More Zonkyness

Author: Mike Meredith

  • Milly Dowler’s Phone Messages Interfered With

    According to the latest bit of news leaked from the investigation into the News of the World’s phone hacking scandal, it is alleged that a private investigator hacked into Milly Dowler’s phone and even deleted messages to make space for more messages. Whilst listening to the phone messages of celebrities is one thing – not a good thing, but sort of understandable – this is well beyond the pale.

    Didn’t anyone at the News of the World stop and think for a moment ? Apparently not, which goes to show that everyone at the News of the World at the time must share responsibility in this sordid example of what happens when you give the gutter press a free hand. It’s time to take serious action on this :-

    1. Drive the News of the World out of business. Easily done – everyone should refuse to buy a single copy of the newspaper. Even if you like the gutter press, buy something else. And sneer at everyone who does buy a copy. And well done to Ford who have pulled ads from News of the World – lets see more of that!
    2. Get the investigation into this into the hands of a police force who don’t care and don’t need the co-operation of the London-based press. One of the Scottish forces would work quite well. And tell them there’s no need to be gentle.
    3. Prosecute, prosecute, prosecute. Those responsible should be in jail. This isn’t a freedom of the press issue – this is blatant interference in a serious police investigation.

  • Can ARM Servers Work ?

    One of the many obsessions in the IT industry going around at the moment is the possibility of low-energy ARM-based servers. ARM-based processors are currently very popular in the smartphone and slate markets because they eat much less energy than Intel-based processors. What is less commonly realised is that ARM-based processors have also long been used in general purpose desktop computers.

    ARM processors were originally designed and built by a home computer company called Acorn as a replacement for the 6502 processor in their immensely successful BBC Micro. The replacement micros were collectively known as the Acorn Archimedes and were probably the most powerful home computer before the crash of the home computer market, and the eventual dominance of the IBM PC compatibles.

    And of course a general purpose computer running a well-designed operating system is just a short step away from being a capable server.

    So of course it is possible for someone to release a server based around the ARM processor and for it to be useful as a server. Whether it is successful enough to carve itself a respectable niche in the server market as a whole is pretty much down to the vagaries of the market.

    Some of the criticisms I have seen around the possibilities for ARM servers :-

    But ARM Cores Are Just So Slow

    Actually they’re not. Sure they are slower than the big ticket Xeons from Intel, but they are quite possibly fast enough. Except for specialist jobs, modern servers are rarely starved of CPU; in fact that is one of the reasons why virtualisation is so popular – we can make use of all that wasted CPU resource. Modern servers are more typically constrained (especially when running many virtual servers) by I/O and memory.

    And the smaller size of the ARM core allows for a much larger number of cores than x86-based servers. And for most modern server loads (with virtual machines), many cores is just as good as fewer but faster cores.

    In the case of I/O, the ARM processor is just as capable as an Intel processor because it isn’t the processor that implements links to the outside world (that is a bit simplistic, but correct in this context). In the case of memory, ARM has an apparent problem in that it is currently a 32-bit architecture which means a single process can only address up to 4Gbytes of memory.

    Now that does not mean an ARM server is limited to 4Gbytes of memory … the capacity of an ARM server in terms of memory is determined by the capabilities of the memory management unit. I am not aware of any ARM MMUs that have a greater than 32-bit addressing capability, but one could relatively easily be added to an ARM core.

    Of course that is not quite as good as a 64-bit ARM core, but that is coming. And except for a certain number of server applications, 64-bit is over rated outside of the x86 world – Solaris on SPARC is still delivered with many binaries being 32-bit because changing to 64-bit does not give any significant advantages.

    But It Is Incompatible With x86 Software

    Yes. And ?

    This is a clear indication that someone has not been around long enough to remember earlier server landscapes when servers were based on VAX, Alpha, SPARC, Power, Itanium, and more different processor architectures. The key point to remember is that servers are not desktops; they usually run very different software whether the server is running Windows, Linux, or some variety of Unix.

