Tuesday, May 29, 2007

New war on Estonia - Cyberspace war

Estonia, a small country in northern Europe, is a country that promotes extensive usage of Internet which includes online voting and online tax filing.

However, this tiny country experienced the first war in cyberspace, when it was attacked by some pro-Russia supporters after it removed a bronze statue of a World war 2-era Soviet soldier from a park. The war turned digital which caused a national security situation in Estonia.

The attack shut down the country's digital infrastructure, clogging the websites of the president, prime minister, Parliament and government agency (Distributed Denial-of-Services), shutting down the biggest bank in Estonia for an hour of its online banking causing its to lose around US$1 million, and overwhelming the sites of several newspapers in Estonia.

Arbor Networks measured dozens of attacks. The 10 largest assaults blasted streams of 90 megabits of data a second at Estonia’s networks, lasting up to 10 hours each. That is a data load equivalent to downloading the entire Windows XP operating system every six seconds for 10 hours.

This turned out to be the largest cyberattack on a single country!

This interesting article from TheNewYorkTimes Technology can be found here - War Fears Turn Digital After Data Siege in Estonia.

Saturday, May 26, 2007

Database theft of 100,000 customers in UK

A former executive is being sued by her company on a database theft of its 100,000 customers. The stolen database had been illegally used by call centres in Pakistan. These call centres tricked customers into handing their credit card details.

However, the former employee denied of her part in the database theft.

Read more here - UK database theft hurts customers (BBCNews Technology)

7 others cases of identity theft in UK and US were discussed in this blog previously - Identity theft: Cases on stolen laptops, hacking and lost CD

Real time tracking on human by WiFi and RFID

The combination of WiFi and RFID in the wireless network such as hospitals and university campuses could be used to protect patients and students.

For students:
Tracking students on campus could help especially during a fire or an emergency such as the gun-shooting case at the Virginia Tech, US.

It is useful to capture the students attendance plus the exam attendance as this automation will speed up the process and provide accurate real-time information. In UK, exam papers are tagged with RFID to ensure its security as well.

For patients:
Some of the RFID applications are listed here.

How's it work?
Battery-powered RFID tags can be tracked by communicating with minimum three wireless access points inside the network to triangulate a location. The signal is sent back to the server and the movement is then modeled depending on the shift in signal strength detected.

BBCNews Technology published an interesting article on this story here - Wifi and RFID used for tracking

More entries on RFID can be found here.

Thursday, May 17, 2007

Shifting trends for online users in UK

In UK, young male are no longer the dominant online users. The young women (age group of 18-34) has surpasses them as the most dominant online users with 18% of all UK online users. They visiting a variety of website from fashion, family and lifestyle.

Even in their own male category, young male are losing out to older male aged 50 and above.

Read the following news for more information - Young women dominates UK Net scene (BBC News)

How about the trend in Malaysia? At the moment, I believe young teenagers and working adults are still dominating the Internet with a small percentage of older male and female ctaching up the trend. However, don't be surprise as now there are getting more and more blogs authored by our daddy and mummy.

Amazon plan to sell DRM-free songs online

Consumers will be able to download songs that come without copyright protection once Amazon.com start selling it in the near future. This will enable consumers to burn their own CDs freely as well as tranferring it to the computers, iPods and cell phones without limits, mostly in MP3 format.

There will be million of songs available from 12,000 records which Amazon.com has licences to it.

What is DRM? Digital Rights Management means technologies attempt to control or prevent access to or copying of digital media, which can otherwise be copied with very little cost or effort.

Some articles to read:
1. Amazon to sell unprotected music (BBC News)
2. Amazon to sell music with copy protection (The NY Times Technology)
3. Amazon takes digital music scales to unprotected level (USA Today Tech)
4. Amazon plans iTunes rival (The Register)

US$55 million piracy lawsuits

Symantec, one of the major anti-virus software company, filed a total of US$55 million lawsuits against 8 software distributors selling pirated version of its Norton SystemWorks, Norton AntiVirus, Norton Internet Security, pcAnywhere and Symantec AntiVirus Small Business Edition.

