Why it failed: Malaysian Emergency Response Services 999 Project (MERS 999)

As we approach the end of the year, and I have some free time to blog again, I thought I’d re-visit the Auditor Generals report for 2012, and focus specifically on that one project everyone is talking about, the MERS 999 project.

This wonderful project, that cost Malaysian citizens upwards of RM800 Million, was a monumental failure on behalf of the government and for all contractors and sub-contractors involved, however to be fair the blame probably lies squarely on the shoulders of those over-seeing the procurement of the service as opposed to the IT folks–but they have to take some heat as well.

As someone with years of experience delivering IT projects, I think this is an area that I comfortably call myself an expert in, so I think I’m fluent enough in IT to take a sneak peek at this particular project to find out what exactly went wrong and what could have been fixed. Unfortunately, the results aren’t that good, but if you’d like to hear a self-proclaimed expert dissect this, then please continue reading. Continue reading

Proton has a Volvo like obsession with SAFETY? NO.

I don’t agree with most of Rockys opinions, but I still subscribe to his blog to ensure I have at least a different view of politics. However, a post he made on the ‘new’ Perdana really sent my blood curling. Rocky was defending the proton re-badging exercise, something I felt was completely unacceptable. Proton is a company that for years has thrived under government regulations and policies that were designed specifically protect it–and part of that protection included raising the price of all other cars in the market giving proton an un-fair advantage.

Even with new automotive policies rolling in, the Government has now become dependant on the duties and taxes it levies on cars, and we’re told, that the high price of cars are now an inconvenient reality that will remain. This not just sends the price of cars higher, but the loan amounts, the insurance cost, and the overall cost of living in a country where public transport is as reliable as Proton Waja Power window.

But that’s not the bit that got me angry, as a pro-government blogger Rocky has a right to his opinion, and I think it’s inline with the pro-government view of proton. So nothing new here.

What got me really peeved–and I mean REALLY peeved was this statement;

We were told at a briefing in Shah Alam last Friday that there are 17 changes made to the Accord, mostly – but not all – cosmetics. On the 2.0L version, for example, the Perdana is fitted with FOUR airbags instead of the original Accord’s TWO (this Volvo-like obsession in safety aspects is something Proton will emphasize in future cars).

What the FUCK?

Let me break it down for you–FOUR airbags is not Volvo-like obsession. Four airbags is actually less than the airbags on the Ford Focus or even the Kia Cerato (a sub-RM100k car). What you want, if indeed you had a Volvo-like obsession is a minimum of six airbags, two on the front, two on the side, and a two curtain airbags, and some cars like the Ford Mondeo give you 7 airbags, while others go as far as 8.

That’s not even the whole story.

The Proton Saga FLX is the lowest scoring car on the ASEAN NCAP standards–LOWEST. There is no car tested by the ASEAN NCAP that scores any lower. With a score of just 4.30 out of a possible 16, you’d probably be safer in a bicycle helmet than in a Proton Saga FLX. I remember rocky making a whole bru-ha-ha about the AES and how it would save lives–well one way to save lives is to ensure that our national car company makes safer cars.

Of course, I know this because I’m in the market for a new car, and I noticed that the safer cars are more expensive–meaning rich people are less likely to die in accidents than poor people. This pisses me off a great deal.

Think about things like Electronic Stability Program, that involves a computer helping you steer a car so that it doesn’t go wildly out of control. The ESP is so essential to safety, the NCAP organization will not give you a 5-star rating unless you have it. The ESP helps you avoid a crash, yet it is hardly present in any affordable cars.

For example, the soon to be launched Toyota Altis, will only have ESP on the most expensive variant–the 2.0V at a cost of over Rm130k. The lower variants don’t get ESP or the curtain airbags. The same is true for the Toyota Camry, Honda accord, Peugeot 408 and so on. It seems only the more expensive variants of these cars come equiped with ESP and six airbags, these manufacturers consider safety–a cost option! And quite frankly there is no government regulation to mandate it on the cheaper alternatives so the manufacturers follow market demands.

The only two outstanding car companies are Mazda, that offer 5-star safety standards on all variants of the new Mazda 6 and Cx-5, and Kia that offer all safety features for even their 1.6L Cerato. It has to be noted that the Mazda 6 and Cx-5 are cost well above Rm150k and Rm130k respectively, while the Kia 1.6L comes in at under Rm100k. The Ford Focus, which is also rated as a 5-star safety car cost Rm129k (for the Titanium+ edition) while the Peugeot 408 turbo cost something similar as well, the lesser versions of these car come with less than the full safety kit–but is definitely still safer than a proton.

Now before you shout out that Proton has ESP on the Preve, you must also realize it only offers the safety features of ESP and side airbags for its more expensive variant, and the ‘new’ Perdana probably doesn’t have it either.

So don’t tell me Proton has Volvo-like obsession with safety. It doesn’t.

Who knows how many Malaysia lives would be saved in Proton had the same safety standards as Volvo–but it doesn’t, so the question is more aptly phrased as how many Malaysians lives were lost as a result of Proton having such a lackadaisical view on car safety.

And to be fair all other local car dealers and manufacturers as well.

3 issues with the Malaysian education system

Every other year, we receive fresh results from PISA or TIMSS, and every other year we see our children continue their slide to near insignificance on the global scale. I can’t phantom how the Education Ministry can remain so obtuse about such a catastrophe, and instead put on a façade of confidence, when there isn’t an iota of data to be confident about.

