Friday, April 29, 2005

Canada's Biggest Export to America: Trash

Question: Why is Toronto so clean?
Answer: Because all their garbage is shipped to Detroit.

Sounds like a joke, doesn't it? Unfortunately, it's not....

Many Americans would be very surprised to learn that Canada's largest export (by volume) to the United States is garbage. Yes, garbage. Americans think of their country as the greatest nation in the world, and would bristle to learn that parts of their country are being used as a garbage dump for their northern neighbor.

Until a few years ago, this situation was more contained. Canadian manufacturing plants have been shipping their hazardous waste across the border to American disposal facilities for years. And, since Canadian garbage dumps charge high fees to accept garbage, Canadian businesses (who pay for their own garbage collection) found it more economical to have their garbage shipped across the border to dumps in Michigan.

Then, a few years ago, the City of Toronto got into the act, and is currently shipping all of Toronto's residential garbage to a landfill site in Michigan. Toronto is a big city (4 million people - almost as big as Chicago) so it produces a lot of garbage. Toronto's trash is picked up at homes and taken to transfer facilities where it is tightly compressed into blocks, loaded into large tractor-trailer trucks and driven across the border to Michigan. 120 of these large trucks filled with compressed Toronto garbage cross the border into the United States every day, and return to Canada empty. When you add up the trash from other sources (Toronto's trash is less than 40% of the total) you get over three million metric tonnes of Canadian trash being dumped in Michigan every year.

You can add to that hundreds of thousands of tonnes of human sewage sludge that are also shipped from Toronto to Michigan landfill sites. So, Canada is not only using America as its garbage dump, but as its latrine as well. What nice neighbors we Canadians are, huh?

Garbage in Canada has always been mired in politics. Nobody wants a garbage dump or an incinerator anywhere close to their neighborhood, and unfortunately these whims have been succumbed to by too many spineless politicians over the years. Toronto's garbage situation is a case in point.

About ten years ago, Toronto realized their landfill sites were almost full and had a plan to ship their garbage to a disused pit-mine in a small Canadian town called Kirkland Lake. Then, the politicians got into the act and squashed the whole idea. Other proposals for incinerators were similarly squashed. In any other country, Toronto would have had to figure out how to deal with this problem themselves, but fortunately for them, some enterprising companies in Michigan offered them an easy way out: ship their trash to America and dump it in Michigan.

For those Canadians reading this, think about how you would feel if you found out that New York City was shipping all its trash and human waste to Canada - you'd probably be outraged. How then can we not expect Americans to think similarly? I think the only saving grace of this program is that not a lot of people in America know about it... yet. I am quite certain that if Americans were aware that Canada was using Michigan as their garbage dump, there would be a general outrage.

Another problem for America is border security. It is tough enough inspecting regular truck shipments going across the border, but for a truckload of rotting food, used baby diapers, and other odious material that you find in household garbage, how difficult would it be to search it for drugs, weapons, bombs, nuclear material, or whatever other material someone may be trying to smuggle into the United States? Almost impossible.

Toronto is really asking for trouble by prolonging this system, because at some point, someone in America is going to clue in and shut the whole program down, leaving Toronto to scramble for an alternate destination for their trash.

Thursday, April 28, 2005

Computer Security

I am on a one week hands-on training course this week studying hacking techniques. VERY interesting stuff! Over the past few days, I have gotten hands-on practice with a number of hacker tools, and learned how to do reconnaisance on a prospective victim, how to compromise the victim's computer system, how to install a back-door in that victim's computer, and how to hide my own tracks. Yesterday, we learned about denial of service attacks and distributed denial of service attacks ("if you can't beat them, you can still squash them"). Today, I'll be learning about using Trojan horses to inject harmful payloads into a network and how to hide my presence on a victim computer, and tomorrow, the whole class will practice what we've learned with an electronic game of "capture the flag", attacking a group of victim servers at the front of the classroom and each other.

For most people, this type of class would be just interesting, but for me, it is also really stressful. You see, I'm an IT director - the guy that would have to answer to our CEO and the Board of Directors if a hacker ever did break into our network. In my role as an IT director, I am responsible for over 70 computer servers and seven hundred PCs across our company, and for me, going through these techniques and learning hands-on how a hacker could compromise them is disconcerting to say the least. Yesterday, while the instructor was teaching, my mind was swimming with thoughts of a hacker using one of these techniques on one of my systems. Even writing this post and talking about what I've learned this week makes me feel stressed.

