Here you go...


General
-------
In the episode title, on p. 20, etc. it is said that "There's a
technique called 'backscatter' which can trace back to the source of
the hack." But: I don't think this is actually the meaning of the
term. Backscatter (in this context, as opposed to in physics/remote
sensing, etc.) is the receipt of failed delivery messages
(corresponding to invalid recipient email addresses) in the inbox of
a sender whose email address was forged by a spammer. See e.g.
http://spamlinks.net/prevent-secure-backscatter.htm

Thus, the title of and terminology in the episode may actually need
to be changed.

p. 1:

I do not quite understand the math in the beginning: With 574
million accounts, and 500 million stolen accounts per year, the
chances that somebodies account was not stolen over the last three
years is about 0.1%. This seems not right, since that
would mean 87 of all accounts are stolen each year, which personal
experience suggests is not the case ;) So probably dollars. (Ah
yes, on p. 4, stated as dollars.)

"Verify your account number and password immediately." Immediately?
I've never seen "Immediately" on a password verification screen.
Sometimes, there is a countdown screen.


p. 3:

"David pulls the Hacker's LAPTOP out of the dumpster." Dumpster
gleaning -- looking for recyclable material -- is a very common
occurance. Dropping an intact laptop into a dumpster would be a
very ineffective way to cover up a crime.

More likely, they'd run the actual work off a thumb-drive, then
degauss and toss that. For fast degaussing, a big magnet from
http://unitednuclear.com/magnets.htm could be used. Note that
"These guys are smart." is said on page 7, so they should act smart.
Tossing a thumb drive or flash card into an open dumpster would
also be less suspicious.


p. 4:

The 5% response rate for phishing seems too low to me.

A good marketing gets already about 3%:

http://www.hp.com/sbso/productivity/office/direct_marketing_guide.html

So if somebody is concerned about their accounts,
they will much more probably answer. I read about 30% response rate:

http://www.marketwire.com/mw/release_html_b1?release_id=70388

Note that the chances diminish as a person faces more
attempts.

A: "some people are dumb enough to give it to them?" Maybe "some people
actually give it to them?" (I'm wondering what percentage of the show's
viewers have fallen for this... :-)

C: "Any tech guy". Could this be "Any techie"? (Btw, the word 'guy'
appears more than 20 times in this script and 4 times on page 9.)

p. 7:
However, seniors might be less likely to have and use email. Might
also want to change "seniors" to something like "seniors with large
retirement accounts" (since this is definitely only a subset of the
set of all seniors).

"Within hours they already had a few hundred people mailing in
account information." -- If this is non-net-savvy seniors, then
most only check their emails once every few days. "Hundred" should
be "dozen". It technically isn't mailing in, it's logging on (to a
fake bank site).


p. 11:
There are many references to "insurance scam". There was one, involving
Russian mob I thnk, in the Boston area, which was interesting and could
be fun to include. (I heard it from Mtrott, so he may have more
details/corrections...) People would drive in a reckless way on purpose,
and get into accidents that would appear to be the victim's fault, like
  a rear-end collision. It was a finely tuned thing, to cause the
appearance of a certain kind of injury (I think spinal/neck) and the
criminal/"victim" would collect hundreds of thousands in health
insurance claims. It came about when a cop by chance was dealing with
same accident scene scenario, and starting wondering why the accidents
were so similar.


pg 12:

Don's "How do they know I didn't just withdraw all my cash myself?"
Banks keep tabs on transaction patterns, and any really large one would
be suspect, at least after the fact. :-)

Homeland security investigates anything even slightly suspicious, such
as paying off more than the usual amount on a credit card:
http://yro.slashdot.org/article.pl?sid=06/03/06/2236240



p. 13:

Some details for a good attack:

http://grouper.ieee.org/groups/1363/Research/contributions/attackEC.ps

I like the monk/grad student joke :)

Actually, a bank would never use anomalous elliptic curve because
they are known to be weak/crackable (i.e., there is an attack on
them due to Semaev, Satoh-Araki and Smart). In fact, they are
specifically prohibited in all (draft) standards of elliptic curve
systems:

http://www.isg.rhul.ac.uk/~sdg/ecc.html
http://www.comms.scitech.susx.ac.uk/fft/crypto/EccWhite3.pdf

