Friday, October 28, 2011

Duqu is one step closer to The Perfect Virus

I've been using my "top secret" Twitter analytics feed to track down technical analyses of the Duqu virus which some call "Son of Stuxnet." Based upon that information, I have upgraded my Stuxnet-Zeus/SpyEye report card to include all that I can now "grok" about Duqu (click here). The full 22 principles that I postulate for The Perfect Virus are found HERE. To summarize where Duqu trumps Stuxnet:

  1. It looks like Duqu has a decent command and control system that allows more complete oversight.
  2. Duqu appears to trump Stuxnet in Feral Fertility (Perfect Virus principle #2).
  3. Seamless migration partial-kudos to Duqu, since no one can figure out how it propagates. 
  4. Duqu is at least stealthy enough to evade capture and dissection of the initial infection module. Stuxnet got partial credit for stealth, but Duqu is still a mystery. Hence, it gets full credit as of today's date.
A number of Duqu's partial-credit scores could well get them full credit, especially in Self Awareness (TPV principle #3). Guaranteed, though, nobody knows anything about Black Box Portability (TVP principle 7), which is just jim cracking dandy, since that is the characteristic that turns a virus into the truly Perfect Virus. And Black Box Portability is the technology driving my next novel, currently in progress.

Monday, October 17, 2011

Secret weapon no longer a secret

As I indicated in my last posting, I will only use this blog for major announcements. Today qualifies. I have previously talked about a "secret weapon" I was using. In this morning's USA TODAY newspaper, Quantum Leap Innovations has come out of the dark with a full-page ad (see the full PDF yourself by clicking here).

I've been experimenting with a social media analytics dashboard that I keep running on my desktop. Not only does it give me trending data long before even the online news organizations get their teeth into a story, but it quickly flags posers who are "gaming" the system in their attempts to sway sentiment analysis or to trigger a viral movement. IMHO, every desktop in the world should have their own social media analytics dashboard customized with the topics of interest to each user. I'll keep you posted on the availability of such a product. In the meantime, I predict that pattern based analytics will be an indispensable tool to anyone interested in…well…predicting the next big surprise in their lives.

Friday, October 14, 2011

One-year cyber privateering readership analytics

Today is the Morgan Doctrine one-year anniversary. One year. Six days a week. Every single day. This has been a tremendous learning experience for me, exploring the legal and technical implications of…in the fictional words of Iron Man Tony Stark, "…privatizing  world peace." So at this Morgan Doctrine birthday party, I've decided to analyze the top-ten most popular topics and then the top-ten geographical readership areas. First, the most popular topics as judged by readers:

  1. Japan, I have a solution for you and Sony Almost three-times the readership of the number-two blog.
  2. Stuxnet response from Iranian hacker? A most telling theme, given that Stuxnet is a state-sponsored investment in this brave new world of cyberwar.
  3. Privateer analytics: high-reward/high-risk numbers... Obviously, other people are interested in these analytics.
  4. Frank Herbert clearly foresaw our day  This clearly validates my assertion that military science fiction is way ahead of the game. More to the point, Frank Herbert was a good friend and mentor and, if I want to be truly honest, is the person to whom I owe credit for this idea. He certainly deserves that my next book be dedicated to his memory. By now, most of the philosophical questions Frank and I discussed late into the evenings have been answered for him.
  5. Draft 01: The Cyber Privateer Code  I love this! I intended my equivalent of "The Pirate Code" to go through many drafts. So far, this one draft seems to hold water. Quite amazing. Which is why I set up a separate URL domain: to feature THE CODE.
  6. The Perfect Virus principle #14: Stealth  My single biggest breakthrough was forcing myself to coin the 22 principles of The Perfect Virus. And guess what? Today, Stealth is the number-one theme. But wait a year, or two. I predict that Black Box Portability will be the big issue. It certainly is in my novel.
  7. How China/Russia can make (are making?) billions b...  Oh yeah. The "usual suspects."  Russia and China. Read 'em and weep.
  8. Federal judge keeps 1-800CONTACTS from hijacking t...  Now this is really surprising. My analysis of a legal opinion, and I'm not even an attorney. Okay, so I watch a lot of television.
  9. Stuxnet about to cause an "Iranian Chernobyl"  Again, the cyberwar implications of the #2 most-popular topic.
  10. Yahoo email gets an "F" in security  I've had a grudge against Yahoo after getting email from my dead friend, whose Yahoo account got roached. Looks like others have a similar grudge, given Yahoo's market problems. Amen. This is, after all, a reputation economy.

