The Art Of Noh

Chromebook - A New Class of Risks

2011-05-31T09:18:16Z

We are certainly living in interesting times. It was less than a week ago that a rumor appeared that Apple is going to switch to ARM processors for its next generation of laptops. (http://www.pcworld.com/article/227301/apple_may_switch_to_arm_chips_in_laptops.html)
Obviously, this has very interesting implications for the future of computing and seems to indicate the increasing need for a computing platform that uses less power and that can be used for a day without the need for charging.

Earlier today, Google surprised the world by announcing the Google Chromebook - a netbook (huh, aren't netbooks dead?) computer concept, built for now by Samsung and Acer around the Atom N750 CPUs. With 2GB of RAM and 16GB of SSD storage, the specifications are somehow low-end, however, this might not be a problem because as Google says in their promo, the web has more storage space than any computer. The price, when these will be available, is believed to be in the range of $400-$500.

When I saw the announcement, I thought to myself - why would anybody buy something like this? Low end hardware, more expensive than other netbooks and definitively not as attractive as an iPad? Obviously, the answer here is in the "cloud".

Google Chrome OS is the first commercially available consumer cloud-centric OS. It is designed around the concept of "expendable" terminals that you can lose, drop or simply throw away without fear of losing your data, which is safely stored into the cloud. From this point of view, the operating system could get damaged or even infected with malware and all you have to do is to reinstall it and re-authenticate with the cloud storage to get exactly the same computing experience as before the crash.
Here, I would like to make a mention about the "infected with malware" part. Interesting, Google's promo claims "it doesn't need virus protection".

Sadly, this claim comes at a pretty bad time, since the French company VUPEN Security having announced only a few days ago that they've cracked the security protections build by Google into Chrome and are now able to infect a computer through a malicious page when it's browsed.
Of course, some might say, "even if I get infected, I'll just reinstall, put back my credentials and bye bye virus!". I agree that is absolutely true - Chrome OS has been designed in such a way that it's extremely resilient to modifications and has a good self healing capability.

Several years ago, I wrote an article saying that malware evolves based on three conditions:

• When hardware and operating system evolve (eg. Windows 95 killed boot viruses)
• When security defenses change (eg. firewalls killed network worms)
• When people start using computers in a different way (eg. Social networks)

With the Chromebook, we have an interesting case, when all these three conditions are met. It's a (somehow-)new operating system, it has new security defenses into place (self healing, updates) and it's used in a different way - the data is not on the computer but in the cloud.
So, what can we expect from a security point of view? Obviously, with all your data being available into the cloud, in one place, available 24/7 through a fast internet link, this will be a goldmine for cybercriminals. All that is necessary here is to get hold of the authentication tokens required to access the cloud account; this is actually already happening with malware that has become "steal everything" in the past years. Although the endpoint is now more secure, the situation is that the data is in a more risky place and it will be much easier to silently steal it.

Most of the attacks nowadays focus on infecting the machine and then hiding the presence of the malware for as much time as possible to intercept banking transactions or credit card numbers.

With Cloud centric OS'es, the race will be towards stealing access credentials, after which, it's game over. Who needs to steal banking accounts, when you have Google Checkout? Or, who needs to monitor passwords, when they're all nicely stored into the Google Dashboard?
Of course, this could seem a bit gloomy, but these problems are inherent to any Cloud-centric OS.

Earlier today, I got asked by a friend- "How is Chrome OS from a security point of view, better or worse?". I answered, "It's better, but much worse".

Xtreamer e-TRAYz NAS

2010-02-10T10:53:05Z

Couple of weeks ago, I came by an interesting device - the Xtreamer e-TRAYz NAS.

This is a little device that looks like an UPS and can host up to two SATA HDDs inside. After checking the features list, I decided to get one and use it at home for backup and such.

The device sells without HDDs. Personally, I decided to use it with two WD 2TB Green HDDs.

A couple of nice things about the e-TRAYz NAS: first of all, it runs Linux.

~# uname -a
Linux etrayz 2.6.24.4 #1 Thu Dec 10 11:35:17 KST 2009 armv5tejl 
ARM926EJ-S rev 5 (v5l) Oxsemi NAS GNU/Linux

It has ssh, apache with php support, smb, ftp and surprisingly, even mysql and unrar.

