The good news was that there were great security tools and practices available that made the Internet safe to use.
The bad news was that so few people used them.
Mick’s personal mission was to change that.
Gunter had been in the industry forever and was well respected.
Mick figured he must be in his late thirties, and seemed to know everyone.
He also had an amazing collection of antique Edison phonographs Mick had seen in his house in Munich, Germany.
“Mick!
How goes it?” Gunter called out when he spotted Mick heading towards him.
Gunter was also about the only one of Mick’s close friends that he could accidentally bump into.
Mick’s location based software told him the location of most of his friends in relation to him and warned him when he was in proximity.
Gunter, however, was truly paranoid about his geoprivacy, and his mobile
always reported
deliberately inaccurate information
– geofuzzing Gunter called it – Mick called it annoying.
If he needed to meet up with Gunter somewhere, he had to run the software that Gunter himself had written – only then would he share this sensitive data.
Mick couldn’t really complain – he made all his friends and family encrypt their email to him using PGP.
He refused to read unencrypted email on principle.
He also was meticulous about his computer and Internet security, which included secure voice and video calling over the Internet.
Mick’s friends were all in the computer and security industry, and didn't think anything unusual about his somewhat eccentric habits, but the average person probably would, and generally did when Mick mistakenly tried to explain things to him or her.
There was a long list of habits he had built up over many years now and couldn't shake even if he tried.
As a computer engineer and programmer, he knew all the inner operations of his computer and communications devices.
As a security expert, he knew the many ways in which his computer could be compromised or taken over, information deleted or stolen.
As a result, he would never consider using programs or software on his computer that he hadn't personally examined, vetted, and compiled
himself
.
He religiously encrypted all the information on his computer, so that no one beside himself could use it.
He also almost exclusively used secure voice, video, and instant messaging with his friends and colleagues.
The only exception would be a short call to a new acquaintance or colleague to explain how they could download and install a secure voice application so they could talk over an encrypted channel over the Internet.
Mick was meticulous about his passwords, changing them every week.
Mick was fairly confident his computer and communications were secure, but his training and experience taught him to never assume this.
He had been doing this for so long that to do otherwise just wouldn't allow him to sleep at night.
“Can’t complain.
What are you up to?” Mick asked Gunter.
“Just having a bite before I head to the hotel.” Gunter replied, getting up.
At the counter, the cashier handed him a plastic tray with an unreadable, but exquisitely printed document.
He placed a few coins on the tray, took the receipt, and followed Mick out the door.
Together they rode a streetcar through the streets of Hiroshima.
“So how are things between you and Liz right now?” Gunter asked, referring to Mick’s on-again, off-again relationship with Liz Clayton.
“Hard to say.
I guess we’re just friends right now.” Mick replied.
They had gone out a few times over the past twelve months.
It was complicated, of course.
“What day are you presenting?” Gunter asked, flipping through the conference program on his mobile.
“Thursday,” Mick replied.
“How about you?”
“Not speaking this week – I’m just relaxing, and enjoying the sushi,” Gunter replied.
Mick knew Gunter wouldn’t be relaxing this week – he didn’t know anyone who worked harder than Gunter.
He was also one of the most talented programmers he knew and always was working on a project for a client or for himself.
“This is my stop,” Mick announced, standing up.
“I’m one block further,” Gunter replied.
“Talk to you later!”
Exiting the streetcar, Mick crossed the street and walked into the lobby of his home for the week.
He judged hotels primarily by the speed of their wireless Internet, the comfort of their beds, and the feel of the lobby.
He loved hotels that had spacious lobbies with comfortable seating, good vantage points, and espresso within walking distance.
This hotel appeared to not have a great lobby, but he knew it would have an awesome wireless network run by the Internet conference organizers.
A gentle chorus of greetings followed Mick, accompanied by various bowing and bobbing.
He loved the sounds of Nihon including the little songs played on the train platforms and subway stations.
He also enjoyed being able to not listen to everything said to him in Nihon, and instead could concentrate on the meaning based on context, gestures, and expressions.
It reminded him of how much was said every day that really didn't need saying.
He could travel the subways, shop, and go an entire day in Nihon without actually having a conversation with anyone.
“Checking in,” Mick said after the requisite greeting and bowing was over.
“Your name?” she asked.
“Alec Robertson,” he replied, getting out his passport.
More correctly, he got out one of his passports – he had three of them, with different names on each.
His friends and business associates knew him as Mick O’Malley, but this was a name he had made up when he turned eighteen and became a U.S. citizen.
To his family, and whenever he wanted to obfuscate his trail, he was Alec Robertson, the name on his British passport.
His use of multiple names and identities had become a habit with him, a bit of an affectation.
He started using his old identity Alec when checking into a hotel, as he disliked having to show his passport or other identification.
