IBM | Bach Seat

Tag Archive for IBM

RB | August 28, 2012

A History of Mac Malware: Part 1

Graham Cluley at Sophos recently wrote an excellent history of Apple Macintosh malware. He points out that Mac malware is a subject that raises strong emotions. There are some who believe that the problem is over-hyped and others who believe that the malware problem on Macs is underestimated by the Apple-loving community. The author writes that hopefully, this short history will go some way to present the facts and encourage sensible debate. (rb- We have just taken on a new customer which is 85% Mac and 15% PC. I have had this very conversation with my Apple certified tech who does the field support.)

Click here for part two of this series. Click here to read my recent series commemorating the 25th anniversary of the computer virus.

1982 – Apple II – The first virus to affect Apple computers wasn’t written for the Macintosh (the original Mac did appear until 1984). 15-year-old student Rich Skrenta wrote the Elk Cloner virus, capable of infecting the boot sector of Apple II computers. On every 50th boot the Elk Cloner virus would display a short poem:

It will get on all your disks
It will infiltrate your chips
Yes, it’s Cloner!

It will stick to you like glue
It will modify RAM too
Send in the Cloner!

The blog says many Apple fans are surprised that the Elk Cloner boot sector virus predates IBM (IBM) PC viruses by some years. (I got my first paying tech job using an Apple II and PFS:File to build a database).

1987 – Macintosh – The nVIR virus began to infect Apple Macintosh computers, spreading its malware mainly by floppy disk. It was a similar story to what was happening in the world of MS-DOS malware, where viruses would typically travel from computer to computer by users sharing floppy disks.

Source code for nVIR was later made available, causing a rash of variants for the Mac platform. The author writes that the first anti-virus products for Mac, some free, some commercial, began to emerge in response th this malware. (In my first tech support Job, I got very familiar with the Mac 30/SE, since there was a computer lab full of them with a SCSI chain from the Mac to an external hard drive to a scanner. They also printed to a LaserWriter 2 with AppleTalk and Phonenet. I still have a bag of terminators.)

1988 – HyperCard – Running on early versions of Apple’s Mac OS, one HyperCard virus displayed a message about Michael Dukakis’s US presidential bid before self-destructing:

“Greetings from the HyperAvenger! I am the first HyperCard virus ever. I was created by a mischievous 14-year-old, and am completely harmless. Dukakis for preseident (sic) in ’88. Peace on earth and have a nice day”

1990 – The MDEF virus (aka Garfield) emerged, spreading malware on application and system files on the Mac.

1991 – HC (also known as Two Tunes or Three Tunes) was a HyperCard virus discovered in Holland and Belgium in March 1991. The writes that on German language versions of the operating system it would play German folk tunes and display messages such as “Hey, what are you doing?” and “Don’t panic.”

1995 – Concept Macro Virus – Microsoft (MSFT) accidentally shipped the first-ever Word macro virus, Concept, on CD-ROM. It infected both Macs and PCs running Microsoft Word. Concept was not written with malicious intent but thousands of macro viruses were to follow, many also affecting Microsoft Office for Mac. Word macro viruses turned the world of Mac *and* Windows malware on its head overnight according to Sophos.

Macro viruses are written in an easy-to-understand macro language that Microsoft included in its Office programs making it. The blog says the macro language made it child’s play to create new malware variants. Most people at the time considered documents to be non-dangerous and were happy to receive them without thinking about the security risks. Just opening a Word .DOC file could infect your computer because the macro virus’s code was embedded within.

1996 – Laroux Excel macro virus – The Laroux virus did not affect Mac users until Microsoft released Excel 98 for Mac and then Apple users could also become victims.

1998 – Hong Kong introduced the next significant Mac malware outbreak the blog says. It was first spotted in the wild in Hong Kong. The worm – dubbed AutoStart 9805 – spread rapidly in the desktop publishing community via removable media, using the CD-ROM AutoPlay feature of QuickTime 2.5+. (rb- An AutoPlay issue – whoda thunkit?). In the same year, Sevendust, also known as 666, infected applications on Apple Mac computers.