All the transactions were conducted online. However, the software sold contained no documentation information, directions, labeled packaging or activation code information.

The lawsuits involved trademark and copyright infringement, fraud, unfair competition, counterfeit documentation, trafficking, and false advertising.

The 8 distributors are:
Acortech, mPlus, Logical Plus, SoftwareOutlets.com, Rowcal Distribution, Global Impact, Directron.com and eDirect Software.

A similar article can be found here - Symantec pursues US$55m copyright damages (TheRegister)

Monday, May 14, 2007

Nigeria's communication satellite launched by China

A new communication satellite was launched by China for Nigeria. With the launching of this new satellite known as Nigeria Communication Satellite NIGCOMSAT-1, Africa would be able to experience better broadband internet access, broadcasting and communication.

It is hope that with the launch of NIGCOMSAT-1, the digital divide between Africa and other countries can be further narrowed. Currently, Africa countries are paying millions of dollars every year to route data and voice traffic from one country to another through Europe or North American due to lack of communication infrastructures. Thus, this attribute to the high cost of web access in Africa, being the costliest in the world.

What sell best online?

Traditionally, computers hardware and software are top in the list of online sales. However, this changed in 2006 when consumers spent more on clothes rather than computers.

According to a report by Shop.org, the spending for apparel, accessories and footwear sales hit US$18.3 (RM64) billion as compared to US$17.2 (RM60) billion for computers. Autos and auto parts followed at 3rd place with US$16.7 billion and Home furnishing at fourth with US$10 billion.

Apart from these, online travel expenses accounted for US$73.4 billion of the online transactions, topping the e-tailing market!

Reasons for such jump can be contributed to the followings:
It is easier to find and buy the clothes online compared to traditional store as retailers offers greater selection in term of size and style plus efficient search capability.

Saturday, May 12, 2007

RFID on exam papers

An UK exam board is planning to tagged its exam papers with RFID as a measure to increase its security. This is to prevent the papers from being stolen. The tagging will help the board to quickly identify the source of any leak.

This would definitely add another applications of RFID to this list.

Google continue to fight the cybersquatters

Besides the Google Mail's domain names disputes Europe and China, Google is also currently engaging in another battle against Dutch cybersquatters. They are planning to sue Marcel van der Werf, a Dutch cybersquatter on the following domain names - Googledatingsite.nl, Googleonlineshop.com, Googlecommunity.nl and Googlestore.nl.

Is Froggles.com same with Google.com? Google did sued Froggles.com in 2005 for trademark infringement.

Thursday, May 10, 2007

HiTech Driving Navigator

This is my latest driving navigator, hehe. Looks cool, right?
Yeah,..I can do all these while I'm driving in the town.

Wednesday, May 09, 2007

Identity theft: Cases on stolen laptops, hacking and lost CD

Several cases of stolen laptops and systems hacking which contain personal particulars of some organisations' employees may expose them to the risk of identity theft.

Case 1: (August 2006, Florida)
Scenario: A laptop was stolen from the car of a workeer at the Florida's Department of Transportation.
Data: Personal data of 133,000 Florida residents. (Details of 86,670 driving licence holders, 42,800 airline licence holders and 9,500 commercial vehicle licence holders)
Remark: Protection of the encrypted data were removed during a major network upgrade.
Potential risks: The data could be used to apply loans or credit cards under false names.

Case 2: (September 2006, Ohio)
Scenario: Hackers broke into the systems of an Ohio hospital.
Data: Personal data of 230,000 patients and their family members plus the financial information of 12,000 donors.
Remark: It happened when the hospital was upgrading its systems.
Potential risks: Potential abuse of the data.

Case 3: (March 2007, Notthinghamshire)

Scenario: A laptop was stolen from a hospital office.
Data: Names, addresses and date of birth of 11,000 children aged between eight months and eight years old.
Remark: The laptop was poassword-protected.
Potential risks: The data in the hard disk may not be encrypted.

