Another Botnet Talk

I'm giving another talk tomorrow on botnets, this time for the Phoenix chapter of Infragard, the FBI-sponsored 501(c)(3) that is devoted to public sector/private sector partnerships to protect national infrastructures. While Infragard has primarily focused on information technology, they are broadening their focus to include things like agriculture and food distribution, energy production and transmission, chemical plants, etc. This is an update for those who attended my April 2004 Infragard talk, and includes new material that hasn't been in any of my past botnet talks (for ASU, HTCIA, ATIC, FRnOG, and the Phoenix and Rochester, NY chapters of Infragard).

Internet History

I've been reading back issues of 2600: The Hacker Quarterly, and just read the April 1985 issue. They are fascinating historical documents. The last two pages of that issue contain the ARPANet hosts file as of September 27, 1984, listing the hosts by geographic location. This was shortly after the ARPANet/MILNET split and about the time of the introduction of the domain name system. The ARPANet hosts used the 10 network (which is now private IP space--it's not publicly routed and can be used by any individual or organization for internal numbering) and MILNET used the 26 network (26.0.0.0/8 is still assigned to DISA, the Defense Information Systems Agency).

Arizona at that time had two hosts: YUMA-SW (26.3.0.75) and YUMA-TAC (26.2.0.75), both on MILNET. The TACs (Terminal Access Controllers) were systems that allowed telephone dialup access to the network; they essentially played the role of a terminal server. The MILNET TACs developed a system for user authentication called the TAC Access Control System, or TACACS, which allowed a user to authenticate to a given TAC without the actual credentials being stored on the TAC. This protocol was enhanced by Cisco into XTACACS and then TACACS+, which is still used today, mainly on Cisco routers and switches. (The original deployment of TACACS meant that ARPANet users could not login using MILNET TACs--this is something that led to author and computer enthusiast Jerry Pournelle being kicked off the ARPANet in 1985 when his account on MIT-MC was shut down.)

There were a number of Multics systems on the net, including MIT-MULTICS in Cambridge, Massachusetts (10.0.0.6, through which I got access to ARPANet mailing lists back then), HI-MULTICS (10.1.0.94, the only host in Minnesota, belonging to Honeywell), USGS2-MULTICS in Colorado (26.0.0.69, belonging to the U.S. Geological Survey), and RADC-MULTICS (26.0.0.18, at the Rome Air Development Center in Rome, NY). The only hosts outside of the United States were MINET-RDM-TAC (24.1.0.6, in the Netherlands), MINET-HLH-TAC (24.1.0.13, in Scotland), FRANKFURT-MIL-TAC (26.0.0.116, in Germany--along with about 10 other hosts in Germany), three hosts in Italy, two in England, and three in Korea--all on military bases.

Magical Thinking in the Nation's Capital: Justice House of Prayer

One Good Move has a Nightline presentation from a series called "Faith Matters" about Lou Engle's "Justice House of Prayer." Engel, who is supported by a wealthy woman whose identity he keeps secret, rents a $7000/mo office space which is "shaped like an arrow pointing at the Supreme Court building" where 70 interns pray 24 hours a day in shifts. They appear to be Christians of a charismatic variety, though I didn't actually notice any speaking in tongues. They jump, they babble on, they face out the window attempting to move God to move the justices of the Supreme Court to ban abortion. They refer to Engle as "Papa Lou."

These are the same people who have been praying outside of the Supreme Court building with red tape with the word "LIFE" written on it, taped over their mouths.

The interns each spend three months in the program, and pay $1500 for the privilege, which includes housing costs. The internship application requires two biographical essays, recommendations from a parent and a pastor, two copies of a recent photograph, and a $20 nonrefundable application fee. If you aren't involved in a local church or ministry, you must offer an explanation. A list of your "spiritual gifts mix" is requested. You also must describe your sources of income and whether you have any savings accounts and debt. As part of your personal history in the past year, the application asks if you've struggled with eating disorders, pornography, or homosexuality, whether you've been sexually active, and whether you've been pregnant or fathered a child.

More at Pharyngula, and you can find the website of these lunatics here.

