Zark's

Chances are that if you have purchased a computer in the last three years, it has more than one core processing unit.  About 5 years ago, processor designers hit a brick wall.  They could not make CPUs run any faster.  Yet, ever-reducing transistors sizes kept providing more transistors in the same chip area.  The decision was to begin placing more than one processor on a chip, or multicore.

Intel's Barrett leaves chipmaking legacy, shortfall reviews some of the history.  Originally the Pentium 4 family was envisioned to operate up to 10 GHz.  But faster clocks result in much increased power consumption and heat dissipation.  The Intel Netburst architecture just ran too hot.  To save the company, Barrett's brain trust decided to place two CPUs on the chip and divide the workload in half.  Sounds reasonable, doesn't it?

It only works if the problem can be partioned, or vectorized, as described in older computer architectures.  Even if it can be partioned, taking the problem apart and sending it to multiple CPUs and then bringing all the results back together at the exact right moment in time is a difficult problem.  When it comes to CPU cores, more not always better tells that on some key algorithms, Sandia Labs observed improvement with four cores instead of two.  Increasing to eight cores barely improved performance and sixteen cores actually performed like two cores!  The problem is the sharing of data between the processors, called memory bandwidth.

Hardware and even memory bandwidth changes, so the breakpoint today might be 4 processors, but tomorrow it will be much higher.  The really hard problem vexing computer scientists is how to produce software that can be partitioned to multiple processors.  It seems that data flow processing is like nuclear fusion - the breakthrough will be next year.  It is a really, really, hard problem - trying to determine how to break the calculations into pieces and then schedule how everything comes back together again.  Multicore processors outpacing key business software tells that today's top-end servers have eight processor chips with eight cores, resulting in 64.  Yet today's business software cannot scale to keep that many processors busy.

Dual or quad core - which is best for you? answers a question that many new computer buyers have.  Should I buy a quad core or a dual core?  The columnist recommends a dual core for most enthusiasts.  Something else surprising - Tests show Win XP still fastest for multicore tells that the venerable Windows XP, developed before multicore processors is better at partitioning loads than Vista or even the new Windows 7.  The reason - XP is smaller and lighter than the newer operating systems.

I use Yahoo Small Business for web hosting and email services.  Because they conveniently scan for spam, I try to check the spam folder at least once day.  Their scanning is highly accurate, but perhaps one legitimate email a day is erroneously labeled spam.  On a typical day, I will see possibly 200 spam emails.  The titles of the emails are frequently graphic and I feel dirty after checking the spam folder.

Lately the number of spam messages has decreased noticeably, perhaps by over 50%.  Malware, spam dip in November confirms this was an international trend.  They cite two explanations; first, Notorious Spam-Linked Web Hosting Service Goes Offline explains that McColo, the web hosting service responsible for 75% of the world's spam was stranded offline on November 11 when the company's two primary ISP services cut it off.  McColo Shutdown Strands Tons of Zombies tells of hundreds of thousands of bots hopelessly trying to call home in the aftermath of the shutdown.  One security firm noted over 450,000 bots trying to access Srizbi, a zombie control center previously hosted on the McColo servers.  This was an opportunity for internet security specialists to identify the bots because once McColo finds a new ISP home, (most likely in Russia) they will patch the bots and they will go silent again.

Security analysts also suspect that the cyber criminals were taking the month of November to organize for attacks during the Christmas online sales peak.  In particular, we are warned about key loggers, searching for banking and credit card information.  Three of the top 5 malwares are currently variants of the Goldun family of threats.

When I review my spam folder, one of the more disturbing spammer tricks is to place my own email address in the 'from' field, making it appear that the email actually came from me. Spam Appears Sent from Your Email Address? Here's Why explains that the 'from' field in email is one of the easiest things to forge and is a primary tool for today's phishers.

The title provides a chilling warning, CBS website bitten by Iframe hack.  According to Finjan, Russian criminals hacked the website so that unsuspecting visitors unknowingly downloaded malware into their computer by simply visiting the website.  Just about any website can be hacked, as Malware authors play Mario on Daily Mail website explains.  Malicious code is injected into an advertising stream.  The malware then calls home to the Russian server which serves up additional viruses and completely infects the computer.

The problem is that most antivirus scanning uses code signatures.  If the antivirus program loaded on the computer detects a known virus pattern, then it refuses to let the code execute.  If the code does not match a known signature or pattern, then the code is allowed to execute.  If it is malware, then ... too bad.

The chink in the armor is the signature.  Originally code obfuscation was invented to shroud source code for protection of intellectual property.  Now dynamic code obfuscation shrouds the virus code so that the antivirus program can never match the signature, as explained in Dynamic code obfuscation will dominate 2007 malware map.  For a white paper on a recent example, see the Malicious Page of the Month on the Finjan website.

Mmm.  Sounds like antivirus programs need to change strategies.

Symantec has just released an internet security report on the underground economy, which you can download here.  The primary vehicle for communication in the underground economy is the internet relay chat (IRC).  Underground IRCs are typically accessed with a client application and then redirected to a specific channel.  They basically resemble AIM and Microsoft Messenger, but with far more primitive interfaces.  The underground IRC servers have an average lifespan of 10 days before changing venue. 

(If you use Wikipedia frequently as I, you have probably been frustrated in attempting to get the search terms correct.  I have found using powerset.com as a front end for Wiki increases my productivity.  Just navigate to powerset and type your search term in their window.)

Representing 70% of the goods and services available on the underground servers are: a) credit card information, b) financial accounts, and c) spam and phishing information.  Credit cards are typically sold in bulk, whereas the financial accounts allow criminals to withdraw currency directly.  Credit cards sell for a range of $.50 to $12 whereas bank account credentials sell for $10 to $1,000.  

