Kevin Sites in the Hot Zone - Chapter 15: Coming HomeIn this final chapter of "A World of Conflict," Kevin Sites returns home to the U.S., only to confirm what he suspected -- that in the year that he was gone little had changed.
Kevin Sites in the Hot Zone - Chapter 14: Israel-Hezbollah WarThe war between Israel and Hezbollah shook the landscape in the Middle East.
Kevin Sites in the Hot Zone - Chapter 13: Sri LankaKevin Sites covered Sri Lanka as violence erupted between the government and Tamil Tiger rebels, pushing a nation with so much to lose back to the brink of all-out war. In rebel-held territory Sites interviewed Tiger fighters about their tactics and reported on the many effects of war still seen in the region.
Kevin Sites in the Hot Zone - Chapter 12: Nepal and KashmirKevin Sites covered Nepal during a time of sweeping political change that followed mass nationwide protests, forcing the autocratic King to cede power.
Kevin Sites in the Hot Zone - Chapter 11: Child BrideIn Afghanistan, Kevin Sites met a 12-year-old girl named Gulsoma, whose incredible story of resilience resonated with millions of people worldwide. She was only six years old when she was sold to a neighbor family in Kandahar as a child bride.
Kevin Sites in the Hot Zone - Chapter 10: AfghanistanReporting from Afghanistan in spring 2006, more than four years after the U.S.-led coalition ousted the Taliban, Kevin Sites found that war is not over in the country.
Kevin Sites in the Hot Zone - Chapter Nine: ChechnyaIn Chechnya during the winter of 2005-2006, Kevin Sites reported on a region still reeling from lingering conflict between Russia and Islamic separatists. The conflict engulfed Chechnya in the 1990s, and even now, half of the population is yet to return. Those that have eke out a living amid the rubble.
Kevin Sites in the Hot Zone - Chapter Eight: Iran
Kevin Sites in the Hot Zone - Chapter Seven: IsraelIn Israel, Kevin Sites interviewed Kinneret Boosany, a victim of a suicide bombing at a Tel Aviv cafe in 2002.
1911: Exploring in Peru, Yale archaeologist Hiram Bingham locates Machu Picchu, the lost city of the Incas. The event will set off a century of controversy.
Bingham was born in Honolulu, the son and grandson of Protestant missionaries in the Pacific. He graduated from Yale University and did graduate work in history and politics at the University of California and Harvard.
Bingham had already made two expeditions to South America -- and published a book on each -- when he returned to Peru in 1911. He located the last Inca capital, Vitcos, and made the first ascent of the 21,763-foot Mt. Coropuma. Then came the find that would make him famous: Machu Picchu.
Bingham eventually left academe for Republican politics, serving as lieutenant governor of Connecticut. He was also governor for one day, before moving on to the U.S. Senate for eight years. The Senate censured Bingham in 1929 for hiring a lobbyist. He died in 1956.
The controversies have not ended:
Hardly. He was led there by local people who lived nearby and were using Machu Picchu's agricultural terraces. He did, however, conduct the first archaeological excavations there and uncovered the famous structures hidden by four centuries of disuse. He also documented, mapped and photographed the site over several years.
Maybe not. Some claim that the German adventurer and businessman Augusto Berns had visited the site some four decades earlier, with the blessing of the Peruvian government. Others say that two missionaries had trekked there in 1906, five years before Bingham.
Bingham, however, was clearly the first to scientifically explore the place, and he also publicized it. The entire April 1913 issue of National Geographic was devoted to it. Bingham also wrote about it, notably Inca Land: Explorations in the Highlands of Peru (1922) and Lost City of the Incas, a 1948 best-seller.
After locating the capital, Vitcos, he was hoping to find the last Inca stronghold, Vilcabamba, which fell to the Spanish in 1573. Machu Picchu was in the wrong direction from Vitcos to be a likely Vilcabamba, but Bingham was so impressed by Machu Picchu's mountainous impregnability that for the first years of his exploration he thought he must have found Vilcabamba.
For many years, it was uncertain if Machu Picchu was a city, a mountain fortress, a religious shrine, a royal palace or various combinations of these. Continuing archaeological exploration has produced a consensus that it was a highland retreat of the Inca royalty. "Machu Picchu was simply a royal estate," says archaeologist Richard Burger. "You can think of it as the Inca equivalent of Camp David."
Yale University's Peabody Museum has housed hundreds of museum-quality artifacts (and thousands of fragments) for nearly a century. The government of Peru maintains that these were only loaned to Bingham, and that they belong to Peru and its people.
After years of negotiations, Yale and Peru signed a Memorandum of Understanding in March 2008. Yale acknowledged Peruvian ownership of the collection and pledged to work with Peru to promote an international traveling exhibit of the collection and create a permanent, new museum for it near Machu Picchu. Some prominent Peruvians think the agreement still gives Yale too much control.