~# unrar | head -3
UNRAR 3.80 freeware      Copyright (c) 1993-2008 Alexander Roshal
Usage:     unrar command...
~# file /usr/bin/unrar
/usr/bin/unrar: ELF 32-bit LSB executable, ARM, version 1 (SYSV), dynamically linked
(uses shared libs), for GNU/Linux 2.6.14, stripped

The hardware runs on an ARM926EJ-S CPU, which according to the description page is an "entry point processor capable of supporting a full Operating System such as Linux, Windows CE, and Symbian".

~# cat /proc/cpuinfo
Processor       : ARM926EJ-S rev 5 (v5l)
BogoMIPS        : 183.09
Features        : swp half thumb fastmult edsp java
CPU implementer : 0x41
CPU architecture: 5TEJ
CPU variant     : 0x0
CPU part        : 0x926
CPU revision    : 5
Cache type      : write-back
Cache clean     : cp15 c7 ops
Cache lockdown  : format C
Cache format    : Harvard
I size          : 32768
I assoc         : 4
I line length   : 32
I sets          : 256
D size          : 32768
D assoc         : 4
D line length   : 32
D sets          : 256
Hardware        : Oxsemi NAS
Revision        : 0000
Serial          : 00000acbcaf52a80

As an interesting note, this is probably that first CPU that I see with native Java support.

The system also features 128MB of RAM and during installation, is configured with 500MB of swap space:

/var/log# free
             total       used       free     shared    buffers  cached
Mem:        126052      95108      30944          0       4956   46284
-/+ buffers/cache:      43868      82184
Swap:       499896       2036     497860

The CPU is not very fast, for instance, it does MD5 at about 12MB/s:

[11:~]$ dd if=/dev/zero  bs=10240 count=10000 | md5sum -b
10000+0 records in
10000+0 records out
102400000 bytes (102 MB) copied, 7.94591 s, 12.9 MB/s

To compare, a MacMini with an Intel Core 2 Duo CPU at 2.0Ghz does about 200MB/s.

The 2TB WD Caviar Green disks are not fast, but in a NAS with 100Mb link, speed is not such a big issue.

[13:~]$ hdparm -tT /dev/sda
/dev/sda:
 Timing cached reads:   228 MB in  2.00 seconds = 113.85 MB/sec
 Timing buffered disk reads:   52 MB in  3.11 seconds =  16.71 MB/sec

Reading is around 16MB/s. Comparatively, on an Core 2 Duo machine, the same disk achieves around 97MB/s.

Now, for the smart stuff inside this device. Obviously, it has been designed by programmers, with programmers and heavy tech users in mind.

[20:/]$ mount
/dev/md0 on / type ext3 (rw,noatime,nodiratime)
/dev/md2 on /home type xfs (rw,noatime,nodiratime,prjquota)

While the root is formatted with ext3, it has noatime and nodiratime turned on - nice! Additionally, the storage partition (which is raid1 for me) is formatted not with ext3, but XFS! XFS is my preferred choice on Linux, glad to see the people designing it knew their ins and outs.

Additionally, there is a lot of fine tuning in /etc/rc.local to optimize power usage, temperature and fan control.

echo 1 > /sys/module/thermAndFan/parameters/output_flag
echo 50 > /sys/module/thermAndFan/parameters/cold_limit
echo 1 > /sys/module/thermAndFan/parameters/hot_limit
echo "60" > /proc/sys/vm/dirty_ratio
echo "1" > /proc/sys/vm/dirty_background_ratio
echo "core.%e" > /proc/sys/kernel/core_pattern

Again, respect to the people who produced the configuration, they didn't just dump some Linux on it but knew how to properly finetune it for the device.

Now, for the eye candy and GUI:

A number of very nice features can be accessed through the web interface, for instance, the BitTorrent client and rapidshare direct download client. I found the BitTorrent to be particularly funny as it features a preinstalled searchable RSS feed to ISOHUNT and Mininova:

There are a couple of other nifty features in this device, but I'll let you discover them for yourself. The eTRAYz can be purchased in Romania from xtreamer.ro, for a promotional price of 549 RON (133 EUR).

Personally, I think it's worth!

Update (2010-02-11):

My friend Razvan Musaloiu-E asked about Gigabit support. Here's a "dmesg | grep eth0":

eth0: PHY is LSI ET1011C
eth0: GMAC ver = 51, vendor ver = 17 at 0xe8000000, IRQ 8
eth0: Found PHY at address 1, type 0x0282f014 -> 10/100/1000
eth0: Ethernet addr: 00:1c:85:20:0f:dc
eth0: PHY is LSI ET1011C
eth0: LSI ET1011C PHY no Rx clk workaround start
eth0: LSI ET1011C PHY no Rx clk workaround end
eth0: PHY is LSI ET1011C

So it looks like Gigabit support is there too, but to be honest, I don't have a router and cables to test it.

