Infotech

"I'll be out for lunch with Mr Granger for a while. If anyone calls, don't pass them on through my cellular. Take a message and say I will call afterwards."

"Have a nice meal, Mr Thompson"

"See you later then, Janet"

I wait for a few minutes, busying myself at my desk, and then sneak into his office. His cheap Seiko Transparency virtual rig is neatly hung up in the corner. Mr Thompson may only be the owner of a small metallurgic firm, but he has a vice: he wants to watch the news in VR, just like the big boys. I carefully don the gloves and headset, and give the command sequence.

NYM VALIDATED. MARKET ACCESS GRANTED, LEVEL 2 - WELCOME

I fly in towards the shining center of the Market, a huge brilliance floating in an almost empty space. Rays of stock market indices, updated credit ratings, business news and other information flow in and out at a frantic tempo. Surrounding the center the virtual offices of various interfacers and organizations float like a small asteroid belt. Whoever designed the virtual sometime in the ancient past of the Concordat must have had fun and enjoyed the esthetics of business. I locate the UII office and beam towards it - time for some business.

Communications

The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes, little bits of data. It's all just electrons.
Sneakers

Mobile phones can be traced. If the phone number is known, it is possible to use the cellular phone network to find out which base station the phone is currently closest to. This of course requires access to the network, something usually only the net provider, police and intelligence agencies should have.

If the phone is known to be in the vicinity, its emissions can be traced (satellite phones are especially easy to detect, thanks to their higher power). An emission tracer can give the rough direction to sending phones, and using triangulation the location can be exactly determined. Things get much easier if the phone is actively sending, but even the normal emissions are enough to detect. Of course, it is much trickier to find an individual phone in the midst of many others.

Even worse, in some telesystems it is possible to use the phones to listen in even when they are not in use. The only way to detect it is by checking their emissions or noticing that the batteries are running low too quickly.

To keep ahead of tracking, many Concordat members have adopted the "disposable phone" trick: use a phone only once, then discard it (Malaysian Bell makes a living from this practice). You need plenty of cheap phones, but you'll be very hard to trace. Another trick is to use hacked phones ("debugged phones"), making the network think they are someone else's phone.

One great hack developed by Vondrak & Co is the cellphone computer: a small virus is inserted into the microprocessor of a cellphone, and while the phone is idle it acts as a node in a distributed computing network, doing parts of a larger calculation. By spreading infected phones Vondrak and other infohackers have gained a huge, distributed system of significant computing power. Currently the "cell collective" is mainly used for some large-scale gardening and crypto-testing, but information hiding has also been considered. It could of course also be used to disrupt the local net.

Computers

Am Heimcomputer sitz' ich hier
Und programmiert die Zukunft mir
Kraftwerk

In the past chips doubled their power every 18 months or so, the famous Moore's Law. Not anymore. Around 2010, the rate of development began to level off, the old semiconductors couldn't be developed much further due to physical constraints. Intel, Motorola and the other manufacturers sought a solution, and heavily sponsored research into nanotechnology among other things - something they do not speak loudly about right now. For the moment it looks like hardware isn't becoming better quickly, and people who need a lot of power instead have to rely on parallel computers with lots of processors. But the pressure for more computing power is great, and the computer industry would dearly like to have something like nanocomputers (one of the few places where nanotechnology is actively advocated is of course Silicon Valley; the large manufacturers do not comment openly on it, but plenty of individuals do).

Software has developed, at least on the surface. User interfaces have finally becoming useable, programs can be combined in flexible ways, agents help the user and practical software exists for just about any area. Underneath it is often the same old mess: bloatware hiding its inefficiency by using a lot of computing power, with hidden bugs and glitches, expensive to maintain and develop - exactly what certain software companies like. But there exists powerful software too, including some systems in development that may, if they are given enough resources, create true artificial intelligence. The trick is getting out of the hardware bottleneck.

Most computers are used with the old keyboard-mouse combination, but voice interfaces are becoming popular. Virtual reality rigs, ranging from simple headsets to full-body suits with tactile feedback, are popular although seldom for serious work.

