Cyber Threats Against Surgical Robots

Robot Surgeon

Things that would suck for one thousand, please, Alex.

Imagine — and why the hell not? — that you need an emergency appendectomy. Yours is about to explode because why-do-we-even-have-those-things? You are rushed into the operating room and placed on a table beneath a curious apparatus. “Get me a nerd, stat!” Somebody shouts.

A man in surgical clothing greets you. “Relax,” he says. “I’ve done a million of these.” He pushes a button and mask drops and smothers your face. The man’s credentials don’t match what your parents expected from their emergency room staff. The “doctor” is a computer operator, a Microsoft Certified Surgeon from ITT Tech. Your procedure begins when he selects “Appendectomy” from a drop-down menu. It is performed by a robot that immediately goes to work, carving into your body in search of an inflamed appendix.

Suddenly the robot orders silicon. Unexpected noises fill the room as the augmentation unit fires up. “WTF?” the operator types into his IRC session. “This thing’s going haywire.” Everyone in the channel responds in a similar manner: “LOL!” they type back. “This is serious shit!!!1!1!”, he anger-types. “ROTFLMAO!” they reply.

The robotic knives withdraw from your abdomen. The apparatus glides on tracks as it works its way towards your chest. It starts to make cuts around your nipples. The operator is agog; his jaw drops and he’s unsure what to do. The augmentation unit descends and attaches to your chest. Silicon starts flowing. The operator starts smashing his keyboard. “Why does this shit always happen on a Friday afternoon??!!” he screams. “LOL!” the IRC channel says.

So what happened? The hospital didn’t keep its goddam software up-to-date. The surgical robot was hacked. And now you have lady tits because 4Chan was in need of some afternoon LOLz.

Sound far-fetched? A team of researchers at the University of Washington in Seattle just hijacked a teleoperated surgical robot and documented its security vulnerabilities in a new white paper. Great! As if surgery wasn’t stressing enough, here’s one more thing to think about.

At least the guys at 4Chan gave you big ones. (They’re a little obsessed with breasts over there…)

Internet Troll Hijacks A Sendmail Question

Your JoeDog wondered if he could throttle incoming email so he went to the google machines to search for an answer. Mike B had a similar thought. On Serverfault he asked, “How can I throttle incoming emails in SendMail for a specific recipient?”

Awesome! Let’s see what the internets has to say about this.

Andrzej A. Filip responded: Could you elaborate a little “WHY do you need it?”/”WHAT do you want to achieve?”?

Lookit Andrzej A. Filip drinking a tea with an extended pinkie finger. His time is so god damn important that he’s not answering shit unless he knows that’s person’s entire thought process.

Just consider his inflection. He loud-capped the first word. “WHY do you do need it?” That’s a question. Here’s another one: “WHY do you fscking care?”

Obviously Mike B has a goal he hopes to achieve or he wouldn’t have tossed that question to the internets so assholes like Andrzej A. Filip could hijack the thread with concerns about his underlying motivation.

It’s been a year and the question remains unresolved. Good job, Andrzej A. Filip. Good fscking job.

Now Go Find It

Your JoeDog caught this blurb on the Internets: “Audi, the German carmaker, said it would test a program in which packages are dropped off into the trunks of people’s cars solving the problem of no one being home.”

Um, …

Use Break Statements, People

A few years ago, Your JoeDog was re-working someone else’s code. Fun times!  It was written in java by a professional web shop out of Chicago. He’s not going to name the shop but it rhymes with “Oxy Dom.”

In one particular segment, there was a big mother of a switch statement with perhaps a couple dozen case conditions. That’s quite a few case conditions! But here’s the thing about this code which was executed by a highly paid software engineer. It contained no break statements.

Why does that matter? Let’s find out after the jump! Continue reading Use Break Statements, People

Modify It; Don’t Criticize It

Audi TFSIWhen Your JoeDog got a new car, the first thing he did was modify it. He added another 37HP with help from the folks at APR Tuning. Your JoeDog’s attitude toward cars mirrors his attitude toward software. If he owns it, then he should do whatever he wants with it as long as he doesn’t hurt somebody.

Cars and software run best when they run fast.

Well now here’s something that makes Your JoeDog want to down 10 bottles of Mad Dog and follow that with a codeine chaser:

Automakers are supporting provisions in copyright law that could prohibit home mechanics and car enthusiasts from repairing and modifying their own vehicles.

Did you get that? A Federal agency will determine whether or not tinkering with your car constitutes a copyright violation. When Your JoeDog saw that he thought, “Who do I have to nut punch and where does the line form?”

If you’re a nerd of a certain age, just about every outrage traces back to the Digital Millennium Copyright Act of 1998. Well, guess what?

Since cars are now rolling computing platforms, manufacturers have asked the Copyright Office to determine whether or not the DCMA protects their intellectual property and prohibits people from modifying and tuning their own vehicles.

Assholes. It’s not like we’re going to Detroit, Wolfsburg or Ingolstadt to tell manufactures how to construct their vehicles (although that couldn’t hurt). As it stands, we’d rather just take delivery now and improve the car our god-damn selves. Don’t mess with that, Washington.


HTTPS Happy Nice Time

As you may have noticed, here at JoeDog Enterprises Incorporated Ltd ESQ Inc., we switched from http to https last weekend. Exciting!

We warned you that such a move could be accompanied by unintended consequences. But keep in mind, not all side effects are bad. Just like painkillers can provide a little glow along with relief, some changes can provide unintentional benefits. Here’s the story of one of them.

This morning we noticed skiddie activity. That’s not unusual. Every morning we notice skiddie activity. Some asshole from  in Williamsville, NY is running an attack right now. Our http logs are filling with this activity: - - [20/Apr/2015:08:32:35 -0400] "POST /xmlrpc.php HTTP/1.1" 
302 213 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"

See that 302? That means our http virtual host is issuing a redirect to https. Here’s the thing: He doesn’t appear in the https logs. That means his stupid skiddie script is too dumb to follow the redirect. For the past hour he’s done nothing but causing meaningless redirects …

… and now he’s blocked.

UPDATE: Those 302s are now 301s as per Tim Funk’s recommendation. If skiddie can’t follow 302, he can’t follow 301 either….

UPDATE: That’s weird. My linky text is recommendation — as in “Tim Funk’s recommendation” — but magic is turning it into “Tim Funk’s 1 comment.”

How To Switch Your Site To HTTPS

I told you that Your JoeDog would eventually complete that task. There was no need to remind us every couple of months. It’s done, now. Cross it off the list.

Congratulations, I guess?? What task is now complete?

Last August Your Google announced that it would give all sites running https a slight rankings bounce. Your JoeDog thought, “Yeah, yeah, yeah. We should do that.” Then August became October and October became January and January became whatever comes after that. Now you’re able to read this blog over a secure connection.

Let’s set-up https after the jump! Continue reading How To Switch Your Site To HTTPS

The Sites They Are a’ Changin’

Your JoeDog was looking at his analytics and he noticed something: This blog gets a lot more traffic than the rest of this site. That makes sense … I guess! After all, how many times do you want to read a software manual? Since it gets more traffic, Your JoeDog decided to move it to a more prominent position. It’s now the home page.

Yeah, and …

There are no “ands.” This site is still the home of our open source software. You can find the manuals, FAQs and ReadMes on the left. Clicky-clicky. And if that fails, there’s always the search bar over on the right Searchy-searchy! And you can always return to the home page for snide remarks about technology. Snarky-snarky.