In April I wrote about the North Korean missiles, likely sheet-metal mock-ups, on display at a parade shortly after the failed missile launch. Of particular note were the transporters, speculated to have been of Chinese origin, likely in breach of UN sanctions. The Chinese issued a denial, the UN said yes they did. The UN report is here [pdf].
Shortly after this month's failed rocket launch, the North Koreans unveiled what appeared to be a new missile design at a military parade in Pyongyang. Now analysts have suggested they were clumsy mock-ups. Markus Schiller and Robert Schmucker noted [pdf] that each of the six missiles on display were slightly different, that they contained a mix of solid fuel and liquid fuel components and the casings showed undulations betraying the use of thin metal covering a basic frame.
Of more interest were the transporters. In the past the North Koreans have used Russian/Belorussian vehicles but in the April 15th parade new 16-wheel launchers were on display. They were most likely supplied by the Chinese - which would be a violation of UN sanctions - but the main talking point revolved around the observation that these launchers were actually designed to carry bigger missiles than those on display.
For the last few hours, The Pirate Bay seems to have been completely unreachable. First the server at 18.104.22.168 went down, then then 22.214.171.124. A few days ago it was reported that Swedish authorities were cranking up their investigation into the site. Just a few weeks ago they moved from a
North Korea has apparently just finished building a specially-equipped hovercraft base less than 60km from disputed islands in the Yellow Sea. The base could be home to 70 conventional hovercraft, which can travel at more than 50km/h and can carry between 35-55 marines. In theory they could take 30 minutes to get to Baengnyeong island and land 2000 marines. The North Koreans are also reported to have developed high-speed military hovercraft which can travel at speeds up to 90km/h and, according to one source in the south, carry tanks.
The North has a recent history of staging provocations in this area - in 2010 they sank a patrol boat and shelled the island of Yeonpyeong, to the south of Baengnyeong - and they basically got away with it - they could be even bolder next time.
According to a South Korean daily: "North Korea's plan is to shell the islands with coastal artillery on a moonless night, render South Korean soldiers at military bases on the islands helpless, then take over the territory with soldiers landing on hovercraft".
Hum I don't know, after the artillery bombardment has begun then I'd think the element of surprise has gone and the hovercraft should be easy targets for the South Korean defences. Surely the North prefers to save their chips for more one-sided provocations than this one. Whichever way it pans out, we don't want the defenders posted on those islands to get any more jittery - last year marines on Gyodong island fired at a passenger jet carrying 119 passengers and crew approaching Incheon.
Last Thursday agents working for Immigration and Customs Enforcement seized 307 domains. Sixteen were involved with streaming sports events while the rest were implicated with the sale of counterfeit jerseys and other NFL merchandise. This brings the number of domain names seized to nearly 700 and the timing of the latest swoop is having a possibly unintended side-effect - currently all those 307 domains, plus the 370-odd seized in 2010 and 2011, as well as their 'example' domain seizedservers.com are all offline right now as their single server is struggling under the load.
So rather than seeing the Department of Immigration and Custom's serious-looking takedown message, visitors are just getting a timeout, and rather than being 'educated' they'll more likely feel vindicated by the wisdom of the crowd. Also the confiscated domains which had been used to show the department's Youtube anti-piracy video will be similarly paralysed.
It looks like ICE are paying up to $7.8 million to immixGroup for the hosting of these seized domains. Are they getting a good deal? A huge operation combining personnel from Intellectual Property, Homeland Security and Immigration and Customs (operating far from any border, airport or port) manages to bag a theoretical $4.8 million worth of fake shirts in support of a circus worth billions and they trumpet it like they're saving civilization itself! And it's all of questionable legality. All the while the majority of the owners of the seized domains consider themselves innocent and are still jumping through whichever hoops ICE have erected to get their property back. And I doubt Senator Wyden has received a proper reply to any of his questions yet.
The effort against SOPA has failed on two levels: 1) The communinity (or communities) haven't quite managed to inculcate the average geek on exactly how bad SOPA will be, and; 2) They've failed miserably in getting the average geek to understand just how bad things are *already* without SOPA.
