Archive

Archive for the ‘Education’ Category

Capturing the Flag

Yaacov Apelbaum - Who Knows What Evil Lurks in the Heart of a Cyber Attacker

If you are a typical cyber sec manager, you most likely catch-up on the latest developments by visiting on-line sites like News Now, by reading various publications, and by periodically attending various vendor workshops.  For the majority of executives, the daily work grind and life/work balance challenges diminish the prospects of going back to school and plowing through in-depth training.

Over the past two decades, the corporate cursus honorum for IT executives has been the much coveted MBA degree. In a large number of Fortune 500s, having an MBA from a good school was considered a prerequisite for an executive promotion. an MBA attested that an individual possessed all the current business acumen and the polish needed to take on any future corporate responsibility, it was the ultimate professional merit endorsement.

This trend—other than having the end result of a glut of MBAs on the market—has also resulted in a shortage of highly technical managers. Consider some of the wholesale data breaches in some of the largest US retailers for 2014 alone. Check out the biographical backgrounds of some of the CISOs of the impacted companies. Not surprisingly, you will find no shortage of MBAs from top tier schools. What appears to be missing are individuals with vocational specializations in cyber security, and I’m not referring to rank an file CISSPs.

Of course, a common counter argument to this is that as a manager you are not supposed to know the ‘nitty gritty’ details of every technology in your corporate inventory and instead are expected to delegate to and draw on the expertise of others.

I personally don’t think that this is the case. Cyber security is almost entirely a technological and procedural play and as such, a manager should not have gaping holes in his knowledge or overly rely on subordinates to make sense of threats and counter measures. After all, you wouldn’t accept a commercial airline pilot to have gaping holes in his aircraft operations knowledge or his delegation of actual flight responsibility to the cabin crew.

I’ve recently had a chance to witness just how limited classical enterprise defenses have become. This is especially true when it comes to Advanced Persistent Threats. In one incident that eventually became the catalyst for me going back to school, I witnessed how one cyber attacker managed within minutes to defeat all of the traditional enterprise defenses and counter measures without even braking a sweat.

Amazingly, even after the debriefing and root cause analysis, I was no closer to understanding how a properly configured and maintained brand name FW and an IDS/IDPS failed to stop the attack, let alone even detect it.

If you are thinking that this could not happen to you, think again. In the incident that I just described, all target boxes were patched, there were strict access control measures in place, the network was sub-netted, and there were effective audit and password management systems in place.

After recovering from my momentary shock, I had an epiphany and realized that I urgently needed to re-hone my skills. I’ve heard about the SANS Institute from a number of colleagues and after checking it out, I decided to enroll in their Penetration Tester program. After juggling account my schedule and their course availability and selected the following four courses:

  1. SEC504 Hacker Techniques Exploits & Incident Handling
  2. SEC560 Network Penetration Testing and Ethical Hacking
  3. SEC575 Mobile Device Security and Ethical Hacking
  4. SEC617 Wireless Ethical Hacking, Penetration Testing, and Defenses

    The SANS courses tuition is on the expensive side, ranging from $6000-$8000 USD. Add travel and accommodations and you are looking at about $10K per class. Each course is delivered in about a week (40-60 hours of classroom activity).  Classes are divided into lectures and hands-on labs with heavy emphasis on getting down and dirty. 

Though it took me several months to complete the coursework, I have found the whole experience to be uplifting. In addition to getting access to practical, real-world expertise from some of the world’s best penetration testers, we learned the gray art of performing detailed reconnaissance on would-be targets including mining a social media, and infrastructure data from blogs, forums, search engines, social networking sites, and other Internet resources.

In each course, we used the latest cutting-edge attack vectors as well as the traditional low budget techniques that are still quite prevalent. The aim of the course was to push the envelope in each domain and not to merely teach a handful of hacks and tricks. Another great component was exploring various administrative questions such as legal issues associated with responding to computer attacks, employee monitoring, working with law enforcement, and the collection and handling of evidence.

