Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Homeland</strong><br />
The key word here is “old.” That's because running a pretend computer inside a real computer<br />
is slow. But computers double in speed every eighteen months or so -- this is called<br />
Moore's Law, for Gordon Moore, who helped start Intel. That means a brand-new computer<br />
will be about sixty-four times faster than a computer you could buy for the same money six<br />
years ago, which means that so long as you're working with old VMs, you probably won't<br />
even notice the lag.<br />
But lately, computer manufacturers have been figuring out how to design chips to run VMs<br />
more efficiently, so the gap between a VM and the real computer it runs on keeps shrinking.<br />
This means that it's easier than ever to try out new operating systems and new programs. If<br />
there's something you're really paranoid about, you can just run a free VM program, install<br />
a free OS on it, and run anything you want in that little sandbox. Nothing that happens in<br />
that VM can affect your real computer -- not unless you give it privileges to see your real<br />
hard drive and real files. The VM is like a head in a jar, and you can tell it anything you<br />
want about what's going on in the world and it'll have to believe you.<br />
You can download hundreds -- thousands! -- of VMs from the Internet and just fire them<br />
up as you need them. Want to turn an old computer into a router or a file server for an<br />
hour or a day or a year? Various sysadmins have bottled up perfectly tuned VMs that run<br />
any specialized function like that out of the box. There are even user-reviews to help you<br />
figure out which ones are the good ones. And since it's all built on open, free code like<br />
Linux, anyone can modify, improve, and redistribute them.<br />
I went hunting for an extra paranoid VM, and I found one. It started with a copy of ParanoidLinux,<br />
my own favorite distro, and nuked any programs and services you didn't need,<br />
to make it all the more bulletproof. ParanoidVM also stored its user files in TrueCrypt plausible<br />
deniability chunks, so there was no way to tell from the forensic examination of the<br />
disk how many users there were and how many files they had.<br />
That was good for starters, but I wanted a dead man's switch: something that would cause<br />
the whole thing to lock itself and shut down if I didn't do something every fifteen minutes.<br />
So I wrote a little script that hit me up for a password every quarter hour. If I didn't enter it,<br />
it would issue a system-wide command to kill any VMs that were running, then erase itself.<br />
So if a snatch squad were to nab me, all the work I'd done on the files would disappear<br />
unless they could torture the password out of me in a quarter of an hour.<br />
They'd still have the key and the torrent file, but they wouldn't know whom I'd shown anything<br />
to or what we'd talked about. All I'd have to do is key in my password every fifteen<br />
minutes, and not go off to the toilet or forget and go to dinner, or I'd lose everything I'd<br />
worked on up to the last save-point.<br />
There's a technical term for this kind of security work: yak-shaving -- wasting time doing<br />
silly chores to avoid something harder and more important. There was an old essay I liked<br />
about working for Google by a hacker called Dhanji Prasanna, which talked about “shaving<br />
<strong>SiSU</strong> www.sisudoc.org/ 76