The dispute is not alone. A similar controversy rages over Britain's continued control of the Elgin Marbles, decorative pieces removed from the Parthenon in Athens two centuries ago.
Some people fear that. Machu Picchu was already a World Heritage Site when it was named one of the Modern Wonders of the World in 2007. That led archaeologist Luis Lumbreras to warn that the influx of tourists was already damaging both the historic site and the fragile ecosystem surrounding it.
This controversy, too, is not alone. Striking a balance between protecting a site and providing access to let people experience it has caused restrictions at England's Stonehenge, France's Lascaux cave paintings and elsewhere.
Balancing preservation and access is also a conundrum in planning for Yosemite and other national parks. Some natural sites, like the exact location of the world's oldest living tree (Methuselah, a bristlecone pine in the eastern Sierra Nevada) or the world's tallest tree (a coast redwood in Northern California) are just plain kept secret.
Source: Various
Despite the best efforts of the security community, the details of a critical internet vulnerability discovered by Dan Kaminsky about six months ago have leaked. Hackers are racing to produce exploit code, and network operators who haven't already patched the hole are scrambling to catch up. The whole mess is a good illustration of the problems with researching and disclosing flaws like this.
The details of the vulnerability aren't important, but basically it's a form of DNS cache poisoning. The DNS system is what translates domain names people understand, like www.schneier.com, to IP addresses computers understand: 204.11.246.1. There is a whole family of vulnerabilities where the DNS system on your computer is fooled into thinking that the IP address for www.badsite.com is really the IP address for www.goodsite.com -- there's no way for you to tell the difference -- and that allows the criminals at www.badsite.com to trick you into doing all sorts of things, like giving up your bank account details. Kaminsky discovered a particularly nasty variant of this cache-poisoning attack.
Here's the way the timeline was supposed to work: Kaminsky discovered the vulnerability about six months ago, and quietly worked with vendors to patch it. (There's a fairly straightforward fix, although the implementation nuances are complicated.) Of course, this meant describing the vulnerability to them; why would companies like Microsoft and Cisco believe him otherwise? On July 8, he held a press conference to announce the vulnerability -- but not the details -- and reveal that a patch was available from a long list of vendors. We would all have a month to patch, and Kaminsky would release details of the vulnerability at the BlackHat conference early next month.
Of course, the details leaked. How isn't important; it could have leaked a zillion different ways. Too many people knew about it for it to remain secret. Others who knew the general idea were too smart not to speculate on the details. I'm kind of amazed the details remained secret for this long; undoubtedly it had leaked into the underground community before the public leak two days ago. So now everyone who back-burnered the problem is rushing to patch, while the hacker community is racing to produce working exploits.
What's the moral here? It's easy to condemn Kaminsky: If he had shut up about the problem, we wouldn't be in this mess. But that's just wrong. Kaminsky found the vulnerability by accident. There's no reason to believe he was the first one to find it, and it's ridiculous to believe he would be the last. Don't shoot the messenger. The problem is with the DNS protocol; it's insecure.
The real lesson is that the patch treadmill doesn't work, and it hasn't for years. This cycle of finding security holes and rushing to patch them before the bad guys exploit those vulnerabilities is expensive, inefficient and incomplete. We need to design security into our systems right from the beginning. We need assurance. We need security engineers involved in system design. This process won't prevent every vulnerability, but it's much more secure -- and cheaper -- than the patch treadmill we're all on now.
What a security engineer brings to the problem is a particular mindset. He thinks about systems from a security perspective. It's not that he discovers all possible attacks before the bad guys do; it's more that he anticipates potential types of attacks, and defends against them even if he doesn't know their details. I see this all the time in good cryptographic designs. It's over-engineering based on intuition, but if the security engineer has good intuition, it generally works.
Kaminsky's vulnerability is a perfect example of this. Years ago, cryptographer Daniel J. Bernstein looked at DNS security and decided that Source Port Randomization was a smart design choice. That's exactly the work-around being rolled out now following Kaminsky's discovery. Bernstein didn't discover Kaminsky's attack; instead, he saw a general class of attacks and realized that this enhancement could protect against them. Consequently, the DNS program he wrote in 2000, djbdns, doesn't need to be patched; it's already immune to Kaminsky's attack.
That's what a good design looks like. It's not just secure against known attacks; it's also secure against unknown attacks. We need more of this, not just on the internet but in voting machines, ID cards, transportation payment cards ... everywhere. Stop assuming that systems are secure unless demonstrated insecure; start assuming that systems are insecure unless designed securely.
---
Bruce Schneier is chief security technology officer of BT, and author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.