TM blocking SarawakReport

Website BlockedSarawakreport, a website covering sensitive political topics in Malaysia was blocked today by the countries most prominent ISP, Telekom Malaysia (TM).

Internet users using TM’s Domain Name Server (DNS) reported that the website was inaccessible, and I’ve confirmed that is an intentional block by TM.

Here’s a quick primer on DNS. The internet works on this marvelous set a rules we’ve come to call the Internet Protocol. Part of this protocol requires that every server or machine on a network be assigned a unique number to identify itself, this number is called an IP address. An IP address is sort of the phone number of a server, and if you want to communicate with a server you’d need to know that servers phone number.

Now of course the internet is made of billions of websites, and so it comes with its own directory service. Older readers will remember dialing 103 on our local phone lines to talk to an operator to look up someones phone number, this is exactly the same concept. On the internet, this directory service is automatic, and comes with a cool name–Domain Name Server (DNS).

When you type google.com or keithRozario.com on your web-browser, the browser automatically looks up the IP address of the website you requested via a DNS server. And just like how you’d have to memorize 103 in order to call it, your computer is set to request DNS resolutions from a specific DNS server.

For most TM users, this is set to a DNS server with an IP address of 1.9.1.9, you can change this of course, but if you’ve never knew what a DNS was, chances are you’re using TM’s server to convert web addresses to IP addresses.

Now you can see the issue, if TM is the sole service that you use to convert website addresses to IP addresses, it has a lot of control. For instance it could block you from accessing porn sites (which it does), and of course it can block you from accessing ‘controversial’ political blogs like SarawakReport.

How do I know this? You can change the settings on your computer to use alternative DNS servers (Google and OpenDNS run great free services), and these DNS servers convert SarawakReport.org to IP addresses like 104.20.27.161 (note that most of the time popular websites have multiple IP addresses, but that’s not important for now). However, if you use TM’s DNS server, SarawakReport.org converts to 175.139.142.25, which is an IP address owned by TM. This also explains why users who use Proxy servers or different DNS settings will not experience any issues.

TM-DNS

TM’s DNS server resolving SarawakReport.org to 175.139.142.25

Tsk, tsk, tsk.

If you do a reverse DNS lookup, essentially reversing the process of looking IP addresses corresponding to web urls, and instead lookup web-urls corresponding to IP addresses, you find that the same IP address is currently being used by Senyum.my–and that website has a glaring notice on the front page, signalling that the site is blocked for violating Malaysian law , that’s the screenshot you see above.

Essentially TM routed all traffic destined for SarawakReport.org to a server they keep up for hosting a ‘blocked’ notice.

This is just so sad, I really don’t know if I should laugh or cry. This method of blocking is so ineffective even a child would be able to bypass it.

For those wishing to access SarawakReport.org, please change your DNS server settings in Windows–a more effective way around the issue is to use a VPN, like the one I recommend here. A VPN provides a sure-fire way to bypass all the censorship that local ISPs can put in place.

Here’s my review of a VPN service you can use, and hopefully you use my promo code to send some cash my way :). Even if you don’t, it’s OK though, I’m still cool.

*Update*

TheStar have confirmed that the MCMC has issued the directive to block the website, something quite sad, seeing as how you already know how to circumvent the ‘block’.

Hacking Team got Hacked, and here’s what Malaysia Bought

RCS monitor

A screenshot of the RCS Software from Hacking Team

There are two types of governments in the world, Those that build complex surveillance software to spy on their citizens, and those that buy them–and our government is more the buying type.

Few nation-states have the budgets to build out complex surveillance software, but some are finding that ‘off the shelf’ software sold by dodgy companies are just as effective at a fraction of the price. The problem with buying of course, is that sometimes those dodgy companies that are manufacturing these spying software also sell their wares to repressive regimes like Sudan, and being on the same customer list with Sudan doesn’t quite bode well for any ‘moderate’ government.

Take Gamma Corp for example, the organization responsible for the FinSpy and Finfisher suite used by the Malaysian government in the run-up to the 2013 General elections. Another is Hacking team, an Italian based company that produces similar remote control software (RCS).

And in a bit of internet karma–both of these companies were hacked themselves…possibly by the same person.

In August 2014, Gamma was hacked and had 40GB of data forcefully exfiltrated from their servers. My analysis of that leak, revealed no information about Malaysian purchases of their FinSpy software simply because a large chunk of that data was encrypted.

Recently however, Hacking Team had a much more severe attack, one that managed to extract 10 times more data, and here I found ample evidence of Malaysian government agencies procuring spyware from Hacking Team presumably to be used against Malaysians.

The question of course is should you be worried, the answer is Yes, and not just for the obvious reasons. After combing though a trove of documents, I found that 3 government agencies procured the ‘flagship’ RCS software from Hacking team, and from my layman’s understanding of the law, none of them have authority to actually use it.

Worst still, some e-mails point to incompetent IT skills as well as bad Procurement practices, that actually annoyed hacking team’s salesforce. I will conclude this post with why this attack on Hacking Team has a positive outlook for regular internet users, and why our government agencies procuring this stuff isn’t exactly ALL THAT BAD. Continue reading

For the FINAL time, Malaysian internet speeds are NOT slow.

Average Internet SpeedsFirst off, apologies for the lack of content on the blog. I’ve been really busy at work these past few months, and content is slow moving. For instance, the previous post was a review of a router, that I tested for 4 weeks, and returned to the supplier more than a week ago–and the post only went up yesterday. To that end, my decision is to churn out my thoughts just ‘straight from the gut’ and not give this posts the usual research I typically do. Hope my regular readers will forgive the tardiness.

