Posted on

NSPCC claims that 6% of teenage boys read Pornhub

Petee Wanless, CEO of the NSPCC, has made a fool of himself and the organisation he represents by call8ng for unworkable restrictions to be placed o. Porn websites to prevent access by min
ors. This is on the back of some dubious looking research from avstat, who have made simar headline grabbing claims that 6% of males aged 12-16 have been looking at a site called Pornhub during the course of one month. This is based on a survey of traffic, apparently.

It’s pretty obvious to anyone in a position to see net traffic that this is most improbable, and it’s only a matter of time before the research is ripped to shreds. That the NSPCC is taking it seriously raises more questions of the organisation’s competence. Time for a new CEO, methinks.

Posted on

MH370 – One week later, wreckage found. Really?

So, an Australian satellite has potted debris in the Indian Ocean at the far end of the arc MH370’s engine data fixed the aircraft on for seven hours. There’s now going to be a rush to find it, no doubt.

Fuzzy picture of what Australia hopes is wreckage of MH370
Its it a plane? Is it a wave? It is a statistical certainty

Apparently these images are four days old and have only just come back from analysis.

I think this could well be a wild goose. What we’re looking at is a cluster of white dots in a texture of black and white. Experts have declared this likely debris; to me it looks more like waves. Or perhaps it’s a container washed off a ship, or who knows what? That’s it’s part of MH370 seems very unlikely. Probability is against it.

Let’s look at that probability. Firstly, why is the aircraft presumed to be on this arc leading north and south from Malaysia? It’s actually the line of equal distance (more or less) from the Inmarsat satellite collecting the data from the engines, and this is based on a 1d fix; namely the elevation. I believe it’s known to be 40 degrees declination from the satellite. That’s sound.

The arc ends where the aircraft stopped transmitting, which is also when it is likely to have run out of fuel, and the maximum distance it could have flown along the arc.

However, to get to the far end of the arc, someone would have to have flown it there – or set the autopilot to follow THAT course. Not any of the other courses it could have taken from the point, but that precise arced course. It’s not impossible; it could have taken this course. But is it likely? Probability says “no”.

What seems more probable to me is that the aircraft hung around in a holding pattern close to where it was lost. That’s where to look. If the satellites have found it, great – and the explanation as to why it followed that precise course will be interesting, but I’m not hopeful.

If you’re working on a conspiracy theory, the data sent to Inmarsat could have come form a ground-based transmitter; it could be fake to throw investigators off the scent.

Posted on

Missing Malaysian Airliner

I’ve got more interest than usual in this, as I happened to be on a ‘plane in the same airspace a few hours afterwards. It makes you think while waiting to board in Singapore.

Three days later, no wreckage has been found and there are rumours of the aircraft changing course. Hijack? That’s what it looks like to me, based on the facts released. First off, there was no distress call. The same was true of the Air France 477 in 2009 (discounting the automated transmissions), but that was way out over the ocean a long way in to the flight; MH370 had only recently departed and was in crowded airspace, in range of ATC and showing up on civil radar.

Much was made of the passengers travelling on stolen passports; given that part of the world I’d be surprised if there weren’t several on every flight out of KL. If it was a terrorist attack, someone would have claimed it by now anyway. And if it was external hijackers, the crew would have raised the alarm.

So what could have happened? The release of the final radio message is a huge clue – they were handing over from Malaysia to Vietnam, mid-way across the sea. Hand-overs are important – they say goodbye, change frequency and says hello. Only the goodbye happened.

If the aircraft had suffered a very sudden and catastrophic failure, the wreckage would be floating on the ocean below at that point. So that leaves the aircrew. They could have turned off the transponder and done what they liked.

If external agents had hijacked an aircraft the pilots would have triggered the hijack alarm on the transponder and made a distress call. They were in radar range, and radio range. And the security on the cockpit door would have allowed them time.