Yaacov Apelbaum - SANS Capture the Flag Las Vagas 2015

When it came to performing the actual exploit, we got to use the best tools on the market. This included both, COTS components and custom written utilities and scripts. In each class we learned dozens of methods for exploiting target systems and how to gain access to the systems post-exploitation. Just to illustrate the extensive hands-on approach that SANS adapted in teaching Penetrating Testing, here is a list of tools and techniques that we used in just the SEC 504 course:

– RootKits and detection
– Hidden file detection with LADS
– HTTP Reverse Shells using Base64
– InSSIDer for Wireless LAN discovery
– Nmap Port Scanner and Operating System fingerprinting tool
– Nessus Vulnerability Scanner
– Windows Command Line Kung-Fu for extracting Windows data through SMB sessions
– Sniffers, including Tcpdump
– Sniffer detection tools, including ifconfig, ifstatus, and promiscdetect
– Netcat for transferring files, creating backdoors, and setting up relays
– Metasploit, Metasploit, Metasploit Lots of Metasploit
– ARP and MAC analysis for ARP cache poisoning attack detection
– Password cracking
– Cross-site scripting and SQL injection web application attacks
– Intercepting and forging session cookies
– Detecting and executing DoS attacks techniques
– Detecting backdoors with Netstat, lsof
– Covert channels using Covert TCP
– clandestine network scanning and mapping
– Exploitation using built in OS commands
– Privilege escalation
– Advanced pivoting techniques

The great thing about the SANS curriculum is that they go pretty far down into the rabbit hole. A few of the classes required hard core coding skills (we actually got to execute some buffer overflows). Other classes were procedural and got down to the wire in terms of the inner functioning of RFC and protocol. For example, in the Wireless Ethical Hacking we had comprehensive coverage of WiFi, cordless telephones, smart devices, embedded home devices, mash technologies like ZigBee and Z-Wave, Bluetooth, DECT, and NFCs.

In the Mobile Device Security we practiced reverse-engineering iOS binaries in Objective-C, reverse-engineering Android binaries in Java and Dalvik Bytecode, evaluating mobile malware threats through source-code analysis, defeating Apple FairPlay encryption for application binary access, and overcoming anti-decompilation techniques.

Yaacov Apelbaum - SANS Capture the Flag Washington DC 2015

The participants in the classes came from diverse backgrounds, including three letter agencies, incident handling team members, and administrators. The classes are well-suited for anyone with a good command of TCPIP and networking and they would also greatly benefit architects and technical leads involved in security operations and R&D.

The delivery of the material is completely immersive. You go from 0-90 in one second.  Each course is equivalent to a traditional graduate semester course of 4 credits so we had to complete an average of one textbook per day.  At times, I felt like I was drinking from a fire hose.

Taking good notes and hitting the books at night helped me stay afloat. It goes without saying that the instructors were outstanding; they offered unlimited tutoring and were always available—even during lunch and after hours—to help answer questions and work through the labs.

Yaacov Apelbaum - SANS SEC504 Yaacov Apelbaum - SANS SEC560 Yaacov Apelbaum - SANS SEC575 Yaacov Apelbaum - SANS SEC617

Several interesting sessions in each class revolved around learning how to avoid being caught through various tactics and strategies for covering your tracks such as: File and directory camouflage, piggybacking on existing user Internet sessions to avoid detection, event log pruning, and performing memory cleanups.

For me, the best part of each course was the final session called “Capture the Flag”.  There, in a culmination of all of the hard work, we got to practice everything we had learned over the previous week. Each class had different parameters for capturing the flag, but they tended to follow the same patterns. We needed to do some reconnaissance, reconstruct the network layout of our target, map our victim’s equipment and software inventory, and then proceed to execute the attacks. Once we breached the target, we would perform some additional exploits and start ‘living off the land”. The overall objective of this exercise was to collect flags that had been placed on various locations on the victims’ network by the instructor.  Some of these flags contained encrypted files or messages that we needed to decrypt and use as clues for other attacks, others involved passwords that were being sent over VOIP, in memory session information, or data hidden in binaries.

