Category Archives: Internet

Connex Melbourne SMS Service Hacked (Update 5)

Posted on by

Myself and Jeremy have just received the following SMS from the Connex Melbourne SMS Service (run by Platypus World). It looks like they’ve been hacked.. 🙁

ALLAHU AKBR FROM CONNEX! our inspectorS Love Killing people – If you see one coming, run. Want to bomb a train? they will gladly help! See youin hell!

Not a good SMS message to get from your train company in the current climate..

Update 1: A Muslim friend of mine tells me that the message doesn’t make sense, Allah hu Akbar (God is great) is not the sort of thing that people say to each other.

Update 2: Looks like quite a few others got it too..

Update 3: I wonder if they also got hold of the phone records, or whether all they figured out was just how to feed a random message into their SMS everyone workflow..

Update 4: Last night (22:39 AEST) another Connex SMS message arrived, this time apparently legitimate, saying:

A hoax message was sent tonight to some users. Connex apologises and is investigating with the police.

There is a news story on the ABC this morning saying:

Around 10,000 people who have signed up to a timetable update system received a threatening message last night, after hackers broke into the system. […] Connex spokesman Andrew Cassidy has apologised for the incident and has reassured subscribers that their personal information is safe.

They are trying to reassure people that their details are safe:

“As far as we can see, the individual was able to get in, type this message and get it sent [and] had no other access to information stored in that database.”

The question is, then, how did the attacker get in ? Well, it seems like it was that age old problem..

Connex says passwords to the system have been changed to prevent further incidents.

My guess is it’s either people picking easy to guess passwords or (increasingly likely these days) a Windows system getting attacked by a virus or trojan and having a keylogger installed.

Update 5: It appears that the company that runs the SMS service for Connex are running their public facing systems on Windows, so it’s probably not that surprising that this hack happened. 🙁

Strangely enough this hack hasn’t made it onto their making news page.

Update 6: Just found an alternative rendering of the quote from the Connex spokesman:

“All they were able to do was to hack in and act as though they were a staff member doing a remote access to send a message to subscribes.”

Oh, so that’s all they could do..

Egyptian Blogger Gets 4 Years in Jail

Posted on by

The BBC is reporting that Abdel Kareem Nabil has been sentenced to 4 years in jail:

He had used his weblog to criticise the country’s top Islamic institution, the al-Azhar university and President Hosni Mubarak, whom he called a dictator. […] During the five-minute court session the judge said Nabil was guilty and would serve three years for insulting Islam and inciting sedition, and one year for insulting Mr Mubarak.

Google Paper on Hard Disk Failures (Updated)

Posted on by

Eugen Leitl posted an interesting paper from Google to the Beowulf list, Failure Trends in a Large Disk Drive Population (PDF), where “large” is in excess of 100,000 drives. The paper abstract says:

Our analysis identifies several parameters from the drive’s self monitoring facility (SMART) that correlate highly with failures. Despite this high correlation, we conclude that models based on SMART parameters alone are unlikely to be useful for predicting individual drive failures. Surprisingly, we found that temperature and activity levels were much less correlated with drive failures than previously reported.

Some of the Beowulfers have come up with constructive criticism of the paper, including interesting comment from rgb:

How did they look for predictive models on the SMART data? It sounds like they did a fairly linear data decomposition, looking for first order correlations. Did they try to e.g. build a neural network on it, or use fully multivariate methods (ordinary stats can handle it up to 5-10 variables).

and from Mark Hahn:

funny, when I saw figure5, I thought the temperature effect was pretty dramatic. in fact, all the metrics paint a pretty clear picture of infant mortality, then reasonably fit drives suriving their expected operational life (3 years). in senescence, all forms of stress correlate with increased failure. I have to believe that the 4/5th year decreases in AFR are either due to survival effects or sampling bias.

It will be interesting to see if they take notice of this open source peer review as there is at least one person from Google on the list.

Update: There is also a Usenix paper on hard disk failures that looks at different hard disc types.

More Scarey Australian Copyright Braindeadness..

Posted on by

The Association for Progressive Communications has a really interesting summary of the possible implications of new copyright legislation in Australia. They have a set of PDF’s there that give a “risk matrix” for teens, families, small businesses and industry.

If you’ve ever wondered how a bunch of kids singing in a restaurant can turn into a criminal offence under copyright law then this is for you (especially if you own an iPod). Read ’em and weep..

(Via)

BBC Asking Should New Service Be Microsoft Only ?

Posted on by

The BBC Trust is currently carrying out a consultation exercise into their new “On Demand” TV services over the Internet in which they ask “How important is it that the proposed seven-day catchup service be available to consumers who are not using Microsoft software ?” (see question 5).

The accompanying PDF says:

In respect of the seven-day catch-up over the internet service, the files would require DRM to ensure that they were appropriately restricted in terms of time and geographic consumption. The only system that currently provides this security is Windows Media 10 and above. Further, the only comprehensively deployed operating system that currently supports Windows Media Player 10 and above is the Windows XP operating system. As a result of these DRM requirements the proposed BBC iPlayer download manager element therefore requires Windows Media Player 10 and Windows XP. This means the service would be unavailable to a minority of consumers who either do not use Microsoft or do not have an up-to-date Microsoft operating system. However, over time, technology improvements are likely to enable even more efficient methods of delivery. Further, it is our understanding the BBC Executive are working towards the iPlayer download manager being able to function on other operating systems.

and go on to say:

We also note that the Microsoft-based strategy for rights management will limit usage. Normally, we would expect BBC services to be universally available, as universal access to BBC services is in the public interest. However, as set out above, other mainstream technology platforms do not currently provide the appropriate security.

So the BBC Trust do want greater usage, but don’t seem to understand that DRM will stop that even if people do have access to Windows.

People may want to make their feelings known on this..

(Via Alec)

Script to Migrate Postnuke to WordPress 2

Posted on by

Almost a year ago now (Jan 2006) I migrated my blog from PostNuke to WordPress and to do that I used a hacked version of Bryan’s PHP migration script (which I found here thanks to Rich Boakes), but I never got around to publishing my changes. 🙁

Changes applied:

  • Migrate PostNuke topics to WordPress categories
  • Update comment counts in the WordPress database
  • Update category counts in the WordPress database

Just had an email from someone asking about it, so I’ve decided to publish it now, so here is my hacked version of a Postnuke to WordPress Migration PHP Script.

It assumes a blank WordPress 2 install, and I last used it with WordPress 2.0.0 so caveat emptor!

Licensed under the GPLv2 (or later), as per the original.

ZFS Disk Mirroring, Striping and RAID-Z

Posted on by

This is the third in a series of tests (( the previous ones are ZFS on Linux Works! and ZFS versus XFS with Bonnie++ patched to use random data )), but this time we’re going to test out how it handles multiple drives natively, rather than running over an existing software RAID+LVM setup. ZFS has the ability to dynamically add disks to a pool for striping (the default) mirroring or RAID-Z (with single or double parity) which are designed to improve speed (with striping), reliability (with mirroring) and performance and reliability (with RAID-Z).

Continue reading

ZFS versus XFS with Bonnie++ patched to use random data

Posted on by

I’ve patched Bonnie++ (( it’s not ready for production use as it isn’t controlled by a command line switch and relies on /dev/urandom existing )) to use a block of data from /dev/urandom instead of all 0’s for its block write tests. The intention is to see how the file systems react to less predictable data and to remove the unfair advantage that ZFS has with compression (( yes, I’m going to send the patch to Russell to look at )).

Continue reading