Case 4: (April 2007, University of California, San Francisco)
Scenario: A university's server was hacked into.
Data: Confidential information such as names, social security numbers and bank account details of 46,000 students, faculty and staff.
Remark: FBI was called in to help in the investigation.
Potential risks: Potential identify abuse.

Case 5: (April 2007, Georgia)
Scenario: A company lost a CD. The company was hired to handle information by the Georgia Department of Community Health.
Data: 2.9 million Georgia residents. Names, social security numbers, addresses and members identification for recipients of Medicaid and other medical programme.
Remark: Data was not encrypted.
Potential risks: Potential identify abuse.

Case 6: (April 2007, Chicago)
Scenario: 2 laptops were stolen from the office of the headquarters of Chicago Public School.
Data: Names and social security numbers of 40,000 teachers.
Remark: The laptops belonged to an accounting firm who was auditing pension contribution made by the teachers.
Potential risks: Potential identify abuse.

Case 7: (May 2007, UK)
Scenario: A laptop owned by Mark & Spencer was stolen from a printing firm.
Data: Salary details, addresses, date of birth, national insurance and phone numbers of its 26,000 employees.
Remark: The laptop was stolen on April 18 in a burglary on a printing firm that had been given the computer so it could process letters to M&S employees about pension changes.
Potential risks: Not sure whether the thief is more interested on the hardware or the data.

Personal Thoughts:
How safe exactly is our data?

Occasionally, I did received calls from some telemarketing companies that promote their products or services. I am very curious how they actually obtained my contact numbers. so, everytime they called , I will pose the same question on how they actually obtain my number.

They replied that it may be due to my friends who had passed to them my business card. The truth is I did not put down my handphone number on my business card. I believe these data were bought from somewhere. But where? The scariest thing was when they actually had most of your personal particulars including your address, credit card numbers and age.

Where is our protection of privacy, specifically on information privacy?
Information privacy is the right of the individual to control the information to be collected from them and the use of whatever information that is collected from them.

UK consumers to use contactless payment card soon

For transactions that cost less than $10, UK consumers will be able to settle the bill with a contactless payment credit and debit cards.

Currently there are 20 billions of transactions involving $10 or less each year in UK.

The concept will be similar to VisaWaves (RM150) and MasterCard PayPass in Malaysia.

Yahoo Auctions is closing in US & Canada

Yahoo Auctions in US and Canada will be closed down on June 15. However, operations in other Yahoo Auctions sites in Hong Kong, Singapore and Taiwan will continue as usual.

  • Yahoo want to concentrate in other Yahoo products which are more profitable.
  • Small market share in US = 0.19% as compared to eBay 95%.
  • Potential e-auction sales tax

Monday, May 07, 2007

YouTube vs EPL

YouTube selection vs English Premier League Best XI (Gerrard, Terry, C.Ronaldo etc) ?

Of course not! Its about copyright legal lawsuit of EPL against YouTube for publishing footages of matches in the YouTube as a way to raise their profile, without the permission from EPL as reported by BBC News and Soccernet.com

YouTube also facing a lawsuit from Viacom.com, which own MTV and Nickelodeon for showing 160,000 unauthorised movie clips. More lawsuits are lined up such as from NBC Universal and Thailand.

Seems like Google is accumulating a lot of lawsuits now after they acquired the YouTube November last year.

Firms use cyber thugs to attack competitors

New phenomena in the online businesses. Just like watching some movies where successful businessman with the background support of the gangsters - now legitimate firms are using cyber thugs or criminals to sabotage their rival websites.

Using DDoS (Distributed Denial of Services), the attacks attempted to knock down the rival websites by sending floods of data. DDoS is where the attackers gain illegal administrative access to as many computers on the Internet as possible and use the multiple computers to send flood of data packets to the target computer with the aim of overloading it.

Some extortion rackets are using this methods especially on online gaming sites.

BBC News reported that the number of extortion-based attacks had declined but the application of cyber criminal by companies to attack their rivals are in the rise - a new phenomena called anti-competitive behaviour.

