Yesterday I Googled something about maxis that took me to a forum.maxis.com.my link. Unfortunately, Firefox wasn’t happy with Maxis, because I got the following screen: Firefox is the first of the mainstream browsers to end support of SSLv3, ever since…
This article is really more a continuation from yesterdays piece about how unfair the Fair usage policies in Malaysia are. In my view telcos complaining about 15% of customers using 70% of their traffic is just ludicrous behaviour–it’s the cost of doing business. This is akin to a restaurant owner offering a buffet and then complaining that 15% of his customers are fat men who eat the expensive mutton curry. Really? Do you really think that if you offer a buffet all you’re going to get is skinny super models?
As ironic as it sounds, the more customers any telco has, the less the average consumption of data per user becomes. That’s because your grandmother down the road who uses Unifi for just Skype-ing with her grandchildren can essentially subsidize your torrent hungry consumption. At the end of the day, there are far more grandmothers in Malaysia than there are torrent hungry downloaders like yours truly.
So that’s why I don’t like the data caps, but how about the content filtering? Particularly filters that block of torrent downloads?
Part of the cost of your broadband connection includes the cost that the telcos pay to route your transaction to the US. That’s really where the internet is, and while Google has a couple servers here and a youtube presence–the vast majority of traffic still flows to the US. This means on top of the price of getting the Fibre to your home, the local telcos also have to pay for routing your data to the US (and back). If most Malaysians started viewing local sites rather than pornhub, our broadband cost ‘could’ become cheaper, because the telcos don’t have to invest in those expensive undersea cables to setup the connection to the states. Contrast this with the situation in the US where only 10% of traffic from the US flows outside it’s borders, it means that even if a US ISP lost its undersea cables, it could still serve up 90% of the content its users were requesting. It also explains why Singapore has cheaper broadband than Malaysia–Singapore is the data-hub for the Asia Pacific Region, so a lot of it’s traffic is also local.
So how do we resolve this issue? One approach would be to make Malaysia a hub, but most experts conclude that it’s probably not going to happen (including Afzal Abdul Rahim in his 2011 TedXKL talk). The other option would probably be to start hosting more content in Malaysia, and that’s why a Youtube server within our borders is a great start. What would probably help better is Netflix availability and Netflix servers in Malaysia–until you realize that Netflix host their servers on Amazon Web Services, and Amazon chose Singapore as their Asia-Pac location–probably because Singapore is a data hub, which sends us into a round-about circular argument.
We can’t get cheaper broadband because we don’t have the cables coming into Malaysia, and we don’t have the cables because we don’t have the content, we don’t have the content because we don’t have the cloud servers and we don’t have the cloud servers because we don’t have the cables. I explored this before how cloud computing ties in closely with your data connectivity as a nation–and there really is nothing much we can do to address the gap with Singapore except spend more on undersea cables. Most of which require significant monetary investment–and take a lot of time to deploy.
Every six months, the great people over at Sandvine release their Global Internet Phenomenon report, which seeks to make sense of global internet traffic across the different regions of the world, and every six months I learn a lot from just gleaning through it. For instance most of the traffic in the US continues to point to just one website–Netflix, which also explains the drop in bitTorrent traffic in the US (why bother downloading anything when you can stream). However, in Malaysia, where it’s difficult (but not impossible) to get a Netflix account, most of the traffic for both upstream and downstream still uses the bitTorrent protocol–which mostly means there’s still a lot of illegal downloading going on in these here parts–but you can’t blame us, because the alternative isn’t legal downloading, it’s buying a DVD–if you can find the DVD you want in the first place.
You can view the report in it’s entirety here, but I just wanted to point out one cool fact.
The average monthly traffic in Asia-Pacific has dropped.
Just 12 months ago the average monthly consumption was 32.2GB, now it’s at 22.oGB. That’s a significant drop in traffic, that which really boggles the mind. This is the growth region of the world–why is our average monthly consumption of the ‘internet’ decreasing. Put another way, why are Asians using less internet?
I suspect the average monthly consumption has dropped because of the growth in Asia Pacific, it’s quite counter-intuitive, but as Asia Pacific adds more users to the internet, the newer users in the more rural parts of the region aren’t downloading as much as their urban cousins. Therefore, while the overall traffic flow has increased, the average monthly consumption per account has reduced. It’s all conjecture at this point–but that’s what I think based on just this one data point. It makes sense to me, as a lot of people aren’t torrent-crazy-downloaders, which just means that they aren’t consuming anywhere near the full amount.
