Live from Austin!

For the last 6 years, Microsoft has been quietly shipping Macrovision DRM software embedded in Windows, in order to “increase compatibility and playability” of video games.

Unfortunately, there’s a bug in the DRM code which allows privilege escalation. So Windows boxes are now being pwned across the Internet.

The best part: this video game DRM has been shipping in Windows Server 2003. Yeah, I bet lots of people need video game compatibility on Windows Server.

Oh, and Microsoft worked with Macrovision to fix the security holes in the Vista version of the DRM code—but they didn’t bother to fix the XP version. Classy.

Metasploit on the iPhone:

Every process runs as root. MobileSafari, MobileMail, even the Calculator, all run with full root privileges. Any security flaw in any iPhone application can lead to a complete system compromise.

I really thought Apple had better software developers than that. I guess that explains Steve Jobs’ comments about it being impossible to provide a 3rd party SDK safely.

Yeah, if you made the incredibly dumb decision to have no security whatsoever in your mobile OS, then it’s impossible to support 3rd party applications safely.

More to the point, as soon as someone finds a security hole in Safari or Mail, that’s it—they will be able to pwn the entire system. I’d place bets that someone will find such a bug, sooner or later; and then we’ll see iPhone viruses and trojans spreading by e-mail or web.

What’s slightly worse than working with whale feces?

Working on security at Microsoft, according to Popular Science.

From AP via Slashdot and Yahoo:

A break-in targeting State Department computers worldwide last summer occurred after a department employee in Asia opened a mysterious e-mail that quietly allowed hackers inside the U.S. government’s network.

In the first public account revealing details about the intrusion and the government’s hurried behind-the-scenes response, a senior State Department official described an elaborate ploy by sophisticated international hackers. They used a secret break-in technique that exploited a design flaw in Microsoft software.

Consumers using the same software remained vulnerable until months afterward.

Donald R. Reid, the senior security coordinator for the Bureau of Diplomatic Security, also confirmed that a limited amount of U.S. government data was stolen by the hackers until tripwires severed all the State Department’s Internet connections throughout eastern Asia. The shut-off left U.S. government offices without Internet access in the tense weeks preceding missile tests by North Korea.

Awesome. Meanwhile, Microsoft lobbyists successfully killed a bill in Florida that would have opened the path for official use of OpenDocument standards instead of proprietary Microsoft Word documents.

Food turned out to be less of a problem than in Berlin, oddly enough. There seemed to be lots of vegetarian restaurants, and we found a vegetarische imbiss at Schantzenstrasse and Susannenstrasse.

I also got the impression that people were more friendly than in Berlin. Then again, perhaps it was my imagination, a side effect of my becoming more used to Germany.

Josef had an original LP from the first release of Autobahn. The band look like big geeks in the photo, and the sleeve credits Conny Plank. (His name was removed from later editions.)

CD shopping was made more annoying by the fact that nowhere seems to take credit cards, not even big stores. If you don’t have an EC card with a PIN, forget it.

Stereotypes sometimes have an element of truth to them. While we were in Hamburg, Josef and Ute helped rothko to polish the text of her German scrapbooking site. The original text talks about the enthusiasm of TLC scrapbookers for the business. For our hosts, this proved to be the most difficult piece to translate, and it took a long time for them to come up with an acceptable German phrase for “enthusiastic”. Apparently the literal translation of the word would be viewed with great suspicion in a business context, particularly when said by an American.

This reminded me of my two favorite jokes about Germans:

1. Q: How many Germans does it take to change a light bulb?
   A: One, and he does it with ruthless efficiency.

2. Q: Why did the German cross the road?
   A: Because the traffic lights indicated that it was appropriate to do so.

We got to the airport for our return at around 06:30. The queue was very, very long. The airline official checked my passport and visa (permanent resident card). Then he asked for my driver’s license. After that, he wanted proof of employment. Fortunately my medical insurance card has IBM’s logo on it.

This is all the result of the US government decreeing that airlines should pay the cost of deporting people. Ironically, if you don’t have a visa at all then you’re OK as far as the airlines are concerned, because it means they’re not on the hook; it’s if you do have a visa that they have to triple-check everything, just in case the visa is fraudulent or you can’t continue to meet the terms of your residence.

Next, we had to queue for the metal detector. My passport was checked again. Then we walked through to the hallway beyond, and walked to the departure gate…where there was another security checkpoint, with another queue. My passport was checked a third time, and everything went through another round of metal detection, this time using a wand.

Just when I thought things couldn’t get more ridiculous, I realized that they were hand-searching the carry-on luggage of every single passenger. I cooperated with removing every single item from my bag, so they could be checked one by one.

The guard noticed the TRIO DVD and grinned. “Trashy,” he commented. It turned out that he had been a fan back in their early days, before they became famous, when they were playing obscure Hamburg clubs. Somehow this puts a more human feeling to the proceedings, and makes it all seem better.

When we got to Newark, we had to collect our luggage. We re-checked it, and it was scanned again. Then, we had to go through security, for what was my third round of metal detection and fourth round of passport checking.

At immigration, I was handed back my documents with a smile and “Welcome home”. Maybe I was fragile from the 8 hours on the plane and the repeated security screenings, but I felt genuinely touched. And not in a full-body-cavity-search kind of way.

Apparently speaking a foreign language in an airport is now deemed suspicious, and grounds for questioning you and making you miss your plane.

People who know me probably won’t be surprised to learn that I go through my credit card bills line by line, checking them. This month I noticed a mysterious item from gotomypc.com, a debit for just shy of $180 about 10 days ago.

I called the 888 number and asked if they did billing for any other online business. The customer service rep said no, it’s just gotomypc.com. By a weird coincidence, a friend had been telling me about them earlier in the day; their service is basically remote desktop access to your home or office machines. On a hunch, I asked if it worked with Macintosh or Linux computers. The guy on the phone confirmed that it didn’t. I explained that we don’t actually have any Windows PCs in the house, and he readily agreed to cancel the account and credit my card.

The curious thing is that they had a correct name and billing address and everything. I thought perhaps the guy from LA who ran up the $6,000 cable bill in my name was back to his old tricks, so we pulled copies of our credit reports and checked them. Nothing. Can anyone think of an innocent explanation?

The second incident is odder. I received a bill from the Institute of Chartered Accountants in Ontario, who claimed they had been given my address by the Canadian Air Transport Security Authority.

I’ve never had any contact with either organization before. In fact, I’ve never been to Toronto, and I’ve never traveled by air to Canada. I can’t say I’m happy with air transport security confusing me with someone else, particularly since I’d quite like to go to Toronto some day.

Another interesting flaw has been discovered in the Diebold paperless voting machines used in many US states.

The Diebold machines are supposedly secure because they run software from an EPROM, software that has been independently audited and certified for use by election board officials.

Except it turns out that if you change a single jumper inside the machine, it will boot any code you care to supply on a standard flash memory card instead. The jumper switch can be adjustedusing a screwdriver or (better) a pair of needle-nose pliers. Once you’ve booted the machine with your suspect software, simply reset the jumper and remove your memory card. When the machine is turned off, any evidence of tampering will vanish and it will go back to booting from the EPROM.

How ingenious. How…convenient.

US air marshals in Vegas have revealed that they have a quota: they have to report at least one suspicious person a month.

First Windows Vista viruses published.