Sophos on Internet Explorer Security Flaw and Hacking

January 22nd, 2010 by Brad Heap

This video is a little silly at the start but later on does well to explain the inside workings of how someone can break into your computer when you do not have up to date security updates and anti-virus installed.

Orcon+ Internet Disconnecting Under High Load?

January 16th, 2010 by Brad Heap

All morning I have been frustrated by the internet connection at my parents place keeps disconnecting. I have been trying to find a pattern to the disconnections but so far the only thing I can spot is disconnections under high load – particularly when using BitTorrent or updating Ubuntu. The graph below is taken from BitTorrent it shows the contstant disconnections over a 55 minute period downloading a 500mb file. In particular 17 disconnections over the final 25 minute period.

The screenshots below are from Ubuntu and show it attempting to download updates. Unlike BitTorrent when the connection drops the entire update fails until you press the cancel button and then manually start the download again after the connection has been restored. Here we have 11 disconnections while downloading 180mb of data. It appears that the data is coming in roughly 25mb bursts between disconnections.

Thanks to @orcon through twitter they are investigating the matter, however, I am not the only one suffering these disconnection issues since connecting to the Orcon+ Network.

This is the orcon log of all our connections this morning during a 3 hour period.

AC/DC fans need to learn how use the internet.

July 29th, 2009 by Brad Heap

The NZ Herald is reporting that some fans are annoyed because they managed to buy 3 times the tickets they needed for the AC/DC Concert.

http://www.nzherald.co.nz/entertainment/news/article.cfm?c_id=1501119&objectid=10587417

AC/DC fan Tamar McKewen was not impressed to discover her credit card had been maxed out with three times as many tickets bought than she was after, after a blip in Ticketek’s online booking system for the band’s Wellington concert.

A number of ticket buyers have complained about the overloaded system that either had buyers unwittingly purchasing too many tickets – or not able to buy any at all.

Tickets for the ageing Aussie rockers’ January concert went on sale at 9am yesterday, but the massive volume of customers left many frustrated with faults on Ticketek’s website.

However, Ticketek general manager Brendan Bainbridge said the day was a “success” and although he did not know the figures, only a small number of people were probably affected.

Ms McKewen said she logged successfully onto the website before 9am.

However, after she entered her credit card details and was waiting for confirmation from the site, the webpage timed out.

Ms McKewen was trying to buy three $160 tickets to the show.

She repeated the process two or three more times before a note appeared advising her to call Ticketek before attempting to buy any more tickets.

So at the start it appears that Ticketek had a problem. But they didn’t. It just appears that the customer does not know the basic rule of online shopping. Once you have pressed purchase only ever press it once, do not press it again because it is going sow, or reload it. This is clearly the customers fault not the fault of Ticketek. So why the media beat up?

The company would refund the cost of the extra six tickets.

That’s nice of them, again so why the beat up?

“As much as I’ll never use the Ticketek website again because of the hassle, I know it was all worth it to see AC/DC.”

May I suggest you learn to use a computer before going and having a cry.

I guess it is a slow news day.

Say No To Internet Filtering

July 14th, 2009 by Brad Heap

This video is regarding the internet filtering in Aussie but the same applies here:

Did I wake up in China?

July 12th, 2009 by Brad Heap

Last night I came across this post on Geekzone: http://www.geekzone.co.nz/freitasm/6625 it is regarding the implementation of filtering of the internet in NZ.

Another good post is here: http://thomasbeagle.net/2009/07/09/nz-internet-filtering-faq/

To make a quick summary this is a very scary development. The great firewall of China is well known. There every single site that is accessed is filtered and if the content is determined to be in anyway, real or imagined, offensive to the Chinese Government then the site is blocked. It is a form of restriction on the people of the country and is heavily criticised.

So I am failing to understand why the Department of Internal Affairs wants to go down the same path in NZ. Who gave the government the power to determine which websites I visit or am allowed to visit? Now I know that there are some bad things on the net, but surely as an adult I should have the wisdom to determine which is websites are appropriate to visit and which are not. And as for kids surely this is the responsibility of the parents not the government.

Some excerpts from Geekzone:

What really worries me is that it looks like there isn’t an oversight of this process, there isn’t a publicly available list of blacklisted websites.

Internet filtering gives the government – any government – the resources they need or want to prevent people connecting to each other by the means of the Internet, one of the most liberating tools available to its citizens.

Burning books was bad. Breaking the Internet may be worse.

Some excerpts from the FAQ:

Does New Zealand have internet censorship?

New Zealand’s censorship laws forbid viewing or owning certain types of material (e.g. depictions of bestiality or sex with children) and this applies to material accessed over the internet too. A number of people have been convicted for possessing material they have downloaded over the internet.