Why is Apple Meddling With My Windows AutoRun?

2009-11-09T14:18:27Z

In every system designed by man, there is always a balance between features, usability and security. While designing pretty, easy to use and secure systems is possible, quite often this is not what the users get, or, worse, this is not what the users want.

The most popular example of this applies to Apple. Focusing on eye-catching designs and easy to use products, Apple is listed in almost every marketing book as a success story.

Interestingly, maybe their second most popular software product, Mac OS X (after iTunes) represents a curious blend between eye-catching, easy to use, flexible, usable and decently secure, modern operating system. Please notice how I avoided saying "secure" and instead, wrote "decently secure". Not wanting to start a holy war, I'd like to state that no operating system is bulletproof. Or, if an operating system even remotely tries to achieve that, nobody really wants to use it. Take VMS for instance; it was maybe one of the most secure operating systems ever design, yet, it was a pain to use. Ten years ago, in my University, the people doing schoolwork on VMS dreamed of doing it on Linux. Yet, a computer running VMS with 4MB of RAM and a 40MB hard drive could host 50 concurrent users, while a similar Linux computer started having issues with more than 10 users. VMS was not only secure, but it was resource efficient as well. It was that good. Yet, it went into oblivion, just like it will happen to any other secure but a-pain-to-use OS.

With Windows 7, Microsoft made an interesting move. The developer of the most attacked operating system in the world decided to turn off an age-old option. This was one of the options that made the operating system easier to use but much, much more insecure. I'm talking of course about AutoRun.

You can imagine my surprise when I got the following message from iTunes, while plugging my iPod to transfer some newly purchased albums:

So, iTunes detected that my system was more secure but less usable, and decided that maybe it's a good idea to change that back! My surprise was even bigger after seeing the following message from iTunes:

Therefore, even if AutoRun is off, iTunes will still recognize my CDs!

With that in mind, Apple's decision with iTunes doesn't make any sense. It took Microsoft more than 25 years to finally understand how important security is, and then it took them another 5 years to understand that AutoRun is inherently flawed and insecure, so it needs to be deactivated by default.

As I was saying, Apple is a success story when it comes to combining easy to use technology with eye catching design, while keeping it also decently secure. It is a real pity though when somebody finds slips like the one above. Will it also take them 5 or 10 or even 25 years or so to understand the dangers of AutoRun?

I certainly hope not.

[guest editorial written for Threatpost.com - check the original post here]

Crawling Twitter

2009-10-20T11:11:57Z

Slides from my Virus Bulletin 2009 presentation (together with Morton Swimmer) in Geneva:

Twarfing: Malicious Tweets

View more presentations from Costin Raiu.

Additionally, if you can read Romanian, I've written a short story about the project for my friend Radu Georgescu's blog here (thanks for the invitation, Radu!):

http://www.radugeorgescu.ro/2009/10/15/malware-de-pe-twitter/

Enjoy,
Costin

The dark side of teaching

2008-08-08T11:11:55Z

Grant Joy runs a program that surreptitiously records every keystroke on his machine, including user names, passwords, and credit-card numbers. And Thomas Fynan floods a bulletin board with huge messages from fake users. Yet Joy and Fynan aren't hackers—they're students in a computer-security class at Sonoma State University. And their professor, George Ledin, has showed them how to penetrate even the best antivirus software.

http://www.newsweek.com/id/150465

Back in my university years, we had course dealing with the topic of Data Communications. Not unusual for my faculty, the lab part of the course included a couple of things which had nothing to do with communications. For instance, there was one homework which requested the students to write a boot virus. I went to the assistant and asked for another assignment, as writing viruses is not something I wanted to do. The assistant refused my proposal, refused discussing the subject (he was 'busy') and subsequently gave me 0 points for that particular homework.

Every now and then, in a teaching institution, somebody comes up with the brilliant idea of teaching students about malware. I am not joking here, it IS a brilliant idea. What is however wrong with it, in 99% of the cases, is that the people who come up with the idea have absolutely no clue about ethics or just don't care about it. They also do not understand that writing malware is not the best way to teach people about how to protect against it. Actually, writing malware is the easy way; it is much easier to write malware than writing antivirus programs. Of course, there is also a dark attraction towards writing malware and young people are easy to fall prey to it.