I've heard a dozen times SOPA described simply as a bill to "order the removal of DNS records of sites thought to enable piracy". Newsflash guys: The US government have been doing this for 18 months already and more than 300 domains have been confiscated. A site which was declared legal TWICE in Spain just disappeared from the Internet. They weren't selling counterfeit goods, they weren't hosting warez or movies or songs - they simply hosted links. At least two dozen such sites were seized during 2011. As far as I know, only one site, Dajaz1.com is up and working again after being seized by the authorities. Their lawyer was not allowed to see any of the judgements in connection with this case. The case did not actually exist in any court. He was not even notified when they gave up and the site was released.
The program which is running already is called Operation In Our Sites, an effort by U.S. Immigration and Customs Enforcement to meddle in affairs well beyond any port, airport or border crossing. The program is known as ICE for short.
Remember, this is not SOPA, this has been going on for 18 months.
However in a discouraging aspect to the story it seems like none of the sites that got shafted by ICE are displaying any kind of ICE/SOPA-related notice today. I checked all the sites listed on the page of the FireICE add-on for Firefox: Firstrow, Atdhe, Torrent-finder, Movies-links, Rojadirecta, Ilemi, TVshack, HQ-Streams, Onsmash and Rapgodfather. Nothing. I also checked Wiziwig, Filespump, Channelsurfing, Absolutepoker, Funtimebingo, Truepoker and Betmaker. Still nothing.
Of the sites that got shafted by ICE, the ONLY one taking any action against SOPA is the afore-mentioned Dajaz1 - the site that was confiscated for a whole 12 months without any due process nor any paperwork whatsoever.
Several sites are tracking who is participating in SOPA blackout day. Perhaps you might want to help record who is participating and who is NOT particpating by going over to Herdict, a project run by the Berkman Centre for Internet & Society. We could get some interesting data.
(If you installed Fax Services, IIS and FTP server you'd need 106 patches but only masochists would install those on Windows XP right?)
Most of those critical patches are marked with a severity of 9.0 or higher on the National Vulnerability Database. Eight receive a rating of 10.0 - meaning that they're both high-impact and easy to exploit. Several of the high-impact vulnerabilites that don't quite attain the coveted 10.0 rating are docked points (decimal points) because potential adversaries require authentication credentials to proceed. Those who reuse the password they use for Windows to log into their favourite forums while they're using unencrypted wifi could get into trouble.
The 47* patches marked by Microsoft as "Critical" require a total download of 49,962 KB, so quite how one should download and apply all these while the machine is getting constantly probed is an exercise best left to the reader. (* Note that the Cumulative Security Update for Internet Explorer is not included in the critical list - Microsoft rate MS11-099 as "Important", which is a bit odd considering it accumulates three years' worth of "Critical" patches.)
Support for Windows XP ends on April 8, 2014 (that's a patch Tuesday) and it seems like Microsoft do not intend to release another service pack - fair enough - but don't they think it might be time to release a security roll-up? They released such a package for Windows 2000 in 2005, two years after the release of SP4 - we're approaching four years since the release of Windows XP SP3.
So it's probably time to get patching - if you're running across the street to help out with a neighbour's particularly neglected machine or you want to email a few links to granny then you might want to prioritize the eight bulletins rated 10.0 by the NVD - these are:
CVE-2011-1868 / MS11-042, Vulnerability with DFS;
CVE-2011-1268 / MS11-043, Vulnerability in SMB client;
CVE-2011-0661 / MS11-020, Vulnerability in SMB server;
CVE-2009-2494 / MS09-037, Vulnerabilities in Active Template Library - a whole bunch of patches to download here;
CVE-2009-0086 / MS09-013, Vulnerabilities in Windows HTTP Services;
CVE-2008-4250 / MS08-067, Vulnerability in Server Service
Or you could use Secunia - their two most severe ratings are labelled "Highly Critical" and "Extremely Critical" - with the latter defined thus: "... used for remotely exploitable vulnerabilities that can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild". Secunia have six advisories rated "Extremely Critical":
CVE-2011-3402 / MS11-087, Vulnerability in Windows Kernel-Mode Drivers
CVE-2010-3970 / MS11-006, Vulnerability in Windows Shell Graphics Processing
CVE-2009-2493 / MS09-035, Visual C++ Redistributable Package - not present on a fresh install, but shipped with applications that require it.