OK, let’s go.

Every year we get a renewed riff-raff over the internet speeds in Malaysia. Some Malaysians feel that internet speeds in Malaysia are slow, and maybe they’re right. But some Malaysians–including some reporters who should know better quote sources like Ookla and claim that Malaysian internet speeds are slower than those of Cambodia or Vietnam.

Here’s the problem, the Ookla report only churns out data based on user executed test on the popular speedtest.net website, where every test on the website is counted against the country. This makes Ookla a pretty decent place to get info, but if you confine yourself to merely the Ookla data, you can easily see how it can mislead your conclusions. Firstly, it assumes users with different internet speeds are testing at the same rate, secondly it is the collective average of all internet connectivity (fixed and mobile) and thirdly it doesn’t really give a good indication for a country the size of Malaysian.

More problems crop up, when you actually dive into the data (something I hope the reporters did) and you realize the way Ookla was averaging the speeds wasn’t accurate and the most important issue of all, is that most test conducted are usually between the user and closest node–meaning if you’re in KL it would try to test against a node in KL, rather than in the US. Unfortunately, the internet is geographically very distributed, and these test don’t provide us a good indication of the overall speed of connections–and more importantly how those connection speeds are distributed among the citizens in the country.

A more comprehensive way to gauge how well Malaysian internet connectivity is to take a couple of other data points besides Ookla to draw a more comprehensive picture of the true state of Malaysian internet.

For instance, you might look at the Akamai state of the internet report. Unlike Ookla that bases its data on user executed test, Akamai bases it data on actual internet traffic, and they should know because by some accounts they deliver 15-30% of global internet traffic. What does Akamai say? Well Malaysia has an average speed of 4.3Mbps, while Cambodia averages just 3.3Mbps and Vietnam 3.2Mbps. We’re still trailing Singapore and Thailand, but we’re not as bad as the Ookla data suggest. Also, Akamai report that more than 43.2% of users have a internet connection above 4Mbps (quite surprising if the average is 4.3–suggesting our median internet connection speed is also 4Mbps), while in Vietnam and Cambodia those numbers are 25% and 17% respectively.

Now of course we can’t compare to Cambodia and Thailand if we want to grow as a  ‘knowledge-based’ economy, but in reality we can’t compare to Singapore either–we are a very geographically diverse country, a lot of Malaysians draw a Malaysian map that only includes Peninsula Malaysia–forgetting we have a another part of Malaysia across the sea whose internet connectivity is nowhere near what we have in KL. So….you can’t really compare averages here, it would be completely unproductive.

Finally we have the sandvine report, which you can download from the sandvine site after you’ve registered. Sandvine provides services to various ISPs and telcos and uses that data to detail trends–they don’t provide connection speeds as part of the report, but they do break traffic down into fixed vs. mobile, and the amount of data consumes (and type of data consumed) across the different channels.

For example, in the Asia-Pacific region, the average consumption of data across a fixed is between 17-30GB of data. That’s less than half the fair usage amount advertised by TM, and a good reason to believe that TM will probably never implement such a policy.Sandvine also break down the traffic type, indicating that in our region the biggest data usage is on bit-torrent, followed by youtube. Partially expected, but think about what that means for connection speeds–if we have local youtube servers in Malaysia wouldn’t that result in better overall internet experience for Malaysian users. Better than say someone in Thailand with a faster internet connection, but having to route that to an outside country? Also bit-torrent is interesting, because your connection speed on bit-torrent is just part of the equation, you also have to rely on the bit-torrent swarm to have enough bandwidth and seeds to experience quite downloads on the protocol.

All in all, I just want to say, Malaysia is far from perfect, and I’ve got no problems bringing the government down a peg or two, maybe even three. But sometimes we just have to be honest and focus on the real issue.

The real issue in Malaysia is internet penetration, and specifically broadband penetration. Unlike you old folks (including myself these days), the younger generation of this country are using less fixed devices like PCs and Laptops, and more smartphones and tablets, and the way we use the internet is fundamentally changing. We need to up the penetration to the kampungs and rumah panjangs, and not fret too much about speeds. We also need to get cost down, which is a fundamentally different problem than getting speeds up.

I blame the media for this bullshit. The reporters of most of these news outlets, have so badly researched their stuff that geeks like me just get angry when we read them, and I know the vast majority of Malaysians have no idea of the nuances of these reports, and are just taking them on face value–the media have a fundamental responsibility to help people make sense of the data, and they have failed misreably–I’m looking at you Malaysiakini.

That’s it folks, i’m sure there are some typos and errors in the post, but any post is better than no post. Hope you enjoyed it.

Keith signing off!!

EnGenius Wireless Router ESR600 Review

dsc00503

A couple of weeks back, the guys over at infoversal loaned me a Engenius ESR600 router for a review, at first I was a bit hesitant, but my overall unhappiness with my TP-link router made me think twice. So I gave it a shot, and boy was it worth it.

The router looks pretty normal, nothing to shout about here. While its competitors like Asus and TP-Link opted to go for black exteriors, Engenius chose to stick to white-ish color, this thing doesn’t look good near modern TV sets or  home theatre systems (which is where my router is), but the fact that it doesn’t have antennas seems to be a saving grace.

That being said, the Engenius is a pretty slick device, I’m not sure how it does it, but the antenna-less design Engenius has more signal strength than my TP-Link router over both the 2.4Ghz and 5Ghz range. Yes, the router is dual-band and one that actually works well over both bands. So great points for Engenius in that category. Continue reading