Mick enjoyed the walk back to his hotel.
London really felt right to him.
Despite living in the greatest city in the world, he could still miss London at times like this.
The next day, there was the usual slew of industry announcements, gossip, and rumors making the rounds at the conference.
Unlike Hiroshima, Seattle, or Vegas, this conference had an exhibition floor where various vendors and companies showed off their latest hardware and software products.
Mick did a quick tour through to see whether there was anything new or exciting, or any good giveaways.
He avoided the booths that were scanning barcodes; his barcode looked legit but would never validate.
Besides, he got enough spam.
At the very least, the show floor was usually good for a laugh, to see what the clueless marketing types had come up with to hock their wares.
He spotted Lars across the hall and waved.
Lars was hanging out at a booth that, coincidentally, had the most attractive women handing out literature.
He was heading out of the hall when
he was surprised by Miles
.
“Mick – got a second?” Miles began.
“Sure, what’s up?” he asked warily.
“Umm… let’s talk in the speaker’s lounge,” Miles suggested, and they walked through the crowds, sitting down at a table in a small room.
“Take a look at this,” Miles said, handing his mobile to Mick.
Mick quickly read from the screen:
...
Because of this appalling state of affairs, I am forced to take action.
In three days I will demonstrate a series of zero day attacks against a variety of open source Internet applications.
Some may think this irresponsible, but perhaps this will finally get the community to wake up and take action!
Mick O’Malley
He looked up at Miles in confusion and anger.
Mile’s software showed that the digital signature validated – according to the crypto, this was an authenticated email message sent by Mick!
“Did you –” he began.
“Definitely not!” Miles interrupted.
“I received it this morning as an attachment from an anonymizer service.
I think whoever sent this wants me to distribute it for them.”
“And are you?”
“No, of course not.
I know you didn’t write this!
I knew you didn’t write the
ISW
mail either, but that one was mostly harmless.
This… this mail could get you a trip to Scotland Yard!” Miles explained.
Mick nodded, somewhat surprised by Miles’ admission.
Mick always assumed their antagonism was personal, but apparently, not this personal.
“Do you have any idea who is doing this to you?
Or why?”
“Well, I have some clues...
it relates to a contract I took on a while back.”
Another private key compromise!
Unbelievable!
“Mick, there’s more,” Miles began, pausing for a moment.
“More?” he asked.
“Take a look at the forwarding mail...
the full set of headers,” he paused while Mick examined the mail that had forwarded the forged note.
It took him a moment, but he saw what Miles had seen.
“What the hell!” he cursed, louder than he intended.
He immediately stood up as others turned to look at him.
“I know,” Miles began.
“I’m really sorry, Mick.
Don’t worry, I’m not going to do anything with this mail except archive it...” Miles was still talking as Mick left the room and sprinted down the hall.
He stopped at the technical support desk for the conference.
There was no one getting helped, so he was able to talk straight away to the young woman with bobbed dark hair.
“May I borrow a small flathead and a Philips screwdriver, please?” he asked, catching his breath.
“Sure, love.
Here you go,” she said pulling two tools out of a case.
He threw his computer on the table, flipped it over, grabbed a tool, and set to work removing the tiny screws on the case.
He held his palm against the end of the driver and rapidly spun it around with the fingers and thumb of his other hand in a rapid motion, as if he were a mechanic in a Formula 1 pit stop.
With all the screws out, he slid the other screwdriver between the join in the case and pried it open.
In another moment, he had the keyboard disconnected from the motherboard – the main circuit board of the computer.
He swore again, this time under his breath, staring at a tiny, evil-looking circuit board that was crimped onto the keyboard connector – a hardware keylogger.
He ripped it off, dislodging the keyboard cable.
Glancing up at the girl, he slipped it in his pocket.
He removed the motherboard, extracted the sold state drive, then smashed the motherboard across his knee, bending and splintering it.
The woman stepped back, aghast.
He composed himself,
then
asked “Do you have a rubbish bin handy?”
She lifted a
trash can
up from behind the counter, and he dropped the pieces into it, holding onto the case and the screen.
“Sorry about that,” he replied.
“I just really hated that computer!” he explained, then turned and walked away.
