Right to private jet ski use while collecting disability

New York authorities said the warrants led to the indictments of firefighters, police officers, and civil servants on disability fraud charges. The Facebook data, which included user photos and videos, showed employees who claimed they were disabled performing a variety of activities, including fishing, martial arts, and even jet ski riding. – Ars Technica

Droning on about computer security

Good grief.

The US military’s unmanned Predator and Reaper drones are continuing to fly remote missions overseas despite a computer virus that has infected their US-based cockpits.
Government officials are still investigating whether the virus is benign, and how it managed to infect the heavily protected computer systems at Creech Air Force Base in Nevada, where US military pilots remotely fly the planes on their missions over Iraq, Afghanistan and elsewhere.
“Something is going on, but it has not had any impact on the missions overseas,” said a source, who was not authorized to speak publicly.
Armed tactical unmanned planes have become an increasingly valuable tool used by the US military to track and attack individuals and small groups overseas, but the virus underscores the vulnerability of such systems to attacks on the computer networks used to fly them from great distances.
Rob Densmore, former US navy airman, told Al Jazeera that the infection was a common keystroke logging virus – which registers the keystrokes pilots use to control the unmanned drones from afar.
“It has to have a point of access, so we know that thumb drives – basically USB drives – are used to upload navigational information, guidance information to Predator and Reaper drones.
“And if there’s a way somehow that that information, or that thumb drive, can come into contact with a network or with the internet, that’s where the danger is because that basically means that information can be carried across from the Reaper drones.”


Government approach to security can be described as designing an unsinkable boat that has no doors between compartments and then, to make it usable, cutting a random and increasing number of undocumented holes between compartments.


Security news

The lesson of this story is that even (particularly?) computer security companies cannot put up with the inconvenience of standard security precautions.

Greg Hoglund’s nightmare began on Super Bowl Sunday. On Feb. 6 the high-tech entrepreneur was sitting in his home office, trying to get to the bottom of some unusual traffic he was seeing on the Internet. Two days earlier he’d noticed troubling activity hitting the website of HBGary Federal, the Sacramento startup he helped launch in 2009. He suspected some kind of hacker assault and had spent the weekend helping to shore up the company’s systems. A few hours before Green Bay kicked off to Pittsburgh, Hoglund logged into his corporate account on Google (GOOG)—and confirmed his fears.

He couldn’t get in. Someone had changed the password and locked him out of his own e-mail system.

He used Google mail – and several people had the administrator password.

Security for dummies – a lesson for smart grid

WASHINGTON — Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.

So what are the lessons. First, “security by obscurity” is equivalent to “hope is a plan”

The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn’t know how to exploit it, the officials said.


And second : use standard protocols

Predator drones are built by General Atomics Aeronautical Systems Inc. of San Diego. Some of its communications technology is proprietary, so widely used encryption systems aren’t readily compatible, said people familiar with the matter.

Deterministic multithreading

An interesting paper appearing in ASPLOS proceedings provides a “deterministic” locking method

Kendo enforces a deterministic interleaving of lock acquisitions and specially declared non-protected reads through a novel dynamically load-balanced deterministic scheduling algorithm. The algorithm tracks the progress of each thread using performance counters to construct a deterministic logical time that is used to compute an interleaving of shared data accesses that is both deterministic and provides good load balancing. Kendo can run on today’s commodity hardware while incurring only a modest performance cost ( http://www.gigascale.org/pubs/1883/asplos073-olszewski.pdf)

There is similarly motivated work on Java going on at UIC: http://dpj.cs.uiuc.edu/DPJ/Home.html

Both works refer to Lee’s paperwhich I discussed earlier. Nondeterministic threading is a  historical accident in computer engineering. Operating systems introduced time-sharing methods so single thread programs could be run in parallel during I/O delays and then so that multiple users could reasonably fairly share a processor and then so the OS and service programs could provide multiple services to a user at the price of slowing down user applications.  Exposing this system to users has been a mixed blessing. Certainly in the controls world, non-determinism is a dangerous fault.

Marine One Blueprints via Pirates Bay

Goodness. The US blueprints for Marine1 show up in Iran.

“What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One,” Boback said.

Tiversa also found sensitive financial information about the cost of the helicopter on that same computer, WPXI-TV reported.

Mobile device security and President Obama

Obama’s fighting hard to keep his Blackberry

President Barack Obama will have a beloved BlackBerry — and maybe a second, more secure smartphone-like device — with him in the White House.

