Digital Frontier

I just wanted to update my readers on a few things.  If it has seemed like I have not posted anything in a long time, I apologize.  I’ve been busy with finals for school, packing, going home and starting my summer internship which have prevented me from writing about interesting things.  The good news is that my internship at Applied Information Sciences is going to be a great opportunity for me and for my career.  I hope to bring some general experience that I obtain from the internship into the classroom and on this blog.

Next, I wanted to bring readers’ attention to two of my friends from Penn State who are attending (with other SRA students) the SARMA Conference in Arlington, Virginia.  The second annual event plays host for a terrific speaker series and a huge turnout of security and risk management/analysis companies.  Unfortunately, due to my internship hours, I am not able to attend.  Hopefully later in the summer I will be able to attend some other interesting security conferences hosted in the D.C. area where I live.  Please take a look at both Russ Beck’s and Matt Maisel’s blogs for a summary of interesting speeches and interactions with SARMA members.

Lastly, I would like to get some input on what you like about this blog both content and design.  If there are things you want me to discover and write about or have questions about other topics, please leave a comment in the form below.  I get a great deal of page hits for my two Ubuntu articles, but I would like to drive traffic to other parts and topics of this blog.  Any input and interaction about this blog is definitely appreciated.

It has been a while since I have posted anything mostly due to finals and projects.  I finally got a chance to relax after unpacking and go to a baseball game with my family.  A few years ago, the Montreal Expos moved to Washington D.C. and became the Nationals.  They played up until this season in RFK stadium which is the former home of the Redskins and present home of the D.C. United.  The new baseball arena is built by the Washington Naval Yard, very close to the Marine Barracks where John Phillip Sousa led the Marine Band.  The brand new stadium is beautiful in every aspect.  It is very open and allows for a fantastic view of the field from any seat.  Even from my nosebleed $5.00 seats I was able to enjoy the game immensely.  It was designed by the same person who built the Pirates’ stadium in Pittsburgh.

A quick word on technology (since this blog is centered on that topic).  In the past, my brother explained to me, ushers carried a green sign and a red sign.  This was the indicator to let stadium security know if someone was hurt after catching/getting hit by a foul ball.  In the Nationals’ new stadium, they all carry radio transmitters that do the very same job.  This update to system that has worked in ballparks for years allows stadium safety officials to be far more accurate and get information fast if there is a problem.

The LED scoreboard is the biggest in baseball- measuring an astounding 4,532 square feet.  It is even rumored to be high definition, though I couldn’t tell from so far away.

The new stadium is also LEED certified, which means it meets energy saving standards that rival normal buildings.  I first encountered LEED certified buildings during the Future Forum, and it is nice to see a new, multi-million dollar sporting complex to be a part of this building technology.  Also noticeable from my nosebleed seats (besides major D.C. landmarks like the Capitol Building, Georgetown University and other monuments) were several examples of green roofs that are planted with apparently 1,200 plants that promote better drainage and keep buildings cooler in the warm summers in D.C.

For more information about the new ballpark, click here.

Update: I should also note that the Nationals lost to the Marlins at the game I attended.

In a recent article in New Scientist Tech, the authors have detailed an interesting new development in the fight against evil botnets and distributed denial-of-service (DDoS) attacks.  They explain that researchers at University of Washington have harnessed their own network to shield a critical, protected server.

The way these researchers have accomplished this incredible feat is by redirecting information through a series of “mailbox” computers.  These “mailbox” computers are made up of all of the existing computers on the extensive network.  Instead of these mailbox computers acting as a funnel for access to the secure server (like you would expect), they only allow information to pass to the server if the server requests it.  This keeps the server from becoming overloaded with requests.

Malicious botnets leverage thousands and sometimes millions of turned computers against a network.  Each of these turncoat computers bombards a specific server at the same time, flooding the server with requests rendering it useless.  This act is known as a DDoS attack that is the common weapon of a botnet.

Phalanx- the name given to the network of mailbox computers- can keep a server safe from even the most stalwart attacks.  Researchers have claimed that Phalanx can even protect against multi-million entity botnets with minimal data loss.  In addition to the previously mentioned tactic, Phalanx mandates that computers attempting to access the server solve a computational puzzle.  This is not hard for a real-live computer user, but this tactic proves to be a huge hurdle for the huge botnets.

In regards to actual testing of Phalanx and related security measures, the team of researchers pitted 7,200 mailbox computers against a simulated million computer botnet.  The end result was the server functioning normally even while a large percentage of the mailboxes being bombarded heavily.  They stressed that Phalanx is very scalable and they note that additional friendly computers can be recruited to deal with varying sizes of botnets.

The Washington researchers discuss using home computers to join in the effort against malicious botnets.  Using technology similar to popular filesharing program Bittorrent, they hope to link computers together using Phalanx technology.  They note that, “converting BitTorrent users into a community-based botnet defense sounds interesting and promising.”

You can find the entire report here.  Leave your thoughts in the comment section.

