Friday, August 27, 2010

The silent enemy within

News broke this week which revealed that back in 2008, the US Pentagon was infiltrated by a virus which made its way onto supposedly secure systems by way of an infected USB drive.

Before this malware was detected and eradicated, it's possible that confidential data had already been transmitted to persons-unknown, leaving the US administration with egg on its face.

As a result of this event, significant changes have been made to the protocols surrounding the use of such devices on Pentagon and other important government networks, with assurances given that a repeat of this fiasco would be most unlikely.

However, some are not so sure.

When an array of Western companies found their computer systems under attack earlier this year, it was reported that those attacks came from China, most likely sponsored by the Chinese Government. It is sobering therefore to realise that a surprisingly high number of peripheral devices and the chips contained in them are now manufactured in China.

While it has been fairly easy to mitigate the risk posed by malware infected USB drives, how can any organisation be sure that similar threats are not quietly lurking inside the chips which perform otherwise mundane tasks in components such as network cards, disk controllers, modems, routers, etc?

If any government or other organisation was seeking to gain access to data stored on computers used by Western governments or businesses, it would be quite feasible to insert the required trojan programming into the micro-code used in these specialist chips and activate it in response to a specific trigger.

The fact that we haven't seen any instances of this to date is no indication that it hasn't already been done. Such attacks may have not yet been detected and even if they were, it's quite possible that just as in 2008 at the Pentagon, they have been hushed-up so as to avoid embarrassment or to make it easier to determine where the data is going and who is responsible.

As the demand for some components grows at a pace which seems to outstrip the primary manufacturer's ability to supply, a door is opened to second-tier suppliers who may be willing to allow a little extra code to be added in return for a significant back-hand payment from nefarious parties.

It will be interesting to see what unfolds in the months and years ahead -- but when it does happen, remember this column.

Friday, August 20, 2010

Intel, what were you thinking?

This just in -- Intel has spent a huge amount of money (some US$7.7 billion) buying security software company McAfee.

What were they thinking?

Even seasoned analysts are left scratching their heads, trying to understand how this acquisition could be of strategic value to Intel, who's primary business is computer processors and support chips.

It has been rather entertaining to read the various speculation that is taking place within the media right now as to the why's and wherefore's of this move.

For example, the BBC reports that "Intel intends to build security features into its microprocessors which go into products such as laptops and phone".

ZDNet seems to think that the move is doomed.

BusinessWeek seems to think the purchase is an attempt to gain more penetration into the handheld and embedded markets where Intel has performed relatively weakly to date.

But only CNN seems to be on the money by pointing out that the takeover has no apparent rationale other than as an opportunity to invest some of its cash reserves. They suggest that Intel maybe doing this for no reason other than a pure investment strategy - perhaps technology doesn't even come into the equation.

Others, like myself however, wonder about the good sense of investing in an anti-virus software company that now faces such stiff competition and which seems to be slipping in the market. For many years, McAfee has been seen as the benchmark for AV software but in recent times its performance has come under question and many new players are nipping at its heels. Nowhere is the effect of this decline more obvious than in the price of is stock, dropping from over $45 just under a year ago to around $30 at the time of the Intel purchase.

Can Intel breathe new life into McAfee?

One would like to think that having invested $7,700,000,000 in the company, they will be working very hard to reverse any decline and revitalise the company's fortunes. Only time will tell.

In the meantime, this does reshape the landscape a little for all computer users -- albeit we may not see the effects of those changes until someone really works out why Intel really made this purchase.

Friday, August 13, 2010

A new spin on memory technology

This week I received an 8GB microSD memory card that I'd ordered from China for the princely sum of about US$20.

It came in a simple bubble-wrap envelope carrying just a dollar's postage and the tiny black shard of plastic is smaller than my thumbnail.

Yet, amazingly, this tiny card can hold the equivalent of about four million A4 pages of text (a stack about 500m high).

If you look at the difference in data-density between that huge stack of paper and the memory card, the comparison is absolutely astonishing.

When I built my first memory card back in 1977, using discrete 128 byte (not K-bytes but BYTES) RAM chips, I simply could not have imagined how much smaller and cheaper this essential technology would get within the space of just over three decades.

And, if you think today's micro-memory cards are already small, get ready for the next step in miniaturising and improving memory technology: spintronics

Whereas today's memory relies on trapping electrical charges in insulated "wells", spintronics takes things down to a whole new level where the spin of individual electrons determines the state of a memory bit.

Through the use of this spintronics technology, the size and energy requirements of our memory should fall significantly while speed will actually increase.

Spintronics technology relies on the interaction of magentic fields and spinning electrons to do its magic and right now, researchers are experimenting to find the best combination of materials to use.

One of the first companies to try and commercialise this technology is Grandis, a company that presently holds a swathe of patents in the field of spintronics.

Exactly when (or even "if") we'll be able to buy memory devices based on this technology is unknown at this stage but, if it lives up to its promise, the dream of smaller, faster, more powerful computing will be taken to the next level.

Of course there are no guarantees that this cutting edge technology will make it to the starting line. I can't help but think back to an article I read in an issue of Byte magazine a little over 30 years ago which predicted a strong future for magnetic bubble memory.

Does anyone even remember that technology now?

Friday, August 6, 2010

Why? Because we can

Technology enables us to do some amazing things.

Sometimes we do these things because we need to, sometimes it's simply because we want to.

Take the humble mobile phone for example. Most of us need to use this device in order to maximise our efficiency when working. Not being tied to a land-line enables many people to coordinate their appointments and schedule their day while on the run.

We also use mobile phones because we like to. When we've got a few minutes to spare we can take the chance to check and see what's on TV tonight or maybe ring a friend for an overdue chat.

Most people have the same need/want relationship with their computers. These days we need them to do important tasks such as paying bills by internet banking or sending and receiving important emails. We also like to use them to play games or browse entertaining material online.

Another "want to" application for the humble computer has just been demonstrated by a 54-year-old Japanese engineer who decided to break the world's record for the precision to which the value of pi has been calculated.

Very few people have any actual application for calculating pi to this level of accuracy but Shigeru Kondo obviously thought this was a worthy challenge and set about doing so, for no other reason than to prove that he could.

Prior to Mr Kondo's record-breaking attempt, the value of pi had only been calculated to 2.7 trillion decimal places. Now we know its value to 5 trillion places.

Just how long is a number containing 5 trillion decimal places?

Well, if it were printed out in a single line of 12-point fixed-pitch type, it would be (according to my possibly flawed calculations) some 20 million kilometres in length.

Perhaps because of this, Mr Kondo hasn't printed out his result but it is instead stored on the 20 hard drives of his custom-assembled Windows-based PC.

While I suspect we must question just why anyone would take it upon themselves to perform such a remarkable -- yet seemingly pointless task, perhaps the greater achievement this reflects is the fact that we can.

It is really quite mind-boggling when you think that the power to achieve this incredible feat is now easily within the grasp of anyone who really wants to do it.

Sometimes, technological challenges are just like climbing Mount Everest. Why do we do it? Because we can.