Back to my university years and to the boot virus writing homework, only a few people bothered doing it. Of them, most actually took the Michaelangelo (March6) sourcecode and shuffled it around. A few years later, I heard that homework was removed from the course's curriculum. Most of the people were just taking existing boot viruses and patching them. And it wasn't really a Data Communications assignment per-se.

There are many other more interesting things to teach about than writing viruses, sending spam and circumventing protection solutions. Yet, there will always be people willing to join the dark side, for one reason or another.

The bad thing is that their number seems to be increasing from year to year.

LinkedIn 419 scam

2007-10-22T14:48:30Z

Bad guys using LinkedIn for what it seems like a 419 scam:

Simpson Millar’s CONSULT AND CHAMBER,
LIVEPOOL UNITED KINGDOM
Tel: xxxx
Email: xxxx

How are you? i trust you are having a nice day. I am mailing you in reference of investment in your country through you. I am delighted to let you know that, am a consultant and associate of Simpson Millar’s CONSULT AND CHAMBER, UNITED KINGDOM.

I have a client (Kurt Kahle) based here in the UK, who died in the year 2000 with all the members of the Family died in the Plane Crash. You can as well confirm this news at the BBC News Website:
(http://news.bbc.co.uk/1/hi/world/europe/859479.stm)

leaving behind the sum of GBP 11, 520,000.00 (Eleven Million, Five Hundred and Twenty Thousand Pounds). Before his death he disclosed to me his intention of investing in Real Estate business in foreign country and I have not been able to contact any of his family members. He further told me that he deposited this money in Security Company GERMANY for this project.

Meanwhile, i would want us to discuss on how this investment we be done, I am entrusting you with the transaction, since i have not been able to contact any of his family members. As soon as i received from you the confirmation of taking care of my late client properties, we shall then been discussing on how to consult the security company in GERMANY, on how this fund should be release to you for the investment properly.

Wait to hear from you soonest.

Regards

Johnson Mills

Company: Simpson Millar LLP
Job Title: Project
Description: Investment Project

Audio stock spam

2007-10-18T14:58:48Z

Today I've seen a couple of reports from various people that the Storm gang has changed once again tactics and started sending out MP3 files with pump and dump stock hints.

Here's one such example received by my girlfriend on her Yahoo e-mail account.

The stock they are spamming, as far as I can make it from the bad quality MP3 is:

http://finance.google.com/finance?q=exto

So far it seems that the method is not as good as the old fashioned plain text stock spam but I'll keep an eye on it to see if it picks up.

Restarting in 5

2007-10-12T08:46:32Z

Earlier today I launched a wget to fetch FC7 from www.linuxusers.ro. While I was doing other things, I saw the following window appearing on my laptop:

I wonder if Windows figured out I was downloading Fedora and decided to do something about it. ;)

Anyways, it strikes me as a really bad thing to reboot an user's machine without asking first. Bad, Microsoft, very bad.

Some photos from VB 2007

2007-10-08T08:02:44Z

http://picasaweb.google.com/costin.raiu/VirusBulletinConference2007

Yahoo's baaad habit

2007-07-09T10:13:36Z

Looks like Yahoo Messenger has gotten a very bad habit recently, of installing the Yahoo Toolbar in IE without consent.

If you use Yahoo Messenger but install it without the IE Toolbar, then you get a security patch install warning from Messenger and accept it, then apparently the security patch will also install the Yahoo Toolbar, without any question, warning and of course, consent.

I'm personally not necessarily against the Yahoo Toolbar, but installing it without the user's consent strikes me as something that a respectable company should not be doing.

Eggs you'll take to heart

2007-05-25T09:58:52Z

Cholesterol AD on a car in Kuala Lumpur.

Cryptovirology

2007-03-18T16:47:57Z

The List of Dubious Research - 3

A copy and paste from:

http://www.cryptovirology.com/

This chapter presents an experimental implementation of cryptoviral extortion, an attack that we devised and presented at the 1996 IEEE Symposium on Security & Privacy [16] and that was recently covered in Malicious Cryptography [17]. The design is based on Microsoft's Cryptographic API and the salient aspects of the implementation were presented at ISC '05 and in the International Journal of Information Security [14,15]. Cryptoviral extortion is a 2-party protocol between an attacker and a victim that is carried out by a cryptovirus, cryptoworm, or cryptotrojan. In a cryptoviral extortion attack the malware hybrid encrypts the plaintext of the victim using the public key of the attacker. The attacker extorts some form of payment from the victim in return for the plaintext that is held hostage.

