Holy smokes (pun intended). The dream is becoming a reality

When Volvo announced plans earlier this week to produce a plug-in diesel hybrid, green car fans understandably got excited. Consider the possibilities of a safe, stylish and highly functional Volvo V70;but one with plug-in capacity, the ability to go 30 or so miles on electricity alone, and the rest of the power coming from an efficient diesel engine. Media reports said this would be “a reality” by 2012.

Three years to a hybrid-diesel wagon is awesome, but not soon enough. The story mentions that Volvo had a concept car in 1992, so this is really a project that has taken twenty years to come to fruition.

Marketing seems to be the main obstacle, not technology.

The company admits that a diesel vehicle with a lithium ion battery will be expensive — and that’s the main point of the company’s announcement this week. Working with Vattenfall, Volvo hopes to gain a better understanding of the driving and charging habits of plug-in drivers. In this way, it can refine the design of its plug-in hybrid and determine if the lithium ion battery — the most expensive component in a plug-in hybrid or electric car — can be made smaller. If so, then the vehicle can be made more efficient, cheaper and especially safer. After all, it’s a Volvo.

The current Volvo V70 plug-in hybrid demonstration car uses a 11.3 kWh battery pack, that at current prices could cost $10,000 or more. Volvo expects those prices to come down, especially if the battery is downsized to meet, but not exceed, consumer needs. The battery pack is combined with a front-wheel drive diesel engine with a rear-wheel drive electric motor. The high cost of combining hybrid and diesel technology so far has prevented auto companies from introducing diesel-powered hybrids — with or without a plug.

Bah, costs come down, as the article suggests not to mention most buyers are not motivated by money alone. I mean people still are paying premium prices for BMW and Cadillac dinos that have a horrible schedule for depreciation, especially today. I just heard that a BMW was found buried in Texas in an attempt at insurance fraud, cars in Miami are showing up in the river, and in Nevada there has been a rash of SUV fires.

Anyway, setting price and irrational consumerism aside, I wonder if the front-diesel rear-electric could be driven as an AWD variant? Awesomeness. I also wonder if GM will be able to pull its sixteen cylinder head out of its tailpipe (what were they thinking?!) and finally get with the clean diesel program. They have made some hints so I guess it isn’t too crazy to hope for a Cadillac diesel-hybrid sport-utility wagon.

Hong Kong police are struggling to figure out who is pouring acid on pedestrians, Time Magazine reports:

After Mongkok’s last acid attack, which occurred May 16, police installed eight CCTV surveillance cameras on two buildings in the area to try to catch the culprit the next time he or she struck. But after spending about $220,000 on the equipment, none of the cameras’ footage caught this week’s attack. Senior Superintendent Edward Leung Ka-ming of the Kowloon West regional crime unit said the collected footage needed to be “enhanced” because of its poor resolution to prove useful. While the district council decides what step to take next with the cameras, the police hope pedestrians might have some tips of their own.

A bottle full of acid was dropped from a building on June 8th, said to have been a rainy night. When it exploded twenty-four people were injured.

Did police realize they needed better resolution only after installing the cameras? And did they plan on any upgrade path for resolution or will it require physical and on-site replacement? Perhaps an even better question is whether the $200K could have been spent on other control measures such as nets covering the street. Not an ideal solution, but if the concern is keeping shoppers feeling safe then nets probably make more sense as they have prevention capabilities rather than just detection.

News is circulating that T-Mobile servers have been breached. An anonymous message to the Full Disclosure mailing list on Saturday was the start of the topic. This message included a claim that T-Mobile has been owned for some time, and that the attackers “have everything” up for sale to the highest bidder. It also included a list of 511 production server details such as their hostname, IP address, OS and applications.

This situation raises two distinct questions. First, how can an organization best anticipate and detect breaches? The second question is how an organization can best respond to a breach, especially with regard to preventing another.

Before answering those questions, a quick look at the spreadsheet of servers raises several other questions. For example, do the 511 servers in the message have anything in common? Are they managed from a particular department or under a specific project? This kind of analysis could help reveal that the attack was a leaked document rather than a breach of network security. A quick review shows all of the systems listed are a UNIX flavor. Either the attackers did not want to reveal a more representative sample from their victims or they may really just have found a UNIX project manager’s USB in a parking lot.

Back to the core questions, the best way to anticipate and detect breaches is by analyzing logs. If the attackers were trying inventory systems on the network, for example, this activity would leave a trail of evidence in those system logs. All 511 servers listed should have the same or similar footprint left by the attackers. The network devices connecting the servers also would have log information to help identify attacks. This means a robust log archive and analysis system would need to be in place when attacks begin in order to capture enough information to identify the problem and alert administrators before the breach is successful or spreads. Log management is no longer just about operating systems and network devices, however. It also needs to incorporate detailed user information from identity systems, especially with regard to shared or system accounts. Identity integration means that if the attackers compromise the “root” account, logs can be correlated to show which user was really using root.

Log management is also critical in responding to a breach. Proving that there was no attack requires an archive of logs that can go back several years. This can be used to counter any claims that the servers have been breached for “some time”. The logs could show that a breach actually did not happen. On the other hand, the ability to identify attack signatures, as mentioned above, also helps with avoiding future breaches. When the attack vector is thorougly understood, an alert can be programmed into Security Information and Event Management (SIEM) systems. Every time a log or set of logs has a particular attack, or even just similarities to other attacks, the SIEM can send out an instant alert or start a watch list for administrators to investigate.

Perhaps most important of all is to recognize the potential cost of disruption from this kind of message. Does your organization have a system in place to rapidly assess the validity of an attack claim? Without an effective system of managing logs and security information, an anonymous message to a forum could pose a significantly high risk even without any validity or proof. The T-Mobile message raises a number of important points that organizations should reflect upon as they review their logs tonight.