Tuesday, May 29, 2012

Iranian Computers Targeted by new Cyberweapon

The Associated Press reported this morning that a new large scale cyberattack has hit computers in Iran.  The new program, named "Flame" apparently has the ability to take screenshots, activate a computer's microphone and webcam, and even capture data from bluetooth enabled smartphones connected to the infected computer. 

 UPDATE: More information on Flame:

Wednesday, May 23, 2012

JetBrains releases dotPeek, a new free .NET decompiler

JetBrains has thrown their hat into the .NET decompiler ring with the recent release of dotPeek.  I've been using it for a couple of days now and have found it to be a fully-featured competitor to the standalone .NET Reflector by Red Gate Software



The standalone version of .NET Reflector is priced at $70, while dotPeek is free.  I wonder if this is going to change anytime soon.  .NET Reflector also has version that adds Visual Studio integration to the basic utility (available for $130) and a Professional edition that adds VS integration and some very useful debugging features (available for $190). Sadly, I have not been able to convince my program manager to buy any licenses for our team.

dotPeek doesn't do anything other than decompile assemblies, but it does that well.  This is good news, since I have really missed having a decompiler available in my daily work.

Thursday, May 10, 2012

NPR: Cyber Briefings 'Scare The Bejeezus' Out Of CEOs

In NPR's continuing series on the costs of cybersecurity and who will pay for hardening the assets that control the nation's critical resources, they detail how public-private partnerships are being used to help disseminate information about the latest cyberwar capabilities to industry.

Some of the corporate systems are so vulnerable the government informed CEO's that "we can turn your computer into a brick," which scared "the bejeezus out of them." Actual quotes.


Listen to the story here.

Tuesday, May 08, 2012

NPR on Cybersecurity: New Bill would have Businesses Foot the Cost of Cyberwar

I was listening to a very interesting story on NPR this morning about the state of the nation when it comes to cybersecurity. One of the main points was that our national infrastructure is very vulnerable to offensive cyber operations since private companies are mainly responsible for critical infrastructure such as electricity and virtually no private companies have been spending money on keeping their systems safe from intrusion.

There are split feelings on this issue about whose responsibility it is to keep infrastructure safe. Surprisingly, it isn't the typical Democrat-Republican split.  Many former security officials from the Bush administration feel that business should be devoting their resources to meet this challenge, while business leaders quoted in the piece feel that this is the government's responsibility, not theirs - and the government should pay for hardening their systems.

Outside of a federal takeover of these critical assets (which no one wants), I personally think legislation, regulation, and incentives codified into the tax code are the only ways to force businesses to take their cyber responsibilities seriously. The threats have been present and well documented for long enough. Business leaders have had their chance to police themselves, and they have failed miserably.

Listen to the story here.

Monday, October 18, 2010

REVIEW: Sharpie Liquid Pencil

For those of you who know me, I’m a pen geek. I love the feel of a good writing implement. As a result, I was really excited to hear about the new Sharpie Liquid Pencil.

The experience was disappointing. It reminded me of writing with an EraserMate pen from my middle school days. Sharpie did do something better, as a leftie, the EraserMate ink used to get all over my hand as I wrote; I didn’t experience this with the SLP.

There appears to be an uneven flow of liquid graphite, it sometimes feels like you are writing with a pen which is about to run out of ink. The ink rubs off page with a very light touch, which is good for the eraser, but bad for me since I’m a leftie.

This is the first product from Sharpie which I didn’t like writing with.

Wednesday, September 22, 2010

NPR: Extending the Law of War to Cyberspace

I heard an interesting story this morning on NPR regarding the international law of war and the growing debate about how cyberwar fits into the existing framework.

This report was a real eye-opener for me. Nations around the world are building up a capacity to conduct cyberwar, which can have extreme consequences in the physical world. What is the threshold of damage that a cyber operation has to cause in order for it to be considered an act of war? Another problem discussed was the concept of "proportionality," meaning under the rule of law, any use of force must be reasonable to achieve the military objectives. The United States has extensive experience with this concept in the physical world, but this sort of analysis is much harder in the cyber domain. With the high levels of connectivity between military, government, and civilian networks, any cyber operation has the potential of causing more damage than the mission planners expected.

This is a two part report, which concludes tomorrow. I'll be tuning in.

Link to Part 1 of the report.
Link to Part 2 of the report.

Friday, July 16, 2010

Raytheon wins "Federal Innovation Partner of the Year" at Microsoft's 2010 Worldwide Partner Conference

Yesterday, my team was pleasantly surprised to hear the news that Raytheon won the award for "Partner of the Year" in the Federal Innovation category at Microsoft's Worldwide Partner Conference - almost exclusively for the work we've done promoting software factories, DSLs, and other developer productivity techniques across our organization over the past year. Here's the link if you are interested in reading the press release.

We're really proud that all of the work we've done over the past year was so warmly welcomed by Microsoft. I thought we had something special going on and this kind of proves it.

As an added bonus, our chief engineer returned from the conference triumphantly this morning with the hardware in hand.


Nice! I haven't been this pumped since BoundsChecker won it's umpteenth JOLT productivity award.