    There are server applications where x86 binary compatibility is required. Usually applications provided by incompetent third party vendors. But most jobs that servers do are done by the included software, although in the case of Linux and Unix, the width of “included” software is somewhat wider than with Windows. Indeed for every third party application that requires an x86 processor, there are probably as a minimum half a dozen other server jobs that do not require x86 servers – DNS, DHCP, Directory services, file servers, printer servers, etc.

    If you buy an ARM-based server, it will come with an operating system capable of running many server tasks which can be used to offload server tasks from more expensive x86 hardware (either in terms of the upfront cost, or in terms of the ongoing power costs). Or indeed, will be sufficient to provision thin clients to the point where they can use the cloud.

     

  • Pensions: Public Sector and Private Sector

    Disclaimer: I am a public sector worker who can expect a public sector pension. This may reflect my views on the issue. It also reflects the views of others who write about this issue but do they declare their interest?

    Today many of the public sector unions were on strike in protest at government proposals to “reform” public sector pensions. This caused quite a bit of disruption to people trying to use various public sector services – especially as many schools were closed. The government is of course condemning those who went on strike – how dare they inconvenience the public by going on strike when the discussions are not even complete.

    Well the government “negotiators” have already put their foot in it by implying that many things are not subject to negotiation – if all you’re left with is to negotiate what the measures are to be called, then you’re not negotiating at all. Plus anyone watching the news would be mistaken for thinking that these pension reforms are all about making public sector pensions affordable.

    What the government fails to point out is that measures taken in the past – including unilaterally (i.e. without negotiating) changing the index linking to a lower rate – have already made the public sector pensions affordable. According to the latest calculated figures, the cost of public sector pensions peaked in 2009-2010 at 1.9% of GDP which is expected to fall to 1.4% of GDP. This is according to this BBC article (I’ve been very lazy and have not hunted down the original report).

    As one BBC commentator pointed out, these measures are aimed not at making public sector pensions affordable but at making public sector pensions fairer in comparison to private sector pensions. So the government is lying; no surprise there!

    But it isn’t fair for a low-paid private sector worker to be paying taxes that contribute towards a more generous public sector salary for those lucky enough to hang on to their public sector job! To be more clear, the public sector scheme should should not be excessively generous in comparison to private sector schemes.

    One thing to point out is that pension schemes usually work by the employee making a hefty contribution out of his or her monthly salary and their employer also making a contribution each month. That is no different in the public sector!

    So what we have here is a government determined to bring down public sector pensions to the level in the private sector rather than tackle the admittedly harder problem of bringing up the level of private sector pensions. Or in other words we have a government working to keep the average worker poor so the rich can get richer.

    Just what you would expect a Tory government to do.

  • PC Malware Handling

    This is a series of notes on dealing with PC malware (viruses, worms and the like) gathered because I’m looking into it and published as a way of reminding myself about this stuff. Bear in mind that I’m not an expert but neither am I a complete dunce – I’m normally a Unix or Linux person but I’ve been keeping half an eye on Windows infections for years.

    Some links to tools are contained within. However you should be aware that tool recommendations change over time; you will need to check how outdated this document is before following any recommendations blindly.

    At present this blog entry is a work in progress … lots of testing needs to be done before being confident this is right.

    Cleanup Process

    This is not :-

    1. How to approach this forensically – if you’re dealing with an investigation, it’s a whole other ball game and you probably need professional assistance to avoid corrupting evidence.
    2. A technical guide as to which tools to use.

    1. For The Ultra Cautious Or When Handling Real Important Data

    The process of removal can be destructive, and in the worst cases you can end up cleaning the malware and ending up with a brick. So make an image of the hard disk as it is. Two basic ways this can be done :-

    1. Removing the hard disk from the infected machine, attaching to an appropriate machine (USB->SATA, USB->IDE converters are handy here), and making an image of the disk.
    2. Booting off a “rescue” CD on the infected machine, and imaging the hard disk to a network share of some kind. This is the preferred option.

