Tuesday, January 8, 2019

Eco Block Design: Reshaping Kuwait City

This is a project I started in August 2016 out of sheer hate and disgust to driving and driving conditions in Kuwait. If you're unfamiliar with Kuwait, it's a tiny country that's 18,000 km^2 (an island), however, the majority of the area is not available for use and the livable area is on the sea side.

I had initially made this as a presentation and reached out to some parliament members in Kuwait, but alas, the words fell on deaf ears. I figured I might as well post this here for anyone willing to take this forward. Though this is for Kuwait, the concept is applicable to any city in any country.

I was inspired by a piece I read about Barcelona's city design, known as Superblock. (This is not the original article, but similar content).

Kuwait borders and livable areas
Kuwait's borders in red. Livable areas marked in green.

The Problem

  1. Kuwait City is too congested as it’s a main hub for businesses and government offices. Kuwait City is the capital, and is a tiny area at the middle-top of the green marked area.
  2. Air pollution is very high.
  3. Temperature within the city is 2-8° higher than outside (especially in summer).
  4. A lot of time is wasted to get from Point A to B within the city:
    1. It takes 20-30 minutes to drive a 3 kilometer distance within the city!
    2. It takes 20 minutes to exit the city from airport road (or anywhere else). Only to exit it! You still need to drive the rest of the distance to wherever you want to go.

The Cause

  1. Too many street lights and intersections within the city.
  2. Small roads.
  3. Irresponsible driving and parking habits.
  4. Badly placed entrances of buildings on main roads, rather than internal roads.
  5. Concentration of businesses in the city, rather than distribute them to multiple areas.
  6. Inefficient and insufficient parking:
    1. Kuwait Municipality still uses archaic regulations allowing skyscrapers with little/no parking. A 30 floor tower, where each floor could have 90 employees, would have parking for 100-150 cars only. Not even considering tower visitors.
    2. Most parking spots are unused lands, an ever shrinking "resource."

The Symptoms

  1. People park illegally, especially on road sides.
  2. Roads are blocked/shrunk availability.
  3. Higher-than-needed congestion.
  4. Stressful daily driving.
Below are pictures depicting the symptoms and daily struggles.

Empty area in the back used as parking

Congestion. The reason is in the next picture

Illegally parked cars on the right side of the road. Entrance to the building on the main road!

Another day, same congestion. Same irresponsibility by drivers.

All it takes is 1 car to cause chaos

Illegal parking at the back of the same building

Illegal parking blocking access to the handicapped ramp inside the parking

The Solution

Build a super-block of the entire city where people enter from specific sides only (edges).

City parking survey (brief) -- Total highlighted area=347,525 m^2:

  1. Green spots: legal parking
  2. Red spots: illegal parking (empty land)

Map of Kuwait City showing green and red areas of parking

Eco Block

An economic block of a city, or convert a city into multiple blocks.
  • Build robotic parking complexes @ city edges
    • Road 30 Entrance (Shamiya Gate)
    • Road 35 Entrance (Shaab Gate)
    • Road 40 Entrance (PIFSS intersection)
    • Road 50 Entrance (Government Mall intersection)
    • Road 80 Entrance (Jahra Gate)
    • Each robotic complex can have 5000+ cars
    • A 15-floor robo complex of 2,972 m^2 area can fit 3,400 cars
    • Wait time to fetch a car: 2-3 minutes tops
    • Multiple entry-exit ports
    • Concurrent robo pallets

robo parking example
Ibn Batoota mall in UAE providing robo parking

multi entry and exit ports
Wire frame diagram showing multiple entry and exit ports to the parking

Phase 1

  1. Build robo parking complexes @ city edges
  2. Block the entry roads to the city
  3. Use mini-buses to transport people within the city
  4. Demolish parking areas/buildings inside the city and create gardens
  5. Remove street way separators
  6. Use a single lane for mini-buses

Phase 2

  1. Build metro railway or high-speed motorized walking track
  2. Eliminate mini-buses
  3. Reduce street sizes
  4. Plant more greenery


  1. No more congestion
  2. Fixed and low time of entry/exit in/out of the city
  3. Robo parking eliminates possible theft in parking spaces
  4. Robo parking eliminates high risk of people slamming your car
  5. Robo parking eliminates need for low-wage security guards
  6. Higher greenery and reshaping the city into a massive garden area
  7. Boosting economy by allowing more businesses to open w/o worrying about parking + greenery attracts people

Future Plans

Upon validating the implementation for the city, expand the idea to other major areas:
  • Hawally
  • Salmiya
  • Farwaniya
  • Free Zone
  • Universities (private and public)
  • Hospital areas (private and public)

Frequently Asked Questions

0) Is there any prior work for this?