CVE-2008-0015 / MS09-032, CVE-2008-0020 - MS09-037, vulnerabilities in Active Template Library (appears in the NVD list)
CVE-2009-1537 / MS09-028, Directx
CVE-2009-0235 / MS09-010, Vulnerabilities in WordPad
As you can see there's little overlap between the two lists. Most of the vulnerabilities given top-billing by Secunia actually require user interaction to be exploited. I think Secunia tend to assume that Windows XP users will open any
Of course some of us understand the futility of trying to patch a system that's been vulnerable for months/years, or of carrying around a USB stick full of updates, and we use a program called nLite - it's no longer updated but it's still fit for purpose.
Back in 2010, while the Thai military snipers in Bangkok were gearing up to slaughter nurses, journalists and protesters, many unarmed, some sheltering in a temple that had been declared a safe zone, a young student posted a mild rebuke to the monarchy on her Facebook page.
After that cyberstalkers posted her name and address online, leaflets were posted to her neighbours, she even received death threats and her family were intimidated. A network called 'Social Sanction' which actively hunted down individuals who posted views deemed disrespectful of the monarchy joined the fray. She planned to study at Silpakorn University however the dean, a known royalist, refused her application despite her having passed the exams.
She'd once got up on stage and made a speech at a Red Shirt rally, and had been kicked out of high school for criticizing the monarchy, so for a fiery young spirit like this it must have been a case of "here we go again
Recently it came to light that she had won a place at the famously liberal Thammasat University - she was just completing her first term. (Thammasat University is located right next to the Grand Palace in Bangkok and was the site of a massacre in 1976 where several royalist militia groups stormed the campus and killed, according to the official count, 46 students.)
The campaign of vilification predictably called for her expulsion from Thammasat but the head of the university stood firm. The right-wing media joined in the frenzy and she suffered attacks from fellow students. All sorts of screenshots from Facebook were posted online - the majority of which couldn't have been authentic - nevertheless someone filed a complaint with the police. The complaint was that the student had committed the dreaded 'Lese Majeste' offence - insulting the king, queen, crown prince or regent. (Anybody can walk into any police station and file a Lese Majeste complaint - and the police are bound to investigate it.) She's been asked to report for questioning on Wednesday. Fortunately she happens to be free that day as she's studying for her end of term exams.
She was born in May 1992, which means she was under 18 at the time of the supposed crimes, so should the case come to court she could be tried as a minor, possibly in a juvenile court. Her name is Natthakarn Sakuldarachat - aka 'Kan Thoob' (Joss Stick) - please support her.
The Mer project began as a community-led effort to keep Maemo alive. Maemo was the Debian-based OS that Nokia shipped on its Nxxx internet tablets - and it's probably still the best Linux distro ever developed for small devices.
Nokia released the N900 nearly three years ago and then abandoned Maemo, later joining Intel to develop Meego, a supposed successor to its lacklustre Moblin effort. The Mer developers, full of hope, signed up to the new project, however as it turned out Meego had more of Moblin in it than Maemo and nobody was sad to see it dropped last year.
Tizen was inaugurated to take up the reins but it seems nobody has any faith in any Intel-led mobile OS effort anymore and the Mer team have just resuscitated their project. Unfortunately for those of us nostalgic for a bit of Maemo, the project will not be resuming where the earlier venture left off, instead it will be picking up the freely-available Meego code. Also, in their manifesto they say: "Primary customers are device vendors - not end-users". So I suppose no chance of picking up a cheap Nokia N810 and putting a shiny new OS on it.
Last weekend I upset some dude when I suggested that Amnesty International might not be worthy of his charitable contributions - citing administrative incompetence as well as their track record of taking their eye off the ball and cosying up to repressive regimes.
