So Pavel Michalovic, you are on your way to Atlanta today…
Back in the parking garage, he made two calls.
“Hello, yes, I’m considering making a change to my reservation… My first leg is Albuquerque to Atlanta on flight 829… Pavel Michalovic… Yes, the second leg… Right, Frankfurt. I was wondering if there are any flights to Amsterdam… I see, that’s OK. I can take a train I guess. Thank you. Oh, and could you look up my frequent flier number for me? Yes… got it. Thanks, you’ve been most helpful.”
Mick hung up the phone. He searched another number and dialed again.
“Ah, yes. I’m hoping you can help me. I just dropped off my rental car and I think I left my car charger… Albuquerque… about twenty minutes ago. Yes… yes. Pavel Michalovic… I don’t have my agreement number – can you look it up? Great thanks… OK, you’ll let me know? And could I get the agreement number from you? Wait! I just found the charger – never mind. Thanks.”
More good information about his pursuer… He circled back to the rental car lot and retrieved the tracker from the car. When disengaged from the metal car body, the GPS tracker went dormant again to save battery.
All the way back to Los Alamos, he thought about the men.
Who were they? Did they think that threats would make me back off?
The mention of his private keys confirmed the link between Zed.Kicker and the forged email.
How did they steal my private key?
He wondered whether he should mention it to Vince and decided against it; he didn't want to complicate his investigation. By the time he went to bed, he almost felt he had imagined the whole thing, although his ruined pants and soreness of his leg contradicted this.
The next day he awoke with an extreme soreness in his thigh. Mick rode back to Albuquerque to catch his flight. Despite his mood, Mick was determined to stop for a few hours to explore Petroglyph National Monument, on the western side of the city. It took him a few minutes to learn to recognize the petroglyphs, but once he did, he could spot them everywhere on the trails. He also spotted a few rattlesnakes sunning themselves in the late morning air. Many of the petroglyphs were recognizable as animals or geometric shapes, but others looked a lot like aliens, which made Mick wish he had time for a side trip to Roswell. He looked forward to sharing his impressions and photos with Kateryna.
Back at the motorcycle store, Mick saw the pained look on the face of the mechanic as he parked the bike. Considering what it had been through, the Scrambler was in pretty good condition, but it did have dents and scrapes, and both the front and rear fenders were deranged. The owner offered to do a little bodywork and painting on the frame before crating and shipping the bike back to New York, which Mick agreed to.
Mick mainly slept on the flight back to the city.
Chapter D.
From the Security and Other Lies Blog:
What is the difference between a keylogger and a Trojan? Can I protect my computer against them? BohemianRaptorD
This is a great question, BohemianRaptorD. Although often associated with each other, keyloggers and Trojans are different things. A keylogger or keystroke logger is a piece of software or hardware that records and logs the keys typed on a computer. Think of it as a keyboard ‘bug’ if you like. They are a great way to spy on someone, as you can find out everything he or she types, from emails, web site addresses, to credit card numbers, passwords, etc.
A Trojan is a piece of software that hides another piece of software. Usually, a Trojan appears to be something useful or benign, while the hidden software is some kind of malware. For example, you could download a piece of software that installs without your knowledge a keylogger on your computer. There was a famous case of fake virus scanning software that actually installed viruses on the unsuspecting computer! The Trojan is named after the Trojan horse of Homer’s Iliad - the wooden horse used to sneak soldiers inside the walls of Troy, resulting in the destruction of the city by the Greeks.
The best way to protect against both is to be careful what software you install. I never install binaries, which could contain anything. Instead, I download the source code, inspect it and check the signature, then compile it myself. This way, unless there is some very, very clever programming going on, I know everything that is happening on my computer.
A hardware keylogger is a device that is attached to a keyboard of a computer. To install one requires physical access to your computer. An attacker could open up your computer and install the device in minutes. You need to keep control of your computer to prevent this. Periodic inspection also helps, as long as the device is identifiable. For example, I’ve read about keyloggers built into firmware chips. The attacker just replaces an existing chip with one that looks identical on the outside but has the keylogger built in. I suppose you could mark or put a seal on your chips so you could notice if one has been swapped out. Another option is to weld or seal your computer case closed so that an attacker cannot easily open it up.
Keyloggers and Trojans also tend to go hand-in-hand with rootkits. A rootkit is software that hides the fact that your computer has been compromised. Otherwise, you might discover right away that your computer was compromised, and you would get the malware removed or cleaned, and the compromise would fail. Rootkits are particularly insidious pieces of software. Thinking about them sometimes keeps me up at night...
-> Your question not answered this week? Argue for your vote on the Shameless Plugging area of our discussion forum.
Chapter E.
Mick O'Malley – is having a hard time distinguishing fact from fiction. (12 comments)
Mick was back on an airliner just over a week later, but this time no shipped motorcycle was waiting for him. Instead, he stood in what appeared to be the world’s longest taxi stand line, which was, fortunately, also seemed to be the world’s fastest moving taxi line.