When will the internet filtering be implemented?

The Department of Internal Affairs is intending to implement the scheme in the 2009/2010 government financial year. The exact date is currently unknown.

Who decided to implement internet filtering in New Zealand?

The decision was made within the Department of Internal Affairs.

Okay so a government department made the decision. Public Servants. Nobodies. Whoever gave them to power to determine something that will affect every single New Zealander who accesses the internet with no consultation?

Has an internet filtering law been passed?

No it is being done under the Films, Videos, and Publications Classification Act 1993. This gives the responsibility for enforcement to the Department of Internal Affairs.

Okay so why do we not get each website to have a classification you know G, PGR, R13, M, R16, R18 if we have to, but just randomly blocking sites. Now that makes no sense.

What happens if I go to a banned site?

You will see a message saying that access to the site has been banned. Your internet address will be logged. This will be able to be tracked back to your internet account.

Big Brother is always watching.

Does the internet filter only apply to web browsing or does it apply to other traffic as well?

All traffic (web, email, P2P, etc) for a filtered internet address will be forwarded to the DIA’s server.

The software only mentions filtering based on web traffic. Whether the other traffic is filtered, forwarded or discarded is currently unknown.

Does the word privacy exist anymore? How can someone trust the DIA? With everything going through it how can we be sure someone won’t steal our Credit Card Numbers, Bank A/C Details, Read our emails (oh wait they probably already do that). Do they have the power to break encryption too?

Is the list of banned sites available?

The Department of Internal Affairs has refused to release the list of banned sites. They claim that they are allowed to do so under section 6 (c) of the Official Information Act. This allows them to refuse on the grounds that the release would be “likely to prejudice the maintenance of the law, including the prevention, investigation, and detection of offences, and the right to a fair trial”.

This can be contrasted with the legal responsibility that the Chief Censor has to publish their decisions to ban films and publications.

So in other words this website could be blocked, and I would never know why.

Is it possible to check whether a website is on the filtered list?

The only way to check whether the website is filtered is by attempting to access it.

If a website is filtered is it possible to find out why?

No.

Can other types of material be censored in the future?

There is no reason why the same technology could not be extended to block websites with other types of content.

What makes me most concerned is less than six months ago we had the Internet Blackout dramas. Now it seems to have come again just in a different form.

Thoughts on Google Chrome OS

July 12th, 2009 by Brad Heap

It was interesting returning to Auckland on Thursday night to find out that in the past few days the world has completely changed. Yes Google has finnaly let the cat out of the bag (but I think it actually escaped months ago) that it was developing an operating system to rival Windows.

Google Chrome OS is not planned to be released until late 2010 however the source will be released later this year (so in some ways you could start using it later this year). The full announcement is here: http://googleblog.blogspot.com/2009/07/introducing-google-chrome-os.html

The points that I am most interested in are:

  • This is not Google’s first OS, in fact it is their third. In house they use Goobuntu (http://en.wikipedia.org/wiki/Goobuntu) which is a modified version of Ubunutu Linux. And at the end of 2008 they released Android an open source operating system for cellphones, and it rocks.
  • Cloud Computing. The operating system is going to be very light weight on the end users system and plug directly into the internet. This is going to be a lot like the Android where it is always on and things are straight away at your finger tips. This works really well for a cellphone but I do wonder how much functionality it is going to have for more high end activities. Sure you may be able to edit a word document etc, but what about being able to do some coding, or playing a game. In those realms I think that a full desktop environment will still be a lot better.
  • It is free. Well being open source and based off linux they really didn’t have much more of a choice. Having said that it really gives Microsoft a kick up the pants with the cost of Windows even at OEM price being really expensive.
  • The number of companies involved: Acer, Adobe, ASUS, Freescale, Hewlett-Packard, Lenovo, Qualcomm, Texas Instruments, and Toshiba. This shows that it has some major industry support and the chances of success are high.

I am excited about what it can deliver, but building a web browser that gets 30 million users in 9 months is one thing. Building a operating system that can deliver a smooth user experience without bugs or issues is a whole lot harder.

June NZ Wide Webstats

July 3rd, 2009 by Brad Heap

Halfdone has compiled a list of the top 100 blogs based on visitor numbers from a number of sources

http://halfdone.wordpress.com/2009/07/01/june-halfdone-nz-blog-stats/

It is an interesting read as many of the top 30 I had not visited before, and blogs that I regularly visit were a lot lower than I expected.

For the record my blog came in a respectable 71st place. Also of interest was the allocation into left, right, centre etc, and then by topic, there are a lot of blog sites that are publically listed as christian.

EU Regulators Shoot Themselves In The Foot

June 16th, 2009 by Brad Heap

The NZ Herald reports that in the new version of windows (due out in October) will ship in the EU without any internet browser (http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10578747)

The EU have really shot themselves in the foot here.