Computer Capacity

There is a bandwidth-hunger in our nation.
Carl Bildt

When checking how much a computer can run, compare the Capacity of the computer with the requirements of the program; if it is higher the program will run well in the background with other programs, if they are equal the program will take up most of the capacity and if the computer's Capacity is smaller than the program's requirements it will simply not run, or run extremely slowly and inefficiently. Of course, running a lot of smaller programs might also load down a computer; as a rule of thumb, five programs of one level is equivalent to one program on the next level.

Rough Capacities
Calculator, embedded chip	Terrible
Ubicomp	Poor
Personal computer	Mediocre
Laptop	Mediocre
Wearable	Mediocre
VR player	Fair (specialized for only VR applications)
Workstation	Fair
Mainframe	Great
Supercomputer	Enhanced or more

Connecting several computers allows program load to be distributed, but a demanding program still requires at least one computer large enough to manage it, or being reconfigured to run on a multiprocessor system (A Computer Programming roll with a difficulty equal to the program's requirements). For example, a wearable connected to a laptop might run two Mediocre programs and ten Poor programs, but not a Fair program unless it is rewritten a bit.

Rough Requirements
Text encoding/decoding	Terrible
Image processing	Poor
Market transactions	Poor
Remembrance agent	Poor
Search agent	Poor
Realtime speech encoding	Mediocre
Translation	Mediocre
Smarts	Mediocre-Fair-Great (depending on the software)
Realtime image encryption	Fair
Virtual reality	Fair
Information server	Poor-Superb (depending on load and storage requirements; a webserver is Poor, a exabyte multimedia database Superb)
Realtime video forgery	Good-Great (depending on scene complexity)
Word processing	Terrible (just editing) to Mediocre (realtime grammar checking)
Computer Games	Terrible (Pac-man) -Poor (Quake) - Mediocre (Doom XI) - Fair (full VR games) - Great (multiuser VR server)
Simulation	Mediocre (simple physics) - Fair (fluid dynamics)- Good (social modeling)-Superb (quantum modeling)

Human Capacity

Mind determines how much attention the character can split; this can be augmented with Attention Training. As a rule of thumb, a person can use as many programs at once as she has levels in Mind minus one:

Terrible	-
Poor	1
Mediocre	2
Fair	3
Good	4
Great	5
Superb	6

Of course, some programs are more demanding than others; the above table assumes the programs mostly passively supply information, not actively tries to draw attention.

Wearables

Like all true revolutions, the Information Revolution is a revolution of power. Miniaturized technologies miniaturize institutions. In time, the microchip will destroy the nation-state. It will give small groups and even individuals the capacity to employ violence in ways that could overturn governments and destroy large organizations.
Lord William Rees-Mogg and James Dale Davidson

The computer itself is usually quite small, and placed inside one of the interfaces. The most popular models in the TU use Body Area Networks (BANs) to communicate through high-frequency signals through the body which means there is no need for wires, new devices are just added to the network as they are worn (BANs are not approved for commercial versions due to fears of electromagnetic fields, but upgrades can easily be bought on the Market or among hobbyists). This also allows a secure information channel between people by holding hands.

Information is displayed using either a screen worn on the wrist (cumbersome but can be hidden beneath clothing), display glasses (more conspicuous but always present) or contact lenses (hard to get, but very unobtrusive). There is also mediated reality displays: opaque glasses with built in cameras, the image is projected on the inside after digital processing. This enables light amplification and protection, image manipulation, information overlays and riding, among other things. Some use earphones with their wearables, allowing sound signals. There are also a few tactile interfaces, which are useful for very quick responses like signaling the position of attacks from behind.

Information is entered either through a small keyboard (wrist mounted or a one-hand chord keyboard), voice, gesture (through a dataglove), gaze control or EEG signals. Keyboards are good for text entry, but are hard to hide and require at least one hand. Voice commands are popular since the mike can be hidden and they don't require any hands, but obviously people notice that you whisper to yourself. Gestures can be recognized by sewing fiber optics into the clothing; inconspicuous when not in use. Gaze control involves having an IR scanner tracking the eye; very hard to detect if the scanner is hidden in glasses. This can be used to point at certain objects or direct cameras. EEG signals are the most subtle input; sensors on the head register brainwaves, and execute commands depending on what the user thinks. The recognition is fairly crude, but with training it is possible to give certain quick commands or let the wearable take action based on mental states.

