The Lafayette Deception, Chap. 9: Time In and Time Out!

Welcome to the sequel to The Alexandria Project, a cybersecurity thriller.  If you'd like to read the book this series is based on, you can read the first three chapters for free here.

Church tower clock - from Tellin's Musée de la cloche et du carillon - Courtesy Nieuw/Wikimedia Commons, Creative Commons Attribution-Share Alike 3.0 Unported“That’s right, Vicky. Simple as that. So can you guys take it from here?”

“Sure thing, Frank. No problem, and great work!”

In fact, it hadn’t been great work that had finally allowed him to crack the mystery of the flipping poll numbers. Just greater attention to detail. Once he had spotted the few extra bytes of code in the server’s time check code he knew that he’d found the chink in the system’s armor that the hacker had exploited. After that, it had been relatively easy to figure out what happened next.

Settling back in his chair, he stared out across the magnificent void of the Grand Canyon, and then smiled wryly. Not quite a perfect metaphor for his state of mind, but it would do. He felt good about cracking the problem he had been tasked to solve, yes, but now what? Suddenly he was at loose ends again, with nothing to fill his time except the fading goal of writing a book.

As he stared idly out over the canyon, his thoughts kept returning to the mystery of who had pulled off the hack. For the moment, he was less curious about the intruder’s motivation, and that was more Marvin’s responsibility to figure out anyway. What he really wanted to know was who it was that had crafted such an elegantly simple and minimalist strategy for achieving their ends.  It was as close to a perfect crime, in the information technology sense, as he ever expected to see.

Isn’t it time you  read:
The Alexandria Project?

a Tale of Treachery and Technology

Remarkably accurate while consistently spellbinding: I ran across a reference to this book at a blog unrelated to the author, and after reading one chapter, bought the book

Great thriller: In the spirit of Vincent Flynn and Tom Clancy, this cyber-security thriller is a great read. Compelling characters, great detail and an an unsettlingly plausible scenario add up to a real page-turner.

Delightfully unpredictable!  Updegrove has managed what many attempt but few can execute: a plot that is both credible and surprising….A great read – I can’t wait for the next one!

Strong characters and compelling plot: I read a lot of novels and this is a very good one. The characters are believable and engaging and the plot is compelling with several clever twists along the way….Highly recommended

Excellent and accessible techno-thriller: Updegrove…clearly knows the subject matter inside and out, but is too self-assured and smooth a writer to hide behind that insider’s knowledge….I look forward to Updegrove’s next book with great anticipation.

Great Read:  This is a very well written, highly engaging story. The scary thing about it is that the entire plot is far too possible to come to life.

Fantastic!  The Alexandria Project is a gripping novel of intrigue and suspense. The characters may be fictional, but we all know their real-life equivalents. The storyline may be fiction – but maybe not.

Read these and more 5 Star reviews at Amazon

The only part that’s fictional is that it hasn’t happened yet

Available Now for $2.99 or less

Buy at Amazon

Buy at iTunes Store

Buy at Barnes & Noble

What had made the hack so perfect was that the transformation of the data seemed to occur as if by magic, leaving not a clue to indicate how it had been performed – or even that it had been performed at all, except for the result. That, and the fact that the hacker had come up with a way to take advantage of a port that every sophisticated computer was sure to have. Its purpose was to open and close every few seconds in order to allow the computer’s internal clock to synch with the web of super-accurate Internet time servers that existed for that purpose, and also to use a third party source to time stamp its own operations for future verification services. Among other purposes, this was to allow a forensics expert to confirm exactly when a security breach might have occurred. The artful irony of using the same port to mount an attack that had defied so much forensic analysis added to Frank’s appreciation for the hacker’s style.

Since all computers used the same standard – the Network Time Protocol – to manage this process, it had been easy for the hacker to use the same subtle trick to corrupt the results of every pollster, regardless of the particular system they owned. That was because the protocol operated through the operating system and not the polling software itself, and all of the polling software applications ran on Windows systems. Vulnerabilities in the Windows operating system came along frequently enough that any hacker that was on his toes could take advantage of a new one as news of it rippled through the Internet before Microsoft issued a patch to close it.