WHERE are the readers? Here's a map and the top-ten demographics:
  1. USA, by ten-to-one over #2
  2. United Kingdom
  3. France
  4. Ukraine
  5. Germany
  6. China
  7. Russia
  8. Canada
  9. India
  10. Netherlands
Several surprises pop up. Why are the UK, France, Ukraine and Germany ahead of China and Russia? What the heck is Ukraine doing so high on the list. And what the heck is Netherlands doing on the list at all? Several "data exhaust" guesses: 
  • Netherlands may be an Anonymous hotbed.
  • Ukraine must be pretty high on the list of cybercriminals.
  • UK and France are governments making big investments in cyberwarfare capabilities.
  • I'm surprised that Canada, India and Netherlands are higher on the list than Israel, with whom I've had some most interesting dialogues. If I were to rank cyberwar capabilities of the developed nations, I'd place Israel right after the United States and ahead of the U.K., France, Germany, Russia, and China.
A year ago I made a commitment to write every single day except Sundays. I achieved that goal. Today marks a change in strategy and tactics. Simply, these posting will become far less frequent. Why? Because I'm going into the next phase of research with some pretty spectacular new tools that have become available to me. Don't worry, they're totally legal tools. But they are top secret and will assist me in finishing my sequel novel. Here's a hint: Black Box Portability is the real Holy Grail of The Perfect Virus. Black Box Portabiity could also be called "infecting an alien architecture." Check it out in the search box to the left. And stay tuned for interesting albeit less-frequent announcements. 

Thursday, October 13, 2011

Microsoft says zero-day bugs are overrated?

According to Microsoft Jeff Jones, director of security with Microsoft's Trustworthy Computing Group, "…zero-days are not the most prevalent, and thus not the most dangerous, threats facing users." The Microsoft SIR (Security Information Report) published on October 11th states that "…exploits of zero-day vulnerabilities accounted for just 0.12% of all exploit activity during the first half of 2011." In Alfred E. Newman's (Mad Magazine) words, "What, me worry?"

Not to put too fine a point on it, but Mr. Jones should tell that to surviving families of the 12 Ford minivans full of children who were massacred in the pile up on the San Diego Freeway because some hacker decided to pull the pin on the virus he planted in the Microsoft-embedded operating system on those cars. Their mid-freeway stall was triggered by the Sponge Bob Square Pants DVD download. The other 988 minivans just had a be-glad-we-didn't-kill-you-today message appear on the navigation screen.

Way to "take one for the team, Jeff." Did your manager tell you to get out front and put zero-day bugs into perspective? Convince the world that Microsoft's security policies are rational after all? 

Just over one tenth of one percent. A mere twelve out of 1000. What, me worry?

Yeah, I think I'll worry.

Wednesday, October 12, 2011

Huawei walks into a Beltway bar…

And the joke for the day begins along the lines of Liam Neeson's popping out of the crematorium oven in The A-Team movie and saying, "So Satan walks into a bar…" which causes the furnace operator to faint. I always wondered what the rest of the joke was. Today's similar knee slapper has Huawei asking the Department of Commerce why they were excluded from bidding on a wireless network for emergency responders. Well gosh, guys. Let me see here. Oh, yeah. Maybe it's because you are part of the Chinese cyberwar machine, and you've done jack squat to disabuse the world of your nefarious connections? You could have taken my February 22nd advice and had this problem long behind you. Now, however, you actually ask this question with a straight face? Get serious!

So, Huawei walks into a Beltway bar…

I'll pay $10 for the best shot at the rest of the joke.

Tuesday, October 11, 2011

Where will you be on 11/11/11@ 11:11 AM

Last November in my first "If I were a jihadist" posting, I opined about 11/11/11at 11:11 AM in NYC. Well, we're a month away. While I have absolutely no hard evidence, nor even "data exhaust" from my top-secret Twitter analytics alpha test feed, I think that date and time is a pretty inviting target for everybody from jihadists to Anonymous to crazies of all colors (red, blue or green). Am I paranoid enough to do anything differently on that day? Probably not. But I may be a bit more vigilant then. How about you?