After 1988 Mr. Cluely writes that big changes to the Mac malware scene were just around the corner. The release of Mac OS X, a whole new operating system which would mean that much of the old malware would no longer be capable of running. Mac-specific malware would have to be written with a new OS in mind.

In Depth: Macs and malware: how real is the threat? (techradar.com)

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2012, AAPL, Apple, Elk Cloner, history, HyperCard, IBM, Mac, Mac OS, Mac OS X, Macintosh, Malware, Microsoft, MSFT, Security

RB | May 22, 2012

Comments Off

Holey Optochip Transfers TBPS Using Light

IBM scientists will report on a prototype optical chipset, dubbed “Holey Optochip.” It is the first parallel optical transceiver to transfer one trillion bits – one terabit – of information per second. IBM will present the new chip at the 2012 Optical Fiber Communication Conference, conference for optical communications and networking professionals.

The Holey Optochip is a standard silicon CMOS chip with holes punched in it. According to ITnewsLink, it was not possible to transport terabits of data for existing parallel optical communications technology until now. Reportedly the new IBM (IBM) chip prototype will deliver ultra-high interconnect bandwidth. The new compact chip will efficiently enable bandwidth to facilitate growth. Some of the segments it is targeted at are big data and cloud computing and next-generation data center applications.

Big Blue speculates that the chip could move information eight times faster than today’s systems. Speeds that fast could transform how data is accessed, shared, and used. It could open a new era of communications, computing, and entertainment. “Reaching the one trillion bit per second mark with the Holey Optochip marks IBM’s latest milestone to develop chip-scale transceivers that can handle the volume of traffic in the era of big data,” said IBM Researcher Clint Schow, part of the team that built the prototype.

The holes in Holey Optochip allow light through the chip. They produce an ultra-compact, high-performing, and power-efficient optical module. It is capable of record-setting data transfer rates. ITnewsLink says optical networking can significantly improve data transfer rates by speeding the flow of data using light pulses, instead of sending electrons over wires. Researchers have searched for ways to make use of optical signals widespread within standard low-cost, high-volume chip manufacturing. The Holey Optochip module is constructed with commercially available components, providing the possibility to manufacture at economies of scale.

“We have been actively pursuing higher levels of integration, power efficiency, and performance for all the optical components through packaging and circuit innovations. We aim to improve on the technology for commercialization in the next decade with the collaboration of manufacturing partners,” Mr. Schow said in a press release.

The Holey Optochip is green

The Holey Optochip achieves its speed while consuming less than five watts. IBM claims the power consumed by a 100W light bulb could power 20 transceivers. This progress in power-efficient interconnects will allow companies who adopt high-performance computing to manage their energy load while performing powerful applications such as analytics, data modeling, and forecasting.

Technical Aspects of the Holey Optochip

The article explains that parallel optics is a fiber optic technology. It is primarily targeted at high-data, short-reach multimode fiber systems that are typically less than 150 meters. Parallel optics differ from traditional duplex fiber optic serial communication. In parallel optics, data is simultaneously transmitted and received over multiple optical fibers.

A single 90-nanometer IBM CMOS transceiver IC becomes a Holey Optochip with the fabrication of forty-eight through-silicon holes, or “optical vias.” There is one optical via for each transmitter and receiver channel. Simple post-processing on completed CMOS wafers with all devices and standard wiring levels results in an entire wafer populated with Holey Optochips. The transceiver chip measures only 5.2 mm x 5.8 mm. Twenty-four channel, industry-standard 850-nm VCSEL (vertical cavity surface emitting laser) and photodiode arrays are directly flip-chip soldered to the Optochip. This direct packaging produces high-performance, chip-scale optical engines. The Holey Optochips are designed for direct coupling to a standard 48-channel multi-mode fiber array through an efficient microlens optical system that can be assembled with conventional high-volume packaging tools.

rb-

This one does not count as a new speed record – yet. It’s not real. Once Big Blue demonstrates Holey Optochip in the real world like this and this then it probably will be the fastest toy in town. The raw speed of one transceiver is equal to the bandwidth consumed by 100,000 users at today’s typical 10 Mb/s high-speed internet access.