The bank could use (written in COBOL) a 64-bit public key
encryption. Ten years ago, that was uncrackable. These days, a
hacker of Yuri's stature with access to a 50000-node zombie network of
modern computers could crack it in seconds.

http://en.wikipedia.org/wiki/CRYPTREC


p. 14:

Charlie with his high security clearance and NSA connection would
surely contact them and see if the (still running?) TIA has any
records of the attack

http://www.dod.gov/releases/2003/b02072003_bt060-03.html

or NIMD

http://72.14.203.104/search?q=cache:ZIzf1F9ZBBEJ:www.ic-arda.org/Novel_Intelligence/+NIMD&hl=en&gl=us&ct=clnk&cd=1

Hop-by-hop, more commonly known as onion routing, is a technique for
anonymous) communication over a network.

Internet Control Message Protocol (ICMP) is a core protocol of the
Internet protocol suite.

Backscatter refers to the side effect that, when spammers forge
someone's email address to send messages, a possibly huge number of
failed delivery messages (corresponding to invalid recipient email
addresses) end up in the inbox of the forged sender.

The closest I can get to any of these allowing communication to be
"traced back" would be using traceroute (which runs over ICMP) to
see the routers a given request passes through. So I think this
needs some reworking. (See also general comments above.)


p. 15:

I don't understand Amita's ad-bot. If it's spyware, it's sitting on
*Don's* computer, and all it could do would be to send some sort of
request to his bank's computer/databases. If Amita's looking at the
bank's access logs, she couldn't necessarily tell what was making
the requests (how would she know it's an ad bot?), although she
*could* tell where they were coming from (i.e., an IP address
corresponding to Don's ISP). But I really doubt any bank would let
a random astrophysics grad student look at their live account access
logs...

Of most interest are botnets, or zombie networks. When a computer
is unprotected, it is taken over within hours. There are "millions
of zombie drone machines."

http://it.slashdot.org/it/05/06/19/1858233.shtml

"multi-wave gravity idea" does not realistic. Use some more real
developments, like "double special relativity" or "relaxing to three
dimensions" or "landscapes of string vacua"

http://arxiv.org/abs/gr-qc/0602075
http://arxiv.org/abs/hep-th/0506053
http://cdsagenda5.ictp.trieste.it/full_display.php?smr=0&ida=a05205

(notice that the time of this conference might exactly fit the
airing date -:))

Re: Larry not knowing what city. Maybe believable for St. Louis, or
Cleveland, if he's never been there, but he would have been to
supercomputer center at UCSD before. If you want to use another city on
the water, what about Minneapolis?

p. 16:

What's a "code run"? 

Some of the transactions are suspicious.  That, or he has a list
of running programs.

p. 19:

"Spope" is a slightly strange name. But "Ned S. Pope" isn't ;)

Or possibly "P. Spondee." (Spondee: two overstressed syllables.)

How was Don's credit card able to be used to post $100k in bail
unless Don had a $100k credit limit? Which seems unlikely for an
FBI agent...

pg 20: It's unclear who's done the work....C: "Amita came up with her
own version", then David "Charlie isolated the computer", then Charlie
answers 'yes' to the student's "Is this something you developed?"

p. 22:
"The FBI's using information gained through this application to
locate the person behind an unauthorized access into a computer
database."

That's specific. Charlie might go for the bigger picture. "How
many of you have been hacked, phished, or spammed? (everyone raises
their hands). This method of analysis can help."

p. 23:

"This sequence in the hacker's program..." Programs don't contain
sequences. They have subroutines, algorithms, implementations,
code, etc. "...the current function" doesn't make sense either. How
about something like: This piece of code in the hacker's program
never actually gets executed.

The "restated as a series of numbers" could use a bit of work. How
would these numbers actually appear in an unused subroutine?

The sequence should be "23 5 18 5 23 1 9 20 9 14 7 4 21" (I.e.,
there's a space missing in the "1_9" term, although the "1" is given
correctly above in 23.)