Ibn Batoota Mall in Dubai, new Rigae Ministry of Justice in Kuwait and many other global references. None has it on a city-wide scale, though.

Closing Mubarkiya market and Salem Al-Mubarak st. are good examples to how this project expands greenery and boosts economics for shops.

1) Why not build a suspended metro and suspended walk-ways?

The construction will take 3-5 years, during which it’ll cause severe obstruction to the streets, which are already reaching their limits. It’s unrealistic and impractical. The timeline of the construction assumes that everything goes smooth, which to anyone knowing Kuwait, is hilarious and impossible.

2) Why not use empty areas and let people park by themselves or use valet?

Valet = employing a lot of low-wage foreigners, which hurts the country on the long run.
Allowing people to park by themselves is a logistical nightmare. Improper parking, banged doors, and blocked exists are a few common issues.

3) Are people going to pay fees for using the mini-buses or the metro once operational?

Currently people pay for the public and private parking, so the fee to be paid should be for the parking only. The parking ticket should allow for free all-day movement within the city, using mini-buses (initially) and the metro (when built).

4) Is this a public project or private?

It can be a public project owned by Public Utilities Management Company (المرافق العمومية) or privatized. If privatized, entrances should have a different contractor to avoid monopolies and distribute chance to multiple contractors.

5) Some people will refuse to share mini-buses or metro carts with low-wage workers. This idea won’t work.

Instead of shutting down the idea, it’s best to find ways to make it work:
  • It’s possible to have male/female segregated buses/carts.
  • It’s possible to have buses for separate destinations, and since most workers go to specific spots, it’ll reduce clashes.
  • Make separate standing and sitting carts with higher cost for sitting ones. Another form of segregation and preference to those who want some extra space.

6) Why not allow cars to enter the city, but put a high entrance fee (road tax)?

No. Easy access is a right, not a privilege. People must not use this to brag about paying more, getting Wasta* exemptions and what not. Everyone should be treated equally and cars must be banned from accessing the city (apart from emergency vehicles).

* Wasta: An Arabic term referring to getting access to something you weren't supposed to by asking people you know/higher ups.

7) Instead of all this solution and cost, why not force remote work, different working hours, or move companies to another place?

  • Remote Work: Most daily routines involve physical paperwork, thus forcing people to be physically present. Currently impractical in current times.
  • Different Working Hours: Tried and failed. It’ll affect parents who will be forced to have 2-4 trips per day for jobs, schools, and other things.
  • Move Companies: The city is the financial district (banks, stock exchange, ...etc.) and around this, other businesses thrive: IT companies, insurance, investment, restaurants, cafes, hotels, gov offices.
    It’s unrealistic to shift all of this “ecosystem” out, and chopping it (moving specific type of companies) will hurt the ecosystem and probably cause more congestion in Kuwait’s roads as people will have to go drive now to reach the city for meetings and other business requirements.

Feel free to reach out privately, or publicly in comments or on Twitter, to discuss and share ideas. Also, feel free to push this idea with the government. I honestly don't care to have credit, as long as the idea is implemented, though I'd appreciate being involved in the project.

Saturday, October 27, 2018

Ransomware Attacks: Pre and Post Attack Protection

I was contacted by a company that had been infected with ransomware that encrypted their servers' files and demanded money to provide decryption. The company's entire infrastructure was infected, including the backup server which backed files onto internal disks, so the backup was encrypted and inaccessible as well.

Below is a screenshot of the display showed on every server, instructing the victim of the situation and how to reach the attacker for decryption "services." I've masked the code so the victim wouldn't be identified and prone to revenge attack again.

The company that was attacked did have an antivirus in place, a firewall and some security measures, but that didn't prevent the attack. The attack occurred after the attackers spear-phished one of the admins and when the admin opened the attachment, the infection spread like wildfire.