At one terabit per second, IBM’s Holey Optochip will offer unprecedented amounts of bandwidth to move data like machine-to-machine communications (M2M) and other Internet of Things (IoT) components as well as posts to social media sites like Facebook (FB) and Twitter, videos to YouTube and digital pictures to Pinterest.

But wait what if we use WDM within the light going thru Optochip.

Or better yet QAM 16 or even QAM 64

Or even more betterer QAM 256 running inside each wavelength of WDM.

Category: Uncategorized | Tags: 2012, Big data, CMOS, High-performance computing, IBM, Integrated circuit, IOT, Networking, Optical fiber, Social media, Vertical-cavity surface-emitting laser

RB | May 12, 2012

Comments Off

Apple Spoofs ‘Ghostbusters’

NetworkWorld posted a long-lost version of an internal Apple video, “BlueBuster.” The video is a spoof of the classic movie Ghostbusters. Chris C. Anderson at the Huffington Post explains that Apple (AAPL) spoofed “Ghostbusters” in a parody music video based on Detroit born Ray Parker’s song “Ghostbusters.” “Bluebusters” was intended as an internal promotional rallying cry in which Apple defeats the global domination aspirations of “Blue” aka IBM (IBM).

As Paul McNamara at Network World’s Buzz Blog points out, “It was clear that the metaphor of Apple as the liberator of the office worker wasn’t confined to the famous 1984 commercial.”

As prophetic as the theme of this video has turned out to be, we can’t help but grimace at a young Jobs decked out in a Macintosh inspired Ghostbusters Uniform. Aside from a resemblance to Harold Ramis, Apple CEO Steve Jobs doesn’t make much more of a splash in the video. And yes, Apple managed a “Bluebusters” spoof that ran the full 4:20 of the song.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedIn, Facebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2012, AAPL, Apple, Blue Busters, Business, Ghostbusters, IBM, Macintosh, Ray Parker, Steve Jobs, Video

RB | April 19, 2012

Comments Off

The Connected Home

Help – My Thermostat is Calling China!

Phil Neray of Q1 Labs, an IBM (IBM) company posted that in the recent Chinese hack of the U.S. Chamber of Commerce’s network. One attack vector was a thermostat. The thermostat at a Chamber townhouse on Capitol Hill was communicating with an Internet address in China. At the same time, a printer spontaneously started printing pages with Chinese characters (rb- I wrote about securing printers here).

The blog says that the hackers were in the network for more than a year before being detected is not unusual. He cites the 2011 Data Breach Investigations Report, more than 60% of breaches remain undiscovered for months or longer (versus days or weeks).

rb-

This is one of the risks of the Internet of Things. Security is in the era of IoT will have to use machines to monitor the machines.

CIA Chief: We’ll Spy on You Through Your Dishwasher

Spencer Ackerman at Wired points out that more personal and household devices are connecting to the internet. They are no part of the Internet of Things. \U.S.CIA Director General David Petraeus cannot wait to use your appliances to spy on you through them.

General Petraeus recently spoke about the “Internet of Things” at a summit for In-Q-Tel, the CIA’s venture capital firm. “‘Transformational’ is an overused word, but I do believe it properly applies to these technologies particularly to their effect on clandestine tradecraft” the blog recounts.

Mr. Ackerman predicts that people will be sending tagged, geolocated data that a spy agency can intercept in real-time. This will happen when they open their Sears (SHLD) Craftsman garage door with an app on an Apple (AAPL) iPhone. “Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters — all connected to the next-generation internet using abundant, low-cost, and high-power computing.” Petraeus said, “the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing.”