Once the hacker had gained access to a pollster’s system, he only had to make one very minor change to that system: simply change the Internet address that the pollster’s computer operating system called on to receive a time stamp. Now, instead of calling on one of the many official time servers connected for that purpose to the Internet, the pollster’s system would call on one that the hacker controlled.

But what happened next? No one had been able to find any alteration of the polling software at all. That’s where the hacker had come up with his second remarkable gambit. Instead of simply changing the polling software to do everything he wanted it to and leaving it that way, he had made a single, minute change to a single routine in the program. All that was necessary to put his plan into motion was to add a single byte of data to the time stamp request that the polling software sent out when it was asked to generate a report.

When the hacker’s server received that request, it would upload a module of code to the pollster’s system which would then uninstall itself after the report had been generated. Brilliant. (see footnote)

It wouldn’t take the hacker five minutes to change the program that would upload with a time stamp request anytime he wanted to favor a candidate that had just entered the field over the last lucky recipient of the hacker’s largesse. Frank had to hand it to the guy that had designed the exploit. Any programmer who knew what he was doing could come up with something complicated and easy to spot. It would take a real artist to design such an ultra-stealthy and minimalist approach. He wondered who it could possibly be?

Frank’s musings were interrupted by a rare sound: the ringing of his satellite phone. He debated ignoring it, but then thought better. Besides one or two Marvinites, only the few members of his immediate family had his number. Better pick up.

When he heard the grating voice of Len Butcher, he was sorry he hadn’t let his message service take the call. But it ended better than he had hoped.

“Hi Frank – it’s Len. Just wanted to thank you on behalf of the agency for figuring out how our friend has been swapping the poll results.”

“Yeah, well, it wasn’t actually all that difficult, once I finally figured out the right place to look.”

“That’s what I told my boss, but she still insisted that I call you.”

You bastard, Frank thought. Then why didn’t any of your people think to look there?

“Anyway, I wanted to let you know that we’d like to keep you on the payroll, at least through the beginning of the primary season, until we’re sure that there’s not another shoe ready to drop. Are you up for that?”

Of course, Frank thought. What’s not to like about all pay and no work for the time being?

“Sure, I guess. Why not?”

“Glad to hear it. If anything comes up, we’ll be in touch.”

With that, the line went dead.

Frank replaced the phone in his camper, and went back to staring out over the canyon. It would only be a few weeks till the primary season began, and even though it had been an uncommonly mild winter so far, he risked being snowed in any time now. With the hacking problem solved, he was getting restless. Not only that, he was ready to kill for a decent meal.

_ _ _ _ _ _ _ _

Footnote:  Translating the source code of that module into plain English, it read something like this:

1.  Interrupt program between operations “get timestamp” and “apply timestamp”

2.  Install module

3.  Read poll results for all candidates

4.  Assign name Y to candidate with highest poll result

5.  Duplicate and save poll results for candidates X and Y

6.   Replace poll result for candidate X with poll result for candidate Y

7.   Replace poll result for candidate Y with poll result for candidate X

8.  Generate report

9. Replace poll result for candidate X with stored poll result for candidate X

10. Replace poll result for candidate Y with stored poll result for candidate Y

11. Delete stored duplicate poll results

12. Delete this module

– 0000 – 0001 – 0010 – 0011 0100 0011 – 0010 – 0001 – 0000 –

If you’re enjoying The Lafayette Deception, please tell your friends!

Read the first chapter here

You can also follow Frank on

Comments (2)

  1. Hi Andy,

    Please search for "which then uninstall" (which is just before the jump to Footnote 1) and which, I would suggest, is missing a ‘would’ between the which and the then. YMMV.

    Just received my White Galaxy Note, still charging …. but I should have a new email account set up soon, will advise soonest.

    All the best

    • Hi Minrich,


      Thanks for catching that.  Better a typo than a comment that says "your technical explanation is nonsense," which I haven’t gotten thus far.


      Or maybe people are just taking pity on a poor, technically challenged lawyer.  I’ve still got to figure out a couple more "perfect hacks" to get me to the end of the plot, so I expect my luck will run out sooner or later.


        –  Andy



Comments are closed.