I just wasted an entire day trying to inform Comcast about a problem with their network. This problem caused a service outage for me, and I'm sure that it has effected hundreds of other customers. Unfortunately, it will never be fixed.

Senior engineers at Comcast are not aware of the problem, and they will never be aware, because it is impossible to inform them. Comcast's first and second level support staff don't understand the problem and have been trained to aggressively blow off anyone who attempts to report it to them. As far as I can tell, there is absolutely no way to get through the first and second level support barrier to someone who actually understands DHCP. Comcast's support staff does not know when to escalate something that they do not understand.

I am posting this mostly as a personal catharsis having spent an entire day being told that I don't know what I'm talking about by people who barely know the first thing about how the Internet works. Pushing this further is not worth the frustration. Perhaps someone else who is experiencing the same problem will come upon this blog post in a Google search and will be saved the same frustration. That is the only thing that I can do at this point.

The problem manifests as follows: Some devices are intermittently unable to obtain a DHCP lease. What makes this complicated is that other devices ARE still able to obtain a lease. In my case my router stopped getting IPs from Comcast, but I could get an IP with my laptop. The router had been working fine as my gateway for months and had no problems getting IPs and then one day I woke up and it wasn't working anymore. My router could not get a lease, but my laptop could get a lease if I plugged it into my cable modem directly.

The naive assumption when confronted with this set of circumstances is that the problem is with the router. The network is obviously able to hand a lease out. The router must just not be asking for one properly or accepting one as it should. The first time I encountered this behavior on Comcast's network, I bought into this assumption and went out and purchased a new router. Then, a few months later, it happened to my new router as well.

In this case, the naive assumption is wrong; both routers are working properly. Internet protocols are complicated and sometimes they fail in subtle ways that defy naive assumptions. Unfortunately, it is impossible to get Comcast to look at this problem more carefully, because their low level technical support staff don't understand how to look at it more carefully, and believe that the naive assumption is the only possible explanation.

Because Comcast's network has this problem, people likely call up technical support on a regular basis complaining about it, and they are told that their routers must be broken. Comcast's technical support staff has gotten good at arguing people down about their "broken routers" because they see it all time. Of co... [ Read More (0.7k in body) ]

Maybe the painkillers loosened something in his mind, because as Kaminsky began to think more deeply about DNS he became convinced that something wasn't right. He couldn't quite figure it out, but the feeling stuck with him even after he stopped taking the pain pills. He returned to work full time and bought a recumbent stationary bike. He got hired to test the security of Windows Vista before it was released, repeatedly punching holes in it for Microsoft. Still, in the back of his mind, he was sure that the entire DNS system was vulnerable to attack.

Then last January, on a drizzly Sunday afternoon, he flopped down on his bed, flipped open his laptop, and started playing games with DNS. He used a software program called Scapy to fire random queries at the system. He liked to see how it would respond and decided to ask for the location of a series of nonexistent Web pages at a Fortune 500 company. Then he tried to trick his DNS server in San Diego into thinking that he knew the location of the bogus pages.

Suddenly it worked. The server accepted one of the fake pages as real. But so what? He could now supply fake information for a page nobody would ever visit. Then he realized that the server was willing to accept more information from him. Since he had supplied data about one of the company's Web pages, it believed that he was an authoritative source for general information about the company's domain. The server didn't know that the Web page didn't exist—it was listening to Kaminsky now, as if it had been hypnotized.

Secret Geek A-Team Hacks Back, Defends Worldwide Web

Federal officials said the practice is so limited that 40 laptops were searched during the first two weeks of August, when 17 million travelers entered the country.

One of the things people have been asking for are statistics. This is the first time I've ever seen the federal government offer one, and it was to the press!

Airport laptop seizures anger Muslims | The Detroit News | detnews.com

BusinessWeek Senior Writer Steve Hamm's new book, The Race for Perfect: Inside the Quest to Design the Ultimate Portable Computer, chronicles the four-decade history of mobile computing. This graphic adaptation explores the role of Alan Kay, whose ideas shaped the development of today’s laptops, handhelds, and smartphones.

From the archive, some bits of Kay:

If the children are being instructed in the pink plane, can we teach them to think in the blue plane and live in a pink-plane society?

Alan Kay is one of the most influential computer scientists of the modern era. His contributions, among many others, include the concept of the personal computer. We sat down with him to discuss his take on how innovations happen.

"Thinking" is a higher category than "just" math, science, and the arts. It represents a synthesis of intuitive and analytical approaches to understanding the world and dealing with it.

A bicycle for the mind, redux.

"I didn't know it was hard."

The Long Road To The Laptop

Virgil is, without a doubt, a hacker rock star.

Girls hang on Virgil Griffith. This is no exaggeration. At parties, they cling to the arms of the 25-year-old hacker whose reason for being, he says, is to “make the Internet a better and more interesting place.” The founder of a data-mining tool called WikiScanner, Griffith is also a visiting researcher at the mysterious Santa Fe Institute, where “complex systems” are studied. He was once charged, wide-eyed rumor has it, with sedition. No wonder girls whisper secrets in his ear and laugh merrily at his arcane jokes.

