innismir.net

Last Saturday both myself and Matt, KB1OSV, headed down to the SEMARA clubhouse to particpate in the ARRL June VHF QSO Party. I had previously participated in the January VHF Sweepstakes at the club and had a good time. When I brought up the fact that I was going to be activating the station at the last business meeting, Matt offered to show up as well with his FT-897 so we could operate on 2M as well.

The day of, I arrived at noon and Matt had already set up his 2M beam. We attached it to the top of a 18ft painter’s pole that he had brought and lashed it to the stairs, giving it about 25ft clearance off the ground. Matt travels a lot and he has his entire station broken down into a waterproof Pelican case (radio, other electronics) and a travel bag (antennas, tools, etc.). Very impressive. We set up his 897 which I manned for 2M and he operated the club’s TS-570 for 6M.  Being both rookies, we managed to muff the start of the contest. At 1300EDT we started scouring the bands and were confused as we heard almost no activity. We then realized that we both were mistaken that 1300EDT was NOT 1800UTC, the start of the contest, it was 1700UTC. Whoops. Stupid daylight savings.

As 1800UTC FINALLY rolled around, the bands sprung to life. I made the first contact of the afternoon at 1801UTC. Unfortunately, I should have savored it, as it was one of five contacts I made during the contest. 2M was mostly dead for most of the afternoon and I was only able to work three grids. Matt had better luck on 6M, as the band occasionally opened up and he was able to work stations in the midwest and southeast United States. By the time 6PM rolled around and we both had to leave, we worked a grand total of 16 contacts and 10 grids. Not anything impressive, but definitely not bad considering our setup and time limitations.

We both had a good time. It was Matt’s first VHF contest and it was my first time running SSB on 2M. I was impressed when the band did show brief (really brief) signs of life and was able to hear as far north as Northern New Hampshire and as far west as eastern New York. If and when I am able to get a house with a permanent antenna setup, I think a 2M beam is definitely in my future. Matt and I agreed that we would definitely want to try this again and he has access to a mountaintop with a shelter and power through his astronomy club. I think that if I ever get a radio that can run 2M sideband, I may take him up on his offer.

While rolling through my RSS feeds (Hat tip to KE9v) on the train this morning, this came as shock, but not really one that I couldn’t say I didn’t see coming:

The days of Navy and Marine Corps MARS may be fast coming to an end. This, according to a directive released by the commander of the Naval Network Welfare Command. One that says that this branch of the Military Affiliate Radio Services will terminate all operations at the end of this summer. Amateur Radio Newsline’s Bruce Tennant, K6PZW, has the details:

According to the May 16th directive, the commander of the Naval Network Welfare Command has decided to sunset the Navy’s MARS mission effective September 30th. Sunset in this case means to terminate and disband. As a result, the Naval Network Welfare Command has requested that all military and civilian positions be deleted and left un-funded after that date.

MARS, for you non-hams, provides a way for families to keep in touch with deployed troops abroad via something similar to a telegram system, among other things. It’s not surprising that with the ubiquity of cell phones and Internet access in even the most far-flung areas that we’re seeing the end of MARS usefulness.

However, when I read the story, another story did pop to mind. What was Navy/Marine MARS paying attention too? Why, the fact that those new hams don’t know Morse of course!

After more than a dozen years, Morse code will soon be returning to Military Affiliate Radio System (MARS) nets. In the mid-1990s, the Department of Defense (DoD) did away with CW operation across the board — including MARS nets — as automatic systems such as the Internet, SATCOM, cell phones and e-mail became available and the payroll cost of manual operators escalated.

MARS members who had embraced CW operation knew that Morse code, the most “digital” mode of all, was an important tool for Emergency Communications. After Hurricane Katrina demonstrated the need for more robust — not to mention quickly deployable EmComm resources — some MARS members led a campaign to resume CW operations on their nets. This resulted in the Chiefs of Army MARS and Navy-Marine Corps MARS calling for a census of interested MARS members as the first step to reactivating regular training nets.