The type of knowledge I am learning this week can be very dangerous in the wrong hands, but can be very powerful in the right hands. Next week, it will take me a few days to fully absorb what I've learned and to grasp the ramifications for my company's network. But, then, I will be able to make changes, fix vulnerabilities, and my company's computer systems will be stronger as a result.

Learning about hacking techniques is a bit like the movie The Matrix. When Morpheus met Neo, he offered Neo two pills - a red pill, and a blue pill. Neo could either take the blue pill, and wake up in his normal life thinking everything was okay, or he could take the red pill, and learn what the world was really like. This week, I feel like I've just taken the red pill. I know a lot about computers, and many people consider me an expert in my field, but I feel today like everything I know has just been turned upside down on its head. I don't think I will ever think the same after this week.

Sunday, April 24, 2005

Out of town

Sorry for being so slow in writing another blog entry - I'm out of town on a business trip right now. Blogging, unfortunately, does not pay the bills very well, and I do have a job to do. I'll have another post up within the next couple of days.

Thursday, April 14, 2005

Technology run amok: "Matrix" remote-controlled landmines

Earlier today, I read a rather troubling news story about a new weapons system that has been developed by the US military and is being introduced in Iraq later this spring:

The US Army will by June deploy in Iraq its "Matrix" system of remotely-detonated landmines, despite widespread concerns about the technology. The Mosul-based Styker Brigade will, according to Yahoo! news, be able to control individual devices from a laptop via a WLAN set-up. The Army reckons Matrix will eliminate accidental deaths caused by dumb landmines. Critics say otherwise.

Following successful tests in September, the US will deploy 25 sets of mines in Iraq. These include both M18 Claymores, which deliver steel balls, and the "M5 Modular Crowd Control Munition" - a non-lethal rubber-ball-delivering alternative. The Army's Picatinny Arsenal in New Jersey said in a January statement that Matrix was intended for "firebase security, landing zone security, remote offensive attack and both infrastructure and check point protection".

On reading this article, one word stands out for me: WLAN (which is short for Wireless LAN). As a technology professional and a network security expert, that word scares me. While commonly used, WLAN technology (also known as 802.11a, 802.11b and 802.11g wireless Ethernet) has a number of very serious security issues associated with it. In my job as an IT director, I have banned WLAN technology from our corporate network, and I find it shocking that the US army would use this same technology as the basis for such a critical function as controlling landmines.

For me personally, I also find it troubling that the first place they are deploying these things is Mosul, the same city a few of my online blogger friends live in. Knowing what I know about this technology, I don't like imagining them walking past these WLAN-enabled Claymore mines on the way to school or work.

There are four basic reasons for my concern:

Reason #1: Interference with other common devices

WLAN (802.11b and 802.11g) uses a radio frequency of 2.4 gigahertz (GHz). What a lot of people don't realize is that this frequency is not reserved for WLAN use - it was part of a block of radio band that was set aside for unregulated public use. Anyone in the public can use this frequency for anything they want. And, while WLAN is a common user of this frequency, it's not the only user. Some common household appliances also use a 2.4 gigahertz frequency:
  • Cordless phones
  • Microwave ovens
  • Baby monitors
  • Wireless cameras
  • Other WLAN networks
Any of these devices can cause interference on a WLAN network. This interference can introduce errors in the wireless network, impeding it, or blocking it from carrying data at all. For a landmine system, this could mean that the system could be rendered inoperable by radio interference on the 2.4 GHz band.

The ready availability of household appliances using this band also means that a terrorist could exploit this knowledge to make an effective jamming apparatus from a household appliance. For example, knowing that a microwave oven cooks food with 2.4 GHz radio waves, an enterprising terrorist could disassemble the microwave, take out the microwave emitter, and create a simplistic but effective jamming device that could potentially disable the communication with the landmines and prevent them from detonating.

Reason #2: Ease of entry for hackers


WLAN cards are readily available, and only cost about $40. And, the WLAN technology and its encryption algorithms are well understood. What's more, while a normal WLAN connection can only travel a short distance, a directional antenna (yagi or parabolic dish) can allow a hacker to connect to a WLAN from up to two miles away! And, a crude yagi antenna can be constructed from a Pringles can with wire wrapped around it.

The army had better hope that there are no software bugs or other security flaws in the technology, because by using an open technology like WLAN, they are giving any hacker with a WLAN card within radio range a chance to find out for themselves. Since we all know that there is no such thing as bug-free software, the possibility of a hacker finding a bug in this system is particularly worrisome.

