WebSecure Blog
Is Nothing Private Anymore
The siege engines of technology have been attacking personal privacy for some years now and I have written about privacy before, suggesting there is a link between freedom and privacy. Because of this link privacy is probably a larger concern than is generally appreciated and the threat from technology very real.
When Jeffrey Wigand blew the whistle on the systemic campaign of lying by big tobacco companies his identity was known. It seems no exaggeration to say he was personally hounded and there were suggestions of death threats, although nothing was ever proven. In contrast, Deep Throat was critical in exposing government corruption in the Watergate scandal and suffered no personal fallout because he was anonymous. Without privacy the personal cost of truth increases.
Don’t believe the propaganda; everyone has things that should remain private. As it stands market forces are working to destroy your privacy, not in a malicious way, they’re simply making money of it. Large internet companies have a vested interest in declaring privacy dead and convincing you it doesn’t matter. Such declarations and suggestions should be taken with a grain of salt; never forget they’re being paid to say it.
Should your medical records belong to you, or should they be sold to the highest bidding pharmaceutical company like second hand goods? Whose business is it that you were adopted? Is it right advertisers target your children using information they gathered off your browser without telling you?
It’s no good looking to government. At this stage, aside from pumping out propaganda, governments are the mother lode of hypocrisy. Whilst expanding wholesale and general surveillance with cameras, phone taping and email snooping they scream blue murder when anyone leaks any of their documents. Just look at the anger directed against WikiLeaks. According to government, removal of your privacy is for your own good. Removal of government privacy is treason.
It’s in this climate that internet privacy is quickly dying; or being killed by Google, Facebook and their party bus of friends.
What has driven this home is the reporting off our own web site. We’re not particularly advanced on reporting and tracking activity, but even we get to see the following from visitors:
- Your source IP address with reverse DNS check.
- What version of browser you are running.
- What types of browser plugins you have installed.
- What your screen resolution is.
If Java is running even more privacy beans are spilled and we see what version of operating system you are running.
Imagine how much information aggressive collectors of information like Fairfax get from their large news portals. When you combine all this information you’re looking at a kind of digital footprint that identifies you, regardless of privacy settings you might use on your PC. Delete all the cookies and stop all the scripts you like, you are being tracked anyway. There is a silent war being waged by companies who make a living off your internet movements using digital footprints just like the one we see on our web site.
Make no mistake. This kind of large scale tracking of people is not simply an efficiency increase of existing systems. No such system of this kind has ever existed in history. It makes secret police look like amateurs. The wisdom of what is taking place should be questioned at every step.
Disaster Recovery Tips
Put your shoes on first.
That’s the best bit of advice that has come out of the Christchurch earthquake as far as I can see it. In any kind of natural disaster there always seems to be broken glass.
Other useful tidbits include:
- Batteries and torches disappear from store shelves faster than rabbits on caffeine.
- Some water is life but too much isn’t.
- A radio with batteries in the hand is worth two flat screen TV’s in the bush.
- A straw is useful for sucking up the wine off liquor store floors (so I heard).
- Where glass breaks, plastic bounces.
- Murphy’s law guarantees your mobile phone will go flat just before disaster strikes.
- Last and most important - if it’s not at hand, it doesn’t exist.
The biggest problem is power failure. No power equals no powered telephone, only old style phones still work. No power means the the water pump and sewer pump don’t work. You can’t see in the dark, the petrol pump doesn’t go, frozen food thaws, the mobile network runs it’s batteries flat in a day and you can only cook on your barbecue.
Actually, maybe the best advice is to have garlic bbq sausages on hand at all times. You can still cook those and garlic will boost your immune system, you’re likely not to get much sleep for a while.
Angry for the Truth
A prospective client has aging Cisco IOS firewall equipment, which he is not able to administer himself because he finds it too complex and confusing. Every time any change is required, however minor, it costs him money to get a cisco expert in to do the work. He was chatting to a friend, who owns GTA Firewalls, who showed him how easy it was to administer yourself. Being quite clued up on networking he got it straight away.
So he mentioned this to his Cisco supplier, because the time to update the firewalls is looming. His so called “knowledgeable” partner told him GTA Firewalls are “not secure”.