More on the Cory Maye case

Radley Balko has blogged a response from the prosecutor, who says there was a separate warrant for Maye and that this was not a no-knock warrant. He's also put Maye's account here.

Update 12/11/2005: Balko has put further commentary from the prosecutor in response to his questions here, and corrects some misconceptions here.

Speculators on an E-Ticket Ride of Blind Faith

Ben Jones' Housing Bubble blog has an amazing piece about a couple of speculators making a living off their home appreciation, but with no other sources of income. They've made $1.3 million buying and selling properties, but all of their net worth is in home equity, and they have a negative monthly cash flow of $5,000 to $15,000. They hold $2.3 million in mortgage debt.

What's amazing is that the mortgage lenders are letting them continue to buy properties with no income other than what they pull out of their properties in loans. As the market turns from a seller's to a buyer's market, they're likely to get crushed pretty quickly. Though at first I thought the new bankruptcy laws could potentially leave them in debt for the rest of their lives, their lack of actual income may save them, and leave their creditors with the short end of the stick.

Favorite quote: "Some people call it a pyramid, but I don't like to think about it that way."

Buying Pet Medicine Online

We were looking for places to buy arthritis medication online for our eight-year-old Queensland Heeler/Border Collie mix, and I was surprised to find how sleazy many of them are--hiding the true identity of the companies or individuals behind them with private domain registrations, postal mailboxes, etc. For example, discountpetmedicines.com had a great price, but turned out to actually be a directory service operated by a company called OnTrack Professionals, Inc. (an Oklahoma corporation whose registered agent is John M. Gerkin, an attorney who was just named as a Special Judge for Washington and Nowata counties in September). The directory service points to a Yahoo store called entirelypets.com. Entirelypets.com has a Network Solutions private registration:

Domain Name: ENTIRELYPETS.COM

Administrative Contact:
EntirelyPets.com, EntirelyPets.com rm3xt7yr2ra@networksolutionsprivateregistration.com
ATTN: ENTIRELYPETS.COM
c/o Network Solutions
P.O. Box 447
Herndon, VA 20172-0447
570-708-8780

Its website gives a mailing address in Norfolk, Nebraska that's a private mailbox service:

710 South 13th Street Suite 900
PMB# 384
Norfolk, NE 68701

I went into the site's online chat:

Please wait for a site operator to respond.
Chat Information
You are now chatting with 'Herman'
Herman: Welcome to EntirelyPets.com! How can I assist you?

Jim: Hello, Herman. I'm trying to find out if there is a legitimate corporation behind entirelypets.com before I do business with you.

Jim: How can I verify that?

Herman: That's an excellent question sir. We have been in business for over 6 years now. The name of our corporation is HealthyPets, Inc. We are certainly legitimate. If you would like to speak with one of our reps you can call us at 1-800-889-8967.

Jim: Is that a Nebraska corporation?

Herman: That is both a Nebraska and California Corporation. All of our shipments are made from CA, but our main branch is here in Nebraska.

Jim: OK, thank you very much!

I looked up information on HealthyPets, Inc., and found that there is no Nebraska corporate registration for a company with that name, but there is one in California:

HEALTHYPETS, INC.
Number: C2133197 Date Filed: 2/5/1999 Status: active
Jurisdiction: California
Address
43450 MINTWOOD ST
FREMONT, CA 94538
Agent for Service of Process
M GHUMMAN
43450 MINTWOOD ST
FREMONT, CA 94538

M. Ghumman turns out to be Mandeep Ghumman, DVM, and it turns out that HealthyPets, Inc. has a long history of registering domains in the names of other online pet stores and vets, and then losing them to those other pet stores and vets in WIPO arbitration hearings:

petsuppliesforless.com and lambiarvet.com (awarded to the owners of petsupplies4less.com and lambriarvet.com in 2003).

kvvetsupply.com (awarded to KV Vet Supply in 2001)

drfostersmith.com (awarded to Dr. Foster & Smith in 2000)

The site at the HealthyPets.com domain--which includes references to HealthyPets, Inc.--does not sell any prescription medications, so far as I can see, though clearly at least the entirelypets.com site, which contains no references to a real company, does.