In some parts of the world, he knew, hotels had to report this information to the police every night.
He didn't like the privacy implications, or the paper trail of his travels and activities.
It was just one of a myriad ways one’s privacy was constantly undermined by interconnected databases.
Mick was expert at covering his digital tracks, using encryption and anonymization; he was quite well known for putting theory into practice in his everyday life.
Of course, he knew that anyone who really wanted to track him, such as a government, would have no difficulty.
His approach was also not without its risks as he found out in one country when he had been searched and both passports were found.
Fortunately, he had done some work for the director of the national standards body in that particular country.
A few phone calls helped him on his way a few hours later, although the suspicious looks did not go away when he was released.
“Mr. Rovertson, welcome to Hiroshima,” she replied, slightly mangling the name after pulling up his information.
A few minutes later he was unpacking in his room.
He established a secure Internet connection, and moved some money around in his bank accounts.
His pre-paid
bank card
was set up for this trip and would be cancelled and destroyed when the trip was over.
It made his financial trail more difficult to follow, and generated some interesting bank statements each month, but it was not as difficult to manage as it sounded.
He registered at the conference and was getting ready to see which of his friends were around when the evening took a sudden change.
Mick’s social network lit up with postings about an attack spreading like wildfire across the Internet – it looked like a
zero day
, as no one had seen this type of attack before.
When a new vulnerability is discovered in software, there is a race between the computer programmers who try to fix the software and the attackers who try to use the bug to compromise computers using it.
With enough time, the software can be fixed, or ‘patched’ in computer parlance, rendering the vulnerability unexploitable by malicious software such as a virus or worm.
A
zero day
refers to the situation when the vulnerability is discovered the same day that
it is actively used by attackers
.
In other words, there is no time (zero days) between when the attack is discovered and when it is used to infect and take over computers.
Mick checked his own website and blog and realized with a sinking feeling that they had already been attacked and compromised.
Instead of his own content, there was a huge banner on the site reading ‘Carbon is Poison’ – apparently a reference to the dangers of climate change.
He checked a few other common sites, and more than half of them showed the same message.
In particular, U.S. government sites seemed to be uniformly down.
His heart raced as he realized this attack was a big one.
Despite the situation, he smiled to himself, realizing what a perfect place he was in – surrounded by his colleagues.
He just needed to make sure of one thing.
He sprinted to the Network Operations Center or NOC for the conference servers and wireless network.
On the way, he checked the conference website and saw to his relief that it was still functioning and did not appear to be compromised.
He burst through the door and saw the startled looks on the NOC help desk volunteers as he went straight for the on-site router.
He spotted the cables that connected it to the Internet, grabbed them and, in one motion, ripped them out of the servers.
“WTF, man!
That was our Internet!” one of them shouted at him as Mick turned and put up his hands reassuringly, hoping there wasn't a security guard just around the corner.
“I know.
Sorry about that, guys, but have you heard about the web server zero day?”
All but one shook their heads.
He explained the situation quickly as they each looked up their favorite sites and confirmed it to themselves.
“Your servers haven't been hit, yet.
I needed to isolate them immediately from the Internet so we can set up a surveillance perimeter and observe the attack as it happens.
I'm Mick O'Malley, by the way.
Will you help?” he ended, catching his breath.
“Sure let’s do it – I just need to let my supervisor know.
I'll post an outage page and open a ticket to let everyone know what is going on with the network...
there's going to be some pissed off people out there...” one of them replied.
“Is there some space around here somewhere where we can work?” he asked and looked at a small room to the side of the NOC.
“Go ahead.”
“I'll need all the computers you have set up in there, each on a different part of the network.
We need to bait the trap so we can catch this sucker as it comes in!” he ordered and the NOC personnel began to rearrange things.
Mick sent messages to his friends explaining what he had in mind, asking them to meet him in the room in ten minutes.
At times like this he appreciated his peer-to-peer messaging application, a personal open source project that he had written for his friends and family that could run even without a working connection to Internet servers.
Using his mobile, he tried to remotely log into his web server, and failed.
He was able to log into another server where he stored his web server logs, the files recording the activity and moment-by-moment operations of a computer – a trail of digital breadcrumbs.
He did this as a failsafe to cover situations just like this.
He was relieved that he could at least access those logs – they weren’t erased by the attack – although they didn't have quite as much detail as he needed.
He didn't look up until about a half dozen of his closest friends and colleagues were standing in front of him looking over his shoulder.
He blinked up at them, then his mind focused on the task at hand.
He gave everyone directions.
“Lars, install a low layer trap in the server; do a full dump to an offline drive.
Liz, configure the router to send all incoming traffic through this subnet.
Someone else
get
into the firewall and set up the logging and intrusion analysis.
We will only get one chance at this, so we need to get it right.
Let’s set this trap!”
The group dispersed and set to work.