Computerized machinery, we are discovering the hard way, gives manufacturers permanent control of the machines we buy from them.

Motherboard:

To avoid the draconian locks that John Deere puts on the tractors they buy, farmers throughout America’s heartland have started hacking their equipment with firmware that’s cracked in Eastern Europe and traded on invite-only, paid online forums.

Tractor hacking is growing increasingly popular because John Deere and other manufacturers have made it impossible to perform “unauthorized” repair on farm equipment, which farmers see as an attack on their sovereignty and quite possibly an existential threat to their livelihood if their tractor breaks at an inopportune time.

“When crunch time comes and we break down, chances are we don’t have time to wait for a dealership employee to show up and fix it,” Danny Kluthe, a hog farmer in Nebraska, told his state legislature earlier this month. “Most all the new equipment [requires] a download [to fix].”

The nightmare scenario, and a fear I heard expressed over and over again in talking with farmers, is that John Deere could remotely shut down a tractor and there wouldn’t be anything a farmer could do about it.

A license agreement John Deere required farmers to sign in October forbids nearly all repair and modification to farming equipment, and prevents farmers from suing for “crop loss, lost profits, loss of goodwill, loss of use of equipment … arising from the performance or non-performance of any aspect of the software.” The agreement applies to anyone who turns the key or otherwise uses a John Deere tractor with embedded software. It means that only John Deere dealerships and “authorized” repair shops can work on newer tractors.

“If a farmer bought the tractor, he should be able to do whatever he wants with it,” Kevin Kenney, a farmer and right-to-repair advocate in Nebraska, told me. “You want to replace a transmission and you take it to an independent mechanic—he can put in the new transmission but the tractor can’t drive out of the shop. Deere charges $230, plus $130 an hour for a technician to drive out and plug a connector into their USB port to authorize the part.”

“What you’ve got is technicians running around here with cracked Ukrainian John Deere software that they bought off the black market,” he added.

RTWT

You’ll be looking for Ukrainian software to hack the computer blocking non-dealer repairs in your Toyota and BMW very soon.

My wife Karen blogs infrequently, but today she posted a very excellent rant all about the inescapable personal time cost of using your computer.

Remember sub-second response time? That was the promise that any computer that can react quickly enough will come to seem like an internal mental reaction. You would be able to treat the computer like a psychologically immersive responsive tool, the same way a musical instrument feels.

Back in the green-screen days, before Windows and its ilk, it was possible to interact with computers at maximum human speed — as fast as you could type commands, they could be implemented, and keyboard buffers allowed you to control what command went to what program. That was sub-second response time — it felt like the computer was an extension of your body.

Ever since, computers have settled for becoming an extension of your intellect, instead. The more powerful the response, the more we expect it to be delayed by internet and other network latency delays, by software complexity, by the loss of keyboard type-ahead. We are grateful for the more flexible and powerful results, but we have lost the ability to treat the machine as a direct tool, one that convinces us it is an extension of our body by its immediacy. The required sub-second response time is an ever-receding goal, and I don’t see that changing any time soon.

Read the whole thing.

It’s always entertaining to read about the corporate decisions which lost former industry leading products their place in the sun. Quark used to have a 95% market share.

Ars Technica:

Anecdotal evidence is not the best way to objectively study anything, but ask anyone what caused them to leave XPress for InDesign. Overwhelmingly, it all boils down to those personal stories of neglect that eventually eroded Quark’s appeal and made a potentially painful transfer to another product the lesser of the evils.

In 2001, Apple released OS X, which felt dog slow on existing hardware. Despite its inclusion of crucial publishing tech like AppleScript and ColorSync, it was definitely not production-ready. But OS 9’s failings are well documented—a bad font in an ad could literally cost you a third of your day dealing with system crashes. OS X’s single promise of Unix-like stability turned its other short-term problems with snappiness into non-issues.