If I was flying an aircraft and wanted to take it over, mid-sea on ATC handover would be the obvious place to do it. Malaysia wouldn’t expect contact because they’d left; Vietnam wouldn’t notice loss of contact because none had been made; they’d assume they were still talking to Malaysia. Just speculating out loud…

Only military radar would be taking any interest in the aircraft, and in that part of the world you bet they were watching but don’t really want to talk about it.

Posted on

Criminals using self-assessment tax filing deadline to drop Trojans

I’ve intercepted rather a lot of these:

From: <gateway.confirmation@gateway.gov.uk>
To: <**************>
Date: Mon, 3 Feb 2014 20:33:49 +0100
Subject: Your Online Submission for Reference 485/GB6977453 Could not process

The submission for reference 485/GB6977453 was successfully received and was not processed.

Check attached copy for more information.

This is an automatically generated email. Please do not reply as the email address is not monitored for received mail.

Someone (via France, and the sender certainly does not speak proper English) is taking advantage of people’s panic about getting self-assessment tax forms in before the 31st January deadline to avoid a fine The attached ZIP file contains an executable with a .scr extension. It doesn’t show as being anything recognisable as nasty, so someone’s planned this well. Be careful; this is slipping through ISP malware scanners (and all the Windoze desktop scanners I’ve checked it against).

 

Posted on

FreeBSD 10.0 and ZFS

It’s finally here: FreeBSD 10.0 with ZFS. I’ve been pretty happy for many years with twin-drive systems protected using gmirror and UFS. It does what I want. If a disk fails it drops it out and sends me an email, but otherwise carries on. When I put a replacement blank disk it can re-build the mirror. If I take one disk out, put it into another machine and boot it, it’ll wake up happy. It’s robust!

So why mess around with ZFS, the system that puts your drives in to a pool and decides where things are stored, so you don’t have to worry your pretty little head about it? The snag is that the old ways are dying out, and sooner or later you’ll have no choice.

Unfortunately, the transition hasn’t been that smooth. First off you have to consider 2Tb+ drives and how you partition them. MBR partition tables have difficulties with the number of sectors, although AF drives with larger sectors can bodge around this. It can get messy though, as many systems expect 512b sectors, not 4k, so everything has to be AF-aware. In my experience, it’s not worth the hassle.

The snag with the new and limitless “GPT” scheme is that it keeps safe copies of the partition at the end of the disk, as well as the start. This tends to be where gmirror stores its meta-data too. You can’t mix gmirror and GPT. Although the code is hackable, I’ve got better things to do.

So the good new is that it does actually work as a replacement for gmirror. To test it I stuck two new 3Tb AF drives into a server and installed 10.0 using the new procedure, selecting the menu option zfs on root option and GPT partitioning. This is shown in the menu as “Experimental”, but seems to work. What you end up with, if you select two drives and say you want a zfs mirror, is just that.

Being the suspicious type, I pulled each of the drives in turn to see what had happened, and the system continues without a beat just like gmirror did. There were also a nice surprises when I stuck the drives back in and “onlined” them:

First-off the re-build was almost instant. Secondly, HP’s “non-hot-swap” drive bays work just fine for hot-swap under FreeBSD/ZFS. I’d always suspected this was a Windoze nonsense. All good news.

So why is the re-build so fast? It’s obvious when you consider what’s going on. The GEOM system works a block level. If the mirror is broken it has no way of telling which blocks are valid, so the only option is to copy them all. A major feature of ZFS, however, is that the directories and files have validation codes in the blocks above, going all the way to the root. Therefore, by starting at the root and chaining down, it’s easy to find the blocks containing changed data, and copy them. Nice! Getting rid of separate volume managers and file systems has its advantages.

So am I comfortable with ZFS? Not yet, but I’m a lot happier with it when its a complete, integrated solution. Previously I’d only been using on data drives in multi-drive configurations, as although it was possible to install root on ZFS, it was a real PITA.

