The Clampi Trojan says …. Get a Mac

A Windows 2003 server machine I use may, or may not, have been infected with the Clampi trojan (ilomi.b or ilomo.c, which depending on your font, may look a lot like llomi or IIlomi or ILomi).

I say “may not”, because the combination of “Windows 2003” and "antivirus” has a high rate of false positive claims that can wreak as much destruction as the antiviral software.

In researching the Clampi trojan Google suggested I read this summary (emphases mine) …

Clampi/Ligats/Ilomo Trojan - Research - SecureWorks

… Clampi’s recent success in infecting victims is accomplished by using domain administrator credentials (either stolen by the Trojan or re-used, or by virtue of the fact that a domain administrator has logged into an already infected system). Once domain administrator privileges are granted, the Trojan uses the SysInternals tool "psexec" to copy itself to all computers on the domain.

Clampi also serves as a proxy server used by criminals to anonymize their activity when logging into stolen accounts…

… Clampi is operated by a serious and sophisticated organized crime group from Eastern Europe and has been implicated in numerous high-dollar thefts from banking institutions. Any user whose system has been infected by Clampi should immediately change any and all passwords used on that system for any websites, but especially financial credentials.

… Most major anti-virus engines should be able to detect Clampi variants; however there is always a delay between a new Trojan release and the detection time.  Given the prevalence and seriousness of the Clampi Trojan, it is recommended that businesses that carry out online banking/financial transactions adopt a strategy to isolate workstations where these activities are carried out from possible Clampi or other data-stealing Trojan infections.

This may include using a dedicated workstation for accessing financial accounts which is isolated from the rest of the local network and the Internet except for the specific financial sites required to be accessed. Since Trojans can also be spread using removable drives, systems should be hardened against auto run-type threats. Businesses may even consider using an alternative operating system for workstations accessing sensitive or financial accounts.

Home Computer User Protection
SecureWorks CTU recommends that home computer users use a computer dedicated only to doing their online banking and bill pay.  They should not use that computer to surf the web and send and receive email, since web exploits and malicious email are two of the key malware infection vectors. 

As an alternative to operating a secure home PC for all important work, home users could, you know, buy a Mac. They would then have one machine to use for everything.[1]

Maybe Apple is funding Clampi development?

--

[1] The Mac’s vast security advantage comes from the “faster friend” security philosophy. When you and a friend are being chased by a bear, you don’t have to be faster than the bear, you have be faster than your friend. OS X 10.6 is, in practical terms, fundamentally more secure than XP, but not necessarily theoretically more secure than Microsoft’s very latest foul demon. The big Mac advantage is that the world’s criminals don’t own Apple machines, and have very little interest in targeting Macs as long as the vast majority of banks and corporations run some flavor of Windows. I’ve often wondered, incidentally, if Windows 98 isn’t now a very secure environment. I doubt many Trojans would infect it any more.

How common is Job?

Job was remarkably unlucky.

He was either the victim of serial disasters through random chance, or a pawn in an obscure debate between Lucifer and Yahweh.

Unfortunate either way.

Kind of like me with tech ware. Which is why tomorrow I'll try to figure out why my backup drive has no data on it. (I'm bringing my MacBook into the office. It's relatively trustworthy.)

My tech misfortunes are nuisance rather than tragedy, but they make me wonder how many modern Jobs are out there.

Let us assume that, in middle age, one encounters a reasonable tragedy, such as the loss of a loved one or a major disability about once a year. Less often in a wealthy nation like ours, more often in, say, Haiti. Average, say, 1 week in 50 if we distribute over enough people.

So how many people on earth can we expect to have an uncorrelated tragedy (discounts plagues, etc) once a week for the next 5 weeks in a row?

The answer is (1/50**5) * 8,000,000,000 or 25 people. Over the course of a year the number of people experiencing this is much higher of course (alas, my combinatorial knowledge is too old to calculate this without some study).

There must be a few people, over the course of a lifetime, who will encounter up to 10 uncorrelated tragedies over a 10 week interval. Beyond Job.

It's a big world.

Lessons from my external drive purchase

I needed a SATA drive enclosure in a hurry for a work machine, and a 1TB external drive wouldn't be a bad thing either.