This Cisco supplier is clearly ignorant. In itself, that’s fine with me, the world is full of people whose only value in life seems to be in professing their own opinion and it’s no skin off my nose. What makes me angry are those who lead the innocent on. But I encourage you, don’t believe the drivel that comes from the ignorant. Anyone can do a quick independent check for themselves using their web browser and going to the Mitre CVE web site to research the vulnerability tracking database. The link is at the end of this post. After ten years of tracking vulnerabilities and exposures of all kinds, including firewalls, the National Vulnerability Database holds the sad home truths for fans of Cisco IOS.
The Facts. The Truth. The Lowdown. The Juice.
Cisco IOS - 192 listed vulnerabilities (3 for August)
GNATBox GB-OS - ZERO listed vulnerabilities
I think we have a clear winner and it wasn’t a close run thing.
Cisco IOS might be the highest selling firewall in the world for all I know. It might be the most flexible firewall device in the world for all I know. It might come in lovely pastel colours for all I know. I don’t know the answer to any of those questions and if those are your buying criteria then all power to you. What I do know is that Cisco IOS is nowhere near the most secure firewall equipment in the world. It’s not my opinion - it’s a matter of historical fact.
But hey don’t take my word for it, run a search for yourself here.
Email is Alive
In 2007 Information Week ran a story suggesting a generational communications gap – ‘email is for old people, as outdated as a leisure suit’. As an example they pointed out that after campus shootings at Virginia Tech university officials were criticized for slow communications response and urged to adopt a faster alert system like instant messaging.
Only today I watched a twitter tutorial on YouTube called “8 Reasons Why Email is Dying”. Amongst the hyperbole we find the very twitter statement that “Real life happens between blog posts and emails”.
Sandwiched between these two arguments is the assertion email is in some way dying. But despite this regular stream of obituaries email has never been stronger and we believe reports of it’s death have been greatly exaggerated.
Forrester Research suggest email will continue to grow by raw volume to 840 billion by 2013. From where we stand email is more deeply embedded into government, corporate and organizational workflows than ever before. You only have to get caught up in PCI compliance to find out how many emails carry credit card numbers, purchase orders and other key business information.
The failure of Google Wave to make any impact on email is another sign of the health of the eco system. Sure social media are growing fast, but it’s hard to find any impact outside of the personal social space. Unless you count entertainment as a business and what Ashton Kutcher had for breakfast as earth shaking. Rather I would suggest the reverse is true, in that social media remain side-lined in the corporate world, who really struggle to find a use for it outside of being a marketing trumpet.
The oft leveled criticism of spam and malware obtain a lot of press inches, but remain at manageable levels almost all of the time.
What we see happening isn’t the demise of email; quite the opposite. There is much room to optimize email into business processes much more. Email is a vast gold mine of quality data for organizations of all levels. Imagine, for example, being able to reorder email inside your Outlook, so your emails were glued together into a chronological listing of every email related to a particular issue. Like a conversation thread from start to finish covering a single contract , negotiation or issue of your choosing. Imagine being the team leader and able to simply browse a thread at the end of a day to see what additions were made from the team. All using your current email client and server infrastructure.
These types of technologies are coming and they won’t kill email, they will make is more useful, more valuable and easier to leverage the value email really has.
The Most Significant - Ever
“the most significant breach of the nations military computers - ever”
It’s an interesting quote isn’t it.
It’s made more interesting because it was made by U.S. Deputy Secretary of Defense, William J. Lynn III, who published an article in Foreign Affairs magazine last Wednesday, disclosing some information about the government network attacks from 2008. Apparently, the decision to declassify the information reflects the desire to raise the level of general concern over cyber threats to U.S. government networks. This is somewhat confirmed with a fair level of hyperbole and the couching of the article in very military terms; for example the code: spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control.
What we know for sure is the incident woke someone up because in November 2008 the US Defense Department banned the use of flash media on it’s systems.
Very few technical details are in the article. Lynn confirms Defense networks were infiltrated by malicious code that was tracked back to a flash drive inserted into a laptop in an undisclosed location said to be in the middle east. It is inferred the code was planted by a foreign intelligence agency.
What struck me most while reading press coverage was how devoid it all was of anything really useful. I’d have thought the “most significant breach .. ever” would be littered with real world lessons and glimpses into the future of risk for the corporate marketplace. Instead we have the same old low brow problem of an end user plugging a USB stick into a box and a network admin who wasn’t expecting that.
