Security = Scrutiny

This is an update of a post that originally appeared on July 22,2015.

There is a myth among administrators and developers that it’s possible to keep a machine free of viruses, adware, Trojans, and other forms of malware simply by disconnecting it from the Internet. I was reminded of this bias while writing Machine Learning Security Principles because some of the exploits I cover included air-gapped PCs. I’m showing my age (yet again), but machines were being infected with all sorts of malware long before the Internet became any sort of connectivity solution for any system. At one time it was floppy disks that were the culprit, but all sorts of other avenues of attack present themselves. To dismiss things like evil USB drives that take over systems, even systems not connected to the Internet, is akin to closing your eyes and hoping an opponent doesn’t choose to hit you while you’re not looking. After all, it wouldn’t be fair. To make matters worse, you can easily find instructions for creating an evil USB drive online. However, whoever said that life was fair or that anyone involved in security plays by the rules? If you want to keep your systems free of malware, then you need to be alert and scrutinize them continually.

Let’s look at this issue another way. If you refused to do anything about the burglar rummaging around on the first floor while you listened in your bedroom on the second floor, the police would think you’re pretty odd. The first thing they’ll ask you is why you don’t have an alarm system implemented into your home. Or if you do have one, wouldn’t it have been a good idea to set it in the first place, so more people would have been notified about this security breach. In addition to alarm systems, some homeowners also have an external security system installed around their homes. They would be able to provide a good image of the burglar. However, it’s still important to try and do something to actually stop the burglar. Whatever you do, you can’t just stand back and do nothing. More importantly, you’d have a really hard time getting any sort of sympathy or empathy from them. After all, if you just let a burglar take your things while you blithely refuse to acknowledge the burglar’s presence, whose fault is that? (Getting bonked on the back of the head while you are looking is another story.) That’s why you need to monitor your systems, even if they aren’t connected to the Internet. Someone wants to ruin your day and they’re not playing around. Hackers are dead serious about grabbing every bit of usable data on your system and using it to make your life truly terrible. Your misery makes them sublimely happy. Really, take my word for it.

The reason I’m discussing this issue is that I’m still seeing stories like, Chinese Hackers Target Air-Gapped Military Networks. So, what about all those networks that were hacked before the Internet became a connectivity solution? Hackers have been taking networks down for a considerable time period and it doesn’t take an Internet connection to do it. The story is an interesting one because the technique used demonstrates that hackers don’t have to be particularly good at their profession to break into many networks. It’s also alarming because some of the networks targeted were contractors for the US military.

There is no tool, software, connection method, or secret incantation that can protect your system from determined hackers. I’ve said this in every writing about security. Yes, you can use a number of tools to make it more difficult to get through and to dissuade someone who truly isn’t all that determined. Unfortunately, no matter how high you make the walls of your server fortress, the hacker can always go just a bit further to climb them. Sites like America’s Data Held Hostage (this site specializes in ransomware) tell me that most organizations could do more to scrutinize their networks. Every writing I read about informed security is that you can’t trust anyone or anything when you’re responsible for security, yet organizations continue to ignore that burglar on the first floor.

There is the question of whether it’s possible to detect and handle every threat. The answer is that it isn’t. Truly gifted hackers will blindside you and can cause terrifying damage to your systems every time. Monitoring can mitigate the damage and help you recover more quickly, but the fact is that it’s definitely possible to do better. Let me know your thoughts about security at [email protected].

Virus Scares and Hoaxes Galore

It seems as if the holiday season can bring out the worst in some people for whatever reason-I have never figured out why. My inbox is sometimes packed with e-mail from concerned readers about this hoax or that virus. I read about viruses and hoaxes galore online as well. It seems as if there is an upsurge every year in the number, variety, and severity of these complete wastes of time. In my book, the people who perpetuate these sorts of things are either ill-informed or simply sad. If all of the energy that goes into creating these scares would go instead into some productive use, I can’t even begin to imagine the benefit to mankind as a whole. Instead, we have readers running about like Chicken Little exclaiming that the sky is falling. Of course, there is the issue of if a pandemic actually were to happen in the future, we would have to worry about what information was true and what wasn’t. This could cause a lot of confusion, especially if we had to make a tough decision during a global crisis. I hope the government would take the lead in tackling any misinformation, or at least produce an official US list of open states should we find ourselves in a lockdown. We want to be able to trust what we hear, read, and see. If we can’t do that, it will cause a lot of issues and maybe even lives.

John Dvorak ran an article in his blog the other day entitled, “Did You Fall for the Facebook Hoax?” I’m not too thrilled about some of the language he used, but the information he provides is right on the mark. You can probably sum it up as, “Anything that sounds too good, weird, or evil to be true, probably isn’t.” Of course, most of us want to be sure that something really is a hoax, so it pays to check out Hoax Busters, VMyths, or Snopes.com, just to be certain. These sites track all of the current myths and hoaxes out there, so you can see the basis for that hoax that arrived in your e-mail this afternoon. The point is that hoaxes aren’t real and you shouldn’t believe them, even a little.

When it comes to viruses, you can be sure that the Internet is plagued with them. Tomorrow I fully expect to see an article about the next major virus that will take down the Internet after emptying every bank in the world of funds. Yes, civilization will cease to exist with the next virus created by the cracker (a black hat hacker who uses his/her skills for ill, rather than good) who works only at midnight in a darkened room above a garage.