…In announcing the return of CW to MARS nets, Navy-Marine Corps MARS Chief Bo Lindfors cited an emergency where CW was sorely missed: “I remember the [1998] Northeast Ice Storm shortly after I became [Navy-Marine Corps MARS] Chief and the unnecessarily lengthy effort by all of southern New England to receive one voice EEI [Essential Elements of Information Report] from a northern New England member whose antenna was covered in ice and lying on the ground. It took more than an hour when CW could have handled it in a few minutes. As more and more of our members enter MARS with no Morse code experience, I am afraid that we will soon lose that skill set if we don’t do something.”

I did it when I first read it, and I’ll do it now:

It scares me to think that what we are seeing with Navy/Marine MARS may be a portent to the hobby itself if Hams don’t start stepping it up and focusing on more relevant technologies rather then things we have been doing for generations. Instead of focusing on D-STAR, 802.11b, 802.16, APCO P25, and similar ideas large swaths of the community is dismissing them as “not real radio” and instead continue to focus on technology that is as old as the hobby itself. If we continue to ignore advances in the communications spectrum, we’re likely in a few years time going to have a conversations with the FCC straight out of Office Space:

FCC: So what you do is you take the messages from people and you deliver them to other people?
Hams: That, that’s right.
FCC: Well, then I gotta ask, then why can’t people just send their messages directly to other people?
Hams: Well, uh, uh, uh, because, uh, people are not good at the complexities of message handling.
FCC: You physically take the message from someone?
Hams: Well, no, I, I, use the telephone, or, or the fax.
FCC: Ah. Then someone other Ham must physically deliver the message to the recpient?
Hams: Well… no. Yeah, I mean, sometimes.
FCC: Well, what would you say… you do with your spectrum?
Hams: Well, look, I already told you. I take messages and I send them to other people!! I have communications skills!! I am good at making oscilators!!! I know morse! Can’t you understand that?!? WHAT THE HELL IS WRONG WITH YOU PEOPLE?!!!!!!!

Could pushing new technologies have saved Navy/Marine MARS? Possibly. Do I want to be asking this same question in 20 years time after the FCC starts to disolve Ham Radio? I’d rather not bother to find out.

Happy Digitial Transition Day!

It’s the end of an era! Today, the FCC has mandated that analog TV transmissions cease by midnight and stations broadcast only in digital format.

Confirmed Boston Area station cut-over times are:

• WBZ-4 ending regular programming at 12:30 PM, then starting nightlight programming
• WSBK-38 shutting down analog completely at 1:00 PM
• WHDH-7 shutting down analog completely at 11:59 PM, then moving their DT signal from the current 42 to actual 7
• WLVI-56 shutting down analog completely at 11:59 PM

Still Unknown:

• WCVB-5 (Cutting over to nightlight service)
• WGBH-2 (Cutting over to nightlight service)

Wow. That was quick. Of course, this isn’t a copycat attack, but holy crap, is this kid’s 15 minutes up already? Sadly, Mr. Rowland is now learning the hard way that he may not have thought his cunning plan all the way through:

And, of course, Chris Boyd comes up with the most direct worm prevention technique.

So, over the weekend Twitter was hit with not one, but two worms. “Mikeyy Mooney” wrote a worm to deface people’s profiles and cause compromised accounts to first promote his website, then promote himself. A bad weekend for Twitter indeed, but it has possibly turned into something worse for the Internet as a whole.

Word came out today that Mike (I refuse to call him by that insane double “Y” name) was hired by Travis Rowland, owner of a small company out in Oregon call exqSoft. Allegedly he’s going to be doing web development for them, but this move sends EXACTLY the wrong message: Do a sufficiently splashy compromise, and get yourself a job.

I have no beef with Mr. Rowland as a person, nor do I disagree with his assertion that Mike could have done something a lot worse. However rewarding this behavior is going to encourage copycat attacks and that helps no one. Already there is a prevalent attitude among youths involved in computing that in order to get a job in Computer Security later on in life, you need to be a l33t h@x0r and pwn people. Chris Boyd (who’s weblog you should definitely be reading) has done some work in investigating these attitudes and they are quite scary. There are thriving communities of kids who are scamming people out of HabboHotel and RuneScape credits and not only seeing nothing wrong with it, they kind of see it as getting experience for later on in life. (Sadly, Chris’s archives seem to be wiped out, so I can’t provide links). Some of Mike’s statements even reflect such an attitude:

“I’m really getting a bad reputation from it but at the same time people are taking into consideration that even though I did some harm I didn’t cause any damage,” he said.