Wired says the CIA has a lot of legal restrictions against spying on American citizens. But collecting ambient geolocation data from devices is a grayer area. This espcially ture especially after the 2008 carve-outs to the Foreign Intelligence Surveillance Act. Hardware manufacturers, it turns out, store a trove of geolocation data; and some legislators have grown alarmed at how easy it is for the government to track you through your Apple iPhone or Sony (SNE) PlayStation.

rb-

The implications of the “Internet of Things” are profound when linked to the transformational nature of the connected home network. The CIA sees great opportunities in wired home devices. Any home gadget with RFID, sensor networks, embedded servers, or energy harvesters is ripe for interception by spy agencies.

Koubachi Wi-Fi Plant Sensor Gives Your Plant a Voice

at CeBIT 2012 in Hannover Koubachi, the Swiss start-up company behind the popular iPhone plant care assistant presented its newest innovation. It is called the Koubachi Wi-Fi Plant Sensor according to ITnewsLink. Building on the success of its popular interactive plant care assistant, the sensor integrates into the Koubachi system to literally gives your plant a voice.

The Wi-Fi Plant Sensor measures soil moisture, light intensity, and temperature. Using Wi-Fi, the data is sent to the Koubachi cloud. There it is analyzed by the Koubachi Plant Care Engine. The plant owner gets detailed care instructions on watering, fertilizing, misting, temperature and light through push notifications or email. “The Koubachi Wi-Fi Plant Sensor is the first device ever that enables real-time monitoring of the plant’s vitality,” says Philipp Bolliger, CEO of Koubachi. “It’s a truly unique product in the field of “Internet of Things” and bringing state-of-the-art technology to plant care.”

Smart Gadgets are Like Sleeper Cells in Your Kitchen

Manufacturers are “future-proofing” their appliances with “Internet of Things” capabilities that are latent for now. Christopher Mims at MIT’s Technology Review asserts that major appliances bought in the last three years probably contain a Zigbee capable wireless radio. The radio can send out information about a device’s status and energy use and receive commands that alter its behavior.

Many appliance makers don’t announce these capabilities. Mr. Mims interviewed Mike Beyerle, an engineer at GE (GE) about GE‘s Nucleus home energy management system. “We want to build up a base before we make a big deal out of it,” says Mr. Beyerle.

The author says that manufacturers aren’t telling consumers what their devices are capable of. They are reluctant to do so in part because the abilities are useless without an energy management hub like GE’s Nucleus or a utility company‘s smart meter. In both cases, smart appliances must be “bound” to a hub to communicate with the outside world.

Once a device is hooked up to an energy management system and becomes part of the IoT, it gets interesting. Mr. Mims says that users who signed up for a “demand response” program with their utility to get a lower bill, enable the utility to control their appliances. For example, a refrigerator’s icemaker’s defrost cycle or the elements in a clothes dryer can be manipulated to drive down power use during times of peak demand.

rb-

Most people do not realize that installing a new smart meter can activate a technological sleeper cell in their HDTV, kitchen, or laundry room. All of these “smart” devices will be part of the “Internet of Things.” They will have an IP address (probably an IPv6 address) and will be broadcast via a Zigbee wireless network. This is why the CIA says it can spy on people through their dishwasher.

Connected Kitchen

Engadget says the Samsung RF3289 fridge is designed to let users access Pandora or tweet while grabbing a snack. Samsung touts it as the first to feature integrated WiFi. The Wi-Fi also offers the ability to view Google calendars, check the weather, download recipes from Epicurious, or leave digital notes

Engadet also reports LG’s Thinq line of connected appliances includes vacuum, oven, refrigerator, and washer/dryer. They support Wi-Fi and ZigBee to communicate with each other, the smart meter, smartphones, and tablets. That’s a pretty strong foundation to build the Internet of Things especially if the home is already equipped with ZigBee devices. CNET says the line can be troubleshot remotely; tech support can log in to the device see what’s wrong and fix it. Kenmore has a similar product line.

