A couple of weeks ago, I wrote about an ‘irresponsible’ piece of journalism by the Malaysian Insider when the ‘claimed’ the Malaysian government was spying on Malaysian citizens–but they didn’t have any proof. I was very upset that a reporter would make such a bold statement and not back it up with any proof –so obviously the post was written in a caustic and emotionally charged way–I was upset, annoyed, angry even!
More importantly though–I was wrong!
On Labour day, Citizenlab released a second report detailing out more info from they’re Finspy research.
I’m not a usual fearmonger, or a person who panics easily–yet you friendly local tech evangelist has a warning for Malaysian users out there. Unifi is censoring the internet in the run up to the hotly contested GE1–and that’s what the data suggest.
You heard that right folks, some of you suspected all along, and I apologize for not believing you earlier. I was initially skeptical that Unifi and Telekom Malaysia would go to such extents to censor our right to information, and I’m deeply upset that this is happening in my own country.
Usually most Internet Service Providers (ISP) don’t censor the internet, not because they don’t want to–it’s simply because censoring the vast amount of online traffic is a monumental technical challenge. In the past we’ve seen Malaysia ISPs do this, for instance when they blocked Malaysia-Today in the run-up to the 2008 General elections, but censoring one entire website is a fairly straightforward thing to do–an bypassing that censorship is equally straightforward.
However, what Telekom Malaysia have done in this case, is not just censor one website–but rather parts of a website. Telekom Malaysia has gone leaps and bounds ahead in terms of censoring capabilities–now they’re able to censor ‘parts’ of a website including specific videos on youtube, and pages on Facebook.
Any government that blocks Facebook completely, isn’t going to get re-elected in Malaysia, the enormous public backlash we can expect would be enough to unseat even the great Barisan Nasional. Can you imagine how upset my aunty would be when she can’t play Candy crush???
It was in this premise that caused me to be skeptical that a government would be able to censor the internet, blocking only certain pages of Facebook (like the DAP Malaysia Facebook page) is far more technically challenging, than blocking and entire website like Malaysia Today.
Unfortunately, I can almost 100% confirm at this point that Telekom Malaysia now have this capability. A capability once only used by countries like China and Iran, have now reached our borders–and it is being used.
What is Deep Packet Inspection
Just to briefly explain what’s happening here.
1. The internet is this vast network running on something called the Internet Protocol or IP. This is what we mean by IP Address, it is literally your address on the internet.
2. The way the protocol works is routing data in packets. Essentially a packet is a small amount of data.
3. An analogy would be that if you used IP to send a long letter to your mother, instead of writing a 100 word letter and then sealing it in one envelope and sending it your mother. Your computer breaks that 100 word letter into 10 packets of 10 words each(for example) and sends those along in 10 different envelopes. So your mother would receive your message in increments.
4. This is why webpages don’t load instantly. Instead they take time, because your browser just displays your web page for packets you’ve already received and what you get is an incremental load.
5. It’s also why on slower internet connections you’d see a image load in stages, rather than instantly see the entire image.
6. Just like envelopes sent via mail, packets also contain addressing information, so that the Postman knows where your letter needs to go to.
7. In all cases, the postman looks at the OUTSIDE of the envelope and sends your letter to the address you’ve written on it–without OPENING the letter.
8. So if the Postman wants to block you from sending letters to your mother, he’d just discard all the envelopes going from your home to your Mothers home. He can do this easily without opening your letter.
9. That’s how TM can easily block MalaysiaToday. They can just cut-off all traffic to the MalaysiaToday IP address (although this is a bad analogy).
10. However, if the PostMan wanted to block only certain letters to your mother–let’s say all letters you sent to your mother to vote Pakatan Rakyat, but allow letters that had nothing to do with the election–he’d have to OPEN the letter and find out what information you’re sending.
11. Similarly if Telekom wanted to block only certain parts of Facebook from you, they’d have to OPEN your data packets, to see which Facebook pages you were visiting.
