“Ah, yes, thanks,” Mick replied, feeling a little confused as to how Will found out about the incident.
Perhaps he is
friends
with someone in the NOC in Hiroshima?
“Yeah, pretty slick.
Not sure I agree with you on the rest of it, though...” he continued.
What is he talking about?
“You brought one of your Ducatis here?” Vince asked, and when Mick nodded continued.
“That's excellent.
We'll try not to keep you in our datacenter for all the daylight hours...”
Mick didn't recall telling Vince about his motorcycle habits, and wondered if perhaps Vince had done a more thorough background investigation on him than he had done on Vince.
Or maybe Vince had just seen him ride in.
Mick wondered what else Vince knew about him.
According to Mick’s investigations, Vince had been with LeydenTech for two years now, and was
employee number
thirteen – startups often kept track of the hiring order – whereas now the company employed over 25Ø people.
His degrees in computer science and business must have made him an obvious recruitment target when he finished his Doctorate from Harvard.
He was married with no kids.
His wife worked at Sandia National Labs in Los Alamos – on what, Mick couldn't determine.
And he had no traffic tickets or recent insurance claims.
“I also plan to maybe do a little exploring, and perhaps some camping this weekend, too.
Anywhere you'd suggest?”
“Chaco Canyon is pretty cool – it is very remote and lots to see in terms of Native American history and ruins,” suggested Anil.
“Are there any good trails I could ride my motorcycle off-road?” he asked.
“Tons.
Just make sure you don't wander into any reservations.
Its not that it isn't safe or something, but it is a different country, and our laws don't apply,” Will cautioned.
“OK – I'll make sure to mark them on my GPS.
Thanks for the info,” Mick replied happily.
“I’m really looking forward to this.”
“Well, thank you for coming out here so quickly.
We would like to get this wrapped up as this might be our last investigation of this type,” Vince replied.
Noticing Mick’s confused look, he explained.
“We are getting ready to turn over our IT and security services to UBK.
I’m not at all happy about it, but we have no choice.”
“I’ve read about them,” Mick replied.
“They subcontract a bunch of government services these days.”
“Yep, they run a couple of federal prisons in this state.”
“I can’t remember, are they a U.S. corporation?”
“No, they are multi-national, dealing with dozens of governments world wide.”
“Is it just me, or does this seem like a bad idea?
Do they even have the competency to handle IT?
Have their systems and software been audited?”
“Well, their systems are extremely efficient, and they take advantage of economies of scale.
For example, they standardize on a single hardware platform and single set of software, then replicate it across their systems and customers.”
“Hmm.
That sounds like a ‘monoculture’, which as you know, has very bad security properties.
If a vulnerability is found, it can be exploited on a massive scale.”
“Maybe you should write to your congressman…” Anil replied.
Mick was shown to a workstation and given his accounts for the servers to examine the logs.
He barely looked up for the next three hours until Will came to take him to lunch.
After lunch, he continued poring over the logs.
Intriguingly, although one of their servers had been compromised, LeydenTech had not shut it down or removed it from their network.
Instead, they had carefully set up a dummy subnet or sub-network and created some other servers with fake corporate accounts.
Then, they had moved the server over and redirected all other communication to another server that mimicked a failed network connection.
As a result, the compromised server was still operating as it had been, but it was isolated from the real LeydenTech network and data.
It was as if the server had been put in a cleverly concealed cage so it could be observed in the wild.
Currently, all the server was doing was sending spam – lots and lots of spam emails.
Mick began to wonder if perhaps this server was part of a botnet, short for a robot network of computers, a collection of compromised, or hacked, computers, known as zombie computers, organized to receive commands over the Internet and operate as a group.
A botnet combines the power of each of each of the individual computers.
The larger the botnet, the more powerful it becomes.
Mick was aware of botnets made up of
thousands,
some claimed millions, of zombies on the Internet used to send spam – so called spambots.
Lately, however, there was evidence botnets were being put to other, more sinister purposes.
So far Mick hadn't been able to find evidence of the LeydenTech server trying to contact a botnet controller for instructions, to 'call home'.
Usually, a newly compromised computer would reach out to its creator to report in and request new instructions.
Studying the compromise, he realized it was similar to the one that happened to his own server.
He was still going through the data when Vince stopped by to say that everyone was going home for the day.
As he rode back to the inn, Mick shifted gears mentally, and focused back on Will's strange knowledge of Mick’s work on the web server attack.
Back in his room, Mick turned on his mobile and checked his social network that he had completely neglected since the morning.