The Median monthly consumption is just 8.8GB, while the Mean monthly consumption was 22.0GB, and that tells me that the data is skewed–highly skewed. The statistician inside me is just crying to get out and shout–SKEWED!!
Skewed is just another way of saying that the distribution of internet consumption is un-evenly distributed across–or in more laymens terms–a few internet users are using the vast majority of the bandwidth.
I’ve almost been fascinated by the fact, that our money in the bank these days are secured not by steel doors or armed guards, but rather by cryptography and the encryption keys that enable them. To put it in the simplest form your money in the bank is protected by a number–that’s what an encryption key essentially is. A long binary number of 1’s and 0’s that protects your life savings…
Most (if not all) of your ‘secure’ internet communications is protected by something call SSL, or its successor, TLS. SSL is the stuff of legend, initially invented by Netscape to encrypt internet communications, SSL is now used by nearly everyone online. You see it when you login to your bank account on Maybank or CIMB, when you log into a online store like the ones run by Digi and Maxis even when you do your Tax filings on e-Filing LHDN website.
However, just like every standard in IT, SSL and TLS act as frameworks, and different websites could implement these frameworks slightly differently, usually based on the customer segmentation or the amount of security required. Each implementation could vary from one to another and yet still remain compliant to the ‘standard’, we wouldn’t need consultants if it were otherwise.
The problem is, that just because some website use TLS or SSL, doesn’t mean it’s secure–all it means is that the website is now using a standard, but could have implemented the standard poorly, making it vulnerable to attack, and possibly leaking out your data (some of which might be very very sensitive).
The best way to think about is to go back the number analogy, and assume that the amount of security you get from encryption is determined by the length of the number. So a 10 digit number is less secure than a 100 digit number–and a 1 digit number is less secure than both of them. In security jargon, we call this the key length, and it’s quite a common criteria used to determine the security of a given SSL/TLS implementation. This of course is just one of the criteria to determine how secure the the implementation is.
Basically it’s not enough to check if a website is using SSL or not, it’s more important to figure out how well the encryption is implemented by the website. Of course, this is beyond the scope of most people, no one has the time or inclination to perform a security audit on their banks website, although it is in their best interest to do so. Usually that green lock icon at the bottom of the screen helps me sleep well at night–but it shouldn’t, it’s a good start, but not a guarantee of security.
Fortunately, there’s a really quick and dirty way, to determine how secure the SSL/TLS implementation of a website is. Head on over to SSLLabs.com and enter the url of the website you want to evaluate and the perform a really good audit of the site in real-time, measuring things like key-length and SSL versions, up to the certificate authenticity.
So armed with SSLLabs.com, I decided to just quickly perform a quick check of the most popular secure websites in Malaysia to see if these websites were offering the security their users deserved. Checking out the most popular forum in Malaysia, two telco companies, two banks, one government agency and a news portal, the good news is that 3 out of 7 got straight A’s on their test–the bad news is that the other 4 got F’s–and it’s possible to get E by the way…so an ‘F’ is what most people call an epic failure.
There’s a really cool tool called glasnost, that can easily detect if your ISP is throttling certain traffic through its servers. It works amazingly well at detecting if your ISP is blocking that most sacred of all internet traffic–BitTorrent. So…
Two days ago, the Democratic Action Party (DAP) lodge a report to the MCMC on an ‘internet blockade’ targeting DAP related political websites that was allegedly being carried out by Telekom Malaysia (TM). As you may know TM is the largest ISP in Malaysia, and if TM suddenly blocks a website–a large chunk of the Malaysian public are automatically denied access to it.
The DAP IT manager (didn’t know the DAP had an IT team now did ya?), in his press statement said that :
In investigating the DPI filtering equipment location, I have found 1032 suspicious network equipment using same IP address family as the the Arbor Network Peakflow SP with TM branding. Since the login page of this network equipment bears TM logo, undoubtedly MCMC should haul up TM and conduct IT forensic investigation on all 1032 equipments without delay. I am fully prepared to assist MCMC in its investigations.
In light of this new evidence, MCMC must re-examine its 2nd May statement. MCMC should be politically impartial and hold the standard of government regulatory body that it should be. It must put the interest of all Malaysians first.
