06/03/98 Strangelove's Holy Temple of Phlogiston: An ultimate software weapon - Thanks Bill Boni--for the forward. http://sun.soci.niu.edu/~crypt/other/blitz.htm "In a significant Internet breakthrough that could enhance electronic commerce and protect sensitive corporate and government data, computer scientists have developed a new virus that automatically launches a lethal counter offensive against hackers." Written in the pseudo-authoritative tone that's become the watermark of corporate exaggeration, the above blurb came in over the electronic transom via the Business Newswire on May 6. It makes the assumption that most Americans -- including magazine editors -- are certified ninnies fresh from the Roman province of Paphlagonia, where the populace gained the reputation of extreme stupidity, ready to swallow even the grossest delusion. The Business Newswire press release breathlessly continued, ". . . a growing echelon of chief technology officers are likening the stealthy, anti-hacker virus to the digital equivalent of Star Wars technology: once a computer server detects an attack on its security it launches a killer virus that knocks out the computer on the other end by destroying both software and hardware." The miraculous software is called a "Blitzkrieg server." Alert readers of Crypt Newsletter will note the conflation of two myths in the sales pitch: The computer virus that destroys hardware and . . . Star Wars, which existed only on paper. The Business Newswire release injected a good amount of phlogiston into the mix, attributing quotes to an editor named Clarence A. Robinson of Signal magazine, who stated for the hype machine, "This has profound implications for the Internet . . . [Many are] worried a hacker will someday succeed in stealing or destroying sensitive data . . . missile silo locations, that kind of stuff. But this new nonlinear algorithm means a successful penetration could be a hacker's worst nightmare." Robinson, as a former editor of Aviation Week & Space Technology, acquired a reputation for stories alleged to be from the heart of the U.S. military's black development projects, leading the magazine to gain the nickname, "Aviation Leak." So, the real gems on the anti-hacker virus server are found not in the press release, but in the cover story of the May issue of Signal magazine, the Armed Forces Communications & Electronics Association's (AFCEA) professional journal. In an article on the "Blitzkrieg server," Robinson combines ferociously impenetrable techno-gobble, a loaded wheelbarrow of anonymous sources and a doomsday conspiracy of unnamed Japanese and American hackers thwarted by "Blitzkrieg." ". . . the Blitzkrieg server is a self-programmed, fault-immune, ubiquitous virus-like system," he writes. Developed by a Santa Fe, New Mexico, scientist named Larry Wood, Blitzkrieg is a product of the (and Crypt Newsletter is not making this up) Network Waffen Und Munistionsfabriken [sic] Group. Robinson quotes an unnamed (of course, it always must be this way) CIA "information security specialist" who said the Blitzkrieg server's "digital life form" was "potentially more dangerous than nuclear weapons." Another yahoo, this one a "law enforcement agent" of equally nebulous origin, is called upon to state for the record that "[Blitzkrieg]" is a computer virus with an attitude." Scientist Wood is credited with forming an "advanced machine intelligence information warfare group" used to solve "intractable" information warfare problems at DoD. For Signal, Wood claimed that Blitzkrieg had been responsible for determining "Japanese nationals," in cooperation with the "2600 international hacker group," were about to attack U.S. corporations and state government offices in California. Blitzkrieg thwarted the Japanese attack after "thousands" of Americans and "hundreds" of corporations were affected. The State Department declined to file a protest or notify the media, the Signal article indicates. And now, lest your attention be wandering, comes the really good part. Apparently, the "Blitzkrieg server" is powered by "self-programmed adaptive automatacapsids--variable length string transformation rules." "When examined on an individual basis, no automatacapsid in and of itself has any meaning," said Wood for Signal. "The automatacapsid only has value in the context of the distributed Blitzkrieg server network collective . . . the adaptive automatacapsids, like fragments of a living virus without a host cell, transform one another and data, and they spontaneously generate or regenerate new automatacapsids to meet every conceivable complex data analysis need." Hold it. Just a little further. Crypt Newsletter is not done yet. Wood goes on to say to Signal that his "automatacapsids" make the "Blitzkrieg server" invincible. And they are dependent on another Wood discovery -- the "unified general equation of motion -- or UGEM." Readers are informed the Wood Unified General Equation of Motion has something to do with the control of complexity and all organization in nature. So Blitzkrieg, the scientist claimed in Signal, is "the first true virus-like collective digital life form." All of this material is, of course, hooked to a sales pitch by a company called The FutureVision Group. Ultimately, all the fantastic lore is aimed at getting the interested investor or potential buyer to a high tech conference sponsored by AFCEA in Washington, D.C., in June in which the "Blitzkrieg server" will be used to "simulate a computer attack that disables a defense agency by making it impossible to launch any missiles." Unsurprisingly, the nature of the Signal feature immediately generated a storm of protest, said editor Robinson, in interview. Startlingly, even Crypt Newsletter received a handful of letters from AFCEA members which tended to comment somewhat rudely on Signal's "Waffen Und . . . " piece. AFCEA member and Computer Virus Myths webmaster, Rob Rosenberger, who is no stranger to Crypt Newsletter pages, wrote "I couldn't believe it when the May issue arrived." It was, he wrote, "absolute bullshit." Rosenberger wrote that he had joined AFCEA during an Air Force stint in the 1980s and ironically upgraded to a life membership because he likes Signal magazine. "Believe it or not, this was my very first issue as a life member," Rosenberger wrote. And as news of the