The fact is that viruses are real, but crackers often attack the least prepared Web surfers just as any other thief attacks the unsuspecting person on the street. There are enough people who are ill prepared to work on the Internet that crackers really don’t have to worry about creating a truly devastating virus that will invade every network on the planet. For one thing, it’s a waste of the cracker’s time-for another, must viruses have a relatively short active life before someone comes along with a fix that prevents them from spreading. Crackers know this, so they create viruses that work well enough for the time they expect the virus to be active, and then the cracker moves on to something else.

In general, a computer system can be invaded by a virus at any time-just as you can get a cold at any time. You tend to catch colds when your bodily defenses are down. The same holds true for your computer. When you let your computer defenses down, it has a better chance of getting a virus. However, even with the best defenses, there is a small chance you could still get a virus, but being prepared significantly reduces the risks. Here are five things you can do to ensure you’re prepared for a virus attack.

  1. Keep your virus protection updated.
  2. Install all of the required patches for your operating system and applications.
  3. Don’t open an e-mail from someone you don’t know, no matter how tempting the message might be (remember Pandora’s Box).
  4. Don’t go to sites you don’t trust.
  5. Keep your browser locked down so that it doesn’t automatically execute code when you visit a site. This means setting your browser to disable both JavaScript and Java support. Most browsers have an exception list you can create for sites you trust, so these sites will continue to work as they always have.


When you follow these five guidelines, you have a very good chance of avoiding viruses on your computer. The next time you see an e-mail message containing a hoax or trying to get you excited about the latest virus that will take down the Internet, consider the fact that these sorts of messages have been going around the Internet for quite a long time now and we have yet to see a major Internet down time. Let me know your thoughts about viruses and hoaxes at [email protected].

Cherry Tree Woes

Cherry trees can be incredibly hard to raise, as I’m learning over the years. We originally planted four Northstar cherry trees on our property. The description of the tree seemed perfectit only grows 6′ to 10′ tall, produces copious amounts of tart cherries, and is quite hardy.

Unfortunately, it also has an open structure that Yellow Bellied Sap Suckers find absolutely irresistible (yes, they really do exist). We ended up with neat rows of little holes in the trunk of each of the cherry trees. Because the birds alternated between the wild cherries in our woods and our cherry trees, our Northstar cherries eventually ended up with a disease called bacterial canker. The sappy ooze emitted by the wounds attracted all sorts of other pests. Eventually, the bacterial canker girdled the trunk and killed our Northstar cherries (well, all except one that simply refuses to die, so we let it stay there, but it has yet to produce cherries and it never has grown more than a few feet tall).

We decided to try again with a cherry that the Yellow Bellied Sap Sucker might find less inviting. This time we chose the Mesabi cherry and planted four more trees. The tight branch structure did keep the birds at bay. In fact, the trees produced 53½ pounds of cherries in 2009. However, late last year we noticed that the leaves were turning yellow in mid-summer and that the fruit yield was very low. This year we won’t receive any fruit from our cherries because they’re essentially dead, as shown here.

Cherries01

There are still some leaves on this tree, but it isn’t nearly as full as it should be and it won’t recover. All four trees have a virus they received from an insect (type unknown). There are a number of indicators. The most noticeable is that the tree has almost no leaves, yet, there isn’t anything obviously wrong such as bacterial canker. The leaves the trees do have are yellowish with darker green around the veins, as if the leaves aren’t receiving enough nourishment.

A more telling symptom is something called flux. The tree is leaking small amounts of sap (not the copious amounts as with bacterial canker). This sap is turning black as bacteria attacks it as shown here.

Cherries02

That blackish spot (circled in red) would be very easy to miss. (Each tree has many of these little black spots.) In fact, I didn’t know what I was looking at. A master gardener friend of mine pointed it out. The ants don’t miss opportunities like this though. The trees are loaded with themall looking for a free meal of sap.

The trees are actually dying from the inside out. There is a wound on one of the trees where you can see the inside of the tree literally rotting as shown here.

Cherries03

Notice how the edge of the wound has lifted upit isn’t curled tight against the wood of the tree. This indicates that the tree is trying to heal itself, but that the new growth has nothing to stick to. The new growth should be tight against the wood.

I’ll be cutting the four trees down sometime soon, drying the wood out, and using it to smoke various meats. It would be a shame to use such nice wood in the wood stove. The trees definitely won’t go to waste.

Unfortunately, I can’t plant new cherry trees in the same spot (or in the location where the other cherry trees were). In both cases, the trees have left their diseases in the ground. If I plant new trees in these locations, they’ll immediately become infected. Consequently, I’ll be looking for a new type of cherry (or cherries) and a completely different location next year. One major lesson I’ve learned is that trees of the prunus genus require significantly more care than either apples or pears.

This spot will be taken over by butternut trees next year.  We don’t have any butternut trees in our woods (they can grow in the wild), so the addition of nut trees will be nice. I know that our woods do contain hickory nuts and plan to gather as many as I can this next fall (as soon as I identify precisely where the trees are located). What are your favorite sorts of nuts and fruits? Let me know at [email protected].