Yaacov Apelbaum - SANS Capture the Flag Boston 2015

      The capture the flag event usually lasts a full day and ends when one team successfully recovers all flags. At that point, the competition is stopped, the results are verified, and the winners are awarded the coveted challenge coins.

    Yaacov Apelbuam SANS 575 Capture the Flag Token  Yaacov Apelbuam SANS 617 Capture the Flag Token

    If you are a cyber practitioner, I highly recommend that you take all four courses. Even if you can only afford one, go for it. It will change your prospective on pen testing forever and help you take a proactive role in keeping your company safe and out of the negative limelight.

    Performing a good penetration test is much more than just hiring some outside help and rubber stamping an audit. Verifying the integrity of your corporate security, takes more than kicking the tires and lifting the hood these days. Anyone can throw a bunch of attacks against an organization and regurgitate the output of some automated tools in hundreds of pages of reports. Participating in this structured training will help you avoid this trap and allow you to fully grasp your company’s real security needs so that you can formulate the most appropriate plan of action to address these needs in the most cost effective and timely manner.

    Going through the meat grinder, you get to witness first hand the process of hot dog making.  It’s not a pretty sight, but its an informative one. One of my most profound takeaways from this whole experience was answering the existential question of the spoon. Yes, the spoon does exist, but only for the end-user, sysadmin, DBA, and auditors. There is no spoon if you are a proficient attacker. With the right attack strategy and tools, concepts such as access control, event log integrity, and passwords are meaningless and are but chaff before the wind.

    Yaacov Apelbaum - There is no Spoon

    I keep my hard earned challenge coins on my office bookshelf as a reminder that there is likely someone out there right now who is targeting my network through some kind a a clever attack. He has all the right tools and resources and he is as determined and hard working as I was to get his coins.

    And as far as my earlier MBA comment is concerned, if you are curious to know just how many executives attended the classes that I did, the answer is just one. None of the 20-40 participants in each classes had senior managerial responsibility. In fact most of the folks I spoke to were surprised that a CTO would take time from his schedule and opt to get his hands dirty instead of just delegating this to one of his directs.

    After all, ‘Isn’t that what a manager is supposed to do?’

     

    © Copyright 2015 Yaacov Apelbaum All Rights Reserved.

    Scaling the Wall

    March 6, 2011 2 comments

    Yaacov Apelbaum-Climbing

    Eagerly beginning the wall to scale,
    Using only my hands and feet.
    Resolved to follow the hardest trail,
    I confidently place my cleat.

    Suddenly, there’s no foothold to rest,
    Desperately, I cling to the wall.
    My heart is pounding in my chest,
    My ascent slows to a crawl,

    My feet and arms tire and shake,
    The safety line invites me to bail.
    Should I reach for the line and forego the ache,
    Or continue to try, maybe fail?

    The voice from below says: “Look to the right”,
    I reach and grab a far hold.
    Propelling free from my previous plight,
    Good advice is more precious than gold.

    It’s romantic to view the world as a wall,
    Scaled heroically by pure self-esteem.
    But in complex endeavors you’re certain to fall,
    Without the support of a team.

     

    © Copyright 2011 Yaacov Apelbaum All Rights Reserved.

    Only the Racially Pure Need Apply

    January 11, 2010 1 comment

    Yaacov Apelbaum-Fritz Kuhn On February 20, 1939, over 20,000 American supporters of the Nazi party packed Madison Square Garden in New York City. They anxiously awaited the appearance of Fritz Julius Kuhn, the newly anointed Führer of the German-American Bund. The event took place two days before George Washington’s birthday and a 30-foot-portrait of the first president (who was described by Kuhn as the first fascist) hung behind the podium along with Nazi flags and swastikas.