Now this isn’t really news, to be fair the Arbor Network Peakflow SP solution is meant primarily as a DDoS protection security suite with a slight tinge of DPI functionality added on the side. TM in their defence haven’t really denied they own the Arbor Network solution–there’s even a joint press release from 2004 to announce their purchase of it.
Unless TM operates like the government, in which they announce the purchase of something in 2004, but only start to using it in 2013–I’m guessing they were using Arbor for other purposes before they decided to unleash its DPI functionality.
But there could be a twist.
Maxis announced that their network now supports LTE on the iPhone 5, which is a bit strange to me. Initially the MCMC announced that the telcos awarded the LTE frequencies were given band 7 of the spectrum–which wasn’t compatible with…
A couple of days ago, a reader of the blog wrote a rather long comment on a post I wrote about writing to TM’s CEO to restore my Unifi service. The comment detailed out a long horrific story of a foreigner in Malaysia trying to get decent broadband. I felt the story was to compelling to leave in the comments section and requested permission from the author to post it formally on the blog un-edited and in it’s original form, she consented and so here’s a little bed-time reading from a rather unhappy customer of both Maxis and Unifi.
Who doesn’t absolutely hate that feeling you get when a call gets drop, or for some reason you just can’t seem to make a phone call on your network. Recently an elderly couple in America died while trying to phone for help--they had 9 drop calls in succession, which just goes to show just how important communications are in our time.
Malaysian wireless reports on an SKMM study done in the first half of 2012 to compare dropped and block call rates for the 3 major telcos in Malaysia. At the moment it’s still unclear why neither YES or uMobile have been studied but the study is a move in the right direction towards providing concrete data on call quality for Malaysians to make inform decision about the telco. Incidentally, SKMM also offer a form you can fill if you’ve experienced a dropped call–for some unknown reason the form is hosted on Google Docs, one can only think SKMM didn’t want to fork out cash to host the form on their own servers.
First off, I’d like to point out that while I can see the report and search for direct links to the PDF version of the reports online. I can’t seem to locate any link to the report from the SKMM website, which is strange, it also appears that only Malaysian Wireless has reported on this particular study. With other blogs seemingly unaware of the study.
In essence, the study is rather simple:
According to the MCMC drive test report, the assessment was conducted with following criteria:
- Tests were carried out in moving vehicles (Drive Test).
- Call duration lasts for 60 seconds, with 10 seconds interval between calls.
- Phones were set on roam-free environment between 2G and 3G networks that simulates the experience of user in making voice call using phone supporting both technologies.
- The results of the study only reflect the behavior of the networks on the locations and time of the measurements.
Although, the methodology isn’t clear, and there are missing details, the study is a great starting point to confirm if the telco you’re currently on is providing you top notch quality. The 2 key measurements from the study were the drop call rates and blocked call rates, defined as follows:
a. Dropped Call Rate (DCR)
Dropped call means a call where a connection succeed, that is, the network is accessed, call set up is successful and traffic channel has been assigned, but is disconnected due to abnormal call release. Dropped Call Rate is calculated based on the percentage of number of dropped call over total number of call attempt.
b. Blocked Call Rate (BCR)
Blocked call means a call is not connected after call attempt due to unavailability of free traffic channel. Blocked Call Rate is calculated based on the percentage of number of blocked call over total number of call attempt.
So the best telco based on these definitions is the one with the lowest DCR and BCR. A high BCR means calls don’t get connected in the first place, and a high DCR means calls get disconnected once they’re connected. A good telco should strive for the lowest possible numbers on these 2 parameters. While the study was conducted nationally in each and every state, I thought KL would be a good place to dissect the data and provide a benchmark for the nation, if you’d like to know how your telco fared in your home state, head on over to Malaysian wireless who have all the details broken down by state.
About 2 months back, I posted up a nuffnang ad on my blog, and with reasons explaining why I felt the need to advertise. The guys from Nuffnang were pretty stand-up characters and I felt like I could trust them, so I begin to post Nuffnang ads and monitor that over time.
Unfortunately the results haven’t been so good, and after some reflection I decided not to port over the nuffnang ads when I migrated the blog over to a new hosting provider. It’s important to recognize that your experience with Nuffnang could be different, and I have no doubt that they do contribute significantly to some bloggers, but for me the relationship just wasn’t going anywhere and I wasn’t really getting any value out of the ads. So when I migrated my blog from Nearlyfreespeech to WPWebHost I decided not to port over the Nuffnang advertising widget–and here’s why?