12. This is the technically challenging part. Opening up the Data Packets routed through Telekom is an enormous amount of work, and obviously slows down the entire process. The internet was built on speed and trust, and not for censorship at the packet level. How many postmen would you need if you wanted them to open each and every envelope sent??!
13. This process is called Deep Packet Inspection (DPI) and it is such an engineering challenge that very few countries even bother trying. The only country with the true audacity to do this is China (and possibly Iran).
14. Yet, from my analysis and my data–I can conclude that Telekom Malaysia at least have this capability. I could be wrong–but it’s unlikely.
What data do I have?
I made fun of Malaysiakini previously, when they claimed they were being blocked by Malaysian ISPs. The reason was that Malaysiakini had no data–but they did do something strange. They claimed that the encrypted website httpS://www.malaysiakini.com was fine, while the normal website had http://www.malaysiakini.com was being blocked. (the S at the end of http means the website is encrypted)
You see if all you’re doing is blocking all traffic to the portal (for instance blocking all traffic to MalaysiaToday), it would make no difference if the data was encrypted.
If you’re doing deep packet inspection–then encryption would basically bypass that censorship. The analogy here is that if you write to your mother in Cyrillic Russian and the Postman can’t read it. He can’t determine if this indeed was a letter asking your mother to vote pakatan or whether it’s just you asking for some money from mummy dearest. So in the end the postman has to make a decision to either throw the letter away or forward it onto your mother–but he doesn’t know.
In the same way, encrypting the line, means Telekom Malaysia doesn’t know which video on youtube you’re watching or which page on facebook you want to see, they still know you’re connected to Facebook or Youtube, but they don’t know if you’re watching a Pakatan ceramah or Psy-Gentlemen–it’s all encrypted to them.
And I proved this by trying to visit the DAP Facebook page on my Unifi connection, first without encryption–and it failed. And then with encryption–and it worked. (check out the video above–the DAP Facebook page on https loads instantly, but the DAP Facebook page without encryption is blocked!!)
This is no accident, I tried it plenty times–and it gave me the same result.
Is this accidental? Could be, but highly unlikely. Deep Packet Inspection is a technically sophisticated process, and a sophisticated process is usually purposeful and intentional. It’s VERY unlikely to be some sort of accident, and there is no other way for me to explain why an encrypted version of facebook page worked, but not the unencrypted version, although networking isn’t my strong suit and I’m open to opinions.
Beware ladies and Gentlemen, I’m convinced that Telekom Malaysia at least are beginning to censor the internet, Malaysiakini seems convinced as well. I can’t be 100% sure from my data (since it’s just from my connection), but I’d be looking forward to an explanation from Telekom.
Till then–happy voting from your local neighbourhood Tech Evangelist.
A bernama report a couple of days ago mentioned that Malaysia was ‘well-positioned’ to be a world class preferred hub for data centers:
KUALA LUMPUR, April 18 (Bernama) — Malaysia is well-positioned to be a world-class preferred hub as a data center thanks largely to the government’s liberal investment policies, solid infrastructure and a large supply of people with expertise on information technology.
Besides this, the country’s multilingual talents offer clear advantages for foreign investors, particularly in terms of disaster recovery and offshore relocation, Fumitoshi Imaizumi, the President and Chief Executive Officer of NTT MSC, said in a statement here Thursday.
The reality though is starkly different. Data centers consume huge amounts of power and huge amounts of space, so the two primary resources needed to operate a data center are electricity and real-estate. Of course you need skilled technicians and engineers to run it, but the scale of most data centers usually require a small-ish team to operate even the largest data-centers, as these things usually take care of themselves.
Now, even though Malaysia offers cheaper electricity and far cheaper real-estate, and even cheaper skilled labour that Singapore–where does Amazon choose to host their Asia-Pac Datacenter? You guessed it–Singapore.
So why then, does the world’s leading IaaS provider choose to have their data center in far more expensive Singapore, then it Malaysia? Could it be that the communications infrastructure in Singapore far exceeds anything Malaysia currently has–or is planning to have? Could it be that top-notch IaaS providers are less interested in driving down the cost of real-estate or electricity, but feel an urgent need for multiple connection points for their hubs to connect to the rest of the world?
