Counting from Zero Read online

  TABLE OF CONTENTS

  Prologue

  Chapter 0.

  Chapter 1.

  Chapter 2.

  Chapter 3.

  Chapter 4.

  Chapter 5.

  Chapter 6.

  Chapter 7.

  Chapter 8.

  Chapter 9.

  Chapter A.

  Chapter B.

  Chapter C.

  Chapter D.

  Chapter E.

  Chapter F.

  Chapter 10.

  Chapter 11.

  Chapter 12.

  Chapter 13.

  Chapter 14.

  Chapter 15.

  Chapter 16.

  Chapter 17.

  Chapter 18.

  Chapter 19.

  Chapter 1A.

  Chapter 1B.

  Chapter 1C.

  Chapter 1D.

  Chapter 1E.

  Chapter 1F.

  Chapter 20.

  Chapter 21.

  Chapter 22.

  Chapter 23.

  Chapter 24.

  Chapter 25.

  Chapter 26.

  About the Author.

  Bibliography.

  Counting from Zero

  by Alan B. Johnston

  Copyright Alan B. Johnston LLC 2011

  All characters appearing in this work are fictitious. Any resemblance to real persons, living or dead, is purely coincidental.

  Praise for Counting from Zero

  “Credible and believable, this story is told by a subject matter expert. I could not wait to find out what happened next.”

  - Vint Cerf, Internet pioneer

  “The threat to the Internet from worms, viruses, botnets, and zombie computers is real, and growing. Counting from Zero is a great way to come up to speed on the alarming state of affairs, and Johnston draws you in with his story and believable cast of characters.”

  - Phil Zimmermann, creator of Pretty Good Privacy (PGP) the most widely used email encryption program

  “Counting from Zero brings Dashiell Hammett and Raymond Chandler into the computer age.”

  - Diana Lutz

  Prologue.

  The exploit code compiled for the final time; it was ready to be tested.

  The young man loaded the software on his computer, randomly selected a target, then hit send. He sat back to watch the results.

  A world away, a single packet arrived quietly from the Internet on an unfiltered port. It utilized a rarely used protocol, and seemed an innocuous request. At the end of the request, however, was something else entirely: a carefully crafted and formatted message that would result in the automatic execution of the code that followed.

  No one was using the computer – it was simply turned on and connected to the network. A mail program and a browser were running, but no one was looking at them. The screen had turned off to save power. Suddenly, a new process started up on the computer, the result of the single packet that had arrived. A binary file began downloading; when it completed, a new program began executing.

  Just as a traveler to a new country looks around and explores the new place, the program began exploring. It inventoried the computer’s capabilities, which were meager. The low gigahertz processor was quite a few years old. It was running a common closed-source commercial operating system. It had just enough memory. It had a small hard drive, but there was plenty of space for the download that the program initiated.

  When the download had completed, the real work began. The second program went through the computer records and erased all signs of the recent activity. It sent back a report to the source. It set itself up to automatically and invisibly run every time the computer was turned on. Its entire existence would be hidden from view.

  The man had been distracted by messaging on his mobile, and did not notice the first report that was sent back. He began looking through the details to see what had happened.

  The first ‘zombie’ was not a great catch. It did not seem to contain any particularly valuable information, or belong to anyone important. Its capabilities were minimal at best – seemingly hardly worth the effort of compromising it. It was probably just sitting in someone’s living room or bedroom. But it was now completely under his control!

  Noting a number of others in the records, he felt some satisfaction from the success. He knew there were only a handful of people in the world who had the expertise even to detect the exploit, let alone defend against it.

  He read the summary statistics to check the extent of the spread and nearly fell off his chair.

  The code had already compromised 123,412 such computers, from all over the world – in just one hour! He did a little math and was amazed at the result. The things that could be done with this many computers around the world, all acting in unison…

  Deciding to make a change to the code, he added one more thing. A spam email appeared on his screen; he glanced at it, deleting it without a second thought. He added his alias to the code: nØviz.

  Part I

  Chapter Ø.

  One month later...

  Mick O'Malley – is feeling even more at home in Nihon than previous visits. (Ø comments)

  Speed is relative, and Internet speed particularly so, mused Mick O’Malley as he traveled at 2Ø3 km/h, and accessed the Internet at 4 Mb/s. This speed was slow for an airplane, but very fast for a vehicle on the road, although Mick had gone faster on one of his Ducati motorcycles. It was also fast for a train, unless it was the Shinkansen bullet train, which Mick was currently riding out of Tokyo. He knew the train was just getting going, and it would soon be traveling much faster.

  Mick finished writing a blog entry; it uploaded in a fraction of a second to his server. The speed was slow for a hard-wired local area network, but fast for a wireless mobile network. For Mick, it was just normal, as he was used to having high-speed wireless Internet on his travels around the world. He couldn’t imagine life without his pentaband mobile computing device.