So I ran out to Best Buy and bought an Iomega Prestige 1 TB USB 2.0 Desktop External Hard Drive for only $10 + taxes more than Amazon.

It's only after I make my purchase that a friend asks "are you sure it's not soldered in"? WTF? Soldered?

Turns out these low end drive/enclosure bundles save pennies on connectors by soldering drives in.

No, this one isn't soldered in. And it's easier to open than the LaCie enclosure I have at home, though it's a bit of tight fit. It's also, of course, an IDE drive (the drive is Samsung, the case fanless, with a metal case that hopefully radiates nicely).

Sigh. Makes sense. Why use a SATA drive when there are still lots of cheap IDE drives around? The USB connection is much slower than the drive anyway. It just didn't occur to me that IDE drives were still sold. I thought they were extinct!.

So now I have my backup drive, but I still need my SATA connector.

I learned two lessons.

The first lesson is that there are no quick purchases in tech. Unless it's something you have direct knowledge of, you can't duck the research chore.

The second lesson is that life with Macs has made me unsuited for the intricacies of PC hardware management. I just don't get the practice I used to get!

My apology to the political press

In July of 2007 I wrote this around a quote by Ambinder Digby ...

Gordon's Notes: John Edwards: Another man the media dislikes

It's increasingly clear that the US media dislikes John Edwards almost as much as they disliked Al Gore. Digby draws some conclusions ...

"...Ambinder says right out that "fairly or unfairly" the press can't stand John Edwards and so they are going to bury him. This is, of course, not unprecedented, since we saw what they did to Al Gore for the same reason... (And there is no question about whether it's fair. It most certainly isn't.)

Now, I am not especially surprised that the press corps doesn't like John Edwards. Many of these people probably didn't like guys like him in high school either and one thing we know about the political press corps is that they have never matured beyond the 11th grade.... I have to ask, once again, just who in the hell these people think they are and why they think they are allowed to pick our candidates for us based upon their own "feelings" about them? ...

Each time they've pulled this puerile nonsense in the last few years, it's resulted in a mess that's going to take even more years to unravel. And they learned nothing, apparently, since they are doing exactly the same thing in this election. If the press really wants to know why they are held in lower esteem than hitmen and health insurance claims adjusters, this is it..."

Krugman had a similar rant a while back. I don't think the '11th grade' is the full story; we need an insider to figure this one out. I do agree that the US media have about as much right as the GOP to be sanctimonious. Their star hangs low.

In Slate on Jan 29 Christopher Beam tells us the tricks of Edwards affair(s).

Dear Edwards-tracking press corp. You were right. Thank you for saving us. I'm sorry I was mean.

Know when to fold 'em. Calvin and Hobbes.

Very short, no personal revelations ...

Bill Watterson, creator of beloved 'Calvin and Hobbes' comic strip looks back ... cleveland.com

... It's always better to leave the party early. If I had rolled along with the strip's popularity and repeated myself for another five, 10 or 20 years, the people now "grieving" for "Calvin and Hobbes" would be wishing me dead and cursing newspapers for running tedious, ancient strips like mine instead of acquiring fresher, livelier talent. And I'd be agreeing with them.

I think some of the reason "Calvin and Hobbes" still finds an audience today is because I chose not to run the wheels off it.

I've never regretted stopping when I did...

Makes one miss his voice all the more. Of course, never return to Calvin and Hobbes, but does he really have nothing to say that we would like to hear?

What would it take to get a public speech? Presidential Medal of Honor? The Nobel Prize in Literature?

It would be cruel to wish such fates upon him, so I won't.

He is, and will forever be, perhaps the greatest master of the short graphic story.

Apple and Amazon – Be nice to your science fiction writers

This Friday, when the traditional media was going to sleep, Amazon removed all Macmillan books from its online store. Not just eBooks, everything.

It was a bold move in a price-and-control technology-transition-type war with book publishers. Superficially, it looks like the kind of thing Apple did to the music labels. Corporate warfare – who cares?

Except there’s always collateral damage. In this case, including science fiction writers.

Who are, often, geeks. Geeks who write. Geeks who write well for money. Geeks with printing presses and readers.