    Kuhn entered the arena together with thousands of uniformed Nazi guards. During the rally he and his fiery fellow orators held back no punches, calling President Franklin D. Roosevelt: “Franklin Rosenfeld,” and referring to his New Deal as a "Jew Deal."

    Yaacov Apelbaum-George W and Bund Being a creature of the night, Kuhn loved nightclubs, drinking, and the company of women (among them his two mistresses, Virginia Cogswell AKA “The Marrying Georgia Peach–on account of her previous seven husbands”, Florence Camp, Frau Hedwig Munx, and others). Just like many petty dictators, he was pompous, dishonest, idiotic, and didn’t understand his own limitations.

    Once during a testimony before the Dies Committee, he was asked by Congressman Starnes if the reason why 23 of 71 Bund units concentrated in and around New York City was because the aircraft and naval manufacturing facilities were handy for sabotage. He replied: "That’s the same thing Lipshitz said. You know who Lipshitz is? That’s Walter Winchell [referring to Winston Churchill]. Lipshitz is his real name."  No one was amused.

    Shortly after his rock concert-like appearance in Madison Square Garden, New York city’s mayor, La Guardia, who was fed up with the constant anti-Semitic and anti-American agitation, started an Al Capone-style financial investigation of the Bund’s taxes.

    When asked about his relationship to Florence Camp during his trial, Kuhn denied that he had asked her to marry him and noted that Mrs. Camp was too much of a lady to accept a proposal after just a few days’ acquaintance. Herman McCarthy (the prosecutor) whipped out a Kuhn letter and read it aloud:

    "Florence : I am terrible in love with you. I beg you to become my beloved wife. I will always be true to you. . . ."

    In another letter to Florence he said that he loved her with his “whole soul and body and was about to have [his] teeth fixed.”

    In the course of the trial, it was established that Kuhn had pilfered $14,548 from his organization ($717.02 of it having been spent on moving expenses for Mrs. Camp). Kuhn was swiftly convicted on charges of embezzlement, grand larceny, and forgery and was first sent to Sing Sing Prison.  After the war, he was deported to Germany, where he managed to get into trouble again.

    Yaacov Apelbaum-The Escape of Fritz KuhnIn 1949 when he again stood trial in front of a Munich court this time on charges of escaping from jail and being a major Nazi organizer, he claimed that the Bund was strictly "an American patriotic organization," that he had used the swastika only because it was "an old American Indian design," and that he had patterned the Bund’s uniforms after the US National Guard, not  the SS. As for his 1944 meeting with Hitler he said: 

    "It was purely a social call. If I went to England today, I would naturally like to call on King George." 

    When the US. entered the war, whatever was left of the German-American Bund organization quickly disintegrated, however, that didn’t spell the end of Nazi activity in America. Another high profile organization waiting in the wings was the Steuben Society. In comparison to the Bund which was composed of common National Socialist riff raff, the Steuben Society represented the cream of the crop to the US Nazi aristocracy.

    Although Steuben Society members avoided public Nazi displays such as hailing Hitler, the differences between the two organizations were only skin deep. When it came to hard core issues such Nazi ideology, they were indistinguishable.

    While visiting the reception room of the Steuben Society in New York, John Roy Carlson observed:

    “One could find a large American flag standing in one corner. On the walls were pictures of Von Steuben, Washington, and Lincoln, The Pledge to the Flag and the Bill of Rights hung framed between them. There was also no lack of red-white-and-blue. Patriotism oozed from every crevice in the room.”

    True to its nature, the Society published “The Steuben News" a newspaper for Patriotic Americans which described itself as:

    Yaacov Apelbaum-The Steuben News . . . a patriotic, civic and educational political society endeavoring to awaken in the hearts and minds of American citizens of German extraction the necessity for taking a more active part and interest in the political affairs of our great country.

    Its program demanded "strict discipline" on the part of its members, and rejected "persons who are shifters and trimmers, or who are known to possess no race pride." The Steuben Society strongly emphasized Racial (Aryan) consciousness and political objectives.

