Tuesday, July 1, 2014

Real Time Cyber Attack Map. 'War Games' comes to life

If you wonder why your Internet has been getting slower and slower, it is due to the escalating Cyber War going on.

Norse Corporation, to showcase their technology, now lets us watch the war in real time, just like at the end of the movie War Games:

The Map shows the Attacker, the port they are attacking, and the geophysical location being attacked.

The U.S. and China keep trading places for who is the top attacker.

One of the *Attackers* I find troubling is Merck & Co. in Woodbridge New Jersey. They are attacking the SNMP Port 161, which is used to monitor network connected devices, as 19:57 EDT July 1st 2014.

There are three possibilities here:

1) Merck & Co. is actively doing the attacking. Leading to the question 'Why?'.

2) Their system is compromised, and is being used by a third party to do the attacking.

If it is compromised how do you know that their products and vaccines have not been adulterated by someone with malevolent intent, messing with production line equipment settings or worse?

In their defense let us assume they know better than to have production equipment open to the Internet, and this is some office computer than has been taken over.

3) The mapping technology is flawed.

Going back to possiblity #2:

The Sohdan Device Search Engine shows (for a fee) what devices are found on Internet, that probably should not be, or are open to the public when their owner does not know it, such as Web Cams. Are you sure your own devices are secured?.


Sunday, March 23, 2014

U.S. Aims To Give Up Control Over Internet Administration

http://www.ntia.doc.gov/press-release/2014/ntia-announces-intent-transition-key-internet-domain-name-functions


TIA Announces Intent to Transition Key Internet Domain Name Functions

Topics:

ICANN

Domain Name System

Printer-friendly version
FOR IMMEDIATE RELEASE:
March 14, 2014
News Media Contact:
NTIA, Office of Public Affairs, (202) 482-7002, press@ntia.doc.gov


WASHINGTON - To support and enhance the multistakeholder model of
Internet policymaking and governance, the U.S. Commerce Department's
National Telecommunications and Information Administration (NTIA)
today announces its intent to transition key Internet domain name
functions to the global multistakeholder community.  As the first
step, NTIA is asking the Internet Corporation for Assigned Names and
Numbers (ICANN) to convene global stakeholders to develop a proposal
to transition the current role played by NTIA in the coordination of
the Internet's domain name system (DNS).

NTIA's responsibility includes the procedural role of administering
changes to the authoritative root zone file - the database containing
the lists of names and addresses of all top-level domains - as well as
serving as the historic steward of the DNS.  NTIA currently contracts
with ICANN to carry out the Internet Assigned Numbers Authority (IANA)
functions and has a Cooperative Agreement with Verisign under which it
performs related root zone management functions.  Transitioning NTIA
out of its role marks the final phase of the privatization of the DNS
as outlined by the U.S. Government in 1997.

"The timing is right to start the transition process," said Assistant
Secretary of Commerce for Communications and Information Lawrence E.
Strickling.  "We look forward to ICANN convening stakeholders across
the global Internet community to craft an appropriate transition
plan."

ICANN is uniquely positioned, as both the current IANA functions
contractor and the global coordinator for the DNS, as the appropriate
party to convene the multistakeholder process to develop the
transition plan.  NTIA has informed ICANN that it expects that in the
development of the proposal, ICANN will work collaboratively with the
directly affected parties, including the Internet Engineering Task
Force (IETF), the Internet Architecture Board (IAB), the Internet
Society (ISOC), the Regional Internet Registries (RIRs), top level
domain name operators, VeriSign, and other interested global
stakeholders.

NTIA has communicated to ICANN that the transition proposal must have
broad community support and address the following four principles:

Support and enhance the multistakeholder model;
Maintain the security, stability, and resiliency of the Internet DNS;
Meet the needs and expectation of the global customers and partners of
the IANA services; and,
Maintain the openness of the Internet.

Consistent with the clear policy expressed in bipartisan resolutions
of the U.S. Senate and House of Representatives (S.Con.Res.50 and
H.Con.Res.127), which affirmed the United States support for the
multistakeholder model of Internet governance, NTIA will not accept a
proposal that replaces the NTIA role with a government-led or an
inter-governmental organization solution.

From the inception of ICANN, the U.S. Government and Internet
stakeholders envisioned that the U.S. role in the IANA functions would
be temporary.  The Commerce Department's June 10, 1998 Statement of
Policy stated that the U.S. Government "is committed to a transition
that will allow the private sector to take leadership for DNS
management."  ICANN as an organization has matured and taken steps in
recent years to improve its accountability and transparency and its
technical competence.  At the same time, international support
continues to grow for the multistakeholder model of Internet
governance as evidenced by the continued success of the Internet
Governance Forum and the resilient stewardship of the various Internet
institutions.

While stakeholders work through the ICANN-convened process to develop
a transition proposal, NTIA's current role will remain unchanged.  The
current IANA functions contract expires September 30, 2015.

For further information see: IANA Functions and Related Root Zone
Management Transition Questions and Answers

About NTIA

NTIA is the Executive Branch agency that advises the President on
telecommunications and information policy issues. NTIA's programs and
policymaking focus largely on expanding broadband Internet access and
adoption in America, expanding the use of spectrum by all users, and
ensuring that the Internet remains an engine for continued innovation
and economic growth. To find out more about NTIA, visit
http://www.ntia.doc.gov.