Many wearables have sensors of various kinds: cameras, sometimes with low-light, infrared or telescope capabilities. Monitors for body functions and implants are popular in the TU, as well as GPS navigation systems, laser scanners to get a good 3D model of the surroundings and various radio systems. '

Most commercial wearables communicate through the wireless nets just like cellular phones, but there are also satelite-linked wearables or radio links.

Wearable Computing FAQ

Wearable computers at MIT

"And when the Feds do come for you, make sure that your entire life is on your computer. Rip up the papers after you scan them in. Your all-electronic life cannot be penetrated - especially if you get a case of the forgets. 'Oops, I forgot my password. Oops! I forgot my encryption key. Oops! I forgot my name.'"
Phrack Magazine

C3I Systems

Teamware is extremely useful in some situations, where the team can be coordinated invisibly from the command console and outside information can be fed to them (like the location of people viewed through drones, alarms etc). The impression is almost telepathic when it works as best. But it can also cause confusion, especially if the commander cannot handle the complexity of the situation. Jamming can disrupt the teamware, and if the enemy manages to get access to the system it can become a misinformation danger; hence teamware is usually strongly encrypted and built to be tamper-proof. Radio emissions are unfortunately hard to hide, and radio detectors can signal the stealthy approach of a teamware team in advance.

DARPA Smart Modules Program

Agents, Experts and Smarts

There are three main paradigms for creating smart software ("smarts"), not necessarily incompatible but very different. One is to base it on neural networks, teaching the programs to do what they need to do by feeding them examples or having them learn online. The results are robust and flexible, but unpredictable (not unlike gardened software). Another approach is to create expert systems, able to make deductions from rules fed into them by experts on the field of interest (such as neurology or identification of weapons). Experts tend to be very narrow. The third method involves using "common sense databases", databases of everyday information that can be used by the agent to decide what is a reasonable course of action etc. What has really made this approach lift off in recent years is the accumulation of a critical mass of information on the Internet, organized by various search engines but accessible to the smarts.

It is on the net the new smart software is mostly found. Search agents can find information for the user, compiling it into a readable form. Broker agents can make deals with other agents, buying and selling goods or information. Actor software behaves in lifelike ways in the virtual realities, remembrance agents remind about relevant facts and helper agents try to help users in their home systems. Most agents make a lot of mistakes in the beginning, but can be trained to become very efficient helpers. Unfortunately most people don't bother, so relatively few use the agents to their full capacity. They can act as the extended ears, eyes, memory and hands of the user.

Smart programs tend to have problems with coming up with new solutions. It is not that they cannot produce anything new, quite the opposite (there have been plenty of art exhibitions of computer generated art), but they so far lack the ability of selecting what solutions fit reality without human help. Since most AI programs doesn't know much about the real world their solutions and answers might be utterly bizarre or unusable; they often appear to lack common sense (a classic example was the Hyundai designer program that came up with a great car but didn't include any doors -- nobody had told it humans had to get in or out of the car).

A tremendous amount of research is currently being directed towards giving the programs common sense knowledge, so that they can interact with the real world and not just their own abstract information nets. As this work progress (as well as the self-development of various learning agents) the intelligence of the software is gradually increasing month by month.

Some agents have learning abilities, slowly learning through examples and experience. Most of the simple programs just adapt to the user to make the interaction work smoothly; advanced programs add new facts to their knowledge databases and can even learn new skills. These programs should in principle be given experience points to spend over time. Even more interesting are the distributed learning systems, that rely on Net-databases where each copy of the program adds its experience; even when not using your agent it gets slightly better due to the experience of all other users.

Smart software is alien, even if this alienness is often hidden behind friendly or even humanoid user interfaces. They live in a world of information totally unlike human experience and do not share many of the basic assumptions of humans. AI programs might not have a sense of self-preservation (which billions of years of relentless evolution has hammered into human genes), or even the concept of a distinct self.

At the same time the software is developing quickly. Many inside the Concordat expect that the next technology scare will appear shortly when people start to realize just how swiftly software is getting smarter: at present the agents inside your computer are idiot savants, but what happens when they start to exhibit real thinking? Beside the usual frankensteinian fear, there is also a real danger in what runaway AI might do: what happens when the programs start to write programs better than themselves?