    In his 1943 investigative book Under Cover, Carlson wrote:

    “…The Steuben News reprinted articles from the pro-Fascist Italian daily, Il Progress Halo-Americana. It recommended books by the notorious Ausland Institute and ran many articles by Nazi agents. The Steuben News praised as "extraordinary and valuable" the book Scarlet Fingers published by Flanders Hall, the propaganda mill financed by Nazi agent George Sylvester Viereck. The Steuben News followed the accepted party line of pro-Nazi isolationists. It headlined the speeches of Lindbergh. It championed the late senator Ernest Lundeen-some of whose speeches were written by Nazi agent George Sylvester Viereck-and on one occasion devoted eleven columns to one of his defeatist speeches.

    It reprinted from Social Justice and The Herald, American Fascist weekly. It ran large advertisements for the America First Committee, reprinted its bulletins and urged its members to support it financially. The Steuben Society fought desperately all measures to arm those European Democracies which resisted Hitler’s brutality. And it also quoted liberally from the New York Enquirer, published by William Griffin, who was later shown to have associated with Viereck.”

    Now, you’re probably thinking: “This is a fascinating piece of history, but what’s the relevance of all of this 1939 Nazi stuff to our current 21st century jet-set life style?” Well, wonder no more.

    This past Sunday morning on our way out of our local diner, I caught sight of the newspaper stand in the entrance vestibule.  I usually don’t read printed media, but the name of the paper and the motto “A Newspaper for Americans” caught my attention. Curious about how the Steuben Society’s defines “American,” I picked up my free copy and read on. 

    Yaacov Apelbaum-Steuben News

    At the top of the cover page on each side of the title “The Steuben News” were the mission statements: (1) United for Common Interests and Common Needs” and (2) DUTY, JUSTICE, TOLERANCE, CHARITY.

    I flipped through and read some of the articles. There was an announcement of a presidential proclamation regarding the German-American Day, a story about the treaty between German settlers of Texas and the native Comanche Indians. My first impression was that it all seemed rather banal. Then I got the last page. Under the calendar of events, I ran into some terminologies like “event sponsored by Unit #998” and “contact Brother Erick or Sister Hildegard.” That seemed a bit cryptic and militant. At the bottom of the page I saw the membership form which prompted an unexpected double-take.

    The membership form, unlike any other application I have ever seen,  had questions about the nationality of the applicant’s father and mother,  political affiliation, and—most surprising of all—about naturalization. For some reason, the Steuben Society (acting in the capacity of a quasi-government organization?) will only issue membership cards after careful evaluation of the applicant’s naturalization certificate, which includes scrutiny of the certificate number and place of origin. (I’m kind of curious to know who at the INS helps them validate these applications.)

    Yaacov Apelbaum-Are You Naturalized

    From what I can tell, this membership application has remained consistent over the years. After conducting a quick search on-line for similar historical documents, I found one for the Silver Shirts, and as you can see from the contents, not much has changed in terms of drilling down to pedigree and other über eugenics.

    Yaacov Apelbaum-Silver ShirtWhen, I checked out the Steuben Society’s website for the name and location of the chapter nearest me, I discovered that they are all named after some distinguished German American figure. I was hoping to find a chapter honoring the likes of  von Stauffenberg, but alas, no such luck.

    I am not sure what to make of all this. I hold German culture,  ingenuity, work ethics, and organization in the highest esteem.  I’m an avid admirer of Handel’s music and Nietzsche’s, Kant’s, Goethe’s, and Leibniz’s  writings.  My family originated from Germany and in my travels there I have found most German people to be kind, polite, friendly, and exceedingly intelligent.

    On one hand, it’s laughable that anyone would be willing to complete an application detailing his mother’s nationality or his naturalization number in order to join a civic organization. On the other hand it’s really disturbing that in 2010—the age of the internet—a nationwide fraternity that draws its philosophy from one of humankind’s darkest moments, continues to operate in the mainstream with apparently unrestricted access to leading politicians and public figures.

