Monthly archives of “October 2014

comment 1

Phishing by the Bank–Maybank that is

Recently I received a phishing email from [email protected] telling me that Maybank had installed new security features and that I need to validate my details on the Maybank2u web portal. The email was marked as SPAM by Gmail, and trying to visit the site further sparked more warnings from Firefox AND my anti-virus.

But I was curious as to what the link would entail, in much the same way I was curious about the RHB phishing emails I received some months back.

Hopefully this post gives you an indication of just how sophisticated these attacks are, and manages to educate you on the one true way to establish if the site you’re visiting is genuine.

Fake Maybank2u login page

The fake login page for Maybank2u looks exactly like the REAL login page of Maybank2u, there really is no difference from the victims perspective. What’s more interesting is when you go deeper, by just enter in ‘a’ username and a password you get to the following page (please don’t enter ‘your’ username and password, just ‘a’ username and password)

comment 0

Censoring bomb making websites: NO

The Star reports that :

Malaysia Crime Prevention Foundation vice-chairman Tan Sri Lee Lam Thye called on the Malaysian Communication and Multimedia Commission (MCMC) to block bomb-making websites.

“We live in a troubled age. Previously, it was unimaginable, but now even from your home, you can make a bomb. The MCMC must do a comprehensive check to see how we can block sites that are harmful to the nation,” he said.

Now, apart from the fact, that there aren’t any dangerous substances used for bomb-making today, that wasn’t around in the 1970’s, the entire statement is one made from ignorance.

The Anarchist Cookbook, one of the most famous manuals for making home-made bombs, was written in the 1970’s and improvised in the 1980’s–stuff that was flammable 20 years ago, is still flammable today. It’s not like as though, the atmosphere has changed and petrol no longer burns.

But calling for the MCMC to ‘comprehensively’ block sites that are ‘harmful’ to the nation is something no one, especially a Vice-chairman of an NGO should ever do. We can’t allow for the MCMC to be given a rein on the internet, even if the intentions are good–after all, we know what the road to hell is paved with–we can’t allow good intentions to create bad consequences such as internet censorship.

Anyone that calls for the blocking of websites needs to understand the reasons I don’t condone blocking of websites.

comment 0

Why the 3-D printed gun is an overblown concern

Unless you’ve been living under a rock for the past couple of years, you’ve heard about the 3-d printing. 3-D printing is supposed to be the next ‘big’ thing in technology, it allows anyone the ability to physically ‘print’ 3-dimensional objects like cups, toy models, even car parts from ABS plastic (that’s the same plastic used to make Lego pieces), in much the same way you print documents on pieces of paper. The great thing about 3-D printing of course is that it’s digital, the files that instruct the printer what to print is a digital file, similar to the word or powerpoint documents you’re probably used to. With that comes all the advantages of digital files, which mean they can be replicated ad infinitum and distributed across the internet for free.

The 3-D printing revolution has already begun, websites have sprouted up online hosting the digital files for printing things like citrus juicers and wine glass holders, all the way to replica models of sports cars and Star Wars spaceships.

But there is one concern. A concern so over-whelming, governments around the world, including ours are looking at 3-D printing with some suspicion. The ability to 3-D print a GUN!

A 3-D printable gun would allow any criminal (or child) to download a file off the internet and print a working weapon all from the comfort of their home. What do we do when technology starts to allow people to endanger lives? Well the answer is, technology has always made it easier to kill people, take your car for example. If you really wanted to kill someone, the best most reasonable way to do it would be to run them down with your car–and then reverse over them just to make sure, do we ban cars just because they can (and often do) kill people?

What’s more this idea that a 3-D printed gun is a clear and present danger is completely over-blown.

If you understood the physics of a gun, you’d know that a fully functional gun isn’t all that likely.

comment 0

ATM Hacks are so bloody boring

KLIA computer infected with VirusLast week, while I was flying from KL to London, I noticed a strange anomaly on the screen of the boarding gate at KLIA. Closer inspection revealed that it was an anti-virus warning that signaled the computer had been infected by a Virus (almost 2 days ago!!). As a techie, I quickly deduced 3 things from the screen.

One, the computer was running Windows, and probably an outdated version of Windows.
Two, the computer had been infected with ConfickerConficker was a pretty infamous threat, back in 2008!! And yet, here we are, at Malaysia’s most prestigious airport, and we have a computer infected by a virus that pre-dates the iPhone 3G.
Three, the computer is probably part of a larger network, and never gets patched or updated–probably. If it were patched, it wouldn’t be infected with a ol’ grandmother of a virus.

As an added bonus–I could easily see the user of the system. That’s a delicious bit of information for any hacker to have.

Heaven forbid, the virus on the computer screen at KLIA not spread to something important–like control tower or Sky Train controls.

These days, everything is a computer. Your phone is a computer, your watch will one day be a computer, so too is your car. But when was the last time you patched and updated these systems? When was the last time you updated the firmware on your router–or even when was the last time you updated the software on your laptop? Some of you probably haven’t done this before–I’m looking at you Android JellyBean and iOS5 users.

So the display screens at the airport are computers–but so are the Automated Teller Machines (ATMs), and trust me when I say this, some of them run on windows….gasp!!