The original point of suing Microsoft for anti-trust was due to it forcing IE on people and embeding it so hard into the operating system that it cannot be removed. Since Vista (and I think XP) you have been able to remove it.

Now the EU are wanting Microsoft to ship IE with Windows, but also include the choice of other browsers at installation as well. This is just plain stupid.

Why should you be forced to ship your competitors product?

I agree with the move that Microsoft has taken, it is going to annoy a lot of people, no internet browser is going to be real pain, but being forced to carry someone else’s product is even worse.

WolframAlpha passes the Brad test.

May 16th, 2009 by Brad Heap

It knows what the meaning of life is:

http://www.wolframalpha.com/input/?i=meaning+of+life

It isn’t sure about God though:

http://www.wolframalpha.com/input/?i=is+there+a+god

It knows who the prime minister is:

http://www.wolframalpha.com/input/?i=who+is+the+prime+minister+of+new+zealand

Currently the site is running very slowly, probably being hammered with dumb questions like I have just give it.

oh update: It knows that Massey University is in both Palmerston North and Albany, and has drawn me a nice little map. Loverly.

More Power

March 6th, 2009 by Brad Heap

After four days of delays my flat is finally connected onto the Vodafone Red Network.

Here is the speed comparison.

Before: Woosh Wireless
morepower1

After: Vodafone Red Network
morepower2

Or in data terms:

Results:
Download Speed: 1518 kbps (189.8 KB/sec transfer rate)
Upload Speed: 157 kbps (19.6 KB/sec transfer rate)

Results:
Download Speed: 6533 kbps (816.6 KB/sec transfer rate)
Upload Speed: 696 kbps (87 KB/sec transfer rate)

Or
Download Speed: 4.3x increase
Upload Speed: 4.4x increase

A delayed victory?

February 23rd, 2009 by Brad Heap

From: http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10558256

5:30PM Monday Feb 23, 2009

Prime Minister John Key has announced the controversial Section 92A law, which has been widely condemned by internet users, is to be delayed.

It will go on hold until March 27 while work is carried out on a voluntary code of practice.

If no solution is reached by then it will be suspended.

If no agreement was reached then the section would be suspended, Mr Key said.

If a code was agreed to, there would be a review after six months to see if the law was working as it was intended.

….

Earlier today political bloggers from all sides of the political fence took blogs down to protest Section 92A of the Copyright Act.

Some big name blogs took part. Public Address, Scoop, Kiwiblog, The Standard, No Right Turn, Frog Blog, Whale Oil, Not PC, No Minister, Just Left, The Hand Mirror, Roar Prawn, Policy Net, Kiwi Politico and a multitude of other sites including Scoop News, PublicAddress.Net, Throng, GeekZone, and Street Talk have shut their doors in protest.

Instead of their usual coverage, visitors to these sites will instead be pointed to the online petition organised by the Creative Freedom Foundation.

5.30pm is leaving the change to the last minute. But good news, but a delay is only the start. The law must be repealed.

Our Copy Right is more important that your Human Rights

February 22nd, 2009 by Brad Heap

Scoop Coverage: http://www.scoop.co.nz/stories/HL0902/S00357.htm

90% Guilty

February 22nd, 2009 by Brad Heap

6 Days from now this will be the state of the internet in NZ. Unless National suspend the new law tomorrow.

The ongoing Toll Road Website Saga

January 8th, 2009 by Brad Heap

And today’s other top story.

NZTA was told in mid December they had security issues but did nothing.

http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10550914

Does the NZTA even know what HTTPS is?

January 7th, 2009 by Brad Heap

I have been laughing over the last few days as the New Zealand Transport Authority has become more red faced over the massive security hole in their toll road payment system.

On January 25 the Silverdale to Puhoi motorway extension will open, however to drive on it you will need to pay tolls, and for the last two months or so the NZTA have been advertising the www.tollroad.govt.nz website heavily so regulary uses of the new road can set up accounts.

On Monday a computer user realised that the website was not encrypting credit card information which means that anyone who knows anything about packet snifting or the like could intercept peoples credit card details as they used the website.

Now first and foremost this should never happen. Not on any ecommerce site, let alone a government website. Ecommerce programing 101 would surely teach you that first you must always encrypt data through using SSL and HTTPS not plain HTTP.

But what was more funny is that the red faced NZTA denied that there was anything wrong with the site! Refusing to take it offline or stop processing accounts.

That was until today when with egg on their face they took down the site for maintenance and admitted they stuffed up. Time to get new programmers one thinks.

Read more here:

http://www.nzherald.co.nz/connect/news/article.cfm?c_id=1501833&objectid=10550614

and

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10550744