He had spent the week back in Manhattan healing from his adventures in New Mexico. He ate healthy food, exercised, rode his motorcycles, and felt life returning to normal. Still, in the back of his mind, he was on the lookout for what would happen next.
He hadn’t found out very much more about Michalovic. He had discovered he was a Serbian national, here on a tourist visa. Michalovic’s destination beyond Frankfurt, Germany was unknown. Otherwise, Michalovic didn’t seem to exist.
From his window on the plane, Mick had watched Las Vegas appear out of nowhere in the bleak desert. His flight circled to the north and west of the city, in the direction of the Nevada Test Site, used for atmospheric nuclear testing during most of the cold war.
Mick was only out of the jet way for a few seconds before he saw and heard the airport terminal slot machines – strategically placed for those just stopping over or those who didn't get quite enough gambling done on their visit. Despite multiple visits, Mick was always freshly amazed at the efficiency of Las Vegas – the efficiency of separating people from their money.
Much faster than he would have believed, Mick was in a taxi speeding towards his hotel on the strip. Mick was in Vegas for another Internet security conference. This conference was not his favorite, but it always had the best turnout since it was held in Vegas.
Mick was giving a tutorial at the CIO (Chief Information Officer) Expo that was co-located with Mick’s security conference. He was lecturing on botnets, a topic that was becoming increasingly of interest to Mick. Up on a small stage in front of a crowd, Mick spoke with his slides projected on an enormous screen behind him. He finished his lecture with a summary:
“… So having covered the history and evolution of botnets, I want to leave you with a few sobering thoughts about their future.
“Botnet code is not written by amateurs, so-called ‘script kiddies’ – the stereotypical fourteen-year-olds who copy script source code from the Internet and launch attacks. Professionals write botnet code. There is an industry built around botnets: from the generation of new exploits and attacks, managing, or ‘herding’ of the compromised
computers, known as ‘zombies’, to the collection and transfer of revenue. These companies often have the support and protection of foreign governments.
“The threat of botnets is like nothing else we have ever experienced on the Internet or on our corporate networks. Sophisticated botnets are harnessing the computational power of potentially millions of computers, effectively operating as a supercomputer. Their ability to wreak havoc on the global Internet should not be underestimated. Here are some of the things they could do:
“Denial of service attacks to take out entire networks, countries, or even the root servers of the Internet.
“Surveillance and espionage. Zombie computers organized in a botnet, operating inside a corporate firewall or inside a government office spying on you… your own computers turned against you without your knowledge. And it is not just about documents and files. Built-in microphones and cameras can be activated and made to stream information covertly to any part of the globe.
“Weapon of war. We already have documented cases of botnet cyber attacks being used as part of conventional warfare.
“Economic gain. Botnets can be used to manipulate markets, influence trading, and disrupt global supply chain management. They could be used to cause recessions or even depressions.
“A tool of organized crime. Botnets can allow criminals to extend their extortion, racketeering, and judicial influence schemes to a global scale, while completely covering their tracks.
“This might sound alarmist to you, but I assure you that each of these is already happening today, albeit on a limited scale. With sophisticated botnets, the power and destructiveness of these threats is greatly magnified. It is not a question of if these attacks will happen, but when.
“In closing, I hope this presentation has been useful to you. The best way for us to fight botnets is to prevent computers from being compromised. The only way to do this is to utilize better security tools and procedures. While the government has some responsibility, most of the compromised computers are owned by corporations and individuals, and we must take responsibility for them.
“Thank you for your attention!” Mick finished, getting his applause.
Gunter came up from the audience and gave him a big grin. “Nice job, Mick! I was going to ask you a hard question or two but then I decided to go easy on you.” They walked out of the room together and off to lunch. “Hey, and I like the shirt.” Gunter was once again making fun of Mick’s clothes. Mick’s fashion was almost invariable. He wore a black shirt, sport coat, dark khakis, and sandals. The black shirt he always wore was either a T-shirt, long sleeve mock turtleneck, or, if he wanted to really dress up, a button down collar. The sandals varied slightly with the season: open toed in the summer and closed in the winter. Under some circumstances, he even wore jeans instead of khakis. Of course, Gunter wasn't exactly a paragon of style, but at least his clothes varied, and sometimes they even matched.
They rode the elevator together and walked out towards the hotel lobby. Using Mick’s criteria for evaluating hotels, Vegas strip hotels were the worst. Their lobbies were noisy, crowded, and had absolutely nowhere to sit down except in front of a slot machine or at a gaming table. He had only been in Vegas less than twelve hours, but the incessant noise of the machines was already starting to get to him. They turned and headed for the buffet Gunter had chosen for their lunch.
“So, Gunter, how did you first meet Kat?” Mick asked after they sat down with their first plateful of food.
“I guess I met her two years ago at a visit to F.T.L. She is very sharp, and a useful person to know.”
“I see that. She was very helpful in Hiroshima… that’s when I first met her,” Mick replied as their food arrived, and the conversation paused.
