Your browser (Internet Explorer 6) is out of date. It has known security flaws and may not display all features of this and other websites. Learn how to update your browser.
X

All Air Pollutant Index (API) readings in Malaysia for 2014

Haze Malaysia
Once again, your friendly neighbourhood techie has used this powers for the good of the country.

Last September, I scrapped all the procurement data from the Malaysian’s Government MyProcurement website, this time I scrapped all the Air Pollutant Index (API) readings from the Department of Environment (DOE) website.

First off, Kudos to the DOE for keeping such great tabs on the data–overall the DOE publishes one API reading for every hour or every day across 52 locations in Malaysians. Just to put the sheer volume of data into perspective, for just one year that’s:

52 locations x 1 reading/hour x 24 hours/day x 365 days/year  = 455,520 readings.

That’s a lot of readings–and a scintillating amount of data, but it gets better. The DOE website has data going all the way back to Aug-2013, so I created a script in Python to grab all the data from Aug-2013, all the way to Feb-2015, more than a years worth of API readings, and more than 600,000 data points for you guys.

Grabbing that much data posed some challenges, both in programming the script, but also in my ability to share it with you. For those of you with older versions of Microsoft Excel, you’re limited to just 65,536 rows per sheet, and even with the newer versions of Excel, loading 600,000 rows into a single sheet would freeze all but the most powerful of laptops.

For now though, let’s move onto the top 10 things about the Air in Malaysia.

10 Things about the Air Pollutant Index in Malaysia

1. The highest API reading across 2014 was 358, recorded on the 14-March-2014 at 9am in Port Klang. More…

What happened in the MAS hack. All questions answered, one question asked.

Real-Life DDOS attackLate in January the Malaysian Airlines website was ‘supposedly’ hacked by Lizard Squad. You  might remember Lizard Squad as the guys who ‘hacked’ the XBox and Play Station network over the Christmas holidays, and I’m using a lot of ‘quotes’ here because Lizard Squad didn’t really ‘hack’ XBox One or Playstation, they merely DDOS-ed the services.

What is DDOS-ed I hear you say?

A DDOS attack is one where you flood a server with so much web traffic, that the server is no longer able to serve content to legitimate customers. Imagine if you got 100 friends, and decided to create some havoc at the McDonalds near your home. You and your friends would line-up at the counter, and you’d place an order for 100 Big Macs, 25 Cokes and 1 Apple Pie… only to cancel your order after the cashier typed in it. The next friend in the que would do the same thing–over and over again. Even though there would be legitimate customers at this McDonalds trying to buy some food, chances are they’d either have to wait a very long time to get their food, or they’d give up entirely.

Essentially you’ve denied McDonalds their chance to serve their customers–or you’ve just launched a Denial of Service (DOS) attack–the extra D in DDOS, just stands for distributed.

Real-Life DDOS happen all the time–what do you think the Thai Protestors were doing to Airports in 2008?

But why is this important?

It isn’t. DOS attacks are pretty common–but Lizard Squad attacked the Play Station Network,and XBOX with ulterior motives. Even though they claimed to do it in the name of ‘security awareness’, they only stopped their DDOS attack because Kim Dotcom offered them USD300k worth of services on his Mega website. Kim Dotcom is another controversial character, but to cover him in this article would be too large a digression–so if you want to know more about him, just Google it.

The REAL motive of the Lizard Squad DOS attack became apparent some days later when they started to offer their DDOS attack as a service to paying customers. Essentially you could go online and buy their services to attack a target–maybe a competitor company, a personal blog of someone you don’t like, or just about anything. Lizard Squad were hawking their services to anyone with cash.

Some suspected that Lizard Squad were running this large DDOS attack using nothing more than home routers–similar to the ones that UniFi provides and that I demonstrated could be hacked trivially over an internet connection.

More…

Watch SuperBowl in Malaysia

Got this email from the people over at Unotelly:
I want to inform you that UnoTelly will allow people stream the NFL Super Bowl for free on Sunday, February 1, regardless of where they live or whether they are UnoTelly subscribers.
We are offering free access to media stations (NBC Sports, Channel 4 and more) that will be broadcasting the Super Bowl for free. Visitors will not be required to sign up for a subscription, but simply need to submit their e-mail address. Please feel free to visit our Super Bowl page for more information:https://www2.unotelly.com/superbowl
I trust UnoTelly—so if you’re an American stuck in Malaysia, this is a free way to watch the SuperBowl–otherwise move along, there’s nothing to see here.