    If you are considering joining an organization such as this, take a breather and dedicate some time to learning the German language, literature, philosophy, and music instead.  You will discover that the richness of Germanic culture has a lot to do with individuality and little with purity of blood.   

    Et si omnes ego non

    © Copyright 2009 Yaacov Apelbaum All Rights Reserved.

    Political Science 101

    August 10, 2009 6 comments

    Yaacov Apelbaum-Political Science 101
    The Arrest of Science

    Having kids in elementary school comes with several important parental commitments. Ranking high among these is the participation in the yearly science project. The main objective is to expose kids to the fundamentals of the scientific method. Following the principal of "learning by doing," children, with the assistance of their parents, are required to conduct and showcase a yearly science experiment.

    In our school district, exhibition day is a long-awaited, festive event with hundreds of projects being showcased at the school’s gymnasium. It is a great opportunity for families to mingle and view each other’s work. To spice things up a bit, at the end of the event, a panel of teachers selects the top three projects for each grade. The 1st place winners are then entitled to enter their project into the yearly regional competition that takes place at Brookhaven National Laboratory, a much coveted honor.

    Although it is a great concept in theory, for some, the yearly science project can become a dreaded event, often testing a family’s procrastination capacity to the limits. On the weekend prior to the project’s due date, it is not unusual to find many agitated parents with kids in tow still scouring craft stores for project display boards and other supplies. In our family, however, we’ve come to view this assignment as an important pedagogical opportunity worthy of careful planning and execution.

    I am fan of Richard Feynman, and have enjoyed reading “Surely You’re Joking, Mr. Feynman!”.  This book in addition to being an excellent primer for the budding technology hacker, inspired me to instill in my kids the importance of not falling victim to the “Cargo Cult” syndrome, and being honest and original in one’s approach to scientific discovery.

    As it turns out, this has been a winning strategy for us. Since we started conducting science projects 4 years ago, we’ve been fortunate to have won several first place awards. Some of our past projects included experiments on bottleneck formation, sound propagation through  vacuum, and algorithms and mathematics used by a spider to construct a web.

    This year, during a routine morning school drop off, our 4th grader, Sheva, noticed that a traffic bottleneck formed regularly at one of the entrances to her school. After discussing her observations during dinner  she proposed to dedicate her project  to deciphering it.

    Over a period of several days, we examined the traffic patterns, (volume, arrival and departure times, vehicle speed, etc.), but it seemed that there was no single significant cause to which we could attribute the formation of the bottleneck. We were stumped and unsure as to how to proceed. It was during one of the site visits that my daughter noticed a hawk hovering over the area. She commented that it would have been great if we could observe the traffic from above. Well, I thought, we may not be able to fly over the site like a hawk, (it is a residential area so a fly-over in an Ultralight would be out of the question), but we could certainly build an airborne observatory to do it for us.

    After considering options, we decided that a fixed winged propeller driven aircraft wouldn’t work because the wind gusts at the area can reach up to 40 mph. Another constraint was that we would need a sustained, 30-minute flight to capture the entire bottleneck sequence which would be prohibitive.

    In the end, we decided to build a lighter than air aircraft (Image 1) and after an intense weekend of design and fabrication we had a functional observatory. It took several test runs to get the flight characteristics and image quality right, but by Monday we were ready to conduct our operational flight.

    Yaacov Apelbaum-Aerial Traffic Observation System (ATOS)

    Image 1: ATOS (Airborne Traffic Observation System)

     
    Flight Navigation and Imaging Specifications
    • 4′ Chloroprene weather balloon with 1.7 lbs of lifting capacity
    • Riveted aluminum base cradle
    • Flight control and stabilization via 2 tethers
    • Canon FS100 Flash Memory (16 GB) camcorder with image stabilization
    • Wireless broadcast via an Amimon’s wireless modem, streaming HD 1080P/24 video at 120 Hz over an encrypted connection to a base station laptop

    The first flight of ATOS was smooth, producing an excellent video feed.  Back home after evaluating the images, Sheva almost instantly identified the source of the bottleneck.