When did it suddenly become “OK” to hijack people’s accounts? Have we really slid down the slippery slope enough that taking control of someone else’s “property” is fine as long as you don’t do anything *really* malicious? Also, whether or not “damage” was done is another thing entirely. How many non-security-savvy people completely freaked out over the weekend when they saw their Twitter account was posting random things? How many man hours were wasted not only of the Twitter staff, but the thousands of people who were compromised and had to clean up their account in addition to making sure they weren’t compromised in some other fashion? How would Mike like to recieve a bill for that?

Now, Mr. Rowland sees his hiring as a way of providing Mike a safe place to use his talents. You know, sort of like an online YMCA. At one point in my life I did agree with this sentiment as there was no easy way to “break” things. However this is not the case anymore. I am amazed at some of the utilities available today specifically designed to hone peneration and security skills. I see it as upping the ante for these groups. Seeing Mike get hired after he exploited Twiter is probably going to get a lot of gears turning and cause thinking of “Geez, if I do something similar to YouTube/Facebook/Hi5/MySpace” maybe I’ll get a job as well!”

When I finally made the decision to try to make a jump from an Information Security hobby into an Information Security career, I did have a similar conundrum: How do I get some, for lack of a better term, “street cred?” I’ll admit I started poking at websites looking for similar holes as the ones Mike found in Twitter and finding them in the process. HOWEVER, and this is the key difference, I worked with the websites to fix the holes, rather then attempt to make the front page of the Technology section of ABC’s website. Closest I ever got to that was an article in InfoWorld about an anti-phishing application I wrote in my spare time. Not as exciting? Nope. A lot of work? Yup. Did it work? My current place of employment says “Yes”.

Of course, it isn’t all sunshine and puppies for Mike as he also got himself reamed a new one by a group who posted all his personal information online to Full-Disclosure. This might temper the rush of script kiddies trying to get their name in the press. However, I’d be willing to make a bar bet that we will see an uptick in “harmless” attacks against social media services like Twitter due to Mike’s hiring.

An article from from the Saginaw News from Saginaw, MI has been coming up on my Twitter feeds lately: “Ham radio? That’s not so 1950s” I try not to read Ham Radio articles from the Mainstream Media as invariably it still seems to perpetuate the stereotype that Ham Radio operators are a bunch of elderly guys who still think digital watches are a big deal. However, I decided to give it a read.

Ham radio operators are tech-savvy.

OK… Good start…

“The idea that most everybody has is from the 1950s movies where they see somebody in the basement with a telegraphy key,” said Pat Mullet, public information officer for the Midland Amateur Radio Club.

“There are guys who still do that because they love playing with the old equipment,” he said.

Good… Good…

“But today we’ve got radios the size of a couple of VHS tapes, and they can reach around the world.”

“the size of a couple of VHS tapes?!?!” What?! We’re “tech-savvy” but we’re refering to a medium that’s not just one, but two generations out of date? Come on, there has to be a better comparison.

“But today we’ve got radios that are smaller then a laptop, and they can reach around the world.”

Or maybe…

“But today we’ve got radios smaller then an XBox, and they can reach around the world.”

Or he could have played a bit fast and loose with the truth and said…

“But today we’ve got radios that fit in the palm of your hand, and they can reach around the world.”

I know I am nitpicking. It’s a throw-away quote. Mr. Mullet might be involved in cutting edge technologies and be doing stuff that I can only dream about. But when you’re dealing with something where you’re attempting to change the public’s opinions of Ham Radio these little bit matter. If we try to make ourselves out to be “hip” and “with it” and then compare our hobby to 20 year old technology, it rings hollow. These impressions matter and if we want to attract people to our hobby we need to make it interesting, exciting, and dare I say, sexy.

The article then goes on to the standard spiel about how Ham Radio operators are our last best hope when everything goes to heck (God help us), how when you’re licensed you can talk to people around the world (unlike, say, the Internet), and stuff like the International Space Station (No swarmy comment here, nice one).