Also for sale are attack tools.  Botnets sell for about $225 and Autorooters sell for $70.  The botnets include a network of compromised computers.  For example, a botnet might include a network of 2,000 infected computers that can provide an almost immediate return on investment.  Autorooters are automated tools that can scan for vulnerable computers.  Scam pages sell for $2 to $50 and mimic a legitimate website for the purpose of phishing.  In a 1 year period, Symantec observed 69,130 distinct advertisers on underground economy servers.

41% of the underground economy servers are in the U.S.  13% in Romania, and 11% in Germany.  It appears that most North America operations are independent, but the European/Asian activities much more organized. 

The Microsoft website provides a description of the Aero Glass features of Vista.  Microsoft says that Aero Glass enables translucent windows which enhance productivity because users are better able to focus on the content instead of the interface.  Aside from that, it looks cool, and basically says, "Drive Me!" 

Vista lawsuit spotlights ties between Microsoft, Intel explains there is a class-action lawsuit filed against Microsoft on behalf of consumers who purchased PCs labeled "Windows Vista Capable", but were not capable of Aero Glass, specifically the Windows Device Driver Model (WDDM).  Microsoft "caved" into Intel in Vista "Junk PC" scheme explains the Intel 915 integrated chip set was not capable of executing the WDDM and the cost of obsoleting the inventory would have been damaging to key partners of Microsoft.

Intel-Microsoft Vistagate, Part 3 tells that unsealed documents reveal Microsoft changed the Vista hardware requirements and there was internal strife within Microsoft concerning the decision.  There was also communication between Intel and Microsoft.  Unknown is how high within the companies that communication took place.

More disclosures in 'Vista Capable' lawsuit tells that the case will go to trial on April 13, 2009.  Mmm.  What do you think?

Today I received an email from my domain name provider, Network Solutions, advising me that I had not responded to previous emails and that my domain name was going to be terminated unless I renewed immediately.  After a little investigation, I determined that it was a phishing scam.  I did not fall prey to the scam, but the perpetrators still cost me time. 

Some scams such as from your bank, the Internal Revenue Service, or even the FBI as their website describes, are readily identifiable.  But how many commercial businesses do not even have a phone number on their website?  More than you think - they do not want to pay the cost of call centers.  So how do you know whether an email is legitimate?  It is harder than you think.  The spammers are getting pretty sophisticated.  To protect yourself, you might reject all such emails.  There will be cost though, because sooner or later, you will reject a legitimate email.

Digital certificates provide one level of trust.  Unfortunately, they are primarily used by government and rarely used by commercial businesses.  The big 'IF' though, is whether you can trust the root certificate.

Microsoft founder Bill Gates has previously offered some suggestions to stop email spam and fraud.  Basically, the sender is required to pay 1/10 of a cent per email.  For a person that sends 100 emails a day, that is 10 cents.  A spammer that cranks out several million a day is shut down.  

Compare to 5 years ago.  Are you more confident that an email you send today will be received?  Are you more confident that the email you receive is legitimate?

Just a semi-serious prediction.  Remember how Microsoft used the Rolling Stones' "Start It Up" for Windows 95?  The next big product for the Seattle software giant is a product named Azure, and I'm predicting another Stones' song, "Hey You, Get Off of My Cloud" to publicize the launch.  The reason being - Azure is Microsoft's new cloud computing product.

Cloud computing is sometimes confused with grid computing, with the latter consisting of a loosely-connected group of computers partitioning a problem.  Cloud computing refers to the use of the internet for the computational service with the user only providing a minimal client application.  One example is Google Apps which is really software as a service.  Instead of the user purchasing software licenses, the Google servers provide the software and computing resources.  For more information, see 5 reasons why you should use Google apps.

Until now, Google and (surprise) Amazon have been the leaders in cloud computing.  Amazon's website tells that hourly costs for a Windows 2003 server is $0.125 hour.  (They also have Linux and Solaris operating systems available.)  That computes to $250 for a 2,000 hour business year, assuming the service is used full time.  It is not immediately clear how Microsoft's offering will be different than Amazon, although Microsoft Azure aims to re-define the OS gives some hints.  Microsoft indicated there will be a mix of licensing available - users can license a cloud instead of a WIndows desktop, and there might even be an advertising-based licensing model. Microsoft To Unveil Windows 7, Cloud Computing Efforts Next Week indicates Microsoft is intrigued by a distributed cloud operating system, so the product offering should be noticeably different from Amazon.

Also buzzing this week at the Microsoft developer's conference was discussion of Windows 7.  The successor to Vista is expected to be released at the end of next year.  Like Vista, it too, seems to be a yawner.

Credit crunch forces hackers to switch tactics tells that organized crime and rogue hackers believe the financial crisis is costing them money.  They do not believe your credit card is worth as much.  Instead, they are selling fake antivirus.  One estimate is they have a 3.4% success rate, much higher than Trojan and phishing activity earlier in the year.

Interestingly, when you booted your Microsoft Windows computer on Friday morning, quite possibly you had an emergency security patch applied to your operating system.  The Microsoft Security Bulletin MS08-07 tells that it was possible to have remote code execution if your computer received a specially crafted remote process command (RPC).  

At Microsoft's Blue Hat security conference last week, Research Demos No-Hack Attack demonstrated something else to be afraid of.  Basically, individual pieces of information may be innocuous.  An aggregation of individual pieces however, can represent a substantial security leak.  A researcher demonstrated a tool that searches the web and then aggregates the information.  He demonstrated that even PGP-encrypted email messages can leak clues. 

As an aside, the researcher also demonstrated that it is possible to spoof identities on the web.  For example, if you do not have a Facebook account, it is trivial for someone to link your name and identity to any content.