Can Malaysia be Land of the Free and Home of the Brave

As we come to terms with the terrible events that occurred at the offices of Charlie Hebdo, I think we need to be cognizant of  what these attacks really mean, and how our response to these events (even in far away Malaysia) has severe repercussions on our future.

As a Blogger and Techie, I’m 100% for absolute ‘no holds-barred’ Freedom of expression.. I’ve written so much on the subject it begins to bore people, but we have so little freedom of expression in this country, we must fight to preserve what we have, and rise up to pursue even more.

The pursuit of freedoms of which we do not enjoy is necessary, thanks to laws like the Sedition Act of 1948. An act so grossly out-dated it’s embarrassing that we still have it on the books. People forget that Malaya was at war in 1948, and when the act came into effect, we had already begun one of the darkest period of our history–the Malayan Emergency. This was a time when planes were dropping bombs in the jungles and rubber tappers had to be escorted with arm guards, the laws needed at a time like aren’t the laws you need now.

Because unlike World War 2, the emergency was part of a larger ideological war–one where Ideas were dangerous. So we put laws that limited the dissemination of ideas which was wrong, but then we kept them even after the last elements of the communist insurgency had left–which was definitely wrong. Soon we used these laws clampdown on everything from questioning Malay rights to criticizing education policies (education policies that were later reversed by the way!). 

How can using a law, enacted during a dark period of war be considered relevant for peace time? These things really should come with expiry dates.

And lest you think this only impacts Malaysia–every country at War will go to extremes in the law.For example, the US enacted their own sedition act in 1918, just before they were setting off to take part in the ‘Great War’–only for the act to be repealed in 1920. This in a country where the first thing they amended in their constitution was to explicitly guarantee Freedom of Speech–the lesson to take away is that whenever people’s security is threatened, they’d give up their freedoms. The Patriotic act would have never seen the light of day weren’t it not for September 11th.

But let us find solace in the last verse of the Star Spangled Banner which reads “Land of the Free and Home of the Brave”–and just like Roti Canai and Dhall, you can’t have one without the other. You can’t live in the Land of the Free, unless you are Home to the Brave, because cowards give up their freedoms at the first sight of danger. To keep your freedom you have to fight to protect them, and never give them up. Because if these laws are anything to go by, once we enact laws to curb freedoms, we seldom repeal them.

Which brings us to the point, protecting freedom requires courage. It requires us to say we don’t want to trade security for freedom, we’d rather live insecure than un-free. And that takes courage, but also common sense. Because if you don’t like that, there’s a place where you can get all the meals you want, a roof for the head and be totally secure…it’s called prison.To get total security, you need to give up ALL your freedom.

And that’s what the terrorist REALLY want you to do, because the real point of terrorism isn’t to kill people, It’s to terrorize them.

To get people to change their way of life, and force upon them a sense of fear so crippling that they will never live free again. If we are to defeat the terrorist, we must not just condemn these acts, but condemn the  weak and cowardly among us who would give in to this terrorizing and suggest that we ‘beef up our laws’ and ‘grant more powers to the government’–these are not words of strength, these are code words for giving up freedom and they come only from the lips of the meek. These are the defeatist who would allow the terrorist to win.

We must protect freedom wherever they exist–we already have so little. So when I see people being charged for selling IS merchandise, and politicians claiming we need laws to curb freedom of speech to avoid another Charlie Hebdo, I think to myself where are the brave in Malaysia? Why do the spine-less invertebrates get so much publicity, why isn’t anyone defending our right to freedom of speech (even if it offends, and especially if it offends), why isn’t anyone defending the rights of someone to sell merchandise of an organization? If you’re going to charge someone for selling merchandise of organizations that you don’t agree with–I suggest you start with those that sell swastikas and the book shop that sells Mein Kempf,better yet don’t charge them at all. Because who are you to make such assumptions of what agreeable and what isn’t–what is dangerous and what isn’t?

Isn’t this still a free country? And selling a t-shirt is hardly a crime in a free country is it?

If we are really such cowards as to be afraid of t-shirts…I fear we can never be land of the free, but that’s completely our fault.