Talking about fair-play and equal chances in the online business environment? Be careful, some big brothers are watching over you.

DIY Eye Glasses Online Shopping

Imagine the spectacle frame is being designed by famous Italian designer, the lens incorporated the latest technology from US and it is being assembled in Singapore. You can also view the work-in-progress report through the online systems, just like when you purchase the laptop from the manufacturer.

What is the different between buying clothes, watches and spectacles online? Same processes, same problems, same technical requirements! A new e-commerce business model.

Some argues that buying spectacles is like buying medicine, especially for prescription glasses. It need precision and of course consumers will prefer to try it out rather than custom-made their glasses. Another concern will be whether the glasses will fit the consumer in term of the lens power as well as after sale services. That's why eyeglasses industry is still at it infancy in the online environment.

However, there are quite a number of online stores that provide this services namely:
Zenni Optical

Here is a list of Malaysian optical shop. Majority of them are still brick and mortar (tradisional physical stores).

How about a blog on this: Glassyeyes - A blog on the experience of buying glasses online.

More reading is available here: Do-It-Yourself Eyeglass Shopping on the Internet (www.nytimes.com)

How about you? Would you mind buying glasses online? Do you think this e-commerce business model works in Malaysia?

Thursday, May 03, 2007

E-Filling: 606,691 people had e-Filed nationwide

April 30th was the last day for Malaysian taxpayers to submit their tax form. As usual, most of the taxpayers waited until the last minutes to rush for their tax submission. Some even dared to say it as the "Malaysian way"! (Just like replacing the MyKad previously)

Unlike last year where e-filling was first introduced, the LHDN is sticking to its 30th April deadline for submission. Last year a one month grace was given to encourage taxpayers to use the e-filling.

Up to 10.30pm (30th April), as reported by TheStar (1st May 2007), a total of 606,691 taxpayers had filed in their form through the e-filling. From my personal point of view, this is a very good response.

I also used e-filing this round to submit my tax form. Of course, I did it mid of April and not during the last day, haha. Basically the procedure was easy and fast. I got my PIN from the mailed form. This has been an improvement from last year where users would have to get the PIN from the LHDN branches.

Step 1:
Use the PIN to register and download the digital certificate. This the part where most of the users got stuck as an ActiveX Control plug-in need to be downloaded and installed. Some computers required administrator password to install this plug-in. Without the administrator password (for PCs in the organisations which was administered), the e-filing cannot be done. Basically, the dowloading of the digital certificate is crucial as it determine the authentication of the user.

Step 2:
Choose the form and fill up the particulars. It is better to make sure that all documents are ready because the page will sign-off after a few minutes. I had to sign-in a few times eventhough I had prepared all my data.

Step 3:
Once completed, pay through e-banking (if you own them money) or straight away sign off with the digital signature (if they owe you money) and here you go! Submitted!

Step 4:
Keep the acceptance receipt and also filled Borang B for future references.

The whole process took only 10 minutes (not including solving the ActiveX Control downloading issue). Fast and convenience. However, for those who are real supporter of Malaysian Way (last minutes), the whole process may take quite some time as the lines were jammed. Luckily the server did not crashed down.

Related reading:
E-Filing: Taxpayers to receive PIN via mail
E-Filing = No Form B
E-Filing in Malaysia 2006

Mispronounced Domain Names

If you intend to set up a new domain names, check this out (Top 30 Easily Misponounced Domain Names) before you do it. It may save you from any embrassment!

Top the list:
  • therapistfinder.com is actually TherapistFinders.com, a place for you to find Therapist. (Definition from Dictionary.com : A person trained in the use of physical methods, as exercises, heat treatments, etc., in treating or rehabilitating the sick or wounded or helping patients overcome physical defects.)
  • expertsexchange.com now changed to Experts-Exchange.com
  • Mp3shits.com is for MP3s hits
More names can be found here: Top 30 Easily Misponounced Domain Names