Tech columnist David Pogue shares 10 simple, clever tips for computer, web, smartphone and camera users. And yes, you may know a few of these already — but there’s probably at least one you don’t. Some however, didn’t work for me, like the double-space on my Samsung s3 just gave me a –double space.
A lot of people ask why Malaysian has fallen behind countries like Korea, Taiwan or Singapore in terms of our economic development. The answer most politicians give is corruption–but there’s hardly any data to suggest that’s a big issue–at most corruption can account for the ‘loss of income’. There’s no guarantee that the money we saved by eliminating corruption would be spent wisely on good projects, there’s no guarantee we’d be where Korea, Taiwan or Singapore is even if we had no corruption. Do you think there’s corruption in Kelantan, yet they seem to be trailing behind everyone in terms of development? Low corruption is not a guarantee of good education.
So what do Singapore, Korea and Taiwan have in common, that may explain their leap-frogging us economically?
They have great people–now don’t get me wrong, Malaysians are great people–but we’re not good at science, or maths, or engineering–or anything technical for that matter.
The two things that Singapore, Korea and Taiwan have in common are high scoring TIMSS students and top notch quality universities in their borders.
Firstly, they score extremely high on the TIMSS for Science and Maths. Their high-school students, kick our high school students ASS!
Secondly they have world class universities in their borders. In fact Singapore have two prime Universities (NUS and Nanyang) both of which feature in the Top 10 Universities in Asia–in fact they’re the Top 50 schools for engineering in the WORLD!! Korea and Taiwan have entire swaths of world ranking universities within their borders, which translates to a lower expenditure on education for high performing students and their scholarship sponsors, but also high quality fresh graduates rolling out into the job market every year.
In comparison, Malaysia has just one University in the top 100 Universities in World (UKM is ranked 87) and we rank at the BOTTOM third in the TIMSS for Science and Maths. So basically at some point it becomes garbage in, garbage out–how do you expect to grow a world class University when you’re sending the bottom 3rd of the world to study in that University.
And that’s my problem with Pakatan’s free tertiary education–if you give away crap for free–it’s still crap! However, my biggest gripe is still with Barisan, because it’s on their watch that we experience such a sharp decline in our education standards–particular during the time of TSMY tenure as education minister.
What makes matters worse is that we’re slowly trailing Thailand, not just in TIMSS but in our university rankings as well, yet no politician has made this the cornerstone of their campaign, no single politician thinks that the future of our country is more important than lower car prices, Rosmah’s ring or the virtues of a caretaker government. This is the future of Malaysia–and no one seems to be bothered.
Sorry for inconvenience! let us manage your twitter account from now on,Untuk semua , For All, Wei Ren Ren, Ellowrukkum – SarkasSiber
— malaysiakini.com (@malaysiakini) April 27, 2013
Malaysiakini now follows in the footsteps of other notable newspapers who’ve had they’re twitter account hacked, hopefully twitters recent announcement for two-factor authentication may help reduce the high number of hacks the social network faces on a regular basis.
The news of the hack comes hot on the heels of a Malaysiakini article claiming local ISP’s are blocking access to their websites. Although I doubt the claim, there’s no debating that Malaysiakini is coming under a lot of flak these days, being the main online news portal in Malaysia and quite possibly the only one that reports on opposition news.
Let’s hope they manage to stay up over the GE weekend.
The winner of the Hackathon was Tan Kok Boon (pic) who stole the spotlight with his groundbreaking application which allows users to monitor and prevent threats using F-Secure’s World Map Interface. Tan won the award for ‘ The Most Innovative Application’ and the award for ‘The Best Overall Performance’. Also notice from the picture, what device was the winner of the Hackathon using to code? It’s a MAC!
Which just goes to show, the OS of your laptop is almost irrelevant now–and pretty soon the OS of your phone will go the same way. More…