A Dog's Breakfast that Government Built
This week Google announced it was joining Skype in offering free phone calls using the internet. Users of Gmail can now call regular phone lines in the US and Canada directly from their inbox using a headset. Google will provide the porting onto the phone network. It’s an interesting development in what is a dog’s breakfast of a market.
The main cause of this dog’s breakfast status seems to me to be the constant regulatory interference. Australia isn’t any different from the other western economies in playing regulatory games in the Telco market. But the massive geographies involved here, together with a low population density has magnified the political nose-poking-in.
It was always going to cost a small fortune to put any phone 800 miles outside the nearest city, anywhere on the planet. A monthly $35 line rental left an enormous bill for someone to pay and good old Mr Tax Payer got the short end of the stick from the beginning. Saddling the tax payer with an uneconomic phone network was the first major regulatory decision that shaped todays phone market.
The second was the romantic binge successive governments with privatising the phone network in selling off Telstra. When governments run a business there are always unintended consequences. One of the inevitable problems that arises is that business becomes subject to a government level of information transparency. As it is “owned by the people”, and MPs being “representatives of the people”, opposition political parties have a field day gathering all sorts of poor performance and other sorts of scandalous data and using it to embarrass the government of the day.
So the key benefit to government of privatization is a fertile source of government attacks is removed. MPs have no rights to private company data and whistle blowers get sacked in the private sector.
When we put these two large influences on the table we get Telstra today. A network that was built for political purposes coupled with a bargain priced asset sold off below cost for political goals.
The Game Changes
In strut Google and Skype with free phone calls over the internet. In a simple open market it’s a dagger at the heart of Telcos and right now performance is the biggest problem holding back a tidal wave that would destroy their traditional business model. But technical limitations are solved sooner or later, so the sword is in place.
Having been conceived in political interference, what will slow this train wreck for Telco’s is that same political interference. Endless battles loom over who should pay to maintain that 800 mile cable to the middle of nowhere. Over who should have access to cable pits. Over who should get tax payer handouts to build the NBN on whatever forms it appears. Over who should pay.
If Google and partners get any kind of a clear run at delivering free calls in Australia they will rip the guts out the dogs breakfast that government built. My fear is somehow Mr Tax Payer will be in the gun, writing cheques to all and sundry to fill the whim of a political goal set by some bozo who won’t be in parliament next election.
Gee, does anyone think it’s accidental timing Telstra launching their mega-gigabyte plans as an ISP?
When cloud neighbours go bad
An Eastern European fable for you.
At the edge of a valley so quiet and pretty, stands a five-story building far away from the city. On each floor lives a different animal, a fat hen, a cuckoo, a pampered black cat, a voracious squirrel. The fifth floor used to be inhabited by Mr. Mouse, but he disappears, and the neighbors put up a sign: “A Flat to Let.”
The flat is shown to many animals. Each follows the same cycle of sing-song questions and exclamations. But each visitor objects to one of the other animals, and rejects the flat.
Do you like the rooms?
They are nice.
Do you like the kitchen?
It is nice.
Do you like the hallway?
It is nice.
Then dwell with us, Rabbit.
No, I won’t!
Why? I don’t like the neighbors.
How can I, a mother of twenty bunnies, dwell together with a cuckoo, which deserts her children? Her children grow up in weird nests. All of them deserted, all of them neglected. What would my children learn from them?
The cuckoo bird was hurt. And the rabbit went on her way.
Finding good neighbours is tough, and in a world of Cloud infrastructure where tenants don’t get to choose their neighbors it’s a growing concern. Coke refuses to share any infrastructure with Pepsi. Surely no one would choose Johnny Hacker as a tenant of their shared infrastructure. Infrastructure providers have responded with dedicated options, but the costs destroys the most attractive part of the cloud option - price.
Sooner or later the industry has to create a solution to crappy neighbours.
This point came directly from Shlomi Dinoor, head of Cyber-Ark Labs and you can read his three suggestions for solutions at his blog here
Firsts
Because I’m a Kiwi, I can still remember the first time the All Blacks won a series against the Springboks in South Africa. It was 1996 and since the great and huge rivalry began in 1921 no All Black team had managed to do it. Although the All Blacks are unique in having a winning record against every nation they have played, this eluded them for 75 years. As the then captain, Shaun Fitzpatrick, came off the field in the last match that clinched that series and walked through the tunnel the late Don Clarke, one of the greatest fullbacks of the game, hugged him crying “thank you for achieving what so many generations of All Blacks have been trying to do for years.” he said.