    It was apparent that the two-way traffic at the entrance to school was restricted to only smaller vehicles. As soon as the school buses arrived for their daily drop-off and pick-up, they forced all vehicles into a single file, which resulted in the immediate formation of a bottleneck.

    Yaacov Apelbaum-Aerial Observation-1 Yaacov Apelbaum-Aerial Observation-2 Yaacov Apelbaum-Aerial Observation-3

    This discovery was somewhat puzzling because, from the ground, the road (which is nearly 31′) seemed wide enough to comfortably support the passage of two side by side buses. So, on our next field trip we decided to measure the gate (Illustration 1) that blocks the entrance in question.  Armed with the gate’s measurements, we then consulted the traffic calming section in the NY highway design manual and quickly concluded that indeed the gate was at fault.

    Yaacov Apelbaum-Gate 
    Illustration 1: Gate Dimensions

    So science aside, installing a gate that blocked over 30% of a high traffic thoroughfare was clearly a bad idea, not to mention that it violated numerous design codes. The gate and the fences that are attached to each of its sides also posed a series safety hazard because drivers who were unaware of the obstruction might plow directly into the fence, while still others who miscalculated the gate’s clearance could potentially scrape the posts supporting the gate.

    On the day of the science fair, I approached the school principal and inquired about the origin of the gate. I explained that it appears that someone had either made a design or installation error because the gate’s posts should have been placed on the sidewalk curbs, off the driveway. The rationale for this being that when the gate was completely open it would allow for unrestricted traffic. The principal told me that the decision to construct the gate preceded her time in office and it had been influenced by the homeowners just down the street who complained that the traffic had become a nuisance. To reduce the traffic in order to appease the homeowners, the school agreed to install the gate as built.

    Not satisfied with this explanation, I proceeded to point out the hazards posed by the gate as it stands and began to enumerate various doomsday scenarios. The principal’s otherwise cheerful demeanor suddenly darkened and after a quick and nervous glance at her watch she said that it was unfortunate that our meeting had to end so abruptly, but that she had to run to an important conference.

    On the way home, my daughter who had been standing by me during the entire conversation with the principal asked me if, now that we’ve provided a scientific explanation for the formation of the bottle neck, the school would fix the problem. I thought about it for few minutes and said, "Probably not."  She asked “why?”, I said that unfortunately, sometimes in the short term, politics can trump scientific discovery. She was visibly disappointed and said that she worked so hard on this experiment and it all turned out to be a complete waste of our time. I told her that even though we didn’t win, we still conducted a great experiment and independently discovered and solved an interesting puzzle. And by way of analogy, I told her about the Galileo affair and how despite his mistreatment by the inquisition, in the end, his theories eventually won acceptance.

    A few days after the science experiment, my wife, while waiting to pickup our daughter from school, struck up conversation with another parent who seemed to be somewhat annoyed. "Why the long face?" she asked. "Well," said our neighbor , "Just a few minutes ago while driving into the school parking lot, I was being polite and making extra room for the car approaching me, but I miscalculated the width of the opening and scraped the side of my van against the gate post." She had carved a deep gauge in right hand side of her van from wheel rim to wheel rim.

    That evening during dinner, my wife recounted the story of the accident. My daughter at first thought that my wife was making the whole thing up, but after hearing that it was the mother of one of her classmates, she asked for permission to call her friend to verify the facts. When she got back to the dinner table, she had a look of disbelief on her face. “That’s exactly what we told the principle could happen!” she said. “We sure did,” I said.

    She remained silent for few seconds and then I noticed a twinkle in her eyes.

    © Copyright 2009 Yaacov Apelbaum All Rights Reserved.