Monday, October 10, 2011

Predator infected; SCADA hacked; NYSE still standing

Two seemingly unrelated contrails triggered my analytics warning system:
  1. AP reported Sunday (from Wired Magazine and finally picked up by CNN) that a computer virus has hit the military drone program.
  2. Italian researcher has disclosed "several zero-day vulnerabilities in SCADA (Supervisory Control And Data Acquisition) systems."
Combine this "data exhaust" with my July 28th assertion that "Stuxnet payback will be a b*tch!" and you might start battening down the hatches. Conclusion: No longer will you hear you child say, "Momma, why is the car doing this?" as the new family minivan stops dead in the middle of a busy freeway due to a virus-infected CD in your audio player. The following out-of-the-mouths-of-babes statements might now become relevant:
  • "Momma, this elevator seems to be stuck, and I'm having trouble breathing."
  • "Momma, why did that airplane blow up the car ahead of us?"
You think the whacky clowns at Anonymous infected the military drone program? Get serious. A bunch of low-tech anarchists whose top tricks are DDoD or SQL-injection attacks are not up to this one. They couldn't even blitz all the DNS (Domain Name Servers) hardware to make good on their threat to erase the NYSE today (see my story here). Yep, all pants and no leg.

It takes government-level resources and something more closely approximating The Perfect Virus to hack our Predator program. One of last week's headlines is that U.S. lawmakers question cloud security. How about real clouds? The ones over the capitol? 

Saturday, October 8, 2011

Steve Jobs & Larry Ellison "data exhaust"

I've been using a "top secret" Twitter analytical tool to "grok" the historical musings around Steve Jobs. Quite a few people are looking for patterns between Steve and other contemporary "great men" of technology, from birth dates to education to family status. My feeling is that Steve could go down in history as the Leonardo Da Vinci of our time, but few of us really have a sense of history as it is happening. So I will not presume to make a historical pronouncement, other than to say that both Steve Jobs (who I did not know personally) and Larry Ellison (with whom I had a close association over six years) did seem to have a sense of history even as they were making it.

In the mid 1980s, Larry Ellison's house in Atherton, CA backed up to Steve Jobs' home. The two weren't particularly friendly. In fact, Larry was greatly irritated that Steve's peacocks kept crapping in his back yard. Those who follow current tree-trimming disputes between Larry and his San Francisco neighbors might get a sense that you don't want to irritate your neighbor if he happens to be Larry Ellison. Somehow though, unlike parties in the current real estate conflict, Larry and Steve became best friends. Over the years since, they've each taken their divots out of the historical landscape, perhaps even mentoring each other along the way.

Consider the historical "data exhaust" contrails left by these two men. Steve Jobs literally invented several major industries as he changed our lives. Larry Ellison became one of the richest men in the world by projecting his intellect through Oracle. He won The America's Cup. I've chronicled all of these things. But how will history summarize his life when Larry Ellison breathes his last?

Forgetting the public personae and self-promoted apocryphal legends, Larry Ellison is a profoundly sensitive and caring individual. This so-called "bad boy" tycoon once didn't come to work for a week after his cat died. I can only imagine the anguish he's feeling at the loss of his friend, since I watched my own friend—Judge Pat Brian—also lose his fight with pancreatic cancer. My own humble nod to Pat Brian has been to dedicate my latest novel to his memory (my literary agent is currently trying to find a NYC publisher for Daddy's Little Felons). Given Larry's resources and his genius, I predict his remembrance of Steve Jobs will be somewhat more spectacular.

So what do my predictive analytics forecast for the head of my Cyber Privateering Fantasy League leader? First, I believe Larry will eventually own an NBA-championship basketball team. Secondly, I predict that Larry will win an academy award as a movie producer. Of course, recognizing his own mortality, he could achieve that goal through his son David, who is executive producer of the next Tom Cruse mission impossible movie. Finally, just as the fictional Iron Man Tony Stark (whose character I am convinced was modeled after Larry), I predict that Ellison will somehow take the reins and eventually strut down the halls of Congress proclaiming that he has "…successfully privatized world peace." And somewhere in that dialogue, Larry will most certainly find a way to memorialize his best friend Steve Jobs.