Many firsts are like that. When Sir Edmund Hilary and Tenzing Norgay conquered Everest Hilary described it as elation to have “Knocked the bastard off.”, as he put it. He had climbed many mountains, but this wasn’t just any mountain, this was a huge first.
Sadly, not all firsts are like this.
Spanair flight JK5022, that crashed in August 2008, killing 154 of it’s 172 passengers has popped back onto the news radar with a first. It seems a major contributing factor in the crash was a computer virus. A trojan in the airline warning system computer caused it not to log warnings that there had been three similar technical problems in the same device on that aircraft. By the time mechanics tried to open the computer to log the three incidents manually they realized it was non functional because of the trojans. By then the aircraft had crashed.
A major mechanical reason for the crash was the flaps and slats, which were retracted at the time of takeoff. An on-flight alarm should have gone off to warn the pilots, but did not. It is still being investigated as to whether this has any correlation with the virus.
There has been years of bleating over the years about viruses eventually causing damage to real world systems. Most of it hysterical.
But let the record show it started in August 2008 and it was tragic. The final report from investigators of flight JK5022 is due in December.
It seems enviable this trend will grow. Hopefully it will be slowly. It is interesting to note the pilots seem to have put more faith in the computer system checks than their own manually visual checks before takeoff. If they weren’t in the habit of taking the computer as gospel truth they may have averted the tragedy.
Stumbling in the Dark
Why is it that so many security problems stay hidden for so long? Even when there is big money involved nothing seems to be done any differently and it seems often security breaches are only discovered by accident.
Consider this one example, the hacking of US based discount retailer group TJX. It’s not unusual. To summarize, TJX was hacked by a group headed by the now famous hacker, Albert Gonzalez. Using simple war driving, they found an unsecured wireless router in a Miami store and used it to set themselves up inside the TJX network. Once inside at least 45.6 million customer credit card details were stolen and sold to third parties, some estimates suggest it could have been as high as 94 million. We know the direct financial impact on the company was huge. The retailer set aside $118 million dollars just to cover costs and potential liability arising from the security breach and subsequently used $40.9 million of those funds to settle a lawsuit brought by banks, who had been hit with fraudulent losses from those who used the credit cards they got from Gonzalez.
There are three standout facts about this case.
1. The breach lasted 17 months.
For seventeen months these guys walked around inside the TJX network systematically looting the credit card data of it’s customer and nobody noticed. Not IT staff, not a security manager, not a single sole. No one.
2. Insiders were involved.
At least some encrypted data was decrypted, that probably needed to have been supplied from inside. Fat lot of good a firewall is when there’s an insider.
3. Visibility on TJX’s side was almost zero.
More than 50 experts brought into TJX after the breach was discovered reached few firm conclusions. Either nothing was being logged or the hackers simply deleted the logs as they went - which would make point one even more of a standout. Nobody noticed the systematic removal of logging information.
You would hope this is a case of gross incompetence, but every time details of a major intrusion make the light of day the same patterns are repeated.
It reminds me of a story a friend of mine tells. He has an older brother who used to go out drinking when they were younger and still living at home. When he stayed out later than he was supposed to he would try to sneak into the house without turning the lights on. He would use the side window, but unfortunately for him him the window had those early venetian blinds, which if you’ve ever lived with them - are very noisy when you bash into them. To make things worse his parents collected antiques and had a lot of furniture cluttering the room. So his chances of getting in without waking the whole household were practically nil.
The whole problem of which could have been solved by one thing. Turning the light on.
If you expect to spot hacking activity in your network with the lights out you’re kidding yourself.
How much do you think TJX would have had to spend to get a proper logging solution? I’ll bet you anything it would be less than than the $40.9 million they subsequently handed over to the banks.
The Thankless Task of Playing Catchup
Being of Kiwi origin, it hasn’t escaped my attention that the All Blacks are playing quite well at the moment. One of the big changes from last season is getting off to a good start. Twice last year the Wallabies got ahead of them, before the All Blacks managed to haul them back and sneak in for a victory in the last 20 minutes. Anyone who follows any football code seriously can tell you, playing catch up football is much harder than keeping ahead of the game.
This is of relevance because of a wonderful piece of research done on Anti Virus scanners by a company called Cyveillance. Anti Virus technology is signature based and therefore it plays catchup football by design.