The education policies of this country and flawed in near every sense, and what we have are politicians continually failing and children–the same politicians who get re-elected year after year.

Satu sekolah untuk semua is destructive

Consider for a moment, that Malaysia is a diverse country, one of many races, religions and creeds–yet, there’s an entire sub-section of bloggers who think that having just one school system is valid for this country. I’m looking at the people behind satu sekolah untuk semua initative, an initiative that is well-intentioned (maybe) but definitely not in the best intention of our children.

Children need individualized learning, and if for what ever reason some of them prefer to learn Science and Maths in English or Malay, or Mandarin, Tamil or whatever language or dialect–then they should be encouraged to learn it in their preferred language. The parents who claim the need to learn science in the ‘lingua franca’ of science are both mis-guided and mis-informed, the lingua franca of science isn’t English–it’s MATHS. Maths is the language of science, and everything else is superfluous–there are countless thousands of Malaysian children who will struggle to learn science and maths in English–why don’t we strive to make it easier for them, by teaching English in English classrooms, and science in science classrooms–in the language of their choice. Continue reading

Are you embarrassed to be Malaysian?

Proton FLX Crass NCAPAm I embarrassed to be Malaysian?

Nope, I can never be embarrassed to be Malaysian, this is my home country. I’m not just from Malaysia–I’m from Klang.

I can however, be embarrassed about my government and the policies it seeks to implement. Like how our idea of a space program, is buying a seat on a Russian mission to the ISS, and then having the audacity to call the Orthopedic surgeon we sent to space–an Astronaut. Space tourist more like it.

Or the fact that our national car company has sunk to such depths that it now makes a living re-badging car models from other companies, and the models it does design itself, score so low on Safety Test scores, you’d probably be safer in car crash wearing a bicycle helmet. To be precise, the Proton FLX is the lowest scoring car in the ASEAN NCAP standings–lowest.

Has Proton no shame? Really, taking a Honda Accord and putting a Proton logo on it is not going to score your respect, it’ll score you laughs. Why don’t you build your own fucking car and make it safe.

Or maybe we’re just embarrassed by our children, who year after year continue a slow and steady slide down international assessments of Science and Maths test scores, a gradual decline our very own Education Minister seems completely oblivious to.

How can we ever become a technology power house? How can we ever pursue excellence in Science in Maths, when our children are falling so far behind their international peers we no longer belong in the same league as them,

What message are we sending our children when our idea of success as a nation is one of blatant copying,what role models do we have for them other than space tourist or re-badging car companies?

But this is Malaysia after all–what do we have to be proud off, what role models can we set for our children that don’t involve copying? I’d love to hear from you, as I’m out of ideas at the moment–leave a comment and you’ll be guaranteed a reply from me.

Unifi D-Link Routers are now officially completely hacked

I’m a big fan of the D-Link DIR 615 router, I think Telekom Malaysia made a pretty good choice selecting it as the default router for Unifi accounts. To be fair, TM have made some bad choices as well, but we won’t go into that here, overall the router isn’t top notch, but it gets the job done.

Unfortunately, D-Link as a company has come under the spotlight for some rather funky security practices. First, there was a rather questionable backdoor that D-Link installed on a couple of older versions of their routers, the router basically granted anyone access to D-Link routers by just changing the user agent string of their browser–worse still the back door carried the name of the author….it was Joel.

Fortunately, for Malaysians, the backdoor didn’t affect Unifi routers–as far as I could tell anyway, and D-Link have since fixed the issue.

Just last week, though a rather obscure post on bugtraq, which was then quickly re-posted to a couple other forums, detailed a more intrusive exploit, one that Unifi Dlink routers were susceptible to. This one, didn’t grant you access, but it would grant you the username and passwords of all users of the routers–literally giving you the keys to the gates of your router. As far as I can tell–this impacts EVERY D-Link Unifi router there is.

The hack is so simple, it requires no additional tools other your browser and quick copy-n-paste. All the attacker is required to do is to enter the following url:

http://XXXXX:YYYY/model/__show_info.php?REQUIRE_FILE=/var/etc/httpasswd

Where XXXXX is the router IP address, and YYYY is the port on which it’s operating on. Then the router will miraculously display it’s security credentials to you, and you’re good to go. Using Shodan, I’ve verified that this works with nearly every firmware (pictures are blurry, click to open the full image)

7.13 firmware

7.17 firmware

D-Link have yet to release a patch for this, and the guy that published the bug didn’t really follow the rules. Usually D-Link should be alerted of such a bug and given time to fix it before the vulnerability is published.

However, since literally hundreds of thousands of Malaysian households are now susceptible to this attack, you need to know. More importantly, there’s nothing you can do about it with your current router firmware. No counter-measure is possible, it’s like living in a house where the door won’t lock, or the gate won’t close–how will you sleep at night?

Don’t despair you have two options to fix this:

1. Upgrade your router firmware to DD-WRT, Unfortunately, the guys over at Unifi Athena have been on a really long hiatus–and all the websites you search for information on this refer to them. Hopefully I’ll have time to publish a tutorial on that soon.

2. Change your router to a new Asus/Tp-Link router. I personally use the N12, but any of the Unifi compatible routers work pretty much out of the box.

3. That may fix the short-term though, in the long run, you’ll need to pay attention to security practices and upgrade your router firmware accordingly–provided the manufacturer actually releases patches. It’s inconvenient, but security requires effort.