Tuesday, May 24, 2011

Hiding your virus in plain sight

I used Google previously to deduce that the Sony PSN debacle probably wasn't initiated by Anonymous. I'll reprise my assertion that "Google makes us all geniuses" in a little different way, by sharing an observation I penned on that great and terrible day of global destruction predicted for May 21, 2011. I'll then relate my experience to principle #14 of The Perfect Virus, Stealth:

The World Ended on May 21, 2011 
I joined about a dozen biking buddies to spend the supposed last day of Planet Earth (May 21st at 4:00 PM our time, according to a self-proclaimed New York prophet of doom) riding 105 miles, from the Salt Lake Fairgrounds up to and around Antelope Island and then back to the Fairgrounds. It was a beautiful day, and we all achieved record average speeds. 
About 62 miles into the ride, as we returned across the causeway after a jaunt around Antelope Island, we formed a tight train of drafting riders, tucked like migratory birds in the vortex of three strong riders who took turns leading the silent pack. They expended 30% more energy than the rest of us, who tucked into their slipstream about 10 inches behind the rider in front of him. Even into that headwind, we averaged over 23 miles per hour across the causeway, the only sound coming from well-oiled chains swooshing around the teeth of the big front chain rings. The sun beamed gently, moderated by the cool breeze across the calm waters of the Great Salt Lake. A glorious day, if indeed it were to be our last on Earth. 
In one split second, we passed a sight that melted my heart. A brightly colored bird stood just a foot off the road, chirping to a grayish-brown bird at its feet. Undeterred by proximity to the tornado blasting so close, the burgundy striped bird seemed intent only on reviving its unconscious mate. With only inches between my front wheel and the rear tire of the rider ahead of me, I dared not look back at the scene, lest I overlap wheels with the rider ahead of me and cause a rather bad crash (five previously broken collar bones—one of which required major surgery, a titanium plate, and eleven screws for a year—taught me this lesson the hard way). But I remember the sound of the bird. Was it scolding, mourning, or praying? I can’t tell you. And I can’t tell you what caused the fallen bird’s death, whether it hit a car crossing the seven-mile bridge or whether a cyclist brought it down. Yet that bird’s cry stays with me. 
I Googled “birds of the Great Salt Lake” and then went to links where I could hear their sounds. And yes, some devoted ornithologist had indeed captured the call. My beautiful burgundy striped mourner was a female called a Wilson’s Phalarope. Unlike other breeds, the female is the more brightly colored. The downed bird, dark headed with grayish-brown body and a touch of chestnut on the upper breast, was her male mate. The females not only court but defend their mates and fight off other females. 
Clearly, this female was not intimidated by close proximity to us passing humans. And while she could defend her mate against predators as well as other females, she could not defend against death. On March 21, 2011, the world ended for one of Wilson’s Phalaropes. But a loving God certainly took note of this passing. And humbly, so do I. 

Okay, what does this have to do with the stealth principle? Those bird calls I Googled, just like JPG or PDF images, can let a virus hide in plain sight. Roach the reader/display/audio mechanism, and you can do zero-day infections until the…crows?…fly home. Which probably explains why Adobe is such a juicy target for hackers. Because if you can get into their source-code-management system and install the right back-door code—which you can trigger with an image file that gives "going viral" a whole new meaning—then you can own the world.

While Adobe has to issue patch after patch after patch to plug security holes, I suggest that all our video CODECS and streaming audio utilities ought to face some serious Holy-Moses-Martha,-what-the-heck-happened-to-our-car-when-you-put-in-that-song? scrutiny. Maybe even all that public-domain freeware to decompress files or view images isn't so benign after all.

Have a nice day and enjoy your iTunes on your new Ford's Microsoft-embedded control system.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?