Now it turns out they've been serving malware from one of their servers - most likely targetting human rights workers out in the field.
Thai prime minister Yingluck Shinawatra has just fired her entire Facebook team for mistakenly posting a photo of the king's bother to mark his birthday last week. The mistake was all the more sensitive because the brother in question, Ananda Mahidol, died in mysterious circumstances in 1946.
Some say there's more to it than simple incompetence, however Thailand watchers will recall that the hapless Yingluck got her Twitter account hacked just a few weeks ago - perhaps 'the Facebook team' means 'the social networking team'.
This latest mishap illustrates the perilous waters (sorry, not a flood joke) that netizens in Thailand must navigate. A guy just got sentenced to 20 years for sending four 'off-colour' text messages. A US citizen of Thai descent just got two and a half years for merely linking to a translation of a banned book. The bloggerati and Web 2.0 crowd are suddenly living in fear - bloggers dare not link to pieces in such respected journals as The Economist or even quote the titles of the offending articles, and Facebook users have been pointedly warned that clicking 'Like' or even the failure to completely delete incoming messages could get them serious prison time.
Thailand is currently experiencing its worst flooding for decades. Bangkok is sitting right between the main rivers and the sea and they've decreed that barricades must be erected to keep the capital dry at the expense of the central provinces. How can you allow the water to run off without sacrificing the capital?
As usual with the challenges facing the country, it seems like calm intelligent leadership is hard to find. However, the king is reputed to be a serious hydrologist so perhaps it's no surprise that budding part-time flood experts are coming up with cunning plans to help alleviate the floods and no doubt receive favour from royal circles. Notably, a guy named Plodprasop Suraswadi, who just happens to be Minister for Science and Technology, claims to have come up with the idea of deploying stationary boats with propellers churning to speed up the flow of water out to the Gulf of Thailand. Now they've just decided it was working so well that they lined up 500 boats to finish the job off.
Armchair analysts are skeptical.
Phony science? Thailand watchers will recall the GT200 fiasco, where the security services spent $21 million on several hundred "bomb detectors" which turned out to be empty boxes.
While Western Digital are warning they'll be unable to meet customer demand as their plants on the outskirts of Bangkok are submerged.
The latest Crunchbang Linux has just been released. Based on Ubuntu Jaunty, Crunchbang distinguishes itself by its use of the lightweight Openbox window manager. Along with Openbox, PCMan File Manager is used and in keeping with the basic theme, Abiword and Gnumeric replace the Openoffice.org suite. And when distros are trying to go all WinXP on us, the theme is refreshing - black and white, normal text, with Conky desktop and tint2 panel.
Crunchbang is maintained by one guy in the UK and it has a devoted and notably polite and helpful band of followers.
The download links are all saturated so please use the torrents.
After a few relatively quiet months on the patch front we're back to the good old days with a bumper issue of security bulletins coming up. Microsoft releases patches in a bundle on the second Tuesday of each month and according to the Advance Notification, we should expect 7 patches rated as 'critical' and 5 rated as 'important' next week.
Expect the regular cumulative patch for Internet Explorer 6, along with a slightly less regular one for IE7, along with a bundle of fixes for older versions of Office. It also appears someone has been poking around Microsoft's script offerings as vulnerabilities in VBScript and JScript have been found.
Internet Information Services (the web server bundled with Windows) is affected - versions 5 through to 7 (Win2000, XP, 2003, Vista). This could be an embarrassment for Microsoft as I think there were a few murmurings from Redmond about IIS being more secure than Apache. In what could be something of a headache for systems administrators, a denial of service vulnerability has been found in Active Directory
Overall Vista seems to be affected to just about the same degree as XP.
The long-anticipated version 5.0 of Truecrypt, the disk-encryption software, became available today.
With 5.0 there's now a Mac OS X version and the Linux version has a GUI. Other improvements include XTS mode, SHA-512 hashing, huge speed improvement under Windows and the ability to encrypt a Windows system partition with pre-boot authentication.