Sit back, grab some popcorn and your favorite soft drink, and enjoy the real…History Channel.

Friday, October 7, 2011

Ellison/Benioff smackdown "data exhaust"

Oh boy. The first two members of my Cyber Privateer Fantasy League team are taking public shots at each other. Larry Ellison is calling Marc Benioff's cloud solution the "roach motel" of software, saying you can "check in but you can't check out." Benioff countered in a sally that TechCrunch describes as "beating Ellison at his own game." This is truly great theatre from two of my favorite people in the world. So let me go out on a limb here and make a prediction, based upon "data exhaust" available to me.

Sometime in the next two years, three at the most, Oracle will acquire These two masters of PR really are friends and mutual admirers. In one of my long-ago conversations with Larry Ellison, we talked of Kurt Vonnegut's novel Cat's Cradle. In it, the emperor and his best friend have a stagnate society. To get things jump started again, the emperor (Ellison in this analogy) suggests to his best friend (Benioff) that the friend start a "religion of meaningless lies." The emperor will declare practice of the new religion a crime punishable by death (wink, wink). The friend agrees, starts the religion, and Voila! Suddenly they don't have a stagnate society anymore.

I bring up this analogy, because two masters of the game are having some very public fun. So get some popcorn and enjoy the show.

Thursday, October 6, 2011

Military sci-fi: Weber hits another home run

If you search my previous articles for "sci-fi" or "military science fiction" (enter your search on the left), you'll see a consistent theme throughout. Namely, The Perfect Virus is rather uncannily anticipated by David Drake, David Weber, John Ringo, Piers Anthony, Jerry Pournelle, Larry Niven, and my old friend Frank Herbert.  I highly recommend David Weber's Out of the Dark (from Tor and Tom Doherty), a novel about an alien invasion. This book should earn this prolific sci-fi author his PhD in anthropology, because it's a flawless doctoral dissertation on the nature of mankind.

So all you Anonymous guys dreaming about erasing the NYSE on October 10th, read Out of the Dark and then waltz on down to the bat cave and attack the job with new creativity. Not that I'm advocating this as a worthy goal, but if a few anarchists from around the world start doing the inevitable, maybe Congress will seriously consider a coherent cybercrime strategy.

Back to David Weber. Out of the Dark is an absolute knee-slapper, depicting a pack-oriented alien race absolutely breaking their picks trying to get human beings to surrender. In a final frustration, their fleet commander muses to himself, "Anybody who ever met a human would understand the galaxy could only be an enormously better place without any of them in it." Take heart, my Anonymous anarchists. You're having the same general effect on the establishment as the humans had on Weber's aliens.

So it is with profound pleasure that I award David Weber his Doctor of Anthropology degree from MDU (that's Morgan Doctrine University). May you…live long and prosper…and only use your power for good.


Wednesday, October 5, 2011

NYSE to be "erased" on October 10th?

Adolescent hubris tends to cheapen your "brand" when you fail to deliver on promises/threats. Simply put, no way in Hell is Anonymous going to "erase" the NYSE on October 10th (see PC Mag story). Alas, anarchists are like proverbial women: "Ya can't live with 'em; ya can't live without 'em."

My advice to Anonymous: Never EVER make threats you don't have locked and loaded (ie; already installed trojans, data bombs and other malware). I once debated the head of the New York chapter of the ACLU on the McNeil-Lehrer report (a national nightly news program). I'd invented a voice stress analyzer, and the ACLU claimed my product was an invasion of privacy. I actually agreed with them on the air. Stunned, everyone just blinked at me, incredulous that I'd make their case. So I subsequently added, "But if my device is declared illegal, I'll simply place an ad in a national newspaper and show how anyone can a voice stress analyzer from about $300 of Radio Shack parts). Several viewers subsequently commented to me that they could actually see the rush of pus hit the ACLU flack's brain. In short, my threat was specific and credible.

But to erase the NYSE? Come on, guys! Go take a bicycle ride. You're spending WAY too much time in the bat cave.