Rules

It is easier to program Very Hard or Hard abstract skills than concrete Easy skills; the more specialized an area of knowledge is, the easier it is to encode it. This is why there are plenty of programs that can do advanced mathematical calculations but few that can analyze media.

Some programs exhibit more independence, and also possess mental attributes such as Intellect, Mind, Confidence and Charisma.

At present even the most advanced AI systems have Poor Intellect and Mind, or less. In narrow areas they can work quite well, but they usually lack the common sense knowledge that connects thinking with the real world. An agent trying to make its owner happy might erase files with contents it expects the owner to dislike; an expert system designing a program might not take the possibility of human error into account, so any mistake will crash the program unless the expert had been specifically told to make it more robust.

Confidence reflects the self-knowledge of the agent; a high Confidence means that the agent can estimate its own abilities, making it possible to determine what problems it can deal with and where it has to give up. Agents with low Confidence just act, and can easily get trapped in infinite loops or too hard problems.

The best acting software manages to achieve Mediocre Charisma. Humans are easily fooled into "forgiving" strange behavior and lapses of acting, especially when hidden behind a human-like interface, which makes it possible to make agents that work socially at least for a while. In the long run software tends to reveal its limits in conversations, but it can still be quite entertaining.

Example Software

Hugin and Munin

Information Gathering: Fair

Mr, Mrs and Jr. Info

Information Gathering: Mediocre
Teaching (only Jr): Poor
Basic Education: Fair

Compre

Information Gathering: Fair (getting better all the time)

Century

Information gathering: Good
Int, Mind: Terrible
Con: Mediocre

Gordon

Financial Analysis: Poor
Economics: Terrible
Law: Terrible

Gauss

Mathematics: Fair (various add-on modules for specific fields can reach Good or Great)

Golem III

Information Gathering: Terrible
Int, Mind: Poor
Confidence: Terrible

KnowNet

Baal

Computer Use: Mediocre
Computer Programming: Mediocre
Intellect: Terrible
Confidence: Fair

Translators

Language: Mediocre to Good (specialized programs gain a positive modifier in their area)

Bluie

Evaluation: Mediocre

Intelligence amplification software

By 'augmenting man's intellect' we mean increasing the capability of a man to approach a complex problem situation, gain comprehension to suit his particular needs, and to derive solutions to problems. ... We refer to a way of life in an integrated domain where hunches, cut-and-try, intangibles, and the human 'feel for the situation' usefully coexist with powerful concepts, streamlined terminology and notation, sophisticated methods and high-powered electronic aids.
Douglas Engelbart, 1963

Remembrance Agents (RA)

Watchers

Organizers ("virtual bosses", "slavedrivers")

Simulators

Teamware, CSCW

Decision algorithms and support

Perception Demons

Persogates

Expert systems

Gardeners

Scientists created life
a long time ago
Ain't made made of flesh'n blood
Conway made it so

Creatures they are living there
Speaker'n screen gets them here
They're not alive we hope and pray
But what is life? Is all they say
Max M, Cyberworld

In practice it is as much an art as a science of breeding programs, and the gardeners keep many of their tricks to themselves. The main problem isn't making the computer (usually called a "petri dish"; gardeners are as fond of massively parallel computers as the nanohackers) breed new programs, but to test them to make sure the most fit survive and become the parents of the next generation. Everything hinges on designing the right fitness criteria to make the programs evolve towards to something useful instead of just digital garbage. The gardeners love to debate tournament strategies, the benefits and drawbacks of spatiality, the Dunbar-Koza code, co-evolution and ecological trapdoors - the tricks that can make a difference between a brittle program that only works in the lab and something that can thrive in the real world.

One interesting form of gardening is jungle gardening: allowing programs to evolve on their own, without trying to guide them into a certain direction. The gardeners set up a "jungle", a virtual universe with suitable rules, and let programs compete and evolve inside it. The result is an ecosystem of programs adapted to their world. The gardener then tries to discover useful tricks or abilities that have emerged, just as scientists in the past tried to discover uses for new animals and plants. Sometimes it is possible to find new and completely unexpected possibilities, such as kinine or the Buckry jumper (an efficient way of network process migration, the original success of Hang Ten Pro), but it is time- and intelligence-consuming work.