Having removed the keylogging circuit, Mick knew that his computer was most likely secure again, but he just didn’t want to take a chance his firmware or other chips had been tampered with.
Plus, it had felt good to take out his anger.
Who put the keylogger on my computer?
And when?
Whoever put it there knew everything he had typed: all his carefully chosen passwords, every mail, and every line of code he had written!
This must have been how they stole his private key.
The thought of it made him crazy with anger again.
Mick now needed a new computer.
Buying an off-the-shelf computer in a shop was obviously out – how could he be sure it didn’t also have a keylogger or other malware built into it?
Mick located a few computer parts stores on his mobile.
He ignored the closest and most obvious shop and instead chose one a little further out.
Is my paranoia getting the best of me
?
He plotted a route there on the Tube and set out.
Mick arrived nearly an hour later and set about building a new computer from scratch.
He had kept the screen and his old case.
The case was a one-off custom CNC case he designed
himself
last year, and was machined from a block of aluminum.
First, he selected a motherboard.
He chose the fastest processor ignoring the usual speed/battery life tradeoff.
He selected RAM (Random Access Memory) and a flash drive – no hard drive needed.
The video card was the hardest choice.
He studied the specs for a few minutes before selecting one that seemed to have the right resolution for his screen.
A keyboard (sans keylogger!) completed his new computer.
He skipped the battery isle.
Mick pushed the now full cart to the checkout.
“Someone’s getting a
fab
new computer!” the checkout guy said, wowed by the set of components chosen by Mick.
Mick didn’t really hear him as he handed over some pound notes.
Mick asked whether he could use a
work bench
for an hour.
The clerk nodded, and after completing the sale, took Mick to the back.
Mick unpacked the components.
He attached an anti-static guard to his wrist to ensure no static electricity buildup that could damage the sensitive electronic components.
He worked quickly and completed the build in about half an hour.
When he turned around, he was surprised to see a small crowd of employees on their lunch break watching him work.
They scattered quickly.
With everything assembled, he retrieved what he had been using as a bookmark from his copy of
The Innocents Abroad
, bent out the connectors on the top, and connected it into the wiring harness of the motherboard.
He grinned.
No computer has a better battery life than this one – thanks Vince!
Thinking of Vince brought to mind his difficulties with the U.S. Government, and the fact that at some point he needed to sort them out.
He resolved to do so, but later.
He powered up the computer and verified that the BIOS (Basic Input/Output System) functioned properly by running some tests and utilities.
The rest of the install he would have to do on the network, so he packed up and took the Tube back to the hotel.
With the new computer on his knee, he marveled at the weight of the unit, and did a mental calculation of how much lighter it would be in a titanium case...
and how much more expensive.
Back at the hotel, he met up with Lars who loaned him a memory stick with a secure kernel and operating system, which he proceeded to install.
Then, he connected to the network, downloaded the source code of his favorite applications, compiled and linked them, generating the binary files.
He then connected to his server and downloaded his disk image.
Mick was back in business again.
First, he changed all his passwords and generated new keys, revoking all the old ones.
He was starting to feel better.
He made a mental note to find out what Miles most enjoyed in eating/drinking/collecting and give Miles an abundance of it.
He really owed him – Miles, of all people!
Chapter 1D.
From IRC Channel #314 for SecAdminAnonymous:
.
.
.
Anonymous_1:
anyone clued in on last week’s DNS outage?
Anonymous_6:
what outage??
Anonymous_1
:
.coop
and .aero were down for 43
mins
...
Anonymous_5:
they weren’t, just some domains...
not that anyone cares!
Anonymous_1:
incorrect.
See the logs
at http://root-logs.cfm.c2b/cgibin
Anonymous_6:
WTF!
how
did this stay out of the blogs?
Anonymous_1:
no idea
Anonymous_9:
heard it was a pretty sophisticated
ddos
on them
Anonymous_42: might just be a server outage
Anonymous_9:
there’s
all kinds of crap happening these days that no one seems to notice
Anonymous_19: one word for you
zed.kicker
Anonymous_9:
never heard of them
Anonymous_19: you will.
remember
the carbon web server Ø-day?
Anonymous_1:
of course.
everyone
got hit on that one.
Anonymous_19: that was
zed.kicker
, too.
Anonymous_1:
who is it?
how
do you know?