    This will be slow. So be it. Cleaning an infected PC is not going to be a quick job whatever you do. The best you can hope for is that there are many periods where you can leave it churning away and get on with something else.

    2. Boot A Rescue CD

    There are those who tell you that there is no need to boot off a known uninfected disk to clean an infected machine; their anti-malware/virus product can clean an infected machine “live”. There are others who claim that the only way to be sure is to boot off that disk and clean the machine that way. Both are wrong.

    If you are paranoid (and in the presence of malware paranoia is fully justifiable), you will do both.

    3. Boot Infected Machine and Clean

    As suggested previously after booting off a rescue disk and cleaning, boot the infected machine and clean again.

    Tools

    The following is a list of rescue CD’s that have been suggested :-

    • UBD4Win. Has to be “built” with the assistance of an XP installation; somewhat tedious but it isn’t the end of the world. However it does need preparing in advance – building a rescue CD with the assistance of an infected machine isn’t the most sensible idea!
    • Knoppix. Graphical, pretty, feature packed, but seems to be lacking in anti-malware tools (for instance the only AV tool included is Clam).
    • Trinity Rescue Disk. Menu interface. Virus definitions update over the net; choice of Clam, F-Prot, Bitdefender, Vexira, AVast (need to obtain license key). Various other utilities.
    • F-Secure Rescue CD.

    Some of the above are Windows based; some are Linux based. The choice of which to use should be based on results not whether they tickle your prejudices (or mine!).

    The following is a list of “live” tools to be installed that have been suggested :-

    Asides

    Nothing to do with the main subject. Merely some notes worth mentioning.

    It seems that at least some malware can detect it is running within a virtual environment. In some cases it ceases to do anything, and in others may try to “break out”. This indicates that analysing malware within a virtual environment may not give sensible results, and in some cases may be dangerous! That is not to say that using a virtual environment is no longer of any use, but you may need to take special case such as running the virtual environment under Linux and/or ESX rather than Windows. And be careful about negative results.

  • Where Are The Multi-User Slates ?

    .. or to give them the more popular name, tablets.

    What is the one thing all slates (whatever the usual choice of operating system) are missing? Support for multiple users.

    Whilst there have been and are slates based on desktop operating systems, the only ones that have gained any level of popularity are based around operating systems for mobile phones – principally iOS and Android. And for some reason, these do not have support for multiple users which is sort of understandable for mobile phones but it is definitely a weakness for slates.

    Imagine if you will, that you have bought a slate and setup the details for your work email, and are busily exchanging emails with someone who insists on being called “Bubbles” and you are engaged in a bit of harmless flirtation. Now you plonk your slate down on the coffee table, and your partner picks it up to play with; of course they end up looking at your latest email from “Bubbles”.

    Or in the morning, you rescue your slate from the resident teenager wandering around the house under an angry cloud. You’re in a hurry and don’t check the slate until you wire it up to a projector to show those figures you were working on last night. And this is when you discover (to the amusement of the collective senior managers) that your pet teenager has replaced the default background image with an image of their favourite teenage idol in a scantily clad pose.

    Now both of those examples were extreme and intentionally a bit humorous, but the problem is genuine. Even if you are single and excessively possessive about your slate, having a user called “work” and another called “play” allows you to hide one activity from the other. Not a bad idea to keep the games hidden from your boss!

    Add a “demo” user and you can hand your slate to a fellow worker or friend to let them have a look at your slate without the risk of them discovering something they shouldn’t.

    The mistake the manufacturers have made is assuming that a slate is a single user device. In practice, everyone wants a go and unless you have really big pockets and carry it around everywhere with you, people will pick it up and use it. The ‘net is full of stories about geeks who bought a slate, and wound up with their partner using it more than they do. And not always through choice!

    It appears that I’m not the only one who thinks this would be a really good feature.