  Mick’s musing was about to veer off into the technical distinction between throughput versus goodput when he was distracted by a tingling sensation just behind his right ear; it was his wireless implanted speaker/microphone alerting him. A grad student friend at a university had given Mick the opportunity to try out this experimental subcutaneous technology, and Mick had jumped at it. The audio quality was excellent, and not having to worry about wires was heaven. It was a purely passive device, powered by his mobile only when needed. He could even use voice commands to place and answer calls using the implant, but the range was limited. Since the implant, he had never missed a call.

  The alert from his social network told Mick that his friend Lars had arrived in Hiroshima and was enjoying an unidentifiable breakfast, except for the steamed rice. Mick recalled some of his own mystery meals he had enjoyed on previous visits to Nihon. Lars had posted his GPS track from the previous day that showed a top speed of 3Ø1 km/h on the train and dared anyone else to better it. Mick frowned looking at the mobile – his top speed was still only 279 km/h.

  Outside the window, the countryside continued to zip by at a phenomenal speed.

  Mick smiled to himself, looking forward to the exciting week ahead. He was on his way to an Internet security conference in Hiroshima; his best friends from all over the world were converging there.

  Mick was considered a security ‘guru’ although he despised the term. He didn’t argue with the knowledge part. Despite his twenty-four years, there were few that knew more about computer and Internet security than he, but enlightenment?

  The train rounded a corner, and Mick was surprised not to feel the expected g-forces on his body. He surmised that the track must be banked, and he did a quick Internet search which
confirmed that the track was banked at ten degrees. Mick’s mobile was incredibly powerful, with more raw computational and networking power than most desktops. His desktop computer back in his apartment in the East Village in New York City was in another category entirely. It was so blazingly fast he had designed a custom liquid cooling system for his CPU – even a wind tunnel fan wouldn’t be able to dissipate enough heat to prevent the multi-core processor from fusing into a smoky lump of silicon. Mick relaxed and looked out the window, enjoying the high-tech ride.

  Just outside of Kyoto, the “New Track Hope”, as “Shinkansen Nozomi” roughly translates, hit a top speed of 29Ø km/h, then 298 near Kobe. Passing another train barely made an additional sound or caused the train to shudder. The over 5ØØ km/h relative velocity was impressive.

  Definitely the Formula 1 of trains!

  He wondered how they maintained such speeds through all the tunnels that kept making his GPS lose contact with the satellites.

  Just a few minutes before slowing down into Hiroshima Station, Mick’s GPS registered a maximum speed of 299 km/h. While disappointed not to have eclipsed Lars’ number, Mick considered alternative possibilities and made a mental note to check the calibration of Lars’ device to ensure its accuracy.

  The train station in Hiroshima was filled with the usual chaos and cacophony that Mick loved. He relished the challenge of navigating public transport in a country where he couldn’t speak the language or even read the signs. Today he looked forward to figuring out the Hiroshima streetcar system.

  Mick was making his way to the station exit when he stopped in surprise, spotting an older man sitting at a table slurping ramen.

  Is that you Gunter?

  Gunter Schafer had been Mick’s friend for nearly five years now, and had helped establish him in business as an independent consultant after a disastrously brief stint with a startup company. Gunter also managed to get Mick invited to international conferences such as the one this week. These conferences were the perfect platform for Mick to make his case for better Internet and computer security. In his opinion, the entire industry had its head in the sand (and perhaps somewhere else, too) – seemingly no one had any idea what was out there and the types of sophisticated attacks spawning from the evolving alliance of techies and organized crime.

  The good news was that there were great security tools and practices available that made the Internet safe to use. The bad news was that so few people used them. Mick’s personal mission was to change that.

  Gunter had been in the industry forever and was well respected. Mick figured he must be in his late thirties, and seemed to know everyone. He also had an amazing collection of antique Edison phonographs Mick had seen in his house in Munich, Germany.

  “Mick! How goes it?” Gunter called out when he spotted Mick heading towards him.

  Gunter was also about the only one of Mick’s close friends that he could accidentally bump into. Mick’s location based software told him the location of most of his friends in relation to him and warned him when he was in proximity. Gunter, however, was truly paranoid about his geoprivacy, and his mobile always reported deliberately inaccurate information – geofuzzing Gunter called it – Mick called it annoying. If he needed to meet up with Gunter somewhere, he had to run the software that Gunter himself had written – only then would he share this sensitive data. Mick couldn’t really complain – he made all his friends and family encrypt their email to him using PGP. He refused to read unencrypted email on principle. He also was meticulous about his computer and Internet security, which included secure voice and video calling over the Internet.

  Mick’s friends were all in the computer and security industry, and didn't think anything unusual about his somewhat eccentric habits, but the average person probably would, and generally did when Mick mistakenly tried to explain things to him or her. There was a long list of habits he had built up over many years now and couldn't shake even if he tried.