By Friday night, the hellfire had begun …

• A Quick Note On eBook Pricing and Amazon Hijinx « Whatever
• Amazon, Macmillan- an outsider's guide to the fight - Charlie's Diary

It kept coming through the weekend. By Sunday Amazon surrendered unconditionally …

• Making Light- Amazon versus Macmillan
• It’s All About Timing « Whatever
• Amazon surrenders - Charlie's Diary
• All The Many Ways Amazon So Very Failed the Weekend « Whatever
• Amazon-Macmillan- other perspectives - Charlie's Diary

I never even got to write the blog post I was mentally composing.

I wonder how long it took Amazon’s executive team to recognize they had to bail. Six hours?

They never even got to face the wrath of the mystery fans, much less the romance readership. For both of those readerships, however, the news and response would have had to go through ailing newspaper channels. The response cycle would have taken weeks, and Amazon’s ploy might have worked.

Science fiction writers have a far more connected, and more vicious, readership.

I trust Amazon and Apple have learned something. If they want to crush book publishers, they must first win over the science fiction writers. They are, however, a very suspicious and imaginative bunch …

PS. Amazon just killed the Kindle. Smart move guys.

Computers, viruses, intelligent design, natural selection, memes, mitochondria and, of course, the Fermi Paradox

Once upon a time it was every computer virus for itself. In those days there wasn’t much competition, and there wasn’t much of a business model.

Now there are business models for viruses, all based on variations of fraud and theft. Computers are important resources – they provide access to vulnerable wetware and replication facilities.

We know how this sort of thing works in the wet world. A dead host is a dead end. If a computer is so disabled that it become intolerably annoying, the wetware will turn it off. The optimal infection would make the computer more attractive, increasing the return on fraud and the replication rate.

So we would expect computer viruses to start fighting one another, each struggling to create the optimal infection. In time, some would start collaborating, creating de facto alliances. Synergies. Communities. Ecologies.

Except computer viruses don’t, yet, mostly, mutate and evolve in the traditional sense. They develop through vaguely-intelligent design. Still, this is the path they’re following. Modern computer infections include routines to disable rivals.

Ontogeny recapitulates phylogeny. Well, it doesn’t exactly, but close enough. It’s such a cool meme, one can’t avoid replicating it.

In this instance, though, it’s cybology that recapitulates immunogenesis. We’ve long noted that the human immune system seemed to have quite a bit in common with the viruses and other infections it more or less opposes – when it’s not turning on us that is. Now we know that animals are, in large part, holobiontic ecologies of coopetiting viri.

Which makes it easier to understand how bacterial life ever developed in a sea of seething viri, and then became intracellular things like mitochondria and chloroplasts. Not only understandable, but perhaps inevitable. Inevitable that viruses should emergently collaborate to create bacteria, and thus cells and animals that should have minds and memes and computers and thus to other things too.

Which also explains the eerie silence.

Apple needs to do its own Flash block for Safari

Flash is bad enough on my i5, but it's death for our old G5. Per Daring Fireball's recommendation I tried installing ClickToFlash.

Yech. I ran into a number of bugs related to non-admin accounts. This is rough software, not nearly as polished as FlashBlock for Firefox.

If Apple wants to get serious in its war against the evil Adobe Flash, they need to give us Flash blocking built into Safari.

YouTube science videos - not exactly sterling

This YouTube Cell Biology video has a five star rating. It was uploaded in 2007.

Uploaded in 2007, first recorded in 1981. It's not a biology video, it's a history of science video.

This isn't atypical.

I'd ask Google to give us a scholar.google.com for YouTube videos, but I'm beginning to suspect there are only about 20 really good science videos on all of YouTube (like this one - link is to a family blog I'm experimenting with). That doesn't make for much of a search engine.

I'm shocked, shocked, to find that business model problems are going on here!

Dear Adobe: Please die and take Flash with you

Mac users don't like Flash. We have good reason. For example:

Adobe's typical response is that only a small percentage of web users have Macs or iPhones, and their market share is so great that resistance is futile.

Maybe Adobe is right, but Adobe resistance is not just an Apple thing. Google doesn't like Flash, neither does Mozilla, and Microsoft has Silverlight.

Of course, excepting Mozilla, none of these companies are angelic. I'd be friendlier to Adobe, except it's not just Flash that's crappy on the Mac. With the sole exception of Lightroom, (started on OS X) Adobe uses proprietary App installers that are absolute garbage (their updater platform on Windows is hardly better). Adobe has been blowing off customers for a very long time.