Category: Uncategorized | Tags: 2012, Apple, Chamber of Commerce, China, CIA, Cloud computing, Cybersecurity, David Petraeus, IBM, Internet of Things, iPhone, Networking, Risk Management, Thermostat, U.S., ZigBee

RB | March 15, 2012

Comments Off

First Computer Passwords Useless

First Computer Passwords Useless Robert McMillan at Wired dug thru the annals of tech and recently confirmed that passwords have been a pain in the tuckus for a millennium. But who’s to blame? Who invented the computer password?

The origin of the password is shrouded in the mist of history like the invention of the wheel or the story of the doorknob, according to Wired. Roman soldiers memorized spoken passwords to gain access to camps. Shakespeare kicks off Hamlet but where did the first computer password show up? Wired asks.

Computer passwords probably arrived at the Massachusetts Institute of Technology in the mid-1960s. Wired says nearly all the computer historians they contacted said that the first password must have come from MIT’s Compatible Time-Sharing System. In geek circles, it’s famous. CTSS pioneered many of the building blocks of computing as we know it today: things like e-mail, virtual machines, instant messaging, and file sharing.

Fernando Corbató who worked on CTSS back in the mid-1960s is a little reluctant to take credit. “Surely there must be some antecedents for this mechanism,” he told Wired, before questioning whether the CTSS was beaten to the punch in 1960 by IBM’s (IBM) Sabre ticketing system. When Wired contacted IBM, big blue claimed it wasn’t sure.

According to Mr. Corbató, even though the MIT computer hackers were breaking new ground with much of what they did, passwords were pretty much a no-brainer. “The key problem was that we were setting up multiple terminals which were to be used by multiple persons but with each person having his own private set of files,” he told Wired. “Putting a password on for each individual user as a lock seemed like a very straightforward solution.”

Back in the ’60s, there were other options, according to Fred Schneider, a computer science professor at Cornell University. The CTSS guys could have gone for knowledge-based authentication, where instead of a password, the computer asks you for something that other people probably don’t know — your mother’s maiden name, for example.

But in the early days of computing, passwords were surely smaller and easier to store than the alternative, Professor Schneider says. A knowledge-based system “would have required storing a fair bit of information about a person, and nobody wanted to devote many machine resources to this authentication stuff.”

The irony is that CTSS may also have been the first system to experience a data breach. The article recounts that in 1966, a software bug jumbled up the system’s welcome message and its master password file so that anyone who logged in had access to the entire list of CTSS passwords.

The story goes that an MIT Ph.D. researcher was looking for a way to bump up his usage time on CTSS. He received four hours per week, but it wasn’t nearly enough time to run the simulations he’d designed for the new computer system. So he simply printed out all the passwords stored on the system.

“There was a way to request files to be printed offline by submitting a punched card,” he wrote. “Late one Friday night, I submitted a request to print the password files and very early Saturday morning went to the file cabinet where printouts were placed and took the listing.”

To spread the guilt around, Mr. Scherr then handed the passwords over to other users. One of them — J.C.R. Licklieder — promptly started logging into the account of the computer lab’s director Robert Fano and leaving “taunting messages” behind.

Are Passwords Becoming Obsolete? (readwriteweb.com)
Replacing a Hacked Password (cryptosmith.com)

Category: Uncategorized | Tags: 2012, Compatible Time-Sharing System, CTSS, Data breach, IBM, MIT, Passwords, Security, Shakespeare, Wired

« Older Entries Recent Entries »

Bach Seat

Tag Archive for IBM

A History of Mac Malware: Part 1

Related articles

Apple Spoofs ‘Ghostbusters’

Meta