Everyone was buzzing with comments about some blog article that apparently mentioned him.
Mick found the blog on the
Internet Security World
and read with disbelief:
ISW
has just learned
that last month’s major web server attack was uncovered by none other than Mick O'Malley, independent security consultant
.
In a PGP signed email to
ISW
, O’Malley claimed credit for detecting the attack and writing the patch that was widely distributed a few hours after the attack, and effectively ended the zero
day
.
O'Malley also criticized the open source community for security complacency saying:
"...
this
should be a wake up call for the entire open source community.
They need to do a much better job in the future or it will hurt the image of the entire movement."
O'Malley went on to claim that he has personally found and fixed multiple exploitable bugs in different packages in the past few months, and that frustration has forced him to speak out.
We will be tracking the reaction of the open source community to O'Malley's words, and we will have a complete analysis of the attack in next week's edition.
Mick had to read it a few times before he could believe it.
How could anyone believe I had written such self-serving drivel?
And why in hell would I criticize the open source community?
Why would
ISW
lie about receiving a signed email from me?
Lars had spoken to the editor of
ISW
who had shared the alleged email.
Mick again read in disbelief that the signature on the email had validated.
The forged email was
signed
with my private key!
His private key, which he used to sign his secure email
messages
was only known to him.
To have it stolen from one of his computers was inconceivable!
Fortunately, none of his friends seemed to believe the email was genuine, despite the signature.
However, the fact that Mick hadn't weighed in himself seemed to be making them waver a little.
He contacted Lars, Liz, and some other friends, confirming that he had sent no such email, nor would he make such derogatory comments.
At first, Mick was really angry with
ISW
; why would they publish his email without confirmation? Then, he realized: how would they confirm it with him – call his mobile?
His phone number wasn't published anywhere.
He did nearly all his business using signed email.
What more proof or confirmation would they need than his digital signature generated with his own secret private key – known only to him?
My private key has been compromised.
This realization hit home and made his knees feel weak.
His private key – his identity – his ability to secure communications with, well, everyone.
Without any further delay, he began a key revocation, canceling the compromised private key and making it unusable by the thief, but also, unfortunately, unusable by Mick as well.
Having done that, he began the laborious process of generating new private keys and their associated public keys and getting the public keys signed by his friends and published in various places on the Internet.
He then read the comments to the blog entry, and needless to say they were not at all complimentary towards him.
In fact, it was fair to say his reputation with the open source community was pretty well destroyed by this forged mail, although some of his friends had posted in his defense.
It was only a few hours until sunrise when he went to bed.
The next morning he had a scheduled video call with Sam.
He didn't really feel like it, and actually considered canceling it, but went ahead in the end.
“Konichiwa Uncle Alec-san!” she greeted him.
“I'm not in Nihon anymore,” he reminded her.
“I know.
You are deep in the Southwest.
How is the riding?”
“Very good.
The terrain is pretty unique here – even the sky seems somehow different,” he replied.
“Pictures please!
I need to decide whether New Mexico should move up on my list of places to visit.”
“Where is it now?”
“I believe it is about 4Øth on the list, but if you say the sky is different, then I may have to move it up into the teens.”
“Understood.
Shall we read?”
“Nope.
I've got a question for you, if that's OK?” she asked hopefully.
Mick smiled to himself.
This girl really knows how to get to me.
“Of course, Sam.
What is it?”
“I read that 'peer-to-peer' networks are a security risk.
Now, I don't know what they are, but I think I've heard you mention them, and you wouldn't talk about them if they were bad for security.”
“Sam, do you read Slashdot or something?
Never mind.
You are right: P2P isn’t necessarily insecure.
This is a classic piece of clueless FUD,” he started,
then
paused when Sam raised her eyebrows as if he had said a bad word.
He smiled,
then
continued.
“FUD stands for Fear, Uncertainty, and Doubt.
In this case, it means half-truths and falsehoods, peddled by people with an agenda to push.
There is nothing inherently threatening or bad about peer-to-peer applications – in fact, they can sometimes be more secure than other applications.”
She looked away from the camera for a moment,
then
continued.
“My mother wants to say hello.”
“Hi Alec,” Jocelyn began, her dark wavy hair and piercing brown eyes coming into the field of view of the camera.
“Hey Jocelyn, how's it going?”
“Oh, I'm fine.
Wondered if you were coming to Boston soon?”
“Yes, probably in three weeks,” he replied.
She smiled back at him, and he heard Sam
shout
“Yes!” out of view.
“OK.
Let us know, brother.
Take care.”