bruce schneier cracker douglas kastle glasgow hinky london new york script kiddie terrorist

Script kiddie terrorists

When I was growing up in the 80s home computers were very new to people and so was the concept of hacking. I remember relatives and friends worrying about plugging in their computers into the wall because they might get hacked. They assumed that hackers could get in over the electrical cord. To me at the time it was prosperous and silly and I would have to explain then why they had nothing to worry about. Of course now people are educated and have a better idea of how computers work, though hacking as a problem never went away. (Though the electrical cord hacking now could be possible since there are proposed techniques of routing internet over power lines).

The media, both news outlets and entertainment, I always felt was to blame as they usually showed hacking in some easy to follow way that would sell well either on a big movie screen or when described in a newspaper. For the record there has only been one relatively accurate example of hacking in a movie and it went to The Matrix Reloaded when trinity uses an ssh exploit to gain access to a machine so that the grid of the city can be shut down. It is a blink and you miss it moment.

In the world of computers there are two types of problem hackers,

  1. Crackers who are highly intelligent and figure out more and inventive ways to break into machines and do malicious damage. There are not many people like this but they can be very dangerous if they get influenced and pointed in the wrong direction.
  2. Script kiddies who are fairly so-so computer users that get there hands on hacking techniques that are floating are the dark fringes of the internet, usually in script form. There are a lot more of these guys than crackers and while they cause damage, they in the main more of a nuisance and provide a level of noise that can make finding the problem crackers harder.

The problem in the media is that they don’t generally make a distinction between crackers and script kiddies and all hacking events are given the same level of gavitas.

I can’t help feeling that the recent spate of terrorist events in London, Glasgow and New York are merely script kiddie terrorists. Don’t get me wrong they were of sufficient lethalness that there could have been serious injury and loss of life. However they were failures and as investigations have proceeded they appear more and more like they have been handed down from from “Terrorism for Dummies” handbook. The media though have hyped up the events, I took particular exception to the coverage of the New York JFK plot. There the terrorist were planning to blow up a fuel stage container and hope it would cause a chain reaction and blow up the airport. One quote from U.S. Attorney Roslynn Mauskopf was that it was “one of the most chilling plots imaginable,” and could have have caused “unthinkable” devastation (It was subsequently debunked by security expert Bruce Schneier who argued that the plot was never operational).

The media need to get off there “if it bleed, it leads” mantra and become part of the productive community and educate people as well as inform. The two London car bombs were found before they exploded due to the the education of the emergency services (The sharp eyed paramedic noticing something hinky about a car nearby and reporting it getting special notice.) Also as noted previously the JFK plot was never even close to being operational, been shut down by an effective intelligence operation by the Americans. The cracker terrorist are always going to be a problem unfortunately, there are some amazingly smart people in the world that just really don’t like us no matter what we do. Let’s hope however effective intelligence can catch the script kiddie terrorist while they are only annoying and before they move onto lethal.

douglas kastle engineer free energy Halo3 irish joke orbo oroborus over unity perpetual motion steorn stereotype

The Infinite Irish Joke – Steorn?

In August of 2006 an Irish company called Steorn announced that they have developed a technology that produces “free, clean, and constant energy” and challenging the scientific community to review its claim.

This was (and still is) an audacious claim and one that should either revolutionise the world of physics and engineering then and there or be discounted for the tinfoil hat wearing nonsense it most likely is. However persist it did and for the next 11 months Steorn put out a call for scientists to come in and review the technology and once completed this technology would be presented to the world.

The grand unveiling, for what they are calling orbo (I’m guessing short for Oroborus, an ancient symbol depicting a serpent or dragon swallowing its own tail, also a symbol of unity), was announced to take place in London on July 4th at the Kinetica Museum at Spitalfields Market in London.

As it turned out the demonstration was canceled due to “technical difficulties” and they will reattempt it on July the 5th. (Engadget provide an interesting run down of the events).

I can’t believe this has been kept alive for so long and a part of me actually wants it to be true, but for selfish personal reasons. As a Irish engineer that has worked around the world it is hard to get away from the paddywackery stereotype image of the Irish. It doesn’t matter how many microchips you have taped out, or C++ programmed applications you’ve debugged and shipped or been involved in the deployment of the carrier network for the next generation of mobile phone technology, it doesn’t matter. Endless times I have endured or witnessed fellow irish ex-pats field innate question like did you have electricity growing up? or is television in color in Ireland? or have we ever heard about a computer? In a lot of cases we just feed the stereotype, Irish people love winding people up and while you might think we’re dumb we don’t mind taking the hard technical jobs, doing the best job we can and the money that comes with it.