The president has been adamant about continuing to use a BlackBerry, a smartphone with Internet and e-mail access, despite concerns that are likely making the National Security Agency as nervous as the Secret Service on Inauguration Day when Obama left his presidential limo twice to walk and wave to crowds along Pennsylvania Avenue. MSNBC

Dijkstra versus Perlis (updated)

Here’s Dijkstra

He [Perlis] published a very obnoxious paper arguing against a mathematical approach to programming cite

Here’s the paper by De Millo, Lipton and Perlis. It starts as follows:

Many people have argued that computer programming should strive to become more like mathematics. Maybe so, but not in the way they seem to think. The aim of program verification, an attempt to make programming more mathematics-like, is to increase dramatically one’s confidence in the correct functioning of a piece of software, and the device that verifiers use to achieve this goal is a long chain of formal, deductive logic. In mathematics, the aim is to increase one’s confidence in the correctness of a theorem, and it’s true that one of the devices mathematicians could in theory use to achieve this goal is a long chain of formal logic. But in fact they don’t. What they use is a proof, a very different animal. Nor does the proof settle the matter; contrary to what its name suggests, a proof is only one step in the direction of confidence. We believe that, in the end, it is a social process that determines whether mathematicians feel confident about a theorem–and we believe that, because no comparable social process can take place among program verifiers, program verification is bound to fail.

To me, the problem with Dijkstra is that he was so sharp and such a good writer that he was able to make persuasive cases out of wrong ideas. Dijkstra wanted to be a scientist in the model of theoretical physics, not an engineer. I’m pretty confident that Dijkstra was wrong: programming is engineering – in fact, physics is not as far from engineering as some people would like to believe. I’m not a huge fan of the engineering discipline as it exists in the USA. It has all sorts of negative aspects – including those Dijkstra railed against. But the vision of a programmer as, not a mathematician, but a formal logician flying far above the grubby compromises and trade-offs of mere engineering in a platonic bubble of pure reasoning is wrongheaded.

Dijkstra published some criticism of the Demillo paper at the time and in their response the authors stated something that, as far as I know, remains true

We must begin by refusing to concede that our confidence in a piece of
real software has ever been increased by a proof of its correctness

When I was in graduate school, a famous formal methods scholar came for a talk and explained to us that formal methods were needed if we were ever going to develop fault tolerant software. I pointed out that, for example, the Tandem Software worked pretty well in practice. “It cannot”, retorted the famous scholar.

So there.

future of the data center

This article from Ars Technica discusses a talk over the summer by Merrill Lynch’s chief technology architect, Jeffrey Birnbaum on “stateless cloud computing” – most concretely on distributed file systems.

Birnbaum believes that one of the key foundational elements of a stateless computing environment is a networked storage system that enables ubiquitous availability of software. The file paths of the individual applications should be based on clearly defined nomenclature, much like the domain of a web site. All application dependencies should be accessible through the network filesystem, and version numbers should be expressed with the path nomenclature.

Big distributed file system – sure. Why should version numbers be expressed with the path nomenclature (a Plan9 idea, btw)?  Now we go on to the ancient problem of caching distributed data.

The obvious challenge posed by rolling out worldwide network storage infrastructure is scalability. If everyone in a global organization is depending on a network storage solution, then it needs to be fast and consistently reliable. The solution that Birnbaum proposes is regional mirroring and caching. The storage system would be universally synchronized between mirrors that have all the data. Caching can also be used at individual facilities to further improve performance. To achieve this kind of global scalability, he says, the best approach is similar to that of Akamai.

So even with a non-globally distributed file system, the problem of shared access is non-trivial. A global file system makes things quite challenging. Suppose we have a file recording trades and the Singapore, London, NY, and Espanola main offices all are reading and writing at the same time. Caching and cache coherency is an utter nightmare.  Akamai, like Google, solves the problem of massive amounts of distributed data by focusing on “delivery” – otherwise known as “read only content” or “many readers one writer” and with no requirement for true synchronization.  But the ML problem is more difficult even if we ignore multiple writers because, presumably, you want Singapore to actually see every trade made in Espanola even though for Akamai, it’s ok if the cache is not fresh. How to solve multiple readers and writers is something else as well.

These concepts don’t cover a whole lot of new ground yet. Much of this was already possible with conventional thin-client systems. The point at which it becomes immensely valuable, according to Birnbaum, is when all of these technologies are used together with virtualization to abstract the processes away from the hardware. Once this is done, individual operations can seamlessly float around data centers and balance out in a manner that offers a more optimal level of resource utilization.

And this seems to me to gloss over the even harder problem. Imagine a serious Oracle application “seamlessly floating” from some set of machines in one data-center to another set.  I can’t imagine how that works. Imagining little jobs floating is easier, but is that really an interesting problem? And this brings us to the most interesting claim:

He claims that 61 percent of a company’s enterprise server capacity goes completely unused and proposes an automated load balancing solution—

SIXTY ONE PERCENT!  Think of the power use.