What Cyveillance have done is focus on the forgotten, or oft ignored, variable in Anti Virus scanner performance, that of time.
When performance of an Anti Virus scanner is talked about, it seems to follow the line of how many of the virus threats in existence does it block? Viruses having been around for a very long time, the percentages are naturally very high. You wouldn’t be much of a vendor if your product couldn’t block the Sober worm of 2003, the ILOVEYOU worm from 2000 or the Melissa worm from 1999. But what happens to those percentages when you exclude the vast bulk of history and measure how quickly a scanner detects current malicious attacks that are happening today? This is what Cyveillance have done.
If you just got your information off an AV Vendors web site you could be forgiven for being optimistic. Symantec list one of their features as speed of update, Pulse updates every 5-15 minutes for up to the minute protection - no less. In that light the following findings are little short of eye brow raising:
The most popular AV signature-based solutions detect on average18.9% of malware threats within 1 day.
After 8 days the average was up to 45.7%
That detection rate increases only to 61.7% after 30 days.
Some vendors were better than others, check it our here.
Melodrama aside, what this confirms is what those of us in the industry have known for some time; signature based scanners have run their course. The days when the AV vendors could troll the internet, identify new threats, create signatures to reliably block them and get those signatures back to the desktop before the threat arrived at the customers doorstep - are gone.
The internet is too fast. The threats are too many. The range of poorly engineered software under attack too large.
It goes a long way to explaining the confusing statistics that have come out of the CSI/FBI surveys in recent years. Although over 90% of respondents had AV enterprise wide, some 20% of them experienced major virus outbreaks in the previous year.
Don’t throw away your Anti Virus solution, it’s by far and away the best way to clean up the mess afterward. Just lower your expectations of it blocking everything in real time.
Lipstick on a Pig
There are a bunch of guys running around Australia preaching the benefits of WAN optimization and Network Acceleration. Not to take anything away from optimizing things, but the raw product you begin often matters more than optimizing it. That is to say, if you start with a pig, at best you will end up with a fully optimized, fully accelerated - pig.
I’ll give you an example. We have a customer, who put a small office into Japan, about 20 people. They’ve been using a ‘business grade’ DSL based internet connection from a local ISP that’s 4 megabit and has given them good service and few problems. Japan, being light years ahead of the Australian NBN, have fibre in their office.
Problems began with a string of complaints from the Japanese office that applications are unusable and RDP unreliable. That’s when they rang us, asking if we had any ideas and about WAN optimization and acceleration, which everyone they talk to recommends.
Now, when I’m talking about international data, I find it useful to think in terms of general transport. There are transport companies who provide short trips; the taxi to the airport. There are transport companies who provide medium trips; a train, a rental car or an airplane between Sydney and Melbourne. Then there are transport companies who fly from Sydney to Tokyo.
Just because your local ISP has provided reasonable services between, home - airport - sydney - melbourne doesn’t mean they fly to Tokyo every day. It’s a mistake to think of the internet as an amorphous blob, especially if you have a specific route you need to travel. In the real world, Korean Airlines simply don’t fly to Vanuatu and they don’t try to sell you a ticket. In the internet world, that’s not the case. Your local ISP ports you in a one stop shop agreement to take you wherever you want to go.
And there’s the rub.
There is a 620 gigabit fibre optic cable running between Australia and New Zealand. It’s part of a loop that runs through Hawaii and Fiji to California and back to Brookvale in Sydney then across the ditch. It’s called the Southern Cross cable. So if you had a branch office in New Zealand guess how your data would get there. This cable is owned 50% by NZ Telecom, 40% Singtel and 10% Verizon. Notice who isn’t on the list - Telstra.
It doesn’t take rocket science to work out that when data presents itself to the Southern Cross Cable, from Telstra, Optus (owned by Singtel) or Verizon - guess whose comes last?
Back with our customer, simple pings are taking a 258ms average over the current route. So what nice big cable exists direct from Australia to Japan? As chance would have it a 240 gigabit cable exists, running through Guam, cleverly named the Australia-Japan cable. It’s jointly owned by Telstra, British Telecom, Verizon and Softbank. Looking at the customers traceroutes revealed the backhaul provider is Optus (aka. Singtel) who don’t own any portion of that cable. Sure they could rent some for you, but why would they? They have their own routes to Japan, sadly for our customer, via Singapore or Hong Kong.