Blitzkrieg server continued to spread out in computer security circles, Internet security don Gene Spafford of Purdue University dubbed Signal's Blitzkrieg affair "incredible hogwash" in an electronic mail to Crypt News. Clarence Robinson said some of the mail Signal received accused him of being duped although he insisted the story had been carefully checked. "It is not an April Fool's joke," he said. Robinson read one such letter he planned to publish out loud. The letter, said Robinson, called the Waffen Und Munistionsfabriken piece ". . . a travesty, a cartoon, a science fiction treatment from . . . an improbably named company." The letter said AFCEA had been made an "immediate laughingstock" and that such "nonsense" should be immediately retracted. Although originally sworn to secrecy, "now the whole story can be told," said Robinson. So, read it and weep: The "hundreds" of corporate sites hacked in the Signal article turned out to be a single branch of Xyan, an on demand digital printing company. The branch, based in San Francisco and staffed by approximately fifty employees, found its security compromised a number of months ago about two days after a disgruntled worker was fired. The terminated employee fancied himself a member of the hacker underground, according to Xyan's resident system administrator, Steve Strickland. Strickland explained that the company's Webpage was subsequently defaced and altered with a hyperlink to a porn site. Further, vulnerabilities in the branch's sendmail program were abused so the attacker, or attackers, could send nuisance mail to other sites. One of these messages read "If you want free access to an adult site, point your browser to [FutureVision Group's site] . . ." said Strickland, which is how he came in contact with Larry Wood. Wood, said Strickland, "was really nice and helped me in time of great need." Strickland had been frustrated by the response he had received from authorities. "The Feds weren't interested," he said. The Xyan branch problems eventually abated through a combination of factors: Boredom on the part of the attacker, Larry Wood's help and a name change of Strickland's domain. The FBI's Albuquerque office, also originally cited anonymously in the Signal article, had little comment. FBI agent H. Douglas Beldon said of the Blitzkrieg server: "[The office] is reviewing Larry Wood's software, just as we would anyone's -- but has no position on it good or bad." Beldon said no claims were made about the Blitzkrieg server but that the office had been getting a lot of calls about it. The agent also said he was not familiar with the Signal magazine article. The letter writer who had called the Signal/FutureVision story a "science fiction treatment" was an independent information security consultant, John Michael "Mike" Williams. Williams indicated to Crypt Newsletter he was quite annoyed that a letter he had sent to Signal publisher and AFCEA executive director, Lieutenant General Norman Wood, was being redirected by the magazine to further promote Waffen Und Munistionsfabriken's [sic] software to its readers. Williams also wrote that he had demanded Signal not publish it but was ignored. Robinson said that Signal would continue to cover Waffen Und Munistionsfabriken and that "we welcome you to witness the [Blitzkrieg] server" at the AFCEA TechNet conference in June. In a slight twist of irony, AFCEA Technet's kick-off speaker will be Pulitzer-winning humor writer Dave Barry. Repeat to yourself: "This is not a joke, this is not a joke . . . " ---------- Notes: For those readers with an excessively dry sense of humor Crypt Newsletter suggests much of this particular story seems accidentally cloned from "Killswitch," an episode of The X-Files that aired earlier this television season. In "Killswitch," a group of computer scientists, one from Santa Fe, created the first digital life form -- a series of "concatenated automata viruses." Scully and Mulder, along with the bumbling editors of Lone Gunman magazine, tracked the intelligent software to a crumbling trailer filled with computer hardware parked in the woods near Fairfax, Virginia. The original Business Newswire from May 6 was datelined -- Fairfax. Even Tom Maddox, a science-fiction author who, along with William Gibson, was one of the scriptwriters for "Killswitch" was amused by Signal's unusual description of the Blitzkrieg server in a letter to Crypt Newsletter. HP E-Business: A part of Paphlagonia, too? In related news, Hewlett Packard's Website features a corporate organ called E-Business magazine. In an, uh, April article, the organ reports on Larry Wood's Unified General Equation of Motion in the same hallucinatory style as Signal magazine: "[FutureVision] is in the midst of patenting [its] breakthrough . . . it provides a mechanism to harness the quantum decoherence process for computational purposes, allowing decoherence to flourish and difficult non-linear problems to be solved. Moreover, it resolves Heisenberg's uncertainty principle and solves any problem characterized as Continuous NP-Complete. (Question -- does an undirected graph have a single optimal Hamiltonian circuit out of 50,000+ factorial possibilities? Answer -- yes.)" Which would seem indisputable. The Hewlett Packard organ claimed FutureVision has a "contract" with the National Security Agency -- a statement Crypt Newsletter quickly checked and found to be baseless. Hewlett Packard's April treatise on "decoherent computing" and FutureVision finishes with the crusher: "Today's behemoth battles over whether the future of computing will be a Microsoft/Intel or a Java-based world will be nothing but spittle on some old man's chin a few years hence . . . the rise and fall of stock indices will ebb and flow like so much hyperbole, based on which company and technology has the more believable illusion of grandeur." ---------- Relevant links: * Don't take Crypt's word for it! Read the originals in Signal, at the FutureVision Group and Hewlett Packard's April 1998 E-Business organ yourself. * But "The hackers are coming -- again!" scream Pentagon civil servants. * Dirty deeds done dirt cheap: Real news about computer viruses from "The Virus Creation Labs." * More unusual delusions: The U.S. Army's heart flutter virus 666! * Back to Crypt Newsletter * About Crypt News. Send a comment: George Smith, Editor