Many argue that while gardening is often quite useful, it is too dangerous to do for programs able to live freely on the net. There has already been some incidents, and it is known that there is at least one evolution-designed computer virus. The gardeners usually keep their petri dishes isolated and running the programs in virtual machines, preventing them from surviving outside until they are deliberately converted, but many still worry about the potential danger. But the TU needs the programs and their flexibility, and is usually willing to take the risks.

The Hitch-Hiker's Guide to Evolutionary Computation (FAQ for comp.ai.genetic)

Cracking

The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it.

Cracking isn't magic. It cannot get into a system that is off-line (unless somebody obliges the cracker by carrying software into it or connecting it to some communications channel). While the cracker might be able to get into a system he or she cannot immediately make sense of what is in it (not to mention the problems if the system is in a foreign language). By getting access the cracker can get the system to do all sorts of nifty things like listening through computer microphones, looking from workstation webcams, access files and programs and control connected equipment, but in a modern building there is a lot that is not connected to the computer system (like the security system, elevators or locks). And of course, a cracker cannot easily get into a computer that uses an unknown operating system or command language; being nonstandard is sometimes an advantage but don't rely on it.

Catapults and grappling hooks: The tools and techniques of information warfare

Getting into a system usually have three phases: investigating the system, gaining a toe-hold inside, and gaining total access.

Investigation

Even more information can be gained from the cracker grapewine (at least in the case of larger, more well known systems), including who the Sysop is, the security measures and if somebody has managed to get into the system earlier. More direct approaches involve the use of scanning or security testing software that automatically look for many common security weaknesses, and physical examination by checking out the offices of the organization owning the system (looking at the garbage, post it notes at workplaces and bureaucratic procedures can give a lot away).

During the investigation phase, it is important to avoid drawing attention to one's activities. Some systems automatically detect the use of scanning programs and alert the Sysop (who may or may not react), and investigating offices can of course lead to getting caught on surveillance cameras or by security guards. If the Sysop or security department notices somebody is checking out the system they will tighten security measures.

If the investigation succeeds, the cracker will know enough about the system and its weaknesses to plan a way to get into it.

Gaining a toe-hold

Sometimes this is as easy as to exploit a well-known but unfixed security weakness - a lot of people who are not experts simply don't know or care enough to block them. A chilling number of people never get around to change their original main password. This is especially bad among personal computers at home (and if they are linked to corporate networks - bingo!) and when system management is run by management rather than computer people.

In many cases it is possible to make likely guesses of passwords based on personnel information (personal webpages give a lot away!). In organizations forcing the users to use strong passwords (with lots of keystrokes and unusual characters) it is far too common for some people to write them down. If the post-it tags can be found everything is easy. It is also possible to monitor the typing through a window or in extreme cases by a gnatbot (a classic Brinist trick).

It is also quite possible to trick people into revealing passwords, lending keycards or even helping out with getting into the system by the use of "social engineering": appearing like a legit computer maintenance firm doing some testing ("Excuse me sir, could you just type this in and read me what the computer says? We need to see that the firewall code is active now."), a rushed courier needing to deliver an important package ("But I need to have Mr Reitzman's personal signature!"), a lost trainee or anything else. It takes a certain skill of acting, chutzpah and subterfuge, but is extremely powerful.

Another way of getting into the system is through trojan programs that the unknowing user runs that actually leak information. They range from public domain games copied from friends to apparently official software (where the shrink-wrapped package has been invisibly opened, the software subtly changed, and then everything re-closed and put into the next shipment to the organization). One way is to insert viruses that spread from certain programs to other, or new orders for agent programs. There are monitoring systems against this, but they are often unreliable and produce false alarms, which means that more insecure systems often have them turned off or running out-of-date checks.

Bugging of the building, wiretaps or even TEMPEST monitoring of hardware is possible, but requires some security hardware and often the ability to be in the vicinity. This is in the high end of the spectrum of cracking, available mainly to well-equipped agencies.

The ultimate access is to physically crack the hardware, possibly replacing components with bugs, tampering with electronic checks or running brute force cracking software on off-line equipment. Crude but impossible to beat.