There has been many suggestions that it is a hoax, part of some viral campaign for a product (Halo 3 has been mentioned and I was interested to find the top of the engadget page this listed All the Halo 3 news that’s fit to print ) but the problem is that most hoaxes aren’t drawn out this long.

So while Irish people have endured the slights of a bit a slagging what is going to happen if Steorn turn out to be wrong. Man the ammunition that is going to give people world wide will be painful. It’ll be the punchline to so many Irishman jokes and it will have the unfortunate fact of actually been true.

“Did you hear the one about the Irish company that thought they had created free energy?”


Update :

Apparently orbo doesn’t work well under hot lights no demo today either. If they turn all the lights off we could then see it working, . . . wait that doesn’t work either!

Britpop douglas kastle Gordon Brown Spice Girls Tony Blair

Blair Spice?

Am I the only one not in the least bit surprised that the day after Tony Blair steps down there is an rumours of an announcement that the Spice Girls are getting back together. There has been a lot of talk about the uneasy relationship that Gordon Brown and Blair had in recent time, but there was also supposed to be a deal between the two men that once Blair stepped down Brown would get his shot. However that back room deal is nothing in comparison to the one done between the Spice Girls and Tony Blair.

Now the truth can be known, back in 1997 when the twin behemoths of the Spice Girls and Tony Blair were both introduced to the masses the entire world was within their grasp. Alas this massive force was too much for a planet as small as what we call the planet earth, so a deal was entered only one would be allowed to exist at any one point at time, and the Spice Girls like true patriots handed in there platform shoes so that Blair could do his good work. Now his time has come to an end, but do not despair this was merely the catalyst that will lead to the new power. Now that Blair has stepped down the Spice Girls are again able to reform but this time with an extra special ingredient, Tony Blair!

Don’t believe all the talk about his new post as middle east envoy it is a ruse. The first thing Blair is doing after he gets his brand new iPhone is straight into the studio with the Spice Girls to record the greatest album recorded since Sgt. Peppers.

douglas kastle flickr geolocation geotag gps mobile picasa web albums

Picasa, map my photo, please!

Picasa web albums is a strange beast. Launched in beta over a year ago it seemed all geared up to take on Flickr. That didn’t happen and so far there has been no real move to wards making picasa the social web experience that is flickr’s power. Instead Google seem content to allow picasa web albums as a backup storage for photographs with the ability to share with other people(it is also used as a storage medium to power images hosted on blogs like this one.)

Today google announced that they have added geotag support in Picasa.

Map My Photos

For the uninitiated geotagging involves assigning a geographic co-ordinate to an image. It has been around for a long time, the military been a big user, but support has grown is recent years. The biggest impact was the release of Google maps/Earth which allowed a user to find the co-ordinates of the given location. This was then extended by the Google API plugin that allowed people to pull down the co-ordinates of that location and apply in in various ways to images, either adding the co-ordinates in the EXIF of the digital image or as tags on the flickr page hosting the image.

Last August Flickr added integrated support for image geolocation, using yahoo maps instead of google maps which has introduced geotagging to the masses. However the more discerning geotaggers are not too fond of yahoo maps and still geotag using google maps.

It is surprising that picasa web albums took so long to added geo location support. Especially since the picasa tools, picasa2 (very confusing) has had geotag support, using google earth for a while. However they might have been playing the long game on this one as in the same release they also announced mobile support for picasa web albums. With phones beginning to come with GPS as standard (now that cameras are de-facto and places like Europe are demanding that phones have GPS) all images will be geotagged in the future so the requirement to physically place a image in space will no longer fall to the user any more.

This means uploaded images to picasa web albums will be in the correct locations and the user will be able to see where the images were taken. This could be very helpful to travelers on exotic holidays. It’s easy to tag images where you are from as you more than likely know the locations intimately it is not easy if you were taken through the depths of asia.

australia beach bondi chinese douglas kastle rip-off tourists

The Australian Dream? Not for Chinese tourists!

Bondi Beach on a nice day
Originally Uploaded by NWT2005

Living in Sydney is a very interesting experience. I arrived in Oz a little over 5 years ago and took up residence down on Bondi Beach. Living near a beach is very interesting, but to live near a world famous beach means that strange and wonderful things come to you.

