Monthly archives of “March 2015

comment 0

Secure Apache configuration for WordPress & SSL

Apache runs nearly 50% of all active websites
Apache runs nearly 50% of all active websites

Recently I moved the hosting for keithRozario.com from a regular hosted platform called WPWebhost to my own Virtual machine on digitalOcean. The results have been great, but the migration process was a bit tedious and took some effort.

I thought I’d share my Apache configurations, so that if you’re thinking of hosting your own WordPress site on an SSL server, you’ll at least have a solid base to start off from. I’m by no means an expert here, but this is what makes sense to me, and if you have any feedback please let me know in the comments.

So let’s start.

comment 1

The WhiteHouse Petition, and what it means

We the PeopleThe US Government host a really cool website called “We the People”, that let’s users petition the US Government for various things. It’s a cool website, because you get really cool request on it.

For instance, in 2013, more than 34,000 people petitioned the US government to  “Secure resources and funding, and begin construction of a Death Star by 2016″, which triggered a response from the Government that was one part Star Wars Fanboy-ism, and one part Science lesson.

Those were exceptions though, the vast majority of petitions are political in nature, with the most popular petition requesting the US Government to formally press charges against 47 Members of Congress for their role in under-mining a nuclear agreement with Iran.

So it was natural that the former US Ambassador to Malaysia, John Malott create a petition to “make the release Anwar Ibrahim a top priority for US policy towards Malaysia”. This Petition was then picked up by the likes of Lim Kit Siang and begun garnering significant attention from the Malaysian online community.

comment 0

The day they censored me

internet censorship

Last week was a pretty exciting week for me–it was my first time on TV.

A TV show called VBuzz that was hosted on a Astro Channel 231 called me to be a guest to talk about Cyber Security, obviously I make it point to try new things and let’s be honest….how many of you would turn down a chance to be on TV? I mean this is Television, if you’re on it you must be good right?! Even if it is a Tamil channel, and it’s on at 9pm, I thought this would be exicting…and it was!

Anyway, they scheduled me in for a show on Tuesday, and I happily took some time off work to go down to their studio and all was really great. Until….

The first thing they told me was that I couldn’t talk about the recent MAS hack, because they were afraid. The Obvious question I had was–afraid of what? Apparently, MAS was a Government Linked Company, and they couldn’t talk bad about a GLC for fear of losing their license. Now I had no intention of talking bad about MAS, just trying to help people understand what happened in the hack, but they were still afraid. So OK, you can still have a 15 minute conversation about cyber security without talking about MAS…no problem.

So I got my ‘HD’ make-up on, because High Definition recording captures so much detail of your face, that they need special make-up for it. I found that quite amusing, plus I never knew so much effort and co-ordination went into making a production like this.

We started off with ‘easy’ topics like cyber criminals and hacking incidences, and the conversation was light and flowed pretty well, but then (according to plan) we veered into cyber warfare, which was a topic I was deeply into over the last few weeks. And out pop-ed a question like “What can governments do to ….” to which I responded that “Governments were the biggest perpretators of the crime“. This didn’t sit well with the producers or the writers, and at the end of the show we did a re-take of that bit, censoring out a my statement, which I maintained wasn’t just true, but totally consistent with the entire show.

comments 3

Jho Low uses Gmail? Why emails can’t be considered evidence

15197804185_d4a1f3d9b3_mAs the 1MDB fiasco begins to simmer over the political stove, I wanted to inject some technical information into this discussion, specifically around emails and how they’re almost useless pieces of evidence.

Just to make sure everyone’s on the same page, here’s some context.

In early March 2015, sarawakreport.org, a website run by investigative journalist Clare Rewcastle-Brown together with the London Sunday Times, published an article on controversial deal done by the 1MDB fund. At the centre of the deal was a man named Jho Low, who masterminded a sophisticated ‘wheeler-dealer’ that pocketed him $700 Million, all of which (at least according to sarawakreport.org) was siphoned from 1MDB, a Malaysian sovereign wealth fund.

Honestly, I don’t understand the financially complex deals that sarawakreport.org was trying to explain to lil ol’ me. So I’m just going to take her word here, that all the documentation that was produced leads to the conclusion that Jho Low masterminded the “Heist of the Century” by stealing $700 million through shady back door deals involving 1MDB and a company called PetroSaudi. But then of course, the question becomes, can you trust the documentation.

Reading the article you get the sense that the e-mail trail presented forms the backbone of the entire story, and if the emails themselves are not true then the entire story is untrue as well.

In either case though, let’s get straight to the point, and say that e-mails by themselves are quite useless.