Quark repeatedly failed to make OS X-native versions of XPress—spanning versions 4.1, 5, and 6—but the company still asked for plenty of loot for the upgrades. With user frustration high with 2002’s Quark 5, CEO Fred Ebrahimi salted the wounds by taunting users to switch to Windows if they didn’t like it, saying, “The Macintosh platform is shrinking.” Ebrahimi suggested that anyone dissatisfied with Quark’s Mac commitment should “switch to something else.”

It’s advice people apparently took—just not the way he meant it. It was likely that Quark saw increasing growth in Windows sales as a sign that the Mac publishing market was dwindling. However, what they were probably seeing was new users, not migration to Windows. I’ve heard about Windows-based publishing environments, but I’ve never actually seen one in my 20+ years in design and publishing.

Perhaps this seems like an overstatement, but desktop publishing was invented on the Mac. It would have been hard to find people more rabidly pro-Mac than people who were basically keeping pre-Jobs Apple afloat. So when a revitalized Apple needed all the help it could get, telling Mac designers to switch to Windows was all the excuse these creatives needed to think that the grass was actually greener on the InDesign side. Simply put, this was a crucial nudge for many.

Read the whole thing.

CNN Money describes the problems and quotes technicians about what it will take to fix it.

Experts say the major problems with the Obamacare website can’t reasonably be solved before the end of 2013, and the best fix would be to start over from scratch.

After assessing the website, Dave Kennedy, the CEO of information-security company Trusted Sec, estimates that about 20% of Healthcare.gov needs to be rewritten. With a whopping 500 million lines of code, according to a recent New York Times report, Kennedy believes fixing the site would probably take six months to a year.

But would-be Obamacare enrollees only have until Dec. 15 to sign up for coverage starting at the beginning of 2014. Nish Bhalla, CEO of information-security firm Security Compass, said it “does not sound realistic at all” that Healthcare.gov will be fully operational before that point.

“We don’t even know where all of the problems lie, so how can we solve them?” Bhalla said. “It’s like a drive-by shooting: You’re going fast and you might hit it, you might miss it. But you can’t fix what you can’t identify.”

Several computer engineers said it would likely be easier to rebuild Healthcare.gov than to fix the issues in the current system. But it’s unlikely that the government would toss out more than $300 million worth of work.

The sheer size of Healthcare.gov is indicative of a major rush job. Rolling the site out too quickly likely increased the number of errors, and that makes the fixes more difficult to implement.

“Projects that are done rapidly usually have a lot of [repetitive] code,” said Arron Kallenberg, a software engineer and tech entrepreneur. “So when you have a problem, instead of debugging something in a single location, you’re tracking it down all through the code base.”

To put 500 million lines of code into perspective, it took just 500,000 lines of code to send the Curiosity rover to Mars. Microsoft’s (MSFT, Fortune 500) Windows 8 operating system reportedly has about 80 million lines of code. And an online banking system might feature between 75 million and 100 million lines. A “more normal range” for a project like Healthcare.gov is about 25 million to 50 million lines of code, Kennedy said.

“The [500 million lines of code] says right off the bat that something is egregiously wrong,” said Kennedy. “I jumped back when I read that figure. It’s just so excessive.” …

..The New York Times report said five million lines of code need to be replaced just so the site can run properly.

But the Obamacare website has bigger problems than simply getting people registered for health care. The code is also riddled with security holes, according to Kennedy, who outlined his cybersecurity concerns on Trusted Sec’s company blog.

“If someone can’t register, that’s obviously bad — but if the information gets hacked, you’re talking about one of the biggest breaches in American history,” Kennedy said. “I think security is an afterthought at this point.”

The Russian cybersecurity company Kaspersky has discovered that a truly massive piece of malware has been lurking on computers in Iran and other Islamic locations for at least two years. The software discovered is believed to be state-sponsored, and everyone is refraining in print from finger-pointing at the United States.

Wired:

A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation.

The malware, discovered by Russia-based anti-virus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years.