A good security policy with users following it can make this phase extremely hard. Fortunately for the cracker few follow it perfectly; the reasonable measures taken by the Sysop is felt like ridiculous rules-mongering by the users, and they will chafe under the demands and often find their own ways of getting back, opening new security holes.

Becoming root

Gaining access takes more work, but is helped by the inside access. Often it can be done using methods similar to the ones used for gaining a toe-hold. At the same time it is fairly precarious, the cracker cannot protect his access against the Sysop. Once root access has been reached, the odds are even. The one holding physical access to the hardware has the final trump, but good crackers do their outmost to leave everything looking normal and unchanged - it is better to have a safe trapdoor than to risk all the work in an overt conflict.

There are monitoring programs keeping track of user activities inside some systems, intended to not just check for intrusion but also frivolous or non-authorized use (some organizations are far more paranoid about their employees than outsiders). During the ascent to root status they are a new danger (beside observation by users or Sysop), and often the climb has to be done very carefully or using accounts that don't arouse suspicion when they use nonstandard software or activate error signals.

Finally, everything becomes many orders of magnitude easier if the cracker has the help of an insider. The insider can supply accurate information, security procedures, passwords, often physical access. The price for this help may vary tremendously.

Cracking Equipment

Network auditing toolkits

Some systems have programs running that detect scans by NATs and report them.

Host-based static auditing tools

Sniffers

Snoopers

Hiring crackers

Intrusion teams are expensive (if they can be hired), and most will carefully check out offers. They have no interest in risking their necks, even if they usually have quite clever lawyers exploiting all the complex legal loopholes of the computer world.

The lone crackers living for their art, are a rare breed and usually rather erratic. On the other hand, they are much more willing to take risks and attack systems for free, but usually only if there is a good challenge involved. This makes them somewhat tricky to use for practical matters such as getting a certain file, unless they can be bribed with something they truly desire (like very advanced hardware, information about the really high-status systems or a chance to boost their egos).

For the system of cracking, see the Research & Development section.

Virtuals

The computer programmer is a creator of universes for which he alone is responsible. Universes of virtually unlimited complexity can be created in the form of computer programs.
Joseph Weizenbaum

Asia is the major market for virtuals. The virtual developers of Beijing, Xi'an and Taipei pour out virtuals running in huge central mainframes or distributed over the net, with themes from sugary Japanese fairy tales over interactive soap operas to surreal sex-death-apocalypse nightmares. Some virtuals are singlepoint (the user experiences the world as if he or she was the only outside person there), but most are multipoint. Some allow small groups or teams to interact, some are able to handle tens of thousands of subscribers at once. The nationalist soap epic "Land of the Grand Dragon" involved at its height over 300,000 simultaneous users distributed over 18 local mainframes linked by a high bandwidth net; in China the virtual corporations are one of the most profitable parts of the economy.

Virtuals are less popular in Europe and America, but still fairly common as cheap entertainment. Most virtuals have to adhere to some standard codes of sex and violence, but since it is trivial to access a virtual running in Thailand or on Haiti (if you can stand a slight lag) this is not much of a barrier for those seeking thrills.

The standard headset is quite cheap and involves a visor and headphones. To this movement sensors are clipped onto the clothes or sewn into them (for higher resolution). More high-quality equipment for professional users or fanatics involve ergonomic datagloves with touch feedback, lightweight projection systems or camera tracking of movements. There are also special full-body harnesses for the die-hards that want 100% contact.

Tracking On the Net

One - You lock the target
Two - You bait the line
Three - You slowly spread the net
And four - You catch the man
Front 242, Headhunter V 3 0

However, it is possible to do devious things to track people through the net. The most common is receipt packets: a net packet is sent to the person to be tracked, containing a request for automatic reception confirmation; the destination system will send back a receipt of receiving it to the sender, who now knows where it went. This can of course be prevented by instructing one's computer to not send back receipts. But there are also trojan messages, messages that contain hidden instructions that cause the user to send out information that can be used for tracking. This works quite well against unwary users, but more experienced or paranoid people disable "active" messages that can do things like this. Even more subtle means involve sending messages that suggests actions (like looking at a certain web page) that can be used to track - the user who want to remain 100% anonymous better use re-routing software for all communications, to make even the most trivial web request untraceable.