Once or twice a week I cycle into work and I usually cycle along the promenade down by the beach front of Bondi to check out the surf. For locals (you become one after about a year given this exceeds the amount of time a back packer will be there) we are always amused by the Asian tourist that arrive every morning still wearing their black suits, a very un-beach looking attire, and will watch them filter onto the beach like a black tide. One morning I was even asked to have my picture taken with an Asian couple who were fasinated to see me dressed up in my cycling gear, previously either wearing a surf life saver uniform or wet suit would be the pre-requisite to earn the honour of having you picture taken.

However I always felt there was something darker to the whole experience and so I was shocked, but not very surprised, to find out that Asian tourist companies are fleecing these visitors. The list starts with charging $100 to walk to walk Bondi beach. God knows what they think when they see me on my bike with my helmet on as I buzz past them, maybe that I dropped a load of cash on a season pass.

Though for an observant person some thing foul should have been flagged a long time ago. If you spend any time around Sydney you find these tourist/souvenir shops dotted around the city that are never normally open, except when a tour bus arrives. They are usually fairly non-discript office buildings, but you can see the slew of stuffed Koalas and Kangaroos inside. When the bus pulled up there are usually people standing outside with the implied threat not too enter. It never really entered my mind why. I suppose naively I had assumed that the tourist were getting a better deal than the locals, but the reality appears to be much more sour with the tour operators :

Locking tourists in shops and confiscating passports until they spend big on overpriced goods”

Having been a tourist in another country a few times and well aware of the two prices for items taking advantage of visitors might seem fair game. However it is one thing to have them innocently make the mistake and have every opportunity to walk away, it is another thing to have it mandated by greedy tour operators.

Not having the language obviously puts them at a disadvantage with virtually all communications these tourists get are from the operators. One way to break the chain might be at the customs check point. If the government could supply a pamphlet with what is and isn’t acceptable in there own language possibly with a phone number to contact to report violations. I have seen this work before, either for quarantine or during the SARs scare a few years ago, I suppose it comes down to how much of a dent to Australian reputation they are willing to tolerate.

douglas kastle eInk eReader programmable sony tattoo

Programmable Tattoos

I can’t believe I missed this announcement nearly a full year ago detailing the concepts behind a possible programmable tattoo.

The technology behind eInk has been floating around for about 6 years but it is only recently that products are finally beginning to enter the market using eInk. (I recently purchased a Sony eReader, which had to be sourced from the States as it hasn’t been released in Australia)

I have to admit the idea behind an eInk driven tattoo entered my head about 5 years ago when seeing people getting henna tattoos on the beaches of Thailand . It seems a simple stretch to imagine if you could take eInk and inject it and then you’d have a tattoo you could change every day(In turns out I was out by 3 years, a patent was filed in 1999). However eInk didn’t come out as fast or as heralded as initially though and currently technology is still only 180 DPI with slight elements of ghosting. I imagine it would have to pass some strict FDA test before it was allowed to be injected into the human body, but who knows some day people will be able to used eInk in some tattoo ink form how cool would that be? One day you have a small dolphin the next a full body moari tribal pattern, I can’t wait.

I have had an eReader for a month now, I am planning to do a review soon detailing my experiences, I will say it is very very interesting (if expensive).

douglas kastle geomas iphone location search mobile N95 trolls zurfer

Mobile Internet – The future

Nokia n95
Originally uploaded by KhE 龙.

Nokia recently released their new mobile, the N95 , which seems to me to be the first in a new wave of mobile devices that will change how we view and use internet. While the phone and the camera is old news (however at 5 megapixels thats not to be sniffed at) it was the addition of GPS and WiFi that got me really thinking, particularly what is going to happen once your computer is mobile, can always access the internet, it always know exactly where it is and is placed in the hands of the masses and no longer the domain of the geeks.

My personal feeling is that mobile internet is the next big thing. I recently traveled around Australia with a WiFi enable PDA and I was surprised by the amount of wireless nodes nearly every where I went. In some places I was able to get free internet access and access content from there.

However one of the biggest stumbling blocks that has yet to be wholly addressed is that screens on mobile devices are going to be small, even with new offerings like the iPhone due at the end of the month toting that the whole front of the phone is the screen. Personally I have found navigating the web as it currently stand clunky. However it internet won’t remain as it is currently, it will change to more effectively fit into this new format.