While the US Government clearly has issues, do you think other countries will be as supportive of any open system like Internet is today? What will happen to the Internet if control of the root domains end up in the hands of the UN or an organization where each country gets a single vote on governance?

What is truly needed is a decentralized Domain Name System. Namecoine is being considered as one alternative. Are there others?


Tech Companies Say Better to Import More Workers Than Retrain Experienced Ones

"WASHINGTON, March 19,2014 /PRNewswire-USNewswire/ -- Addressing a media conference call today, Scott Corley, executive director of Compete America, asserted that the large high-tech companies he represents would rather bring in more H-1B temporary workers than retrain experienced American employees."

...

Corley replied: "If it could be done as easily, there would be less value in the worker. ... You're saying it's easy to be trained into these fields, but if that were true, there would be no value; they wouldn't be high-paying jobs. You would be able to find them anywhere."

"Mr. Corley made clear companies would rather use the H-1B visa to hire younger, cheaper temporary workers," IEEE-USA President Gary Blank said.

...

-- http://m.prnewswire.com/news-releases/tech-companies-say-better-to-import-more-workers-than-retrain-experienced-ones-says-ieee-usa-251079061.html.

See also You'd Rather Import Than Retrain. Why? by Carolyn Mathas.

People wonder why the younger generation has no interest in getting in to the STEM fields. They are not stupid, they read garbage like the above just like you and I can. Why pursue such an education when the jobs only go to the cheapest people?


Saturday, February 15, 2014

Does 'Drop in replacement' strike fear into your Soul? It should...

I have been using IrDA (Infrared Optical transceivers) for several years for setting parameters and doing software updates in my designs. Takes far less space and power that WiFi or Bluetooth.

There was once many people making IrDA transceivers, back when they were used in Cell Phones before the era of Bluetooth, now there are only a couple of manufactures left. Once I had three sources for a footprint compatible part with the HP3003 that I originally started with. Over the years the only remaining footprint compatible part was the Vishay TFDU4300.

Sadly the day came when even the 4300 was discontinued, however I was assured that I was not going to have to do a new board spin, "you can drop our new TFDU4301 right in". While true that it was footprint compatible, it was not software compatible. The 4300 would not receive its own output and would drive its Rx line high during transmit. The 4301 echos the transmitted data, meaning all of the bootloaders had to be updated to turn off the receiver when transmitting. Annoying, but at least that was documented.

What was not documented is shown in the scope captures below. The first one shows the discontinued 4300 and the second shows the new 'drop in compatible replacement'. Does it look compatible to you?


Sadly this problem was discovered while I was far away trying to get my wife help with Intracranial Hypotension, more commonly known as a Cerebrospinal Fluid (CSF) Leaks, to stop her excruciating headache resulted from cerebrospinal fluid leakage. I made the mistake of putting my job first and we came home to Pittsburgh, when we should have stayed at Duke in North Carolina. This is one of the small events that accumulated to result in my wife's suicide.

Now does 'drop in replacement' strike fear into your Soul too?


Thursday, January 2, 2014

Internet of Things (IoT) possibly Carcinogenic to Humans

An obscure part of the World Health Organization, the International Agency for Research of Cancer (IARC), published an even more obscure paper: IARC Classifies Radiofrequency [RF] Electromagnetic Fields as Possibly Carcinogenic to humans in 2011.

I bring this up as Epidemiology just published (January 2014 - Volume 25 - Issue 1 - p 23-27;doi: 10.1097/EDE.0000000000000028) Commentary: Mobile Phones and Cancer: Next Steps After the 2011 IARC Review. I've covered this area before so I'll refer you there rather than repeat it here. See also Something Is Rotten in Denmark: Danish Cancer Society Plays Games with Brain Cancer Rates and IARC Monographs on the Evaluation of Carcinogenic Risks to Humans.

Something else bothers me about the push for the (unneeded?) Internet of Things (IoT). Lots of places talk of or show how to power the low power sensors and such from 'ambient' RF power taken from the environment, such as a local TV or Radio Station. At what point does the source transmitter get overloaded with the million(s) of IoT devices drawing power from it? What do the owners of these transmitters think of this? Isn't this technically illegal under the same laws that prevent farmers from drawing power from the power company via inductive coupling to their mile(s) long electric fence wires?

Ponder this, as related to many receivers drawing from a single transmitter: If I strike a tuning fork in a room of a 1000 identical tuning forks what happens? Leave your answer in the comments.


Hacker's Delight 2nd Edition

I covered the book Hacker's Delight (1st Edition) in the past. So wanted to mention that there is now a expanded second edition.

This book is about obscure high efficiency ways to write code. If your looking for ways to do things you shouldn't, this is not the book you are looking for.

  • A new chapter on cyclic redundancy checking (CRC), including routines for the commonly used CRC-32 code
  • A new chapter on error correcting codes (ECC), including routines for the Hamming code
  • More coverage of integer division by constants, including methods using only shifts and adds
  • Computing remainders without computing a quotient
  • More coverage of population count and counting leading zeros
  • Array population count
  • New algorithms for compress and expand
  • An Least Recently Used [LRU; Cache] algorithm
  • Floating-point to/from integer conversions
  • Approximate floating-point reciprocal square root routine
  • A gallery of graphs of discrete functions
  • Now with exercises and answers