GPCode was the first real world malware to implement a PK "cryptoviral" extortion attack. In 2006, we've been able to break the 660-bit RSA encryption employed by GPCode.ag. That was only possible because of several clever observations of our analysts, however, it is pretty obvious for anybody that a properly implemented attacks of this type would be impossible to defeat. As I write these lines, I wonder how much the research from www.cryptovirology.com influenced the person behind GPCode.

Evolution of network attacks

2007-03-02T11:33:53Z

"The developments of 2006 have highlighted two major trends in the evolution of attacks carried out via the Internet.

The first trend is the apparition of the now constant “background noise”, which is caused by the Slammer worm and the bot armies which exploit relatively old vulnerabilities. [...]

The second trend is probably far more significant in terms of the evolution of the Internet"

From my recent article: "Kaspersky Security Bulletin 2006: Internet Attacks"

Catching fast worms

2007-02-22T13:49:14Z

While going through my e-mail backlog, I came by a story on DarkReading. It seems that a group of researchers from the Penn State University have launched a startup which sells their newly developed worm catching technology.

Based on my statistics from Smallpot and MailPot, two honeypots I've developed during the past 4 years at Kaspersky Lab, fast spreading worms are a thing of the past. Actually, even slow spreading, network aware are more or less dying, being replaced by automatic hacking tools and direct network attacks. More about the death of network worms and the rise of targeted attacks in an article I have written for viruslist.com, scheduled for publishing next week.

I guess new ways to fight worms are always welcome, but unfortunately, I suspect those designed to catch fast moving malware will not very successful in the next 5 years. With Microsoft producing more secure versions of Windows and CPU developers trying to mitigate security issues in software through prevention of code execution in data segments, worms that spread automatically between computer systems might become a thing of the past pretty soon. They will be replaced by malware based upon social engineering techniques, malware that is exploiting the weakest link of any computer system: its user.

Trenul cu vedere la ferestre

2007-01-31T19:59:07Z

De cateva zile, in lumea Trenului Polar tras de Pinguini (tm), umbla un zvon. Confirmat de anumite persoane si infirmat de altele, zvonul se raspandeste cel putin cu viteza luminii, deoarece in galaxia trenului polar, limitele fizice sunt cu totul altele decat in lumea oamenilor care citesc bloguri de pe Internet.

In orice caz, zvonul, ingrijorator din anumite puncte de vedere, spune ca undeva spre Polul Nord, la sediul companiei Trenurilor cu Ferestre (r), se lanseaza un nou tren:

Trenul 'cu vedere la ferestre'.

Persoana 1: Salut, omule bun!
Persoana 2: Salut frate calator!
P1: Ai auzit?
P2: Aaah?
P1: Au dat drumul la trenul cel nou!
P2: Nu, pe bune!?
P1: Da!
P2: ...
P1: Se aude ca acum au si locuri la geam! Adica poti sa vezi din tren, in timp ce mergi!
P2: Incredibil!

Undeva, in stanga mea, cam la zece metri, doi tipi cu barba discuta despre noul tren cu vedere la geamuri. "La FE-RES-TRE!", ma corecteaza un calator de langa mine, ce trage cu ochiul peste umar la ce scriu. Ma trag mai intr-un colt, in speranta in care omul spion se va muta si el in alta parte cu spionatul.

Dupa cum spuneam, noul tren cu vedere la g... ferestre a devenit subiectul fierbinte al zilei. In toate garile de pe traseul trenului polar, reclame mari, in care un tren cu ferestre multe si mari - cum e mai bine - trece printr-o zona cu dealuri verzi, ca de basm. "Calatoriti cu noul tren cu vedere la ferestre!". Parerile sunt impartite. Unii deja au cumparat bilet, desi trenul a inceput sa circule abia ieri, altii spun ca nu vor merge cu el nici daca intra in greva pinguinii - mai bine merg pe jos!

In timp ce scriu, langa mine se aseaza un alt calator. Dupa expresia senina si nestiutoare, pare sa fie un client al trenului cu o mie si una de ferestre. Ma uit la el, se uita la mine, ne privim. Expresia senina se transforma intr-o masca superioara - imi imaginez ce gandeste: "asta e dus cu pinguinul!".

