Posts tagged Computers
Everything Is Broken — The Message — Medium

Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and started playing with it. In the process, he figured out how to get total administration access over a network. He put it in a script, and ran it to see what would happen, then went to bed for about four hours. Next morning on the way to work he checked on it, and discovered he was now lord and master of about 50,000 computers. After nearly vomiting in fear he killed the whole thing and deleted all the files associated with it. In the end he said he threw the hard drive into a bonfire. I can’t tell you who he is because he doesn’t want to go to Federal prison, which is what could have happened if he’d told anyone that could do anything about the bug he’d found. Did that bug get fixed? Probably eventually, but not by my friend. This story isn’t extraordinary at all. Spend much time in the hacker and security scene, you’ll hear stories like this and worse.

It’s hard to explain to regular people how much technology barely works, how much the infrastructure of our lives is held together by the IT equivalent of baling wire.

Computers, and computing, are broken.

Build it badly, and they will come.

For a bunch of us, especially those who had followed security and the warrantless wiretapping cases, the revelations weren’t big surprises. We didn’t know the specifics, but people who keep an eye on software knew computer technology was sick and broken. We’ve known for years that those who want to take advantage of that fact tend to circle like buzzards. The NSA wasn’t, and isn’t, the great predator of the internet, it’s just the biggest scavenger around. It isn’t doing so well because they are all powerful math wizards of doom.

The NSA is doing so well because software is bullshit.

Everything Is Broken — The Message — Medium

Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and started playing with it. In the process, he figured out how to get total administration access over a network. He put it in a script, and ran it to see what would happen, then went to bed for about four hours. Next morning on the way to work he checked on it, and discovered he was now lord and master of about 50,000 computers. After nearly vomiting in fear he killed the whole thing and deleted all the files associated with it. In the end he said he threw the hard drive into a bonfire. I can’t tell you who he is because he doesn’t want to go to Federal prison, which is what could have happened if he’d told anyone that could do anything about the bug he’d found. Did that bug get fixed? Probably eventually, but not by my friend. This story isn’t extraordinary at all. Spend much time in the hacker and security scene, you’ll hear stories like this and worse.

It’s hard to explain to regular people how much technology barely works, how much the infrastructure of our lives is held together by the IT equivalent of baling wire.

Computers, and computing, are broken.

Build it badly, and they will come.

For a bunch of us, especially those who had followed security and the warrantless wiretapping cases, the revelations weren’t big surprises. We didn’t know the specifics, but people who keep an eye on software knew computer technology was sick and broken. We’ve known for years that those who want to take advantage of that fact tend to circle like buzzards. The NSA wasn’t, and isn’t, the great predator of the internet, it’s just the biggest scavenger around. It isn’t doing so well because they are all powerful math wizards of doom.

The NSA is doing so well because software is bullshit.

The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores. 

At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper’s credit card number, and store it on a Target server commandeered by the hackers. 

Target Missed Warnings in Epic Hack of Credit Card Data

The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores.

At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper’s credit card number, and store it on a Target server commandeered by the hackers.

Target Missed Warnings in Epic Hack of Credit Card Data

It was one of the biggest heists in history, fleecing half-a-billion dollars from people around the globe, and almost no one—except a small group of thieves, their confederates and the white-hat computer sleuths chasing them through cyberspace—knew it was taking place.
In January, federal investigators announced that Aleksandr Andreevich Panin, a Russian national who was the mastermind behind the crimes, had pleaded guilty to conspiracy to commit fraud. Panin’s capture was far more than just another tale of a crook who found illicit riches online. His case reveals many alarming details of a lawless underground flourishing in the darkest corners of the Internet, where hackers peddle off-the-shelf software that, for as little as a few thousand dollars, allows even the most unsophisticated computer novice to start emptying the bank accounts of people they’ve never met, or even seen.
No longer does someone bent on Internet crime have to dedicate weeks to writing code and testing programs, or even have the basic knowledge required to do so. Anyone can become an expert thief in a matter of minutes by using programs sold through hacker websites. The illegal programs—known as malware toolkits or crimeware—have their own brand names, like ZeuS, SpyEye and the Butterfly Bot.

It was one of the biggest heists in history, fleecing half-a-billion dollars from people around the globe, and almost no one—except a small group of thieves, their confederates and the white-hat computer sleuths chasing them through cyberspace—knew it was taking place.

In January, federal investigators announced that Aleksandr Andreevich Panin, a Russian national who was the mastermind behind the crimes, had pleaded guilty to conspiracy to commit fraud. Panin’s capture was far more than just another tale of a crook who found illicit riches online. His case reveals many alarming details of a lawless underground flourishing in the darkest corners of the Internet, where hackers peddle off-the-shelf software that, for as little as a few thousand dollars, allows even the most unsophisticated computer novice to start emptying the bank accounts of people they’ve never met, or even seen.

No longer does someone bent on Internet crime have to dedicate weeks to writing code and testing programs, or even have the basic knowledge required to do so. Anyone can become an expert thief in a matter of minutes by using programs sold through hacker websites. The illegal programs—known as malware toolkits or crimeware—have their own brand names, like ZeuS, SpyEye and the Butterfly Bot.

Nineteen eighty-four was not like 2014. When Steve Jobs launched the Macintosh, he had to generate excitement about a product — a computer — that was unfamiliar to most people, if not downright scary. His creation would eventually entice them into changing their minds, but first, they had to be intrigued enough to learn about it. 

The Macintosh was new, but the media would have to be old. There were no tech blogs, no Facebook, no Twitter, and certainly no Mac rumor websites. There were no websites at all. So Jobs had to generate his own campaign to tell the world about the computer that he would announce on January 24, 1984, 30 years ago today. 

(via The Macintosh Is 30, and I Was There for Its Birth | Wired Enterprise | Wired.com)

Nineteen eighty-four was not like 2014. When Steve Jobs launched the Macintosh, he had to generate excitement about a product — a computer — that was unfamiliar to most people, if not downright scary. His creation would eventually entice them into changing their minds, but first, they had to be intrigued enough to learn about it.

The Macintosh was new, but the media would have to be old. There were no tech blogs, no Facebook, no Twitter, and certainly no Mac rumor websites. There were no websites at all. So Jobs had to generate his own campaign to tell the world about the computer that he would announce on January 24, 1984, 30 years ago today.

(via The Macintosh Is 30, and I Was There for Its Birth | Wired Enterprise | Wired.com)

The types of computers we have today are tools. They’re responders: you ask a computer to do something and it will do it. The next stage is going to be computers as “agents.” In other words, it will be as if there’s a little person inside that box who starts to anticipate what you want. Rather than help you, it will start to guide you through large amounts of information. It will almost be like you have a little friend inside that box.
One of many amazing quotes in this 3,500-word NEWSWEEK interview with Steve Jobs, which appeared in a 1984 special issue of the magazine. Jobs was 29 at the time.