Here's how to compute this in Mathematica :)

In[1]:= Characters["WEREWAITING4U"] /. Thread[CharacterRange["A",
"Z"] -> Range[26]]

Out[1]= {23, 5, 18, 5, 23, 1, 9, 20, 9, 14, 7, 4, 21}

pp. 27, 30, 34, 35, 43: "I want to try Superagency theory". Perhaps:
"I want to try applying multiplayer game theory to strategic and
cooperative interaction in multi-agent systems."

When faced with the sequence, Student #2 might say. "23 5 18 is in
Sloane, W E R on a keyboard.  Are they letters?" 
http://www.research.att.com/~njas/sequences/A002252  

"4 21" would be translated as "D U" "6 15 18 21" might be more
natural "for u" Or he could cross out the D and put 4.


p. 26:

"The hacker used our backscatter search to create a SubVirt in our
computers -- a subversive virtual machine that ran underneath our
operating system. The hacker had complete control of the software we
were using."

Yuri hacked into 8 computers controlled by Charlie? And used a
program sophisticated enough to handle anything Charlie could think
up? No program can do that -- classic Turing Test stuff.

Instead, Yuri could have just controlled the data that filtered to
Charlie. That would be easy. Charlie assumed it was good data. Yuri
could have set up a zombie computer for Charlie to find. Charlie
was still outsmarted. Yuri suspected that Charlie would search for
a particular kind of information, and supplied it.


p. 27:

Instead of 'superagency theory', Charlie could use 'quantum game
theory'

http://www.marginalrevolution.com/marginalrevolution/2004/10/quantum_game_th.html
http://physicsweb.org/articles/world/15/10/7
http://www.orlingrabbe.com/quantum_game_theory_abs.htm

And Amita could have written (an unavoidably slow) emulation of a
quantum computer so that they can run a quantum game:

http://arxiv.org/pdf/quant-ph/9707034
http://arxiv.org/pdf/math.HO/9911150.pdf

Maybe even Charlie had some breakthrough in his bran research to
model the intention of the bad Russians.

Another possibility would be to use 'cognitive informatics' to model
the behavior of the Russians

http://chaos.dvo.ru/books2/information%20theory/cognitive%20informatics%20a%20new%20transdisciplinary%20research%20field.pdf

p. 28:

"Economics is math." Actually, economics is social science. More
precisely, from http://en.wikipedia.org/wiki/Mathematical_economics:

Mathematical economics is the sub-field of economics that explores
the mathematical aspects of economic systems.

Modern mainstream economic research typically makes extensive use of
formal mathematics and mathematical modeling. As a result, the
distinction between mathematical and non-mathematical economics is
much less clear today than it once was. The mathematical tools
economists use today are often applied in other sciences and applied
mathematics as well.

p. 29:
"this violence is nearly unprecedented." Actually, the previous
gang case featured 800+ deaths. I'd say the trap was unprecedented,
but not the violence.

p. 30:
"Box up the case related materials, I'll send somebody'll be
by to pick them up." Grammar.

p. 32:

It would be unusual to hear a math/applied math prof say "There are
n ways to define functions" for *any* precise value of n ;)

Charlie's phone could have a little camera, and when starts to take a
picture, they leave.



p. 37:
"But we've got no forensics from Charlie's office, or your house."
Don't forget the classroom.

p. 40:

You might want to mention Poincare with regards intuition and math:

http://www.iep.utm.edu/p/poincare.htm

A good book on this subject is

http://www.amazon.com/gp/product/0691087598

To not give a layman a wrong impression about the relation of
intuition in math research, Charlie might want to emphasize
that intuition is important in the finding process, but then
one still has to give a proper proof.

http://arxiv.org/PS_cache/math/pdf/0212/0212308.pdf
ftp://ftp.di.ens.fr/pub/users/longo/PhilosophyAndCognition/reason-effect.pdf


p. 41:

"He starts writing a line of symbols." -- This would not be the
first inclination. Charlie would start by going through the files,
searching for data to support a new hypothesis. Particularly, the
timing of certain events. He might write date/times on the board.
He might already have a board with the events written on them. In
that case, he could point out the clusters.

If they do darts instead, someone could say "nice clustering" to set
Charlie off.