WebSecure has had Verizon as an ISP for some years and ping testing to the same customers Japan office takes 121ms average. Less than half the time.
Pipes matter. And with ping, traceroute and Wikipedia you can make decisions that will give your network good bones. Bones that are worth optimizing. That said, if you have beautiful bones talk to us about Exinda.
Politicians getting technical
Politicians always look pretty silly talking technical, so they usually don’t venture very far into IT. Their breed is better with eight second sound bites and photo opportunities with babies and young animals. Elections are often the only time our little patch attracts any attention at all, and to become a political football is an exciting change.
Fresh on the back of cutting the guts out of NBN funding to pay for earlier election promises, today we can read about the Coalitions new “Cyber Safety” plan with a promise of $100.5 million over four years. PC-based filtering gets $60 million. An education plan for teachers gets $30 million. The remaining 10.5 million goes to a cyber bully ‘Task force’, whatever that means.
The policy sales line is good. Stand up for Australia. Stand up for real action. Leaving no doubt as to what we should think of idiots who choose unreal action or who are obvious traitors. And of course, there’s the obligatory opposition jab at current policy. After three years Labour has not been able … highlighting the practical problems with its plan. The promise is a PC-based filter will be provided free to families.
I find at least three problems with this policy document, which can be downloaded from here.
Firstly, this idea it’s free to families is a bit of white lying. The announcement is the spending of $100 million tax payers dollars, so there’s an immediate and direct costs already. Add to that the suggestion the ISP is going to supply the solution paid for by the government. How will the ISP pay for all this distribution? What happens when their help desk is swamped by parents who are only half IT literate? Either these solutions will have to sold at a profit, or the costs recovered in higher internet charges for everyone.
Secondly, they make the following technical statement which simply isn’t true. No filter can be perfect. However, PC-based filters are much more dynamic and can access a wider range of contents than a static ISP level filter. All URL filters have to refer to a database that resides somewhere, regardless of which they are all updated dynamically. The quality of the database depends on the quality of the vendors engineering and has nothing to do with where the database resides. Also, if they are suggesting ever parent is going to download the entire database to their desktop and keep dynamically updated, it would interesting to know how much data that represents in a year and who pays for it. Even the last part of the statement isn’t true, there are agent based solutions that can monitor all the internet traffic, whether from Skype, P2P or a browser. All that’s needed are a few TCP stack shims and the like to detect and intercept that traffic. Microsoft did it with their Winsock client ten years ago, so it’s not even vaguely new or hard to do.
Lastly, there appears to be no allowance for complexity, meaning reality. There is nothing accidental or incompetent in the discovery that current government attempts have run into practical problems. That’s the natural outcome when politicians living in black and white simplicity land, get elected, roll their sleeves up and get down into the detail where those of us technical live every day. It won’t matter who gets elected, it’s going to get messy.
NBN for the dumpster?
Any technically savvy person, if they have looked at the fine print of the Coalition broadband policy, will notice the fibre to the house promise of the current NBN plan has become a minimum 12Mbps promise.
With a budget changed from $43 billion to start to $6.3 billion to start one can see this ‘so called’ high speed network will either be extremely small or extremely slow. On top of that, it’s disastrous news for Telstra shareholders who were, under the previous plan, going to receive a windfall of $11 billion dollars for decommissioning some rusty copper network cables from the 1930’s.
Back in June I pointed out what a bad deal this whole NBN thing was for tax payers
Talking to a customer the other day, he raised some important problems for rolling out any kind of NBN. To lay it to a customers door requires access to the cable pits the existing cables were laid in, or else where do you put it? But there’s a problem for starter. There will be a lot of cable trunks where the cable wasn’t done into a lovely accessible pit. They were just dug straight in, sometimes under existing structures. Since that time even more structures have been added. A lot of the copper was put in before whole suburbs existed and the oldest suburbs will be the worst, with roads or whole building sitting on top of the cable pits.
Another problem is that in many places there is one pit for every two houses. The logistics of that are staggering.
The longer you think, the more you dig and talk to people the more I see two glaring truths.
1. The value of the current copper network is huge. To put a replacement cost on it might be impossible, but for certain it was sold at a small fraction of it’s true worth.
