Tuesday, November 30, 2010

The Perfect Virus principle #7: Black Box Portability

As indicated in my post of Monday, 11/22/2010, I am extrapolating Jeff Walker's Principles for the Perfect Application into a discussion of The Perfect Virus. Since Jeff's monograph on the subject did not anticipate stealth or suicide mechanisms, any errors or lapses into stupidity are solely my additions and should not reflect poorly on what I consider to be the biggest single contribution to software application design since the invention of computers. And Jeff, thanks for giving me permission to do surgery on your baby.
THE PRINCIPLE OF BLACK BOX PORTABILITY:  The Perfect Virus can deduce a totally alien environment and adapt itself iteratively to become native (see upcoming principle #9) to that environment, and it must do so without human intervention. Black Box Portability is the Holy Grail of all Perfect Virus principles.

Hats off to science fiction author Piers Anthony's Macroscope for providing this ultimate virus aspiration. In my post on how military science fiction is an excellent road map for the cyber privateer, I left out Piers Anthony because of his special place in my formative technical view of the Universe. In his seminal novel, Piers Anthony depicts that a society is deemed ready for introduction to the real civilization in the Universe when they can build a device called the Macroscope. Alien civilizations then use the Macroscope to transmit advanced principles for space travel, etc., to the inhabitants of our planet. Unfortunately, another alien culture has sabotaged the data being transferred by the Macroscope, so that at a certain point in the knowledge transfer, the human receiving that knowledge goes completely insane. That my friends is the ultimate virus. Whatever the "grokking" mechanism of the target system, whatever the operating system, whatever the "grayware" (okay, software in the literal sense), the virus can do some nasty things. This is what I mean by Black Box Portability.

In order to provide Black Box Portability to even Jeff Walker's "perfect" applications, actual human developers had to integrate new technologies, operating systems, RDBMSs, and hardware platforms in a painstaking process. Ditto for my old friend Larry Ellison at Oracle, where porting groups were assigned to each major platform. Because not only did they have to port to every make and model, but then they had to support those ports.

The Perfect Virus must operate on heterogeneous networks of heterogeneous computers running heterogeneous operating systems, databases, and communications protocols. And it must do so without any IT intervention. First the "why" if this principle. Then the "how" framework.

Why is Black Box Portability critical to the Perfect Virus? Cyber war-capable offensive provisioning requires that the attacker not be vulnerable to attack. The most obvious solution is to build a new architecture—operating system, software, hardware—from the ground up. Yes, this is a massive task. A government-level task. The United States, China, India, Germany and Japan certainly have the capability and the motivation. Other lesser infrastructures will have to rely on espionage to play catch-up ball. China for one is clearly on a crash course to develop an alien infrastructure. Their first step was to snooker Microsoft into giving them Windows source code, to which they could add unique encryption (of course, they'll get what they deserve by going anywhere near the Microsoft operating system architecture). I'd bet serious money that Steve Jobs won't give them access to Apple OS X source code. But I think the Microsoft move was just a stop-gap measure until they can fab their own unique processor designs and write their OS from scratch. Unfortunately for us, China seems to be the only country with the will and the means to pull this off. But whatever the case, sooner or later (some say we're in one right now) we're going to have to fight a cyber war with China, and without The Perfect Virus and its Black Box Portability, we are well and truly hosed.

How can The Perfect Virus insert itself into an alien architecture? The "how" of Black Box Portability lies in one concept. The alien architecture must present itself to the attacker, as did Piers Anthony's human civilization to the alien virus via the Macroscope. The Macroscope was our "reader" so to speak, perfectly tuned to our human cognitive mechanism. This is what allowed the virus to wreak havoc. We presented our gray-matter computer architecture via the Macroscope. Likewise, any Chinese "alien architecture" will have to present itself to the outside world in order for The Perfect Virus to do its work. The methodology of that inter-species cyber dialogue would make a great doctoral dissertation. Or a nice little sub-plot for my sequel novel (I've got one mechanism in mind which I'm going to have to play with if I can figure out how to not get myself into legal trouble). Needless to say, if US law can somehow be changed to allow me to "do a cyber reconnaissance in force" against all the computers currently probing my Linux system for weakness, then I could legally test some "novel" ideas (double meaning intended). But I'm not holding my breath for such a situation (although Jeff Walker may be able to upgrade his security clearance and take this on as a special project for the NSA, since he's the perfect architect and project leader).

The "how" is why I refer to principle #7, Black Box Portability, as the Holy Grail of The Perfect Virus. Part of the answer will be covered in principle #14, Stealth. As for the rest of it, my dad is a professional gambler whose best advice I think I shall take now: "Son, don't play your cards face up." 

1 comment:

  1. Thank you very much for this article, it is so rare to see nowadays written as fervently article. I enjoyed reading it and I learned a lot of things. I will go and continue reading your blog =). Good luck for the future and another one for the quality of it.You can also check out this (http://www.sqiar.com).


Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?