Maxis Forum needs an upgrade

Yesterday I Googled something about maxis that took me to a forum.maxis.com.my link. Unfortunately, Firefox wasn’t happy with Maxis, because I got the following screen:

SSL V3 on maxis forum

Firefox is the first of the mainstream browsers to end support of SSLv3, ever since Poodle was published. For those of you who aren’t keeping tabs of security issues–Poodle was a big vulnerability discovered in the 2nd half of 2014, that affected the SSLv3 protocol.

The only fix for Poodle was to completely stop using SSLv3 altogether, not a bad idea, since the protocol itself is nearly 18 years old. In other words, the people born at the same time of the protocol, are already driving cars by now–on the other hand people born at the same time as the very first iphone have only just finished kindergarten, and Apple have long since stopped supporting version one of the iPhone. So would anyone support this grandfather protocol?

Just to drive home the point of how old SSLv3 is–the protocol is 3 years older than Maxis pre-paid offering, Hotlink–which was only launched in 1999.

Fortunately, most modern day browsers already support newer versions of SSL, namely TLS version 1.0, 1.1 and 1.2 (1.3 is still draft)–which means of course most people aren’t fully susceptible to the issue. Even then computer geeks were switching SSLv3 off on their servers just to be sure (there are downgrade attacks, which can force a connection to use SSLv3 even though both server and client can support TLS)

But here’s the kicker–some websites continue to support SSLv3, leaving people vulnerable as long as they’re  using a SSLv3 capable browser–which is the main reason Firefox has disabled SSLv3 in it’s latest installment, and Google will follow very soon on Chrome. So regardless of whether the server support SSLv3, clients using the latest version of Firefox will be secure (at least from Poodle)

Now with the Maxis forum though–things are far worse. Not only does forum.maxis.com.my continue to support SSLv3–it apparently is the ONLY version of https supported by the forum page. In other words, the only security the Maxis forum offers, is based of an 18-year old protocol that’s already been owned. This from a company that apparently put their CTO’s life on the line to promise zero youtube buffering.

I mean, it’s great that Maxis is promising zero youtube buffering and all—but if you can’t even get the security basics on your forum page done right–then I question your ability to secure just about anything.

Fortunately, the Maxis login page to view account information isn’t susceptible to the attack (but most users would re-use their passwords for both the forum and login),so that’s not exactly great news.

Honestly Maxis, you have to do better.

Streamyx forced ads (202.71.99.194)

Streamyx forced ads

A couple of days back, I was at my in-laws doing some browsing on their PC. Now my in-laws have a Windows XP laptop, that isn’t secured, which is fine because as far as I can tell, I’m the only one that uses it. Most of them now go to their phones or tablets for internet access–nobody uses PCs anymore!!

But I noticed something strange. I wasn’t able to access Amazon, which was where I was browsing for some Christmas shopping (but not logging in of course). Somehow every time I typed www.amazon.com on the browser, it would re-direct me to a Lazada advert. Now this looks like a piece of malware—sounds like a piece of malware–but after some investigations, I discovered this WASN’T a piece of malware.

Instead I realized that this was a problem with the streamyx DNS. For some reason all the traffic that should have been routed to Amazon, was being routed to a TM IP address at 202.71.99.194. A quick Google search led me to this lowyat post, and this one,  post from 2013–so this wasn’t new. TM was routing all unresolvable domain names to adverts that looked so much like malware, it’s indistinguishable from a malware infection.

TM was doing exactly what malware authors do!!

I would never have encountered this problem, because I use Open DNS–but this is unacceptable from TM. To deploy something, that behaves and acts like a piece of malware, just so they can force feed you some adverts isn’t just unethical and bad ISP practice–it’s terrible security.

Because when you deploy something that looks and acts like malware–but isn’t. Then people get de-sensitized to malware infections and soon ignore malware infections, thinking it’s legitimate shit done by their ISP.

TM should fix this–and really should stop this nonsense.

It’s now a good a time as any to change your DNS settings so you’re not susceptible to this Malware look-alike.

Malaysian Government Hacked Environmental website?

How IP addressing works

Environment News Service, an environmental focused news website this week accused Malaysian government hackers of attacking it after it ran a story implicating Sarawak governor Tun Abdul Taib Mahmud of corruption and graft. As a result, the site was down for 2-hours, before the site manage to re-gain control.

“The attack on our site came from a Malaysian government entity as identified by their IP address,” Sunny Lewis, editor-in-chief of Environment News Service (ENS)

But what exactly is an IP address, and how did ENS identify it?

Let me explain.

What is an IP address?