Reason #3: Basic security flaws in the technology

The original WLAN security framework was built around an encryption protocol called Wired Equivalent Privacy (or WEP for short). Since the release of WEP, a number of severe and insurmountable security flaws were found in it, and since then, a number of hacking tools (AirSnort, WEPCrack, etc.) have been released, which allow a hacker to break the underlying WEP key and gain access to the wireless network.

Since then, a newer security technology called WPA has been released, and while it does address all the security flaws in WEP, it is still new enough that it is difficult to fully feel comfortable with it.

Reason #4: Static keys


Another security flaw, which I suspect would be present in this system, is static keys. WPA (like WEP) generally depends on a static password, or "key" that is configured into all the WLAN enabled devices on a network. If a device does not know the correct key, it will not be able to communicate, and other devices will not communicate with it.

In a WLAN network, all of the devices on the network have to be programmed with the same key to allow them to talk to each other. But, this means that if a hacker is able to figure out the static key, he/she can decrypt all of the information going back and forth in the network, and can also launch a number of very dangerous hacks known in the computer security world as "man-in-the-middle" attacks:
  • Password sniffing: capturing passwords and other authentication credentials as they cross the network.
  • Session hijacking: kicking the real user off, and taking over his/her session.
  • Spoofing: tricking a device on the network into thinking the hacker's laptop is another device on the network.
Conclusion

A basic requirement of a landmine control system is that it is reliable: landmines always go boom you press the button, and never go boom if you haven't pressed the button. WLAN does not provide this guarantee. If someone in a nearby house is using a baby monitor, a microwave oven, or cordless phone, or if a terrorist intentionally tries to jam the frequency, it could cause enough interference with the system to prevent it from working when the soldiers are counting on it.

A far worse scenario would be if a cyberterrorist hacker could figure out how to break into the system and use it against American troops. Imagine a terrorist with a laptop computer waiting for an American soldier or civilian to walk in front of one of these Claymore mines, and with one hit of the "enter" key on his laptop: ka-BOOM. Not a very pleasant thought...

Claymore mines have been around for a long time - they were invented in the 1950s, and were used by the United States in the Vietnam War. They are a specially shaped mine (shown below) with a directional charge that is designed to blast an enemy in front of it with shrapnel, while not harming those behind it. A normal Claymore is connected to a remote detonator using a wire (like you see below), which may be cumbersome, but it does pretty much guarantee the Claymore will detonate when you press the button, and is not susceptible to outside interference since it is connected to that button with a wire.

A Claymore Mine Posted by Hello


With "Matrix", the Claymore is the same, but the certainty that comes with having a hard-wire connection to it is removed, and replaced with a less certain wireless WLAN connection.

In summary, I am concerned that an unreliable and hacker-prone technology like WLAN is being used to control something as critical as a Claymore mine. Claymore mines are defensive weapons - when they don't go off when they're supposed to, the soldiers behind them who are counting on them as a defensive measure die. And, when they do go off when they're not supposed to, anyone in front of them dies.

A house built on a foundation of rock will last for generations, while one built on a foundation of sand may not last through the next storm. Likewise, a weapons system based a foundation of reliable and proven technology will be dependable, while a weapons system based on a weak and flawed technology foundation may fail you at the most critical moment. WLAN, unfortunately, falls into the latter category.

Monday, April 04, 2005

Famous Minaret in Iraq Damaged

A couple of days ago, I saw a news article about an historic minaret called the Malwiya Minaret in the Iraqi city of Samarra that was damaged in an insurgent attack:

SAMARRA, Iraq (Reuters) - An ancient Islamic minaret, one of Iraq's most important monuments, has been damaged in an explosion,witnesses in the town of Samarra say. Photographs show part of the top section of the spiralling 52-metre tower, built in the 9th century, was blown away in the blast, leaving crumbled brick and clay.

It was not clear when the explosion occurred. U.S. snipers occupied the tower until a week ago.

The Malwiya minaret is one of the most important sites of Islamic antiquity. It was built by Abbasid Caliph Al-Motawakel in 852 AD, whenSamarra was capital of the declining Abbasid empire.

Residents said insurgents might have detonated the blast to prevent U.S. forces from using the tower again.


The Malwiya Minaret is perhaps the most famous and intriguing piece of architecture in Iraq. Here are some pictures I found of the minaret both before and after the blast:

Before:


After:



This article suggests one fundamental question: why did the US military have snipers in this minaret to begin with?