Dubbed “Flame” by Kaspersky, the malicious code dwarfs Stuxnet in size – the groundbreaking infrastructure-sabotaging malware that is believed to have wreaked havoc on Iran’s nuclear program in 2009 and 2010. Although Flame has both a different purpose and composition than Stuxnet, and appears to have been written by different programmers, its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals — marking it as yet another tool in the growing arsenal of cyberweaponry.

The researchers say that Flame may be part of a parallel project created by contractors who were hired by the same nation-state team that was behind Stuxnet and its sister malware, DuQu.

“Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide,” said Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, in a statement. “The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country.”

Early analysis of Flame by the Lab indicates that it’s designed primarily to spy on the users of infected computers and steal data from them, including documents, recorded conversations and keystrokes. It also opens a backdoor to infected systems to allow the attackers to tweak the toolkit and add new functionality.

The malware, which is 20 megabytes when all of its modules are installed, contains multiple libraries, SQLite3 databases, various levels of encryption — some strong, some weak — and 20 plug-ins that can be swapped in and out to provide various functionality for the attackers. It even contains some code that is written in the LUA programming language — an uncommon choice for malware.

Kaspersky Lab is calling it “one of the most complex threats ever discovered.”

“It’s pretty fantastic and incredible in complexity,” said Alexander Gostev, chief security expert at Kaspersky Lab.

Flame appears to have been operating in the wild as early as March 2010, though it remained undetected by antivirus companies.

“It’s a very big chunk of code. Because of that, it’s quite interesting that it stayed undetected for at least two years,” Gostev said. He noted that there are clues that the malware may actually date back to as early as 2007, around the same time-period when Stuxnet and DuQu are believed to have been created.

Read the whole thing.

This is the deathbed portrait of an unknown man with the hairstyle of the 1640s, commonly described as being the portrait of James, Duke of Monmouth, executed in 1685.

The Telegraph informs us that art historians are proposing to employ facial recognition software developed for Counter-Terrorism to identify the unknown subjects in some well-known works of art.

Software developed to recognise terrorist faces is being adapted to solve the mystery of portraits of unidentified people. …

A feasibility study is being conducted by two art historians and an electronic engineer at the University of California. They describe FACES (Faces, Art and Computerised Evaluation Systems) as a “new tool for art historians”. The project has received a $25,000 government grant.

Conrad Rudolph, professor of art history at the university, said: “Before the advent of photography, portraits were, almost by definition, depictions of people who were important in their own worlds. But, as a walk through almost any major museum will show, a large number of these unidentified portraits from before the 19th century have lost the identities of their subjects.”

The Wall Street Journal reports on an interesting feat of technical ingenuity by the enemy.

Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.

U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights. Still, the intercepts could give America’s enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under U.S. surveillance.

Which version of Win7 do you need? CNET explains the options featured by the four different editions, varying in price from $119.00 to $219.99.

Win7 Launch Party video (Don’t watch it!)

Charlie Booker, at the Guardian, knows that Windows sucks, but explains that he still hates Mac and Mac users more.

Recently I sat in a room trying to write something on a Sony Vaio PC laptop which seemed to be running a special slow-motion edition of Windows Vista specifically designed to infuriate human beings as much as possible. Trying to get it to do anything was like issuing instructions to a depressed employee over a sluggish satellite feed. When I clicked on an application it spent a small eternity contemplating the philosophical implications of opening it, begrudgingly complying with my request several months later. It drove me up the wall. I called it a bastard and worse. At one point I punched a table. …

I know Windows is awful. Everyone knows Windows is awful. Windows is like the faint smell of piss in a subway: it’s there, and there’s nothing you can do about it. OK, OK: I know other operating systems are available. But their advocates seem even creepier, snootier and more insistent than Mac owners. The harder they try to convince me, the more I’m repelled. To them, I’m a sheep. And they’re right. I’m a helpless, stupid, lazy sheep. I’m also a masochist. And that’s why I continue to use Windows – horrible Windows – even though I hate every second of it. It’s grim, it’s slow, everything’s badly designed and nothing really works properly: using Windows is like living in a communist bloc nation circa 1981. And I wouldn’t change it for the world, because I’m an abject bloody idiot and I hate myself, and this is what I deserve: to be sentenced to Windows for life.