Go away Adobe. Go away Flash.

Memories of Auschwitz

Samuel Pisar was 16 when, in the last days of the war, he escaped from Auschwitz ...

Samuel Pisar - Out of Auschwitz - NYTimes.com

... those of us who survived have a duty to transmit to humankind the memory of what we endured in body and soul, to tell our children that the fanaticism and violence that nearly destroyed our universe have the power to enflame theirs, too. The fury of the Haitian earthquake, which has taken more than 200,000 lives, teaches us how cruel nature can be to man. The Holocaust, which destroyed a people, teaches us that nature, even in its cruelest moments, is benign in comparison with man when he loses his moral compass and his reason.

After so much death, a groundswell of compassion and solidarity for victims — all victims, whether from natural disasters, racial hatred, religious intolerance or terrorism — occasionally manifests itself, as it has in recent days.

These actions stand in contrast to those moments when we have failed to act; they remind us, on this dark anniversary, of how often we remain divided and confused, how in the face of horror we hesitate, vacillate, like sleepwalkers at the edge of the abyss. Of course, they remind us, too, that we have managed to stave off the irrevocable; that our chances for living in harmony are, thankfully, still intact.

Computing for the rest of us: The iPad and the ChromeBook

Steve Jobs is infamous for parking his license-plate free Mercedes in handicapped reserved parking.

He's a genius, but I've never thought of him as a humanitarian - or even as much of a human being. Yes, Bill Gates was also a right bastard, but he's paid his dues since.

Age, and mortality, can change people though. The iPad's a pretty thing, but the combination of iVOIP and the return of the Mac Plus and the keyboard and $10 iWorks apps and the $15/month no-contract 250MB limited data plan might shorten Jobs time in Limbo.

Yes, that mysterious $130 bump means the 2010 iPad is more than $500 - but by 2011 the device will sell for under $500 with 3G-equivalent capabilities. An additional $15 a month will provide basic VOIP phone services (uses very little bandwidth) and access to email and Facebook Lite -- even before the advertising subsidies kick in. Of course free Wifi access, such as in libraries, McDonald's, schools and so on will provide access to full internet services.

Why is this a big deal?

Think about your family. If it's big enough, your extended family will have at least one person who's, you know, poor. They may have cognitive or psychiatric disabilities. Or you may have a family member who, like most of American, can't keep a modern OS running without an on call geek. These people are cut off. They can barely afford a mobile phone, and they won't have both a mobile phone and a landline. They will have little or no net access. They may have an MP3 player, but it's dang hard to use one without a computer.

By 2011 the combination of a $400 iPad (and iTouch for less) and $15/month VOIP access will start to replace a number of devices that are costly to own and acquire, while providing basic net services at a rate that other family members can subsidize. Not to mention something pretty, which, speaking as someone who grew up poor, ain't a bad thing.

Steve Jobs - friend of the poor and the outcast. I wouldn't have guessed (ok, so I did predict this a year ago).

The Google Chromebook is on the same side of this revolution. The connected world is about to get a lot bigger.

Update 1/30/10: The OmniGroup, who know their computing, are saying the same thing. Maybe you have to have been around long enough to remember the original Mac, or the PalmPilot, or GEOS/GeoWorks. It helps to be old enough to have seen parents, friends and neighbors trying, and failing, to keep modern computing platforms working. There have been many attempts to break the computing divide, but this one has iPhone momentum -- and the ChromeBook is coming (recent pricing rumors are now below $100 - but the network connection price is what matters). It's a revolution guys.

Update 2/1/2010: Another one - Fraser Speirs - Future Shock. At this rate the meme will hit the NYT in about 3 days.

First contact: we're cool with that

From the Royal Society 2 day conference on SETI, commentary on the most likely response to news of LGM ...

Even if we found aliens, how would we communicate? -
News, TV & Radio - The Independent

... If we do detect signals of extraterrestrial intelligence, one question posed by scientist attending the conference is how to cope with the public response. Will it result in fear, mass panic and riots?

Professor Albert Harrison of the University of California, Davis, believes this is unlikely, based on what he calls “historical prototypes”. In any case, social policies could be used to ease humanity into the “postcontact” era, he said.

