The pipe that brings water into your home is a pretty un-sexy thing, just like the electrical cables that deliver electricity. Your internet connection though, has gotten sexier and sexier–from being used to deliver paid content like hyppTV and Astro to other more interesting services, resulting in a triple play (internet, tv and phone) of services, all piped into your home on a fibre optic cable no thicker than a strand of your hair.

But should you internet connection be sexy or should it be a dumb-pipe? The telcos of course want to deliver more services and hence fatten the bottom-line, but the problem I have is that in their zeal to do this, they’ve violated the principles of net neutrality, and I fear that we’re going down a rabbit-hole of ‘favored’ content, that sooner or later we’re not going to be able to reverse this trend.

A quick example is Maxis, it’s the only player out that can stream Astro content over the Fibre cable. That gives Maxis an un-fair advantage over TM.

A notice posted on the Malaysian Communications and Multimedia Commission’s (MCMC) Facebook page said the decision was made to block websites that “promote, spread information and encourage people to join the Bersih 4 demonstration”, on grounds that this will “threaten national stability”.

I cannot then tell you to join Bersih and call for free and fair elections, and I couldn’t begin to articulate that our Prime Minister has received BILLION ringgit donations from foreign sources, and certainly I must refrain from encouraging you to do your civic duty to attend tomorrows rally.

Are you afraid of Hackers? Do you lie restless at night thinking of what might happen if they got into your bank account, facebook profile, or e-mail. Perhaps you’re also worried about that they might hack into a forum you visit, or that they might get into your personal messages on whatsapp.

It’s true that hackers are able to do all of these things, but the public perception of hackers really isn’t quite justified, and this false perception can lead to terrible outcomes.

Take last weeks post about the hacktivist group Anonymous. In it I expanded on the public fear of anonymous and how that didn’t correspond to the actual damage that the group causes. Sometimes all Anonymous does is a DDOS on a public website, that still takes some skill, but far removed from actually infiltrating a server. Yet, most people wouldn’t be able to differentiate a DDOS attack of a website to a compromise of an actual server, and this inability leads then to disproportionately fear hackers, worse still it leads them to lump all security related incidences into a single bucket called “hacked by hackers”.

But Why?

Why are people so afraid of hackers? And why is there a huge discrepancy between what some of these hackers are actually doing and the fear that the average citizen has of them.

I have one theory–ignorance, or more specially tech-illiteracy.

Our newly appointed Communication Minister has come out all guns blazing in directing the The Malaysian Communications and Multimedia Commission (MCMC) to ask social media giants such as Facebook, Google and Twitter soon to block “false information and rumours” on their platforms.

That in itself is quite frustrating, but what really got me scratching my head was his claim that “that social media providers acted on 78 per cent of MCMC’s request for removal of content last year, with Facebook taking action on around 81 per cent of its request.”

The latest buzz in Malaysian cyberspace is the ’threat’ from Anonymous Malaysia to launch ‘internet warfare’ on the Malaysian government, singling out our poor ol’ Prime Minister, demanding that he step down or face the consequences of Anonymous actions.

The threat of internet warfare even came with a date, 29th to 30th August at 2.30pm, coinciding with Bersih 4.0. You know you’re dealing with a bad-ass when they tell you when the attack is coming, sort of like Muhammad Ali telling his opponents which round he would knock them out in. (down in the 5th)

I need to take this blog to somewhere it hasn’t been. To boldly go where every other Malaysian blog has already gone–into politics.

This is my blog, it’s my hobby, I don’t depend on it for my survival, I don’t rely on it for anything other than the satisfaction it provides me. Therefore, I get to do with it what I want, and today I want to talk about politics.

Sarawakreport, a website covering sensitive political topics in Malaysia was blocked today by the countries most prominent ISP, Telekom Malaysia (TM).

Internet users using TM’s Domain Name Server (DNS) reported that the website was inaccessible, and I’ve confirmed that is an intentional block by TM.

Here’s a quick primer on DNS. The internet works on this marvelous set a rules we’ve come to call the Internet Protocol. Part of this protocol requires that every server or machine on a network be assigned a unique number to identify itself, this number is called an IP address. An IP address is sort of the phone number of a server, and if you want to communicate with a server you’d need to know that servers phone number.

[caption id=“attachment_5085” align=“aligncenter” width=“550”]

A screenshot of the RCS Software from Hacking Team[/caption]

There are two types of governments in the world, Those that build complex surveillance software to spy on their citizens, and those that buy them–and our government is more the buying type.

Few nation-states have the budgets to build out complex surveillance software, but some are finding that ‘off the shelf’ software sold by dodgy companies are just as effective at a fraction of the price. The problem with buying of course, is that sometimes those dodgy companies that are manufacturing these spying software also sell their wares to repressive regimes like Sudan, and being on the same customer list with Sudan doesn’t quite bode well for any ‘moderate’ government.

Take Gamma Corp for example, the organization responsible for the FinSpy and Finfisher suite used by the Malaysian government in the run-up to the 2013 General elections. Another is Hacking team, an Italian based company that produces similar remote control software (RCS).

And in a bit of internet karma–both of these companies were hacked themselves…possibly by the same person.

In August 2014, Gamma was hacked and had 40GB of data forcefully exfiltrated from their servers. My analysis of that leak, revealed no information about Malaysian purchases of their FinSpy software simply because a large chunk of that data was encrypted.

Recently however, Hacking Team had a much more severe attack, one that managed to extract 10 times more data, and here I found ample evidence of Malaysian government agencies procuring spyware from Hacking Team presumably to be used against Malaysians.

The question of course is should you be worried, the answer is Yes, and not just for the obvious reasons. After combing though a trove of documents, I found that 3 government agencies procured the ‘flagship’ RCS software from Hacking team, and from my layman’s understanding of the law, none of them have authority to actually use it.

Worst still, some e-mails point to incompetent IT skills as well as bad Procurement practices, that actually annoyed hacking team’s salesforce. I will conclude this post with why this attack on Hacking Team has a positive outlook for regular internet users, and why our government agencies procuring this stuff isn’t exactly ALL THAT BAD.

First off, apologies for the lack of content on the blog. I’ve been really busy at work these past few months, and content is slow moving. For instance, the previous post was a review of a router, that I tested for 4 weeks, and returned to the supplier more than a week ago–and the post only went up yesterday. To that end, my decision is to churn out my thoughts just ‘straight from the gut’ and not give this posts the usual research I typically do. Hope my regular readers will forgive the tardiness.

A couple of weeks back, the guys over at infoversal loaned me a Engenius ESR600 router for a review, at first I was a bit hesitant, but my overall unhappiness with my TP-link router made me think twice. So I gave it a shot, and boy was it worth it.

The router looks pretty normal, nothing to shout about here. While its competitors like Asus and TP-Link opted to go for black exteriors, Engenius chose to stick to white-ish color, this thing doesn’t look good near modern TV sets or  home theatre systems (which is where my router is), but the fact that it doesn’t have antennas seems to be a saving grace.

That being said, the Engenius is a pretty slick device, I’m not sure how it does it, but the antenna-less design Engenius has more signal strength than my TP-Link router over both the 2.4Ghz and 5Ghz range. Yes, the router is dual-band and one that actually works well over both bands. So great points for Engenius in that category.