Recunosc, cu inima si borcanul de muraturi deschise, ca in ultima vreme am calatorit din ce in ce mai mult cu Trenul Polar tras de Pinguini. Complet gratuit, trenul polar tras de pinguini este din ce in ce mai frumos, vine regulat si se opreste din ce in ce mai rar - tot ce conteaza este ca pasagerii sa ajunga la destinatie fara probleme.

Nici trenul pe baza de mere nu o duce rau. Baietii de la firma cu mere muncesc din greu si desi in ultima vreme sunt mai mult preocupati de sertarele muzicale, nici trenul nu a fost uitat. Dotat cu noi imbunatatiri la mere, care acum sunt mai mult inteligente decat puternice, trenul cel alb (uneori negru, sau argintiu) este visul multor calatori chiar din trenul polar tras de pinguini.

- Ce parere aveti de trenul cu vedere la ferestre?

Calatorul nou venit incearca probabil sa deschida o conversatie pe tema zilei.

- Pai nu prea stiu ce sa zic, am auzit de la unii oameni ca ar fi o mare descoperire
- Desigur! Este revolutionar. Acum poti sa te uiti pe geam in timp ce mergi cu trenul!
- Aaah... dar asta stiti, se cam poate la toate trenurile
- Nu stiu, pe mine ma intereseaza doar trenurile de la compania ferestrelor (r)
- OK. Dar alte noutati...?
- Desigur! Este revolutionar. Acum ferestrele sunt transparente!
- Incredibil! Dar auziti, mai sunt si alte trenuri cu ferestre transparente... trenul pe baza de mere
- Tot ce se poate. Nu stiu cum e la alte trenuri.
- Dar, altceva?
- Usile se pot incuia mult mai bine. Daca vrei sa deschizi usa, esti intrebat mai intaii daca esti sigur ca vrei sa deschizi usa. Cred ca se vor rezolva multe probleme in felul acesta, mai ales cu calatorii care cadeau din tren.

Intr-adevar, numarul de calatori cazuti din tren a fost in ultima vreme incredibil de mare pentru trenurile de la compania trenurilor cu ferestre. Umbla vorba ca unii calatori, cazuti din tren, s-au imbolnavit grav, necesitand tratament cu medicamente puternice.

- Remarcabila, treaba cu usile. La trenul polar tras de pinguini nu prea se cade din tren, stiti...
- Tot ce se poate.
- Si alte noutati?
- Sute! Este revolutionar! Acum se poate pune parola la borcanul cu muraturi! Direct in tren!
- Incredibil. Dar stiti, asta se poate...
- DA - tot ce se poate; nu ma intereseaza alte trenuri.
- Inteleg. Altceva? Poate la roti, ceva modificari?
- La roti? Rotile sunt noi! Acum trenul functioneaza doar cu roti certificate!
- Pai cum si daca vrei sa pui rotile tale?
- Cum sa pui rotile tale??
- Pai stiti... eu imi fac singur rotile la vagon...
- Daca vrei sa pui rotile tale, mergi cu ele la compania trenurilor cu ferestre, se semneaza pe roti si le poti pune.
- Altfel nu?
- NU!
- Inteleg...
- Da, este fantastic! Iar biletul costa foarte putin. Iar daca ai mai calatorit cu trenuri mai vechi, costa si mai putin.
- Dar stiti, trenul polar tras de pinguini este gratuit...
- Tot ce se poate.

Ma indepartez de calator, care pare un pic dezamagit ca nu poate sa imi enumere si celelalte avantaje ale noului tren cu vedere la fereastra.

In timp ce ma indrept spre trenul polar tras de pinguini, aud ca seful de la compania ferestrelor este foarte ocupat sa deschida un nou centru de suport tehnic pentru calatori. Intrucat acum este posibil sa vada afara din tren mult mai bine, se asteapta mari probleme. Oamenii nu sunt obisnuiti sa priveasca in afara lumii lor - socul realitati poate fi uneori covarsitor.

Un tren cu vedere la ferestre, comparabil cu trenul pe baza de mere sau trenul polar tras de pinguini.

Un lucru cel putin remarcabil, intr-adevar. Chiar daca are o intarziere de cam 10 ani.

Urcandu-ma in trenul polar tras de pinguini, o voce anunta tare la megafoane:

"Uimirea incepe acum! Priviti! Pe fereastra!"

Le urez si eu in gand, pasagerilor de la geam, calatorie placuta!