I also found a record of complaints about HealthyPets, Inc. at ripoffreport.com, which points out that they use other domains like naturalpets.com, petmedications.com, and toppetmed.com, as well as reports on a number of consumer complaints about the company.

I decided to go instead with 1800petmeds.com, which is a publicly traded company whose CEO is named and pictured on the site, figuring that I'd rather pay more than do business with a sleazy company. As it turns out, 1800petmeds.com has a price-matching policy, and actually offered us a better price than entirelypets.com was offering.

Arizona's science standards get a B

The Fordham Foundation has reviewed the science standards for each state.

Arizona gets an overall 72 of 100 points which rates a B--it must be graded on a curve. Evolution is not covered until high school, and gets only 2 of 3 possible points.

The breakdown:

A. Expectations, Purpose, Audience 7.8 out of 12
B. Organization 8.0 out of 9
C. Science Content and Approach 17.8 out of 27
D. Quality 6.0 out of 9
E. Seriousness 6.0 out of 6
Inquiry 2 out of 3
Evolution 2 out of 3
Raw Score 49.6 out of 69
Final Percentage Score 72 out of 100
GRADE B

Dispatches from the Culture wars comments on Michigan's rating. (3 out of 3 on evolution, but a D overall grade.) Pharyngula reports on Minnesota (2 out of 3 on evolution and a B, just like Arizona), and also gives a nice map showing which states have improved or gotten worse (Arizona has gotten worse).

Cory Maye: Getting the Death Penalty for Being Disrespectful of Authority

Radley Balko describes the case of Cory Maye, who had the misfortune to live in a duplex opposite a drug dealer named Jamie Smith:

Cops mistakenly break down the door of a sleeping man, late at night, as part of drug raid. Turns out, the man wasn't named in the warrant, and wasn't a suspect. The man, frightened for himself and his 18-month old daughter, fires at an intruder who jumps into his bedroom after the door's been kicked in. Turns out that the man, who is black, has killed the white son of the town's police chief. He's later convicted and sentenced to death by a white jury. The man has no criminal record, and police rather tellingly changed their story about drugs (rather, traces of drugs) in his possession at the time of the raid.

According to Maye's attorney, though the jury was initially sympathetic, they turned against her because in her closing arguments she suggested that God might not give them mercy in heaven if they showed no mercy to Maye. They further thought that he should be convicted because his mother and grandmother spoiled him and he was disrespectful of his elders and authority figures.

Maye is on death row in Mississippi.

Liar Detection

A University of San Francisco study found that 31 of 13,000 test subjects were able to reliably detect nearly all cases where someone was lying. This select group, called "wizards" by the experimenters, were "highly motivated and tended to be older." Groups that showed no special ability to detect lying included police, lawyers, and FBI agents. More at the BBC. (Hat tip to K. Daskawicz at the SKEPTIX mailing list.)

Looks like this study is from Maureen O'Sullivan, a colleague of Paul Ekman. There's a paper in press by O'Sullivan and Ekman called "The Wizards of Deception Detection" in the book The Detection of Deception in Forensic Contexts, edited by P.A. Granhag and L. Stromwall, 2004, Cambridge University Press; I found this reference at The Why Files.

ASU Professor Salaries Above Average

The Arizona Republic reports that tenure-track professors at Arizona State University made an average salary of $102,500, up from $98,000 last year. (The median salary in the state of Arizona, according to payscale.com, is $50,000.) ASU President Michael Crow's salary is $580,000, making him the 10th highest-paid public university head.

Yet it's the University of Arizona in Tucson that has had the foresight to raise over $1 billion in endowment funding, as part of a five-year plan that reached its goal 21 months early.

Added 12/16/2005: By contrast:

Depending on the type of work they do, computer software engineers in metro Phoenix earn an average $71,580 to $78,240, according to the U.S. Bureau of Labor Statistics. At the low end, that's 55 percent more than the median household income of $46,111 in Maricopa County.

And those are mostly jobs that do not have summer vacations.