Upfront - 12

The real Fake Steve Jobs

There was a round of chuckles from our newsroom recently as the much-sought-after Fake Steve Jobs turned out to once have been one of our reporting stalwarts.

Mr. Fake Jobs (nee Dan Lyons) prowled and pranked in our ancestral PC Week business section from 1987 to 1990. The outing of Mr. Fake by a New York Times reporter gave rise to a round of e-mails among the PCW alumni, including one message that noted this was not the first time that Dan yanked the fake chain. Our illustrator of Spencer F. Katt and all-around top-notch artist, Paul Connolly, remembered Dan, after having left PC Week, faking a call from a particularly irate tech executive to news editor John Dodge, ending the phone message with the admonition, "Dont buy any green bananas, Dodge—you wont be around to eat them!"

The antics of the Fake Steve will soon move to Forbes.com, where Dan currently resides. In an e-mail exchange, Dan recalled his PC Week days in part with the following vignette: "One Friday, the staff filled the water coolers with margaritas, and we had a Mexican theme blowout. Was a wild place in those days. And a wild industry."

Of course, we on the East Coast and still in the journalism business were amused and gratified that 1) The Fake Steve Jobs was not a West Coaster but from the side of the United States representing the intellectuals rather than the surfers; 2) Fake Steve was outed not by hordes of bloggers all wondering who FS was, but by a New York Times reporter familiar with the classic reporting tool: the telephone; and 3) That Fake Steve would live on even with his identity revealed.

Steve Jobs oversees an imperial monarchy at Apple. Executives rise or fall based on loyalty. Journalists in the courts favor get special attention and access, while those in disfavor find themselves banished to the hinterlands. Of course, a monarchy can work fine in the high-tech business when the king has an eye for design, an admiration of the simple over the complex and the power to get what he wants from an engineering staff rather than what can be cobbled together in time for a deadline.

But even monarchs need a Jonathan Swift writing "Gullivers Travels" or a Mark Twain writing about "A Connecticut Yankee in King Arthurs Court." Dans satirical "Massachusetts Yankee in Jobs Cupertino Court" should continue to remind those business executives in power that they may learn more from the satirists in their kingdom than from the fawning loyalists. —Eric Lundquist

Geeks and golden penguins

For some time now, Ive been meaning to attend the Golden Penguin Bowl trivia competition—a LinuxWorld Expo tradition that pits a team of geeks against a team of nerds, with glassy, gold-colored penguin statues as prizes. This year I made a point of attending, and when quizmaster and Samba developer Jeremy Allison stepped out on stage in a robot costume that appeared to be made of duct tape-wrapped cardboard, I knew I was in for some good geeky fun.

The Golden Penguin teams consisted of the Nerds (Dells Matt Domsch, John Hull and Cole Crawford) versus the Geeks (Michael Grace, from Rackable Systems; Donald Becker, from Penguin Computing; and Tim Lee, from Pogo Linux). Each contestant was armed with a buzzer, which theyd hit to snag questions as Allison read them.

Highlights of the competition included the Dell team answering the question, "When you click the Buy Ubuntu button on Dells site, which operating system does Dell recommend?" The Dell Nerds answered "Windows," to chuckles from the crowd. The judges on hand ruled the answer too vague, as the correct answer was "Windows Vista Home Premium"—a tough one, considering that there are some 14 different Vista SKUs out there.

My favorite moment came when the hardware veterans on the Linux Geeks side correctly associated a picture of a heavily perspiring Steve Ballmer with Microsofts need for "developers, developers, developers," at which time each of the three geeks were handed a denim button-down shirt, splashed with water, and called upon to re-enact the Microsoft CEOs famous keynote moment.

Much more embarrassing, however, was when all six contestants failed to buzz in to answer the contests only classic Star Trek question: In the original series episode "Space Seed," with whom did ship historian Lt. Marla McGivers fall in love? The answer, of course, was "KHAN!"

After two rounds of progressively tougher trivia questions, the event ended with a final round in which one member from each team took the reins of a remote-controlled robot. The crowd eagerly anticipated a robot throwdown, but the two bots never came into contact; instead, they fell repeatedly from their narrow tabletop battleground.

In the end, the Golden Penguin trophies went to the Geeks. Final score: Geeks 10,000, Nerds 8,750. —Jason Brooks

Blue Pill at Black Hat

Theres a lot of chest thumping at Black Hat.

My personal favorite, since I was in the middle of it, was the drama of whether a virtualized rootkit (a la Joanna Rutkowskas Blue Pill) leaves tracks that can be detected in any practical manner.

The challengers response to Rutkowskas newly architected Blue Pill virtualized rootkit and its new Blue Chicken feature of running away when it detects timing determination attacks trying to track it down: "We agree, good strategy," said Matasano principal Tom Ptacek after reading a story I did that essentially said that Rutkowska had, well, gotten the last laugh. "Get out of the virtualization space [because] we will find you. And once youre out, stay out, stay in the kernel."

The trash talking went into a debate at Caesars food court in Las Vegas, the purpose of which was to come to some conclusions regarding what exactly had been established during the researchers Black Hat presentations July 28-Aug. 2 in Las Vegas.

Whether this argument matters to anybody outside of this elite level of kernel researchers is debatable—or as security researcher Halvar Flake put it, "Enough high-level blah blah." One thing everyone agrees about regarding virtualized rootkits: There are none in the wild, and we dont have to worry about them right now. Of course, we should be glad there are researchers who are worrying about them now, given that a successful attack could mean a system takeover without the victim being aware and with scant evidence of exploit, but that really does get to the heart of the debate.

Rutkowska has two points she wants people to take away from the Black Hat goings-on: First, that detecting virtualization, which her challengers said they can do, is not the same as detecting virtualization-based malware. Virtualization is too common for us to assume that when we find it running, it means weve found evidence of somebody up to no good.

Her second point: The methods described as a means to detect virtualization arent even very good. The basis of one of Rutkowskas rebuttals is that she has tested detection schemes and found they plain dont work.

Thats the problem, Ptacek said. The challenging researchers didnt give Rutkowska their detection tools—which, incidentally, theyre racing to release "sometime between yesterday and tomorrow" as a tool called Samsara, said Ptacek and Lawson.

Rutkowska has published Blue Pill. Matasano has checked it out. Matasano says its detection methods will take it down. OK. But then, Rutkowska never claimed Blue Pill was 100 percent undetectable. What she claimed is that the technology could be used as a basis for a pretty undetectable rootkit, at some point, by nefarious people.

She conceded that even though she can determine when a timing attack against the rootkit is happening, its not always possible to tell when the timing attack has stopped. But timing attacks have one fatal flaw: They suck up CPU like mad. That means that while you can sometimes run detection, you sure cant run it all the time. Its just too processor-intensive.

At any rate, its all good. Rutkowska has released her source code, making Matasano happy. "Shes excellent, very excellent," Ptacek said. "[Were just] happy [the debate is taking place] between competing research teams instead of the Russian mafia." —Lisa Vaas