From the archive:

"I never thought I'd see the day when a laptop was better at picking up girls than a Ferrari. That's it, I'm ditching Windows."

Virgil Griffith, Internet Man of Mystery

Populous will be a free, and incredibly powerful, content management system specifically tailored to the needs of a college newsroom. In addition to the CMS our project has two more components: a digital newsroom, and a social network. Our ultimate goal is to provide any, and every, college newspaper with the tools necessary to have a great website that easily incorporates web 2.0 features and industry trends.

We want to make it easy for college newspapers to upload and play video, audio, slideshows, flash content and anything else that might come up. We will also include software that will allow a newsroom to plan and organize content, and that will allow a community to organize itself. We know most schools don't have the resources to develop the kind of software they need to have a great website, and with the help of the Knight Foundation we're answering that call.

Phase I: CMS
Our CMS will be released in beta this fall. Features include calendar, photo and video uploads and blogging. We hope to create a space where collegiate and small town newspapers alike can create and publish content easily online.

Phase II: Digital Newsroom
Our Digital Newsroom will be released in beta this Winter. It includes story planning, communication features and personalized calendars. This aspect will allow student editors to use laptop computers and mobile devices to communicate and plan both locally and remotely

Phase III: Community News Network
The Community News Network will be released in beta in the Spring. It will complete Populous with a social network used to make and distribute community news and allow users to interact with newsroom content and also create their own.

Populous

Security researchers say they've developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.

The attack, described as the first practical attack on WPA, will be discussed at the PacSec conference in Tokyo next week. There, researcher Erik Tews will show how he was able to crack WPA encryption, in order to read data being sent from a router to a laptop computer. The attack could also be used to send bogus information to a client connected to the router.

To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference's organizer.

They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack

Security experts had known that TKIP could be cracked using what's known as a dictionary attack. Using massive computational resources, the attacker essentially cracks the encryption by making an extremely large number of educated guesses as to what key is being used to secure the wireless data.

The work of Tews and Beck does not involve a dictionary attack, however.

To pull off their trick, the researchers first discovered a way to trick a WPA router into sending them large amounts of data. This makes cracking the key easier, but this technique is also combined with a "mathematical breakthrough," that lets them crack WPA much more quickly than any previous attempt, Ruiu said.

Tews is planning to publish the cryptographic work in an academic journal in the coming months, Ruiu said. Some of the code used in the attack was quietly added to Beck's Aircrack-ng Wi-Fi encryption hacking tool two weeks ago, he added.

WPA is widely used on today's Wi-Fi networks and is considered a better alternative to the original WEP (Wired Equivalent Privacy) standard, which was developed in the late 1990s. Soon after the development of WEP, however, hackers found a way to break its encryption and it is now considered insecure by most security professionals. Store chain T.J. Maxx was in the process of upgrading from WEP to WPA encryption when it experienced one of the most widely publicized data breaches in U.S. history, in which hundreds of millions of credit card numbers were stolen over a two-year period.

A new wireless standard known as WPA2 is considered safe from the attack developed by Tews and Beck, but many WPA2 routers also support WPA.

"Everybody has been saying, 'Go to WPA because WEP is broken,'" Ruiu said. "This is a break in WPA."

If WPA is significantly compromised, it would be a big blow for enterprise customers who have been increasingly adopting it, said Sri Sundaralingam, vice president of product management with wireless network security vendor AirTight Networks. Although customers can adopt Wi-Fi technology such as WPA2 or virtual private network software that will protect them from this attack, there are still may devices that connect to the network using WPA, or even the thoroughly cracked WEP standard, he said.

Ruiu expects a lot more WPA research to follow this work. "Its just the starting point," he said. "Erik and Martin have just opened the box on a whole new hacker playground."

Once thought safe, WPA Wi-Fi encryption is cracked

I had written a really good post this morning about the election result and lost it when my laptop died. Poetic really. We don't need my cynicism to tear celebrating liberals down from their post victory high. Reality will do that for us soon enough. In the meantime, the video I'm linking here will show you what the MSM isn't saying about this years election.

The election

BTW, If you somehow read this blog but aren't aware of it, I'm speaking on Friday night at 9PM at Phreaknic. The talk will be on border laptop searches, so if you've seen me speak at another conference this year (Summercon, Hope, Dragoncon), you may already have seen some of this content, although the situation has evolved considerably from where it was back during Summercon and my talk has evolved with it.

Phreaknic 12 - October 24th - 25th, 2008

The so-called Travelers' Privacy Protection Act, introduced in the Senate by Democratic Senators Russ Feingold (WI) and Maria Cantwell (WA) on Monday, would roll back portions of the current policy, which gives border agents the right to search or seize anyone's laptop as if it were just another piece of luggage.

Bill Proposes Privacy for Americans' Laptops at Border | Threat Level from Wired.com