On April 28, 2008, Dr. William J. Perry spoke in the HUB auditorium about the two things he believes are the most critical dangers in our world.  Dr. Perry, the 19th Secretary of Defense, believes that the dangers include both Nuclear Terrorism and the Global Climate Change.  More importantly, he detailed the connection between the two dangers and what the world can do to mitigate the problems.

After the Cold War, many nuclear weapons were left in former Soviet Bloc countries including Ukraine, Georgie, Belarus and Kazakhstan, among others.  These new countries had possession of nuclear materials from the former Soviet bases and posed a serious security threat to the world.  Instead of a handful of countries having access to nuclear armaments, now double the number of states had possession of such weapons.  The prerogative of Dr. Perry and other top Clinton Administration Officials was to disarm these countries and slow down the nuclear proliferation that was the result of the Cold War.  After the disarmament process was over, the world was 10,000 nuclear weapons safer.

Dr. Perry argues that the same situation is happening today with the buildup of nuclear materials in other realms.  With new technologies in nuclear power being developed everyday to increase efficiency and safety, nuclear power is becoming an even better way to produce energy.  As nuclear power plants start popping up in large numbers in countries around the world, the amount of fissile material increases with it.  This new proliferation is running parallel to “catastrophic terrorism”.  If a terrorist or terrorist organization were to get hold of fissionable material from one of  these new nuclear power sites, it would be an enormous problem.  Perhaps not as big of a problem as nuclear holocaust, but it would mean catastrophe for the target and target area.  The terrorists will likely use a dirty bomb delivery system in which the actual explosion of the device is relatively small.  The important factor of a dirty bomb is the radiation released by this relatively small explosion.  It would cause radiation poisoning to the surrounding population not initially killed by the blast.  This would prevent habitation in the target area for many years and would undoubtedly have an enormous human toll.

The question that is raised here is how to we mitigate the risk for this specific proliferation?  Dr. Perry explained that there is no way of defending/deterring an attack like this.  Instead, we must prevent fissile material from getting into the hands of terrorists.  We can create new nuclear power plants that are not only designed to be efficient and safe, but secure so the fissionable material is constantly protected.  New protocols need to be put in place by national, transnational and international agencies and organizations to protect the dangerous material from being lost or stolen.  Stricter controls and protocols need to be enacted to govern the disposal of spent nuclear materials.  This kind of nuclear material is a prime target for theft and use in terrorist acts.

The third point (which he touched on briefly) is that there is no political will to act on new protocols dealing with technology and legislature.  Without political will, Dr. Perry explains, nothing changes.  His new policy initiative is poised to build up political will to push legislature that advances technology.  He is part of a non-partisan initiative that includes political and policy heroes like Henry Kissinger, Sam Nunn and George Schultz.   This political dream team is focused on practical steps we can take today to have a safer future in regards to nuclear energy and climate change.

All in all, Dr. Perry’s lecture was an interesting insight into the world of nuclear and climate safety.  I would never have thought that there were people exploring the connection between increasing nuclear power plants, terrorism and climate change.  His talk was laced with an overall tone of stressing the importance of convergence of fields.  Since the lecture was sponsored by the Engineering School, he told aspiring engineers to not only know the technical side of their work, but also what policy decisions must be made in order for their deliverables to be effective and useful.  This is exactly what the College of IST is focusing on while educating its students.  We are taught to understand the spectrum of what we work on, not just a small sliver of a project.

I would like to introduce a new feature of Digital Frontier.  Now, my blog will be simultaneously translated into Spanish.  I don’t know if search engines will pick up the translated version, but I figure it is worth a try.  Click here for the Spanish translated page.  Leave comments if you have read my blog in Spanish and let me know how well the translation worked out.  I would appreciate your input.

This post is both a Daily Scoop entry and a follow-up to my original post about Ubuntu 8.04.  I have found several pages and helpful documents that I have used in order to make my Hardy Heron installation work excellently.  So without further ado- here are the things that help make this wonderful OS something workable.

From Fosswire is a Ubuntu cheat sheet based in .pdf format.  Here is the link to the page where you can download and view the .pdf.  This is possible the best and easiest guide I’ve seen.  Especially good for users like me who really know nothing about the command line.

From the Ubuntu How-To site is a great guide for all things Hardy Heron.  I used their other guides for previous version of the OS.

The following is code to install drivers for a Happaugue USB TV Tuner called the HVR-950.  I found these lurking on the internet and wanted to duplicate them in case the site went down at some point.  Hit the original instructions for details about other Ubuntu releases and how to install these drivers.  I haven’t tried these instructions yet on 8.04 but I’m pretty sure they will work.  The issue is finding software to play the TV signal on.

sudo su

apt-get install mercurial linux-headers-$(uname -r) linux-source build-essential

cd /lib/firmware

wget http://konstantin.filtschew.de/v4l-firmware/firmware_v4.tgz

tar xvzf firmware_v4.tgz

hg clone http://mcentral.de/hg/~mrec/v4l-dvb-experimental

cd v4l-dvb-experimental

make

make install

reboot

sudo modprobe em2880-dvb

If on the next reboot, the card stops working the em2880-dvb module is not being loaded properly in Feisty. To fix this :

cd /etc/modprobe.d
sudo gedit dvbstick

then add this line to the new dvbstick file :
install em28xx /sbin/modprobe --ignore-install em28xx; /bin/sleep 2; /sbin/modprobe em2880-dvb

Reboot your system

I’d like to preface this post by saying that I’ve tried Ubuntu a number of times, but have not been able to make it my day-to-day OS.  Additionally, I will not pretend to be well-versed in Linux customization or configuration, but you could say that I’m an normal desktop user.