“Many people already believe that extraterrestrial intelligence exists and are confident of their own ability to withstand the discovery but doubt other peoples’ abilities to cope,” Professor Harrison said.

“It is easy to imagine scenarios resulting in widespread psychological disintegration and social chaos, but historical prototypes, reactions to false alarms and survey results suggest that the predominant response to the discovery of microwave transmission from light years away is likely to be equanimity, perhaps even delight,” he said....

Hear that Zorgonian containment module 34141434? You can turn off the signal scrambler system now ...

iPad take 3: $130 for iVOIP?

My first iPad impression was surprise that Apple had allowed a keyboard. That makes the iPad a potential alternative to the $1500 Macbook Air. Then I saw it as a high-end netbook competitor.

My second impression was that the iPad is the beginning of the end of OS X. Sounds extreme, but, separately, Mac mega-pundit John Gruber said the same thing.

That's impressive enough, but one thing has nagged at me. How could the inclusion of a $7 3G chip boost the cost of the iPad by $130? Yeah, I know Apple likes fat margins, but that's extreme even by their standards. It's not like it's subtle, and it's not like the AT&T wireless service is free. It's still $30/month, same as for the iPhone. [See Update, below]

There's one explanation that makes sense. The money is going to AT&T -- in addition to the $30 a month for data services.

How could AT&T possibly extract that much money? What hold could they have over Apple?

Well, one might imagine various contractual obligations, but Apple's lawyers are famously vicious. Apple is getting something for this money. Possibly, a lot.

One clue is that VOIP services are reported to be a part of the iPad version of the iPhone OS.

What if Apple is giving AT&T the lion's share of that $130, but in return AT&T has agreed that Apple can provide SMS, VOIP and iChat (optional webcam attachment) services over the iPad's 3G connection?

In other words, iVOIP.

Take that Google Voice.

Might explain why Apple was willing to go to war over Google Voice on the iPhone.

This is going to be an interesting year in tech.

PS. Oh, yeah. And balanced DRM for eBooks is going to turn publishing upside down too.

Update 1/31/2010: See Andrew W's comment. Basically, I'm wrong about the $130 going to AT&T, it's probably going to Apple and it reflects development costs for the 3G integration. To quote Andrew:

... I don't think AT&T is getting a taste of the $629. I've never heard of that happening before, and Apple has way too much leverage against AT&T. I suspect the iPad price plans were part of some larger negotiation. (e.g., I wouldn't be surprised to start hearing rumors that AT&T's exclusive contract is extended.)

Also, don't forget that Apple gets a cut of your monthly iPhone bill. Apple/AT&T negotiations probably focused on that more than anything. My guess is that Apple reduced their cut in order to get a monthly price that they thought consumers would tolerate for a new and unproven device/market...

iPad take 2: the end of OS X

When a colleague asked why the iPad runs iPhone OS rather than OS X a wee bulb went off. Kind of like those little bittie bulbs that came with a camera flash in 1967.

The iPad with iPhone OS is the second coming of the original Macintosh. It runs an OS that anyone can use, including the 50% of the US that doesn’t really engage with the net or with personal computers. This is the OS for all those people who keep every photograph they’ve taken on a 4GB flash card in their camera.

Yes, I know the first Mac soon became far more complex. Twenty-five years ago the personal computer was growing into a geek market. Satisfying that market meant the platform became more and more powerful. That increasing power pleased geeks like me --- for a while. Even we, however, noticed that it was a lot of work to keep these machines happy.

Around the same time, a poor grad student in 1986 accidentally unleashed an internet worm. We know what came after. Security issues combined with platform complexity to give us a world in which non-geeks shouldn’t touch a connected computer.

The iPad and the App Store though, that can work for most anyone. The dependency on iTunes will fade away over time – look soon for online backup. I assume there will be viruses, but the iPhone world will be a very tough, locked down, target.

Chrome OS will be playing in the same big field – non-geek computing.

The geek environments won’t go away immediately, but the end is in sight. Ten years from now we may say that the iPad killed OS X.

My first iPad impressions were cautiously positive. I think I missed the real target. The iPad isn’t aimed at Microsoft or Google or even the Macbook. It’s aimed at everything.