The internet runs on a protocol–a set of rules that determines how data gets routed from one corner to another. These rules allow for every computer connected to the internet to communicate with every other computer and the protocol itself is aptly named the Internet Protocol, or more commonly known as IP.

Part of the protocol stipulates that every computer connected to the internet must have a unique number that identifies itself to the network. Just like how telephones have unique phone numbers, devices connected to the internet have unique internet numbers–or more accurately called IP addresses.

You can easily determine your IP address by logging onto www.whatismyip.com, or even just typing “what’s my IP” into Google. But where does your IP address come from? Unlike Phone numbers, IP addresses aren’t static, your IP address changes every time you reboot your router. Your IP address was ‘given’ to you by your Internet Service Provider (Unifi, Maxis, Digi..etc) and once you log-off or shutdown your router, your ISP then takes that IP address and assigns it to someone else. IP Addresses are like gold these days and ISPs need to dynamically allocate them to you, because they’re subscribers exceed the number of IP addresses they have.

So your IP addresses are given to you by your ISP. But who gave your ISP their IP addresses?

The answer is your local Network Information Center (commonly called a NIC)

In our part of the world it’s APNIC (or the Asia-Pacific NIC). You see as de-centralized as we think the internet is–there is still some level of centralization that requires an authority to administer. This is especially true in the allocation of IP addresses to Internet Service Providers–every region of the world has a local NIC that manages the IP address allocations to the local Internet service providers, to prevent them from issuing identical IP addresses across two different networks. It also means that there is a central repository that can tie each IP address and who that IP address was allocated to.

So while your IP address changes with every logon, at the very least it will continue to be a Unifi IP address each time (or Maxis or Digi..etc). Your ISP has a fixed pool of IP addresses that it then dynamically allocates to subscribers like you.

So how did Environment News Service know that Malaysian government hackers attacked them? They simply traced the IP address of the attacker (which they knew), and my guess is found it registered to the Malaysian government. I further speculate that the IP address would have belonged to GITN (the official network provider to the government)–which I wrote a couple of years back was used to download some porn on bit-torrent — so this wouldn’t be the first time some hanky-panky went on over at GITN.

Some unanswered questions

Now some questions.

If these hackers were smart enough to hack a website, how come they weren’t smart enough to hide their IPs? It’s quite trivial to hide an IP (just use TOR)….which makes me sceptical of this entire claim, but then again we’ll know more when we Environment News Service publish more information.

In any case, I highly doubt anyone in our government has the skills to do this–and someone as rich as Taib would have probably hired more competent professional to execute the so-called ‘hack’. There are guys who openly advertise services to take down websites, and they start from as low as RM1 for every 10 minutes. Basically these hackers offer their ‘attacking’ services for a fixed price–and some of them even offer 24/7 helpdesk support, and I’m not joking. So why in the world would someone like Taib even bother going to the government for something as trivial as this–when competent professionals are easily available.

The Malaysian government has been accused of taking down Malaysiakini and other news portals in the past. and in those instances the attack didn’t come from the government, the very first attack in 2004 was reported to have originated from APIIT (yes the IT school), then Radio Free Sarawak was attacked prior to the 2013 General election, and that DDOS came from more than 36,000 IP address (yes, that’s 36 THOUSAND)–this new attack seems like a paltry downgrade when compared to those, and run by amateurs.

I can only speculate of course, the Government is known to be spying on citizens and censoring the internet–but sometimes the stories being thrown around make me question their authenticity.

Conclusion

Thanks for reading. If you want to learn more about IP addresses and what the hell IPV6 is, check out my two videos below:

Phishing by the Bank–Maybank that is

Recently I received a phishing email from konzie2@usm.edu telling me that Maybank had installed new security features and that I need to validate my details on the Maybank2u web portal. The email was marked as SPAM by Gmail, and trying to visit the site further sparked more warnings from Firefox AND my anti-virus.

But I was curious as to what the link would entail, in much the same way I was curious about the RHB phishing emails I received some months back.

Hopefully this post gives you an indication of just how sophisticated these attacks are, and manages to educate you on the one true way to establish if the site you’re visiting is genuine.

Fake Maybank2u login page

The fake login page for Maybank2u looks exactly like the REAL login page of Maybank2u, there really is no difference from the victims perspective. What’s more interesting is when you go deeper, by just enter in ‘a’ username and a password you get to the following page (please don’t enter ‘your’ username and password, just ‘a’ username and password) More…