2. Tax payers are now faced with two options. Average bandwidth for a very long time - or - a very large bill.
And I don’t mean just large, like a fat aunty. I mean a truly, tremendously, humongously, stupendously massively, huge bill. A bill that’s a hundred stories high, with a portico bigger than the Opera House, that needs it’s own nuclear reactor just to run the lights and has gargoyles on the roof.
Something that can be passed on to your children.
How I.T. gets a bad name
I have this friend, I won’t use his real name, instead I’ll call him Mike.
He runs a motel with his wife, which has an electronic booking software. He gets this booking over the web, through this software system, for a Tom Jones. It’s automated, so it’s all good and all is well - until the day of check in. A woman shows up to the front desk saying she made a booking as part of the big wedding party, that’s come in. But the system says, no way, no booking. Motel is full up and he has to send this woman away - she is seriously not happy Jan!
End of the day rolls around and Tom Jones is a no show. Wondering where the heck he is, they ring his number because he’s a regular customer, asking him what’s the problem? Tom Jones is like - what the schnitzel - I never made a booking, what are you smoking?
Mike’s out $400 bucks for the stay, plus the woman’s out there telling all her friends what a loser he is and the wedding party are giving him sideways looks when they notice there’s an empty unit.
Being a calm sort of chap, Mike rings the web site guys who took the original booking, to have a full and frank discussion. They check their logs and confirm the details were correct at the web site. So he rings the local I.T. guys who maintain his booking software the web guys pass the bookings so they make into Mike’s local booking machine.
First this I.T. guys says, nah, we don’t have logs mate. Mike then proceeds to have this slightly bizarre conversation. The gist of which is; “Well you’re running an XP box so have you rebooted every week. No? Well in that case it’s all your fault - it’s a well known fact that you have to reboot an XP box every week or the memory gets a bit mucked up and it’s obviously swopped some old records around.” This guy has dial-in access to the XP box and says, “Well I’m dialed in here and I can see some registry errors on the box, so that clinches it, you’ve no one to blame but yourself.” Then he assures him Windows 7 is much better.
Mike’s going, “Hang on, how do I know this isn’t going to happen three more times this month, are you for real?”
I.T. guys basically says “cry me a river buddy, it’s not my problem.”
Mike rings me and asks me what do I think.
What do you say to something like that?
Remember the Grey
Knives out, the US Government has formerly demanded Wikileaks hand over all the documents they have been given, or have obtained. They do not spell out the consequences if Wikileaks do not comply.
The issue I would like to highlight is the interplay the US Government is making between legality and morality. There is a stick being held out, represented to be legal compliance, suggesting the documents are the property of the US Government. Next to this is a moral argument saying Wikileaks should “to do the right thing”.
I have no idea what international law says about US files on Swedish servers. What I do know is the legal issue and the moral issue are not the same thing. It is muddled thinking to say “we are legally in the right and therefore you are morally in the wrong”. There is a correct order to things, and the correct order is always to place morality above the law.
If we make the mistake of saying the law is the morality we get into a terrible mess. Murdering jews becomes morality upright one year and morally repugnant the next and the Stalin’s and Hitlers hijack a compliant world into their various brands of hell. When morality is above the law we give meaning to the statement this law is “good” or this law is “bad”. Because good and bad are moral statements.
All of this is not to say laws and morals never see eye to eye, quite the contrary. It is morally wrong to murder and there is a law to reflect that. But if a man steals bread to feed his starving child we may judge him to have broken the law, but to have done the right thing in the circumstances.
Of course, it’s the US Militaries job to reduce the issues to black and white. To eliminate grey, painting themselves as the good guys and Wikileaks as the dirty rotten traitors. But in truth, it’s not so simple.
Whistle blowing may be illegal, it usually is because the law is often written by governments who have a history of dirty little secrets to hide. Exposing lies and other dirty secrets is sometimes the morally right thing to do.
It was illegal for Jeffrey Wingand to say Tobacco companies researched and designed a product to get their customer addicted. But I’m glad he did.
It was illegal for Deep Throat to implicate the US government in the Watergate scandal. But citizens of the USA owe him a debt a gratitude for doing so.
When Dietrich Bonhoeffer was hanged for his part in a plot to assassinate Hitler it was because he stood convicted of treason. But if he had been successful hundreds of thousands of soldiers who died fighting would have owed him their lives.
So when they tell you it’s simple, don’t believe them.
When they assure you it’s black and white - remember your brain is called grey matter.