“I know. She asked me a bunch of questions about you, too.” he replied, winking. Mick changed the subject by asking about Gunter’s latest phonograph restoration.
Gunter was one of Mick’s oldest friends, both in age and how long he had known him. Gunter had worked nearly everywhere, with everyone, and had strong opinions on everything. He was in big demand on panels and conferences. He was also famous for misunderstanding questions; he would usually end up answering a different question than the one that was asked, leaving both the questioner and the audience bemused. Mick tried to avoid Gunter’s restaurant choices – often he would mix up the names or the types of the food. He also often made the most dreaded suggestion for lunchtime meetings at a conference: ‘Let’s just eat here in the conference hotel.’
“Mick, I almost forgot… I’ve got a consulting job for you,” Gunter began. Mick looked up and Gunter continued. “It is with JCN, Inc. They are looking for a consultant to help them analyze the security of their entire service operation. I guess it is from the new CTO they hired last month. He wants a complete audit: procedures, operations, all the way down to protocols and servers. You are the perfect man for the job!”
“Thanks for thinking of me Gunter – I really appreciate it! I’m pretty busy with a job right now, but I should have time around, say, the second half of December to start on it,” Mick said.
“Hmm. I think they want someone to start right away. I told’em I’d need a day or two to see if I could do it or recommend someone else. You wouldn’t walk away from JCN, would you?” he asked.
“Of course I don’t want to turn it down. It sounds like a great gig, but I also have to finish what I started. And my current contract is more involved than I would have anticipated. If they need someone right now, I’ll have to pass,” he concluded.
“Really, Mick? What if I finish that other job for you?”
“No, I’m not comfortable with that. I just can’t take it... but thanks again for thinking of me.”
Gunter looked as if he were going to argue more but then changed his mind. A few minutes later, Mick raised the issue that had been consuming his waking hours.
“Gunter, you've studied steganography, right?” Mick asked, remembering his botnet puzzle.
“Sure, I once broke a cipher that used it – boy was that tough!”
“Tell me about it.”
“Well, I was called in to help build a case against a particularly clever drug dealer. The prosecutor had all these emails that the dealer had sent to others in the cartel, but couldn't find any messages in them. I eventually found hidden messages in the emails. What’s your interest?” he asked.
“Might have a case of it, myself. I have all kinds of messages, but I can't find anything hidden.”
“Well, you just have to go through every millimeter of every message. Look for anything out of place, strange, or odd. You'll find it if it’s there.”
“Right… thanks," he replied. Mick felt a tingle, and answered his mobile. It was Vince. “Gunter, could you watch my backpack?” he whispered.
“Sure thing,” was the reply. Mick walked towards the exit, searching for a bit of quiet so he could answer Vince’s questions.
Mick spent the rest of the afternoon in his hotel room finishing up a progress report for LeydenTech.
That evening was the social event for the conference, typically held the night before the conference started. Mick had been following the travels and arrivals of his friends in his social network. In the ballroom (named for its size, not for being fancy), Mick met up in person with Lars, Liz, Gunter, and Kateryna. They stood around a table, drinking and eating appetizers. It always amazed Mick how different the sexes reacted to dressing for these kinds of events. While the women would dress up, the men would dress down – if that were even possible. His own attire didn't change. Rightly or wrongly, Mick felt his clothes blended in with a range of formality.
Kateryna had seemingly joined their little group these days. The last to join them was Liz a year ago, and Mick recalled it took a while for her to be included by default in their plans and discussion. Then again, Kateryna wasn't completely new, as Gunter had known her for a few years. But, Gunter knew everyone in the industry, so that didn't coun
t for too much. Mick was pleased about it, but at the same time it made him feel uneasy. He deliberately toned down his greeting to her, just nodding and shaking hands. She made no reference to their recent email exchanges, and he took her lead, doing the same. He wondered if they were hiding their relationship, whatever it might be, or if they were just being private. He was unsure, and this made him uneasy. Mick felt that he was heading into unknown territory.
“I just love Vegas!” Lars expounded.
“I can't believe you've never been here!” Gunter said to Kateryna. Her posting of this had generated a huge number of comments on their social network.
“Yep. I can't wait to see everything, although I'm only here until Wednesday,” Kateryna offered.
“OK, for Kat’s sake, everyone – quick – say your favorite thing about Vegas?” Lars began, looking at Mick to start.
“Ferraris parked in front of casinos,” Mick began.
“Free drinks while you play,” Gunter added.
“Really?” Kateryna asked and everyone nodded.
“Interesting conversations with strangers,” Lars added. He looked at Liz. She paused for a moment.
“Historical and architectural accuracy,” she contributed dryly.
“OK, OK, we all know how much you like Vegas. Now, say your least favorite things about Vegas – quickly!” Lars added.
“Bathroom attendants!” Mick contributed.
“Yuck!” from Lars.
“Loosing my retirement in the slots,” from Gunter. Everyone looked at him in surprise. “Not really,” he added.
Counting from Zero Page 9