That’s why Windows works for me. But I’d never recommend it to anybody else, ever. This puts me in line with roughly everybody else in the world. No one has ever earnestly turned to a fellow human being and said, “Hey, have you considered Windows?” Not in the real world at any rate.

Until now. Microsoft, hellbent on tackling the conspicuous lack of word-of-mouth recommendation, is encouraging people – real people – to host “Windows 7 launch parties” to celebrate the 22 October release of, er, Windows 7. The idea is that you invite a group of friends – your real friends – to your home – your real home – and entertain them with a series of Windows 7 tutorials.

Win 7 Launch Party video: A very serious contender for lamest (interminable at 6:14) video ever made.

Read the whole thing.

Lifehacker tells us that Google will be be releasing its free, open-source Chrome Operating System later this year. Google says:

We’re designing the OS to be fast and lightweight, to start up and get you onto the web in a few seconds. The user interface is minimal to stay out of your way, and most of the user experience takes place on the web. And as we did for the Google Chrome browser, we are going back to the basics and completely redesigning the underlying security architecture of the OS so that users don’t have to deal with viruses, malware and security updates. It should just work.

Chrome OS is going to be netbook oriented in its earliest version, and the idea apparently is ultimately to replace PC software with on-live Google applications like Gmail and Google Docs.

Persuading users to give up the familiar isn’t easy, but Microsoft has done a fine job lately, particularly with Vista, in creating a real opportunity for anyone able to offer more speed and convenience.

Lifehacker reports that underestimated volume turned the Windows 7 Beta trial into another Mac advertisement.

You’d think that getting soundly beaten by Google and Yahoo over and over in the online space would mean that Microsoft would take the web a little more seriously. You’d be wrong.

Case in point: Today’s epic failure around the distribution of the Windows 7 public beta download. This morning Microsoft’s web servers fell to their knees under the pressure of constant web page refreshes by enthusiasts who want to volunteer their time to test Windows 7 after Steve Ballmer’s announcement the download would be available at noon today. (Since noon today, the download was there, then pulled, and back up again only if you know the direct links, and the promised product keys still aren’t available. There’s “no ETA” when they will be.)

Is it fantastic that Microsoft is offering this freebie preview? Yes. Is it shameful that they’d be so woefully unprepared for the demand it would draw? That also would be a YES.

Fox News:

The Pentagon has suffered from a cyber attack so alarming that it has taken the unprecedented step of banning the use of external hardware devices, such as flash drives and DVD’s, FOX News has learned.

The attack came in the form of a global virus or worm that is spreading rapidly throughout a number of military networks.

“We have detected a global virus for which there has been alerts, and we have seen some of this on our networks,” a Pentagon official told FOX News. “We are now taking steps to mitigate the virus.”

The official could not reveal the source of the attack because that information remains classified.

————————————-

News.com.au:

The US military has banned the use of flash drives and DVDs on its computers as it tries to combat a virus spreading rapidly through its networks.

The Pentagon ordered an unprecedented ban on all external hardware but refused to comment on the source of the attack, saying such information was classified.

“We have detected a global virus for which there has been alerts, and we have seen some of this on our networks,” a Pentagon official told Fox News.

“We are now taking steps to mitigate the virus.” …

An email sent to military personnel identified the problem as being caused by a virus called Agent.btz, Wired.com reports.

The virus is a variation of the “SillyFDC” worm, which has been around since about 2005 and spreads by copying itself to flash drives and then replicates onto any computer that device is plugged into.

Agent.btz originated in China, according to ThreatExpert. Spyware Doctor is reported to be capable of eliminating it.