After I arrived back from my trip with new found wisdom on mobile internet I was surprised to find much blood in the water, both good and bad. First it turns out the the patent trolls are here already and there is a crowd called geomas that is suing verizon claiming to own location based search. They contend that the own the concept of returning search result based on the location of the search. Secondly yahoo have announced a location aware flickr app for mobile devices called Zurfer. It enables to to upload images to flickr taken with a internet enabled, GPS fitted phone and allows people to browse other images taken in the same area. I personally think that this will be huge.

People every now and again talk about a time before PC’s, before e-mail, before google, before youtube, well this is the beginning of mobile internet see you on the other side.

book douglas kastle london project terrorism vector

London book project => Terrorism Vector?

Backpackers for years are familiar with the book exchange that occurs at youth hostels the world over. Traveling for months with books can be daunting. Given a lot of time can be traveling it is usually filled up with reading. 5 years ago while I was traveling through Thailand I was going through a book every 2 or 3 days. For the month I was there I went through about 10 books, let me tell you backpacking with 10 books is no joke. I had gotten to a point where once a book was finished it was left behind, thus lightening my backpack load. I took advantage of the the take a book leave a book policy that occurs in most of the hostels we stayed in.

The system isn’t perfect mind. Usually the only books you find are the dregs left that no-one else wanted to read. It was only if you were lucky did you chance across truly decent books, however the need to lighten your backpack load was often the decision breaker.

I came across the the London Book Project which is the book exchange familiar to all backpackers being deployed on the London Underground. Initially it sounds like a great idea however it is being rolled out in London which has a bad history of terrorism. Now you have added to the mix a process where people can leave small packages lying around for other people to find. Does it take much to turn a book into a letter bomb? It is not clear from the website how the books are to disseminated. Initially they indicated that they merely went through carriages and handed them to people. What people are to do when they have finished with the books? In the paranoid post 9/11 world we live in I guess leaving them on the train will be a big no-no.

Here’s hoping that it does work out and they don’t run into any silly issues.

douglas kastle

Exposed on line

I’ve been interested in protecting ones identity, both online and in the real world, for years. When trying to explain why things like loyalty cards are more trouble than they are worth I end up sounding like some tinfoil hat wearing fruit loop. However the real world helped me out last week with an amazing example.

There is a user on Flickr by the name of Lara Jade. who is currently 17 but has been interested in photography since she was 14 and she has been posting pictures online that she has taken since then as well. All nice an innocent so far. That was until she found out that some one had downloaded one of her pictures taken when she was 14 and used it for the cover of a porn movie.

She is understandably mortified and she details what she has tried to do about it here HELP!! (please read) on Flickr – Photo Sharing! .

This is another interesting example of the perils of living your life online. The internet gives people the ability to reach thousands/millions of people while a lot of them are lovely people there are still a few rotten apples. I hope she takes some legal challenge, I believe in the states using underage images for porn is illegal and she’s not even 18 yet would be a good place to start. However this, like the Rebekka case, are only examples of what have been discovered my guess this is the tip of an enormous iceberg.

bot captcha douglas kastle ocr recaptcha

reCAPTCHA – Class

It is not often you see a service that solves two problems at the same time. I like the simplicity of this one.

CAPTCHA’s have become an unfortunate necessity of the internet, used by certain websites to block bot attacks and try an guarantee that the thing on the other end of the internet connection is a human. CAPTCHA usually take the form of an image or a warped word that a computer can’t read and only a human (it is assumed) can correctly decipher. This requires a back end image generated that knows the correct answer and can let blog comments or website registration continue once a CAPTCHA has been solved. It is an imperfect solution to the internet scourge.

“About 60 million CAPTCHAs are solved by humans around the world every day. In each case, roughly ten seconds of human time are being spent. Individually, that’s not a lot of time, but in aggregate these little puzzles consume more than 150,000 hours of work each day.”

Well if we live with it can’t we some how use it. So a crowd called reCAPTCHA have come up with an interesting technique. Some where in the world loads of old documents are been scanned and one problem that they have to overcome is OCR tools being unable to read certain scanned words, ready made CAPTCHAs.

My first thought on the matter was, if the OCR tools can’t correctly read the garbled word, how would it know if when supplied to a human user that the returned answer is correct. Simple supply 2 words one known and one unknown. Without the user knowing which if the 2 is correct the assumption is made if the user correctly enters the known word the unknown word answer is assumed to be correct.

There doesn’t appear to be support in blogger yet but I’ll be keeping an eye on this one.