Tuesday, October 4, 2011

Lockheed should be pushing the White House petition

The more I think about it, Lockheed and all the defense contractors should be pushing the White House "Morgan Doctrine" petition, as only the larger companies have the horsepower to put together a The Perfect Virus. The reason I mention Lockheed specifically is that they should be especially interested in some…payback.

Monday, October 3, 2011

FBI will come "directly to your home"

I'll let the following phishing/spam/extortion email speak for itself. Call it a lighter moment, courtesy of the guy bringing you the White House "Morgan Doctrine" cybercrime petition (click here). Enjoy. Note, I added the red highlight in the last paragraph of this humorously illiterate scam.

From: FBI <>

Subject: Good Day,
Date: October 3, 2011 9:48:01 AM MDT
To: undisclosed recipients: ;

Good Day,

We have been watching every single transaction you made since last year until this 2011 and you have to know that we are also working to make sure your funds which are suppose to be delivered to you, and also bear in mind that what ever you emailing us will be forward to the court. Also we are hereby to notify by the federal bureau of investigation Cotonou department of the insult you imposed on them by failing to comply by their requirements.Your full residential address has been forwarded to us for your immediate arrest to face your charge but I deemed it fit to give you one more chance to save yourself from this mess.

We have been told that you have failed to dance by the rule of the FBI which will warrant 2 years jail sentence. Now I john Francis Pikus the special agent in charge of the FBI Albany department I am giving you 24 working hours to effect the payment of the $70.00 usd. To the FBI in Lagos Nigeria, (fbisecurity) with the information written below:
Receiver: larry ijeh
Country: Lagos Nigeria,
City: Cotonou
TestQ: warning?
Answer: now
Amount: $70.dollars
Mtcn number.........
You have to try as much as you can and make this payment so that your funds will be delivered immediately to your destination.You have to stop every transaction you are communicating with other organization to avoid delay on the processing of your funds.

Note that you? if you fail to stick with my advice or any delay will lead to us coming directly to your home address at any time, so try and dance by the rule and get back to me with good understanding ASAP. Special Agent in Charge;


Oh, and did I mention that Yahoo! gets a "F" in security. Still. I'd actually like to run Yahoo! I'll bet I could turn them around.

Saturday, October 1, 2011

Twitter "Data Exhaust" and "The Anonymous Rule"

On August 5th, I opined that Twitter is the new cyberwar dashboard. Yesterday, I began playing with an as yet top secret Twitter analytics tool, and promised to focus on an hourly Anonymous analytics exercise. Two things about Anonymous tweets stand out:

  1. The Anonymous war against Mexican drug cartels completely dropped out of sight, replaced by
  2. The Anonymous #occupywallstreet  and #antisec initiatives.
The above indicates that saner minds are prevailing. Anarchists may be crazy, but they're not stupid. You don't fool with guys who will mutilate you and your whole family.

Another interesting piece of "data exhaust" is that (surprise) people are "gaming" Twitter to achieve other goals (mostly marketing products). I'm intrigued with the ability of this particular analytics technology to quickly identify people who are indeed gaming the system. Since we live in an essentially "reputation based" economy, it makes some sense to "out" such individuals. Public shame can quickly cause our community to self organize and self police. 

Which brings me back to Anonymous. I often counsel with teenagers to follow the "Mother Rule," which is that you shouldn't do or say anything in which you wouldn't involve yourself with your mother watching. I now coin the "Anonymous Rule" as a corollary: "Do not do or say anything in your professional life that you wouldn't want broadcast by an Anonymous whistle blower."

Religious people tend to believe there will be a "Judgement Day" wherein all the secret acts of mankind will be shown to all of creation. Anonymous may have accelerated a kind of judgement day for people trying to skulk around in our world, today. In our reputation based economy, we should all keep "The Anonymouse Rule" in mind. Or be prepared to accept the consequences.

Based upon one more piece of "data exhaust" I'll share—namely the unlikelihood my White House "Morgan Doctrine" petition will ever enable licensed and bonded cyber privateers to keep the world honest—it's looking more and more like Anonymous will perform a less-just/fewer-checks-and-balances but nevertheless effective policing operation. Get set for a wild ride.