  As a computer engineer and programmer, he knew all the inner operations of his computer and communications devices. As a security expert, he knew the many ways in which his computer could be compromised or taken over, information deleted or stolen. As a result, he would never consider using programs or software on his computer that he hadn't personally examined, vetted, and compiled himself. He religiously encrypted all the information on his computer, so that no one beside himself could use it. He also almost exclusively used secure voice, video, and instant messaging with his friends and colleagues. The only exception would be a short call to a new acquaintance or colleague to explain how they could download and install a secure voice application so they could talk over an encrypted channel over the Internet. Mick was meticulous about his passwords, changing them every week. Mick was fairly confident his computer and communications were secure, but his training and experience taught him to never assume this. He had been doing this for so long that to do otherwise just wouldn't allow him to sleep at night.

  “Can’t complain. What are you up to?” Mick asked Gunter.

  “Just having a bite before I head to the hotel.” Gunter replied, getting up. At the counter, the cashier handed him a plastic tray with an unreadable, but exquisitely printed document. He placed a few coins on the tray, took the receipt, and followed Mick out the door.

  Together they rode a streetcar through the streets of Hiroshima.

  “So how are things between you and Liz right now?” Gunter asked, referring to Mick’s on-again, off-again relationship with Liz Clayton.

  “Hard to say. I guess we’re just friends right now.” Mick replied. They had gone out a few times over the past twelve months. It was complicated, of course.

  “What day are you presenting?” Gunter asked, flipping through the conference program on his mobile.

  “Thursday,” Mick replied. “How about you?”

  “Not speaking this week – I’m just relaxing, and enjoying the sushi,” Gunter replied.

  Mick knew Gunter wouldn’t be relaxing this week – he didn’t know anyone who worked harder than Gunter. He was also one of the most talented programmers he knew and always was working on a project for a client or for himself.

  “This is my stop,” Mick announced, standing up.

  “I’m one block further,” Gunter replied. “Talk to you later!”

  Exiting the streetcar, Mick crossed the street and walked into the lobby of his home for the week. He judged hotels primarily by the speed of their wireless Internet, the comfort of their beds, and the feel of the lobby. He loved hotels that had spacious lobbies with comfortable seating, good vantage points, and espresso within walking distance. This hotel appeared to not have a great lobby, but he knew it would have an awesome wireless network run by the Internet conference organizers.

  A gentle chorus of greetings followed Mick, accompanied by various bowing and bobbing. He loved the sounds of Nihon including the little songs played on the train platforms and subway stations. He also enjoyed being able to not listen to everything said to him in Nihon, and instead could concentrate on the meaning based on context, gestures, and expressions. It reminded him of how much was said every day that really didn't need saying. He could travel the subways, shop, and go an entire day in Nihon without actually having a conversation with anyone.

  “Checking in,” Mick said after the requisite greeting and bowing was over.

  “Your name?” she asked.

  “Alec Robertson,” he replied, getting out his passport. More correctly, he got out one of his passports – he had three of them, with different names on each. His friends and business associates knew him as Mick O’Malley, but this was a name he had made up when he turned eighteen and became a U.S. citizen. To his family, and whenever he wanted to obfuscate his trail, he was Alec Robertson, the name on his British passport.

  His use of multiple names and identities had become a habit with him, a bit of an affectation. He started using his old identity Alec when checking into a hotel, as he disliked
having to show his passport or other identification. In some parts of the world, he knew, hotels had to report this information to the police every night. He didn't like the privacy implications, or the paper trail of his travels and activities. It was just one of a myriad ways one’s privacy was constantly undermined by interconnected databases. Mick was expert at covering his digital tracks, using encryption and anonymization; he was quite well known for putting theory into practice in his everyday life.

  Of course, he knew that anyone who really wanted to track him, such as a government, would have no difficulty. His approach was also not without its risks as he found out in one country when he had been searched and both passports were found. Fortunately, he had done some work for the director of the national standards body in that particular country. A few phone calls helped him on his way a few hours later, although the suspicious looks did not go away when he was released.

  “Mr. Rovertson, welcome to Hiroshima,” she replied, slightly mangling the name after pulling up his information. A few minutes later he was unpacking in his room. He established a secure Internet connection, and moved some money around in his bank accounts. His pre-paid bank card was set up for this trip and would be cancelled and destroyed when the trip was over. It made his financial trail more difficult to follow, and generated some interesting bank statements each month, but it was not as difficult to manage as it sounded.

  He registered at the conference and was getting ready to see which of his friends were around when the evening took a sudden change. Mick’s social network lit up with postings about an attack spreading like wildfire across the Internet – it looked like a zero day, as no one had seen this type of attack before.

  When a new vulnerability is discovered in software, there is a race between the computer programmers who try to fix the software and the attackers who try to use the bug to compromise computers using it. With enough time, the software can be fixed, or ‘patched’ in computer parlance, rendering the vulnerability unexploitable by malicious software such as a virus or worm. A zero day refers to the situation when the vulnerability is discovered the same day that it is actively used by attackers. In other words, there is no time (zero days) between when the attack is discovered and when it is used to infect and take over computers.