As I see it, there are three very fundamental reasons why the US military should never have allowed this minaret to be used for this purpose:

Reason #1: It makes the minaret a valid target

The American military's own rules of engagement allow religious and historic sites to be targeted if they are used by snipers. To quote Major General Thomas J. Fiscus, the Judge Advocate General for the US Air Force: "Under LOAC [Laws of Armed Combat], any normally protected entity, such as a mosque or cultural site can lose its protection if the enemy uses it in a way that makes it a military target."

If the US military's own rules of engagement would have allowed the minaret to be targeted, why do they think the insurgents would act differently?

While the cause of the damage was obviously an insurgent attack, some of the blame for this historic monument being damaged must fall on the commander who decided to use it as a military installation: if there were never any snipers in that minaret, the insurgents would not have considered it a target.


Reason #2: It desecrates a religious site

A minaret is part of a mosque, much like a church steeple is part of a church. In Western society, there is generally a stigma against carrying weapons into a church, since doing so is considered an affront to God. In some places (including a number of US states) there are laws in the books prohibiting carrying weapons into churches for this exact reason.

A few years ago, I had the privilege to attend a military wedding in Canada, where the bride and groom left the church under an arch of crossed swords held by an honor guard. What I found interesting was that the entire honor guard remained outside the church during the ceremony out of respect for God, since they were carrying weapons (swords).

While most of the American soldiers deployed in Iraq may be Christian, they should realize that the God we Christians pray to is the same God that Muslims pray to, and thus a mosque should be accorded the same respect one would give a Christian church.

Insurgents in Iraq have periodically used mosques to store weapons, and as a base of attacks against American troops: this is fundamentally wrong. However, the American troops use of a minaret for a similar purpose is equally wrong. Two wrongs do not make a right.


Reason #3: Respect

The Malwiya Minaret is one of the most significant historic landmarks in Iraq. At least three Iraqi bloggers I know of have graced their blog title-bar with a picture of this minaret, and it also has a prominent place on Iraq's currency:

Iraqi Bill showing the Malwiya Minaret Posted by Hello


Given these facts, and the historic significance of this minaret, it is troubling to imagine how an Iraqi might have felt walking down the street in Samarra and seeing a soldier with a sniper rifle at the top of this historic monument. I would imagine a general sense of cultural defilement, belittlement, and outrage would be the result - almost as if his country and his culture had been raped.

Perhaps an American might feel the same way if a foreign army setup a sniper post in the Statue of Liberty.

The American military commanders need to use some common sense with things like this. It shouldn't take a lot of common sense to figure out that using this minaret as a sniper post could infuriate a lot of people, and if you know this, don't do it. Simple. The American military has been trying for the past two years to "win the hearts and minds" of Iraqis, and have been doing a lot of work in this area: repairing infrastructure, rebuilding schools, handing out candy to kids, and the like. But, sadly, all it takes is one ignorant and short-sighted decision like desecrating a national landmark by using it as a sniper post to undo all of that hard work.



PS: The good news in all this is, from the picture above, the damage does not look to be too severe: hopefully there will be little problem restoring the minaret to something close to its original state.

Sunday, April 03, 2005

Pope John Paul II: 1920 - 2005

Yesterday, Pope John Paul II passed away at the age of 84, after a protracted battle with Parkinson's Disease. Today, I still cannot quite bring myself to the realization that he is gone - he has been the Pope since as far back as I can remember.

Pope John Paul II was the first non-Italian pope in 450 years. He spoke several languages fluently, and did a great deal of traveling to different parts of the world. John Paul's caring and non-confrontational style allowed him to establish him to build bridges between various Christian denominations, and even with Muslims and Jews. During a visit to Syria, he made the first official visit by a Pope to a mosque: one in Damascus housing the tomb of John the Baptist (a man revered by both Islam and Christianity). During a visit to Israel, he made headlines by stopping by the Western Wall and saying a prayer of forgiveness for the poor treatment Christians have often lumped on Jews throughout history.

This morning's news headlines showed a rare unity in the world, showing how universally Pope John Paul II was respected in life, and how universally he is being mourned in his death. It was particularly interesting to read the headlines from the politically-charged Middle East, where official statements came from the likes of Israeli prime minister Ariel Sharon, Palestinian Authority president Mahmoud Abbas, Iranian president Mohammed Khatami, and even the Palestinian militant group Hamas. It is truly illustrative of the Pope's success in bridge-building that these people, who rarely agree on anything, would be united in mourning his loss.

Yesterday, the world lost a man of peace. Pope John Paul II was a great man, who did many great things in furthering peace in this world. John Paul's shoes will be very difficult to fill - I only hope the Catholic Church is successful in finding a successor who will continue the mission of peace that John Paul II was so adept at.