While we stayed in Tokyo, Kyoto and Osaka, we also made day trips to a few places.
We reached Kyoto via Hakone. Hakone’s claim to fame is the Mt.Fuji view, and yes, it delivers. On paper the ‘Hakone Round Course’ looks like a sprint, but with the Hakone Day Pass and some planning, it’s quite a breeze. We started early and the Kodama 703 was our very first Shinkansen ride, to Odawara.
Kyoto and Osaka are only separated by 30 mins on a New Rapid Line but couldn’t be more different. Osaka also seems to have a ‘Pepsi to Coke’ relationship with Tokyo. There are the usual jokes made at Tokyo’s expense, but even where people stand on an escalator is different! (Tokyo – left, Osaka – right, probably something to do with samurais and scabbards in Tokyo, as per one guide) We spent only a day but on hindsight, should have spent another day. Despite the rain that bothered us a bit in the evening, we had a smashing time! (read as ‘we got smashed’)
I think we have vicariously traveled and lived in Kyoto thanks to Pico Iyer. Primarily The Lady and the Monk: Four Seasons in Kyoto, but also some mentions in other books, interviews and podcasts. Kyoto has a character that is quite different from Tokyo. It is less hurried and quite laid-back, but I also felt that it tried to keep visitors at an arm’s distance. Tokyo almost didn’t care. Ironically, I observed more foreigners in Kyoto than in Tokyo. Until we figured out the spots, Kyoto’s dinner scene reminded me of Ireland – after 8PM, only drinks and bar bites! But most importantly, Kyoto is definitely prettier.
Japan was always the plan, it was only a matter of when. 🙂 We planned well in advance, but even then, thanks to it being Sakura season, a lot of hotels were sold out. The visa took less than a week to get processed. Bangalore has a direct flight to Tokyo. So all you have to do is, to quote Amrita Rao, ‘JAL lijiye’. Interestingly, the pilot took off immediately after we landed, confusing all of us! We finally landed again after about 20 minutes. Tokyo was our first stop. We began, and ended, our 11-day Japan trip in Tokyo. This is our list of where to stay, what to see, and where and what to eat.
Nicole Perlroth
In the epilogue, Nicole Perlroth goes back in history to a summer afternoon in 1976, when in the parking lot of a biker bar, a team of scientists from SRI International (which had an office in Menlo Park) sent the first email over the internet to ARPANET, as a demo for Pentagon officials who had flown in for this. In the world then, national security was largely a function of things in the physical domain – hijacked planes, rogue nations with nukes, drug trafficking, terrorists and so on. (Almost) half a century later, the world is a different place. Forget rogue nations or terrorists, a single hacker can seize control of a plane in mid-air with nothing more than a play on the code in the software running the plane. Everything from election systems, power grids, nuclear power plants, gas pipelines to hospital systems can be held hostage with ransomware. Most of them have been, and every device we use – from mobiles and laptops to connected homes and cars – is vulnerable. This is the story of that transition.
Nicole begins the book in Ukraine, where she was surveying the aftermath of a devastating cyberattack, which included the Chernobyl radiation monitors going offline. The culmination of Russia’s revenge for the 2014 Ukrainian elections, which they unsuccessfully tried to hack. That the hack boomeranged and destroyed Russia’s own oil giant Rosneft’s data is a good example of how even those who unleash attacks cannot be sure of its speed and direction.
But the story begins in the Cold War era, back in 1945, when bugs were ‘microphones’ and the advanced exploits were through anything that was attached to a plug – typewriters, copiers, printers etc. There is an extraordinary story from 1984 of Project Gunman, and how a coil in an electric typewriter was ‘weaponised’ with a magnetometer and a recording device for spying!
And then came the computers. The first version of Linux had 176000 lines of code, now Microsoft’s Vista has 50 million. Each a potential vulnerability. Back in the day – from the late 90s, brokers started paying coders to purchase exploits in hardware/firmware/software – Sun, Cisco, Microsoft, HP, Oracle. They then sold it to these companies, sometimes having to show them proof of how it could be exploited. As the internet grew in size and became a global network, an underground market for exploits formed and the US government started building an arsenal including zero-days (a software/hardware flaw which doesn’t have a patch yet, called so because the ‘good guys’ have zero days to fix them). Some zero days are ‘ideal state’ – they require zero interaction from the target’s end, no mails or messages, and also ‘clean fail’ – they wouldn’t trigger an alert or crash a computer. But since the days of Stuxnet (2010), which had as many as seven zero-days and was used by the US to neutralise Iran’s Natanz nuclear facility), things changed. Just like Hiroshima, a weapon had been revealed and it would not go back into the box (Michael Hayden, former NSA director).
Also, in 2007 came the iPhone, supercharging the era of government snooping, and an invasion of privacy with minimum effort! By 2015, the NSA was even snooping on their own First Lady! It is now a minefield with different governments including not just powers like Russia and China but Iran, North Korea, Israel their opponents within the country and outside, hacker groups, tech companies, and government agencies all in an arms race to win cyber wars in milliseconds.
The book has many interesting stories. The origins of Pegasus (by the NSO in Israel), named after the winged horse, and which could capture vast amounts of data from the air without leaving a trace. Aurora – the Chinese Legion Yankee attack on Google, and Brin’s strong response, though it was only for a short while. Argentina’s thriving hacker ecosystem, Iran’s ‘burning flag’ response to the US in its Aramco hack, Russia’s hacking of the DNC, WannaCry by Lazarus from North Korea, HeartBleed based on a widely used OpenSSL software, the linkage between the assassination of Jamal Khashoggi, the purchase of exploits by Emiratis, and the publishing of Bezos’ private photos (the source was actually the mistress’ brother, but the phone was simultaneously hacked too) are all signs of an escalating war. There is also a funny story on how, after Trump ordered Russia to close their San Francisco consulate, plumes of black smoke began pouring out of their building’s chimney. They were obviously burning something, and when a reporter asked an exiting man and woman about it, with acrid smoke billowing around them, they replied, “there is no burning.”
The weapon will not go back into the box, and it is now capable of devastation in milliseconds. The world, while aware of this, is not willing to find alignment on things that will now start taking human lives. One excellent place to start is to stop taking buggy code to market. In an economy that rewards first-to-market and “move fast and break things”, this is not going to be easy. As usual, Scandinavia leads the pack for safety, but Japan offers an instructive lesson in making cyber hygiene a priority for everyone from government agencies to individuals. But this provides no comfort because it is really an arms race with seemingly no end.
The narrative is relentless and extremely accessible. It throws light on an area which we shouldn’t be ignoring, given how much is at stake. For me, it is also a validation on not going beyond the mobile phone in terms of tech hardware. But that really is small relative safety, nothing more. And just like Nicole, I wonder when we will see the ‘mushroom cloud’.