Let me just say that my initial impression to the new OS was fantastic.  Everything was silky smooth and fast as hell.  I installed Ubuntu 8.04 by means of Wubi- a new installation method that installs the OS through Windows (just like you would install any other program).  You reboot and choose Ubuntu through the Windows Boot Menu and it completes the installation.  The whole thing took me less than 20 minutes.  This process is much easier than worrying about partitioning the drive yourself and worrying about deleting files.  You choose how much space you want to give Ubuntu and you are good to go.  Apparently, the speed of the Wubi-installed Ubuntu is slower than one installed directly to its own partition, but I have yet to experience a problem.  You can also uninstall Ubuntu from Windows through Add/Remove Programs.  This is the first of the wonderful additions that Ubuntu has added to their already outstanding OS.

After I logged in and the setup was complete, I was pleased to see that the wallpaper had been updated and slight refreshes have been made to some of the design elements.  Immediately, I enabled visual effects and every click became a delightful flurry of eye candy.  Some people tout this technology (Compiz Effects) as worthless, but it makes the GUI a smooth, dynamic experience.  This is a big step up from 7.10 since a lot of the time the visual effects would hiccup.  Another welcome addition was the automatically working forward/backward buttons on the mouse for internet browsers.  Before, you had to change the configuration file and mess around a lot.  Users like me first not only don’t know how to do that, but additionally worry about messing something up.  It finally works without any hassle or setup- right out of the box.

Possibly the best addition to this version of Ubuntu is far better dual monitor support.  I have a 20″ Dell widescreen that works great under Vista and Mac OSX.  I could never manage to get this monitor to work with prior versions and without too much problem I was able to configure dual monitor support in a short amount of time.  When I went into the monitor management program, it would not pick up the second monitor.  I had to type in “sudo nvidia-settings” and configure it through there.  I enabled the monitor and xinerama to get the setup I wanted.  Additionally, it works just as well as Windows or Mac machines.

I’ll be writing a more specific, detailed review of Ubuntu 8.04 Hardy Heron in due time.  I will highlight areas it would still improve in and detail more things I like about it.  Check back in a week or two for that post.  I also hope to do a post dealing with security programs in Ubuntu since Unix/Linux machines are great for finding vulnerabilities and flaws in computers and security.

Happy Earth Day everyone. That’s right, April 22 is indeed Earth Day. Instead of writing about how everyone needs to conserve, recycle and be better stewards of the environment in general, I’m going to post some links that deal with technology and the environment.

First up is is the Yahoo.com Green page. They have a lot of great resources linked all over this general page. Hit this link to find green technologies and this link on how to live greener.

Here are cool things you can do for Earth Day from a blog affectionately called Treehugger. They also offer a whole how to go green section.

Recently, I discovered the topic of Clean Tech. This is a blog dealing with that term. I hope to do a story on this technology at some point, but lots of research is still needed. Environmental technology also is related to this field of study.

The Global Environment and Technology Foundation (GETF) is a non-profit situation with this to say about themselves:

We are making a difference by promoting the development and use of innovative technology to achieve sustainable development. For nearly twenty years, GETF has brought industry, government and communities together to address environmental challenges with innovative solutions.

Ecogeek.org has a huge amount of information about conservation, sustainability and clean tech. Very interesting stuff.

I would like to introduce a new blog: SRA Resource.  This effort is the combined work of several SRA students including Russ Beck and myself.  The idea came after Russ wanted to post his 70 + pages of annotated bibliographies on topics dealing with SRA and IST.  After we discussed the best way to portray this resource-rich material, we decided to use a wordpress blog instead of a wiki page.  There was significant interest in this resource’s development during our SRA Club meeting.  Several people were willing to contribute and others were just excited to have a comprehensive list of related resources.  Keep checking SRA Resource for updates and for all your researching needs.

New York’s JFK International Airport and Los Angeles’ International Airport have gotten new scanners to further protect airline passengers.  The Transportation Security Administration (TSA) has begun a test run of Millimeter Wave Scannersto see through clothes to find contraband like weapons and explosives.  TSA reports that 90% of passengers would rather go through this kind of scanning than a traditional pat down.  An expert also added that they will use a special algorithm to blur out the faces of those inside the device.

The possible downsides of this new scanner include the safety of the system.  TSA says that the scanner emits 10,000 times less energy than a cell phone.  Additionally, people question the overall effectiveness of this system.  It is being deployed in Los Angeles in a random manner to screen passengers.  In New York, it will be offered as an alternative to a body scan.  If the new scanners are successful, the program will expand to include 30 more Millimeter Wave Machines in the next year.

Hit this link for a TSA Officer’s take on the new machines.  The comments on his post are particularly interesting.