Any press is good press they say and getting the hobby out to the general public is a good thing, so props to the Midland ARC for getting coverage and getting a few juicy tidbits out there. However, we, as a hobby, need to work on some talking points on some of the more “exciting” points of Ham Radio. We also apparently need to work on our comparisons.

Well, I haven’t updated here in a while, as I haven’t done much in the way of my hobbies recently. The cause for this is simple: On March 30th, as 6:52PM EDT, my son, Brady made his arrival into this world.

Brady and Dad

Mom did great and the entire process too less then 6 hours. That was the easy part. Needless to say, these past few weeks have been all baby all the time. This leaves very little time to play InfoSec and Radio. I have started to leverage the 3AM feeding into catching up on RSS feeds and I still occasionally post to Twitter. I am also looking forward to go to NEARFest (sans Brady) at the beginning of May. However, there has been quite a shift of priorities for the forseeable future.

I’ll leave it with another quote from Jeff Atwood, whose own son was born about two week prior to mine:

If you’ve been reading my blog for a while, I’m sure you know I will approach our new parenting adventure the same way I do programming — with absolutely no freaking idea what I’m doing. And often hilarious results.

Yup.

SOURCE Boston 2009 wrapped up last Friday. Once again, the SOURCE Advisory board did a bang-up job picking talks: Normally, during a conference there are “collisions” in which there are two talks I want to see that run concurrently. SOURCE had this, but it seemed that it happened almost every single talk. I was desperately switching my attention between the talk I was currently at and my twitter stream watching people live-tweet the other tracks. I constantly felt I was missing something great. SOURCE also improved the one complaint I had about SOURCE Boston 2009, lack of the ability to get to the venue via the MBTA. This year’s venue, the Seaport Hotel was easily accessible from the Silver line and the new digs were great.

My talk went as well as I could have hoped. Despite some minor issues with regards to what I could and couldn’t talk about and thus the presentation being much shorter then I wanted it to be, I felt I fielded all the questions cleanly and ones that I could not answer I made sure I got business cards so that I could follow up. For those of you interested in downloading my slide deck it is available here:

• Massachusetts Data Breach Laws, Regulations, and Responsibilities (PPT, 828K)
• Massachusetts Data Breach Laws, Regulations, and Responsibilities (PDF, 286K)

Some highlights of the conference:

• David Mortman’s delicious bread, which he handed out if you asked questions during his talk. I got a slice because I was able to answer a question.
• Marcus Ranum’s keynote. Despite being a presentation of “The industry is beyond repair, and here’s why…” gloom and doom, I was able to at least grab some good points out of it that will enable me to fight the good fight. He also made a great metaphor: “3D dancing pigs” meaning something which management wants and will try to implement despite any warnings.
• James Atkinson’s counter-surveillance talk. Last year he did telephones and this year he did automobiles. Crazy stuff.
• L0phtCrack 6 information session. I can’t wait.

And these are just the ones I can remember off the top of my head.

SOURCE is a great conference and if I had the time and money, I’d seriously consider going to SOURCE Barcelona in September. If you have the chance in 2010, I would highly recommend attending.

There’s been a flurry of activity recently on AMSAT-BB about AO-27. Thanks to the efforts of the command team, the satellite, that crashed the same weekend that Steve and I built the arrow clone, has been restarted and is now operational again. The AO-27 webpage still lists the satellite as “On Orbit Checkout” which means the satellite may not fully operational yet, but there are people reporting to the mailing list that the repeater is active over North America.

Many thanks to the AO-27 command team for their efforts in restoring the aging bird to service.

This was brought to my attention via Jack Daniel and I nearly had to change my undergarments after heading over to l0phtcrack.com:

L0phtCrack is back! At a special information session at SOURCE Boston (Thursday, 10:15am), the team that brought you L0phtCrack will be releasing version 6 of the highly-acclaimed Windows password auditing tool. Come to the session to learn about this release, its new features and platform support, and the story of the product from the days of the L0pht, to @stake, Symantec, and finally back to the L0pht.

Expect this site to go live soon!
See you at SOURCE!

This is great news. L0phtcrack was an amazing utility (technically it still is, just a bit old) and it’s great to see development on it revived. I am pretty sure it will be a piece of every security person’s toolkit as soon as it’s released. I’m also sure that this session will be standing room only. I know I will be there.