Though an encrypted file sample was submitted to the ID Ransomware free service, unfortunately, it wasn't detected. When submitting your sample, give screenshots, emails and other related info. Even if it's not identified, it helps block such attacks in the future. The victim in this case ended up paying to decrypt 1 server (the backup) and didn't decrypt others. Wiped out all systems and started restoring.


  1. Servers ran unpatched Windows OSs. They were vulnerable to an old vulnerability that Microsoft had patched earlier this year in network sharing protocol SMBv1 that caused many malwares to spread via network.
  2. The backup software stores backups as files (which is fine), and those were stored on the internal disks only.

Positive Actions

  1. The owner contacted friends who were techies, who knew techies or who had been victims of similar incidents in the past.
  2. Did not touch any of the systems and left them as is. This is important, as some infections can be reversed if the server isn't rebooted (encryption key stays in memory sometimes).
  3. Contacted a local ISP that provided on-site security consultation. The person who attended there knew what to look for and that greatly helped identify the infection method.
    It's important to contact an external entity to look at your systems. Sometimes your admins will hide info to protect themselves and this does more damage than good for everyone: the company and the admins themselves.
  4. Contacted the attackers and act desperate (even if you aren't) to buy some time, and sometimes you can buy sympathy from your case handler (attacker replying to your email) and offer reduced price for decryption instead of paying full amount.

Protections and Precautions

  1. If you do pay to decrypt your data, fully understand that you're still infected, but now have access to your files. This does not mean you're safe, as the ransomware is still on your systems. You need to disinfect or completely wipe everything after getting your data out, and only the data without OS files.
  2. Always keep your systems up to date. Always. Force the business units or management to allocate suitable downtime for regularly patching all systems. Have procedures for critical patches that need to be applies ASAP and cannot wait for the usual schedule.
  3. Avoid running old operating systems. If you have software that must run on an archaic OS, find an alternative. Investing in migrating from old software that keeps you crippled is a lot cheaper than falling victim due to attacks on legacy systems, and running maintenance costs of legacy systems.
  4. When discovering an infection in the infrastructure, alert management immediately. Also, collect as many logs from as many systems as possible:
    1. Firewall logs
    2. VPN logs
    3. Server hardware logs
    4. Operating System events and logs
    5. Antivirus logs
  5. If the servers are running in your own datacenter in your building, disconnect everything from network, but keep the servers running. At least this prevents further spread or reinfection.
  6. Use latest version of an antivirus, not only updated signatures. You must always have the latest version of the application itself to make use of better self-defense mechanisms and detection methods.
  7. Use an antivirus on servers and PCs that has Application Control and Trusted Application Mode modules. I know Kaspersky and Bitdefender offer these, but some others sure do.
    Trusted Application Mode is most important to only allow verified and known applications to work, while blocking everything else. This way, should a malware reach a server, it won't be able to run there.
  8. Have an offline/off-site backup, either on some backup service, such as Veeam Cloud Backup, or on tape cartridges.
    If you decide to ship your tape cartridges abroad or take them outside of your building, make sure you place them in an anti magnet compartment to prevent metal detectors or Explosive Detection Systems (EDS) from damaging the tape. X-Ray is completely safe and does not emit any magnetic field, so it's safe to carry cartridges in your carry-on, but not your checked-in luggage that is subject to EDS, and not when in your pockets, as you go through metal detectors.
  9. Linux is also susceptible to ransomware, not only Windows. Keep your *nix systems patched.

It's important that one plans for worst case scenarios. Don't protect the perimeter from the outside, and leave the inside vulnerable. Live under the assumption that your internal systems can, and will, be infected one day, so plan accordingly.

Feel free to leave a comment to share your story, or an insight to help others, if you've been in a similar situation before.

Be paranoid. Be safe.

Tuesday, October 9, 2018

Unlock The Hidden Data: Enterprise Microservices Seminar

IBM is organizing a technical event to show use cases of containers, API consumption and micro-services in enterprise environments.

The event will have live demos and the speaking/presenting panel consists of technical engineers, and the though the agenda is brief, the audience is free to ask for specific demos of use cases or features.

The event will hold place at Sirdab Lab on Sunday Oct 14th, 5 PM to 8 PM. Attendance is free, but registration is required to provide sufficient seating and catering.

Event Information & Registration Link: https://www.eventbrite.com/e/unlock-the-hidden-data-enterprise-microservices-tickets-51119341326