiments, it is clear that the first domain has special properties and I didn't really want my other domains relying on a real domain name, so as this is my third b2evolution install and I was informally referring to it as "R3" I deployed r3.co.nz and the site is now officially  "R3 (Revision 3)".

The earthquake caused substantial damage - Treasury NZ

I love the understatement and the New Zealand Treasury has issued this pearler of one in its latest economic indicators report. To be fair, the report's target audience includes people who are overseas and may have had minimal exposure to the direct information on the earthquake we've had here. The treasury is tasked with providing a best estimate of the amount of damage caused, and without even a reliable deathtoll it must be almost impossible to come up with a financial cost, still they try and only give themselves a 33% confidence level:

"It is still too early to estimate with confidence the financial cost of the damage caused by the February earthquake, but it is likely to be [...] we estimate the combined financial cost of the two earthquakes at around NZ$15 billion. There is considerable uncertainty associated with this estimate (and its components) which is best described as a working assumption rounded to the nearest $5 billion."

Repairs could take over four years They later say

"it is unlikely that all this work will be completed within our four-year forecast period. Except for important infrastructure, this recovery will mainly occur from 2012 onwards because of the planning required and the extent of the damage."

It's worth remembering this. In Bob Parker's famous words, "Christchurch is currently munted" but it will be rebuilt eventually. Full Report

Christchurch Earthquake Community Response

A dedicated volunteer team of Internet people, web masters, programmers, and computer savvy helpers have built the Christchurch Earthquake Community Response site to coordinate help efforts. Anyone who is able to offer help or who needs help because of the earthquake should go there.

Useful Resources Christchurch Earthquake

Christchurch Earthquake Community Response
A dedicated volunteer team of Internet people, web masters, programmers, and computer savvy helpers have built the Christchurch Earthquake Community Response site to coordinate help efforts. If you need help or can offer help, please go there.

Because of the dedicated site, this page is no-longer being maintained.

Christchurch Earthquake Update - Support and Condolences

The following message was sent by The Queen to John Key:

"I have been utterly shocked by the news of another earthquake in
Christchurch. Please convey my deep sympathy to the families and
friends of those who have been killed; my thoughts are with all those who
have been affected by this dreadful event. My thoughts are also with the
emergency services and everyone who is assisting in the rescue efforts.

ELIZABETH R " (Link)

Christchurch Earthquake Update

Edit 28 Feb 2011: The death toll is now nearly 150. The 38 was the confirmed death toll when I wrote this, less than 1 day after the quake. There's about 200 reported missing, so it's reasonable to assume that the confirmed number of quake deaths will grow before the recovery effort is over.

---

The official death toll from yesterday's earthquake in Christchurch has been reduced to 38. Looks like they double counted the dead yesterday - with the stress and confusion that was going on I suppose that can be forgiven.

The news media is reporting that the death toll could reach 300 once the rubble is cleared away, one person in 1,000 of the Christchurch population.

 The TV feed continues this morning and the rescue workers are all looking like they had no sleep last night. Two that are being interviewed as I type just said they had about an hours sleep.

Kia kaha Canterbury.

Christchurch Earthquake Two

TV One and TV3 are running continuous programming on the Christchurch earthquake that went off at lunchtime today. To their credit, both of these channels have suspended advertising so we are getting no breaks in the coverage.

It's hard watching it, nothing like as hard for the watchers as for the people there on the ground though.

Back on the bike

Having managed to reunite it with my helmet I was back on my bike today.

Coming home I was stopped on Broadway at the red light at the corner with Khyber Pass  when this idiot on a bike whizzed straight past me at maybe 30km/h straight into the turning traffic from Khyber Pass. How he avoided being hit eludes me. Idiots like him are too stupid to ride push bikes in public and should stick to driving cars.

Go By Bike Day: I missed another one

Normally I ride my push-bike to and from work. 5 days a week. It's my only source of exercise.

Every year they promote have a ride your bike to work day, with a free healthy breakfast if you can be bothered biking into Aotea Square in town ... that's about 4km from work so I can't ever be bothered. This year it's today and it seems to be called "Go By Bike Day"

Last year, for the second year in a row, I wasn't able to ride my bike that day. I can't remember exactly why, but I remember being annoyed that I couldn't ... note to self: blog more often.

Yesterday I was nearly home when my head felt a bit funny, I put my hand up to check my helmet and discovered to my horror that I wasn't wearing it, so I hopped off the bike and walked the rest of the way home. Somehow I'd managed to take my gloves and goggles out of the helmet, put them on and leave my bike helmet on my desk.

This meant I was on the bus today and missed it yet again. In the immortal words of A. A. Milne ""Bother!" Said Poo"

Zinc an effective defence to colds

Finally some good news on alternate medicine NZ Herald: "Zinc supplements have been confirmed in a large international study as an effective treatment of the common cold, shortening symptoms by nearly one day." I'll have to remember this come winter.