Posted on

Advertorial in Process Engineering Control & Maintenance

The relationship between journals and advertisers has always been tricky, with many of them forced to say nice things, or at least avoid saying anything bad concerning major advertisers. In my day as an editor I was free to say what I liked, as no advertiser could afford to stop advertising because it was the best route to reaching potential customers before the Internet.

Times have certainly changed, and today marks a new low. We’ve intercepted several spammed messages offering to sell editorial in Process Engineering Control and Maintenance. Normally I wouldn’t draw attention to this, but they were sent to a spamming list and picked up by no less than six honeypots – addresses than no legitimate sender of bulk mail should be using. Therefore they’re fair game.

Dear Public Relations Manager

I deal with the editorial content for the Process Engineering Control & Maintenance publication, and are just putting together our editorial feature pages within our February edition, this is a very special edition as this will not only be distributed to our exclusive 100,000 named circulation but an extra 5,000 copies will also be distributed at MAINTEC, Sustainability Live & National Electronics Week to the wide range of purchasing professionals that attend.

I wanted to contact you to see if you would be able to provide some editorial content for this special edition.

The only cost to include a press release within this special edition would be a small editorial set up fee of just £85…

…As I am only able to offer this editorial opportunity to the first few companies to respond to this offer, please email me the editorial content that you would like to include, and please confirm that you would be happy to pay the £85 set up fee.

Kind Regards

******* ******** CIE

[name and telephone number deleted]

If you’re one of the 105,000 people “lucky” enough to get a copy of the magazine, you have been warned.

 

 

 

Posted on

Direct Response monitored alarms fail to show

Not to an alarm call out, but they had an appointment at 9am today to talk about their monitoring service. At 9:30 they called to say they weren’t coming with the excuse that they’d tried to call to confirm the appointment but couldn’t get through. Except they confirmed it yesterday afternoon and there’s someone on the hot-line number they claim to have used since 6am today.

Okay, they double booked slots and got caught with their pants down and this is the best they could come up with, but a company trying to sell an ARC service, not showing for an appointment has to be the biggest no-no going. LOL!

They’re actually possibly worth talking to, because they use the rather interesting Risco panels. Risco is an Israeli company, and they’re upping the game by integrating CCTV and IDS in one system with PIR detectors that will take a snapshot of what triggered them and sending to the ARC. The lady on the phone said they just wanted to demonstrate this, and I couldn’t resist even though we’re happy with the British-made Texecom kit (although we use Risco beam sensors already).

However, this is the same Direct Response that got hauled before the OFT and clobbered in 2009 for telling porky pies about their monitored alarms getting a priority response from the police. The caller also claimed the alarms were made in Iran (“or somewhere like that”). And they’re still using the same old sales tactics (“We are calling as part of an awareness campaign, and four people in your area will be selected at random for a free alarm worth £999”, without mentioning the £400 installation fee up front and claiming a £5/week monitoring fee – I’ll be pleasantly surprised if this bit is true).

The appointment’s been re-made for 9am on Monday. Let’s see. In fairness, I did warn the first and second callers that they hadn’t called a normal householder. All they gotta do is Google me.

Posted on

BBC pulls Queen’s Christmas message

The BBC iPlayer is supposed to “make the unmissable, unmissable”, according to the BBC itself. That only applies if the BBC itself wants you (the license payers) to see something.

Even before Christmas was over, the Queen’s Christmas Message was removed from the playlist. What’s the excuse? I’m still waiting for a reply to that one (and ITV don’t feature it either). It was produced by the BBC this year, and there doesn’t seem to me to be any technical reason why they can’t keep it there for the duration of Christmas, if not the whole year. it’s not just iPlayer; it’s been dropped from the BBC web site too.

The BBC is, of course, embroiled in allegations of left-wing political and social bias, and this seems a likely explanation. At the very least, lefty decision makers will have regarded the Queens Message as unimportant and dropped it quickly.

The BBC once had a monopoly on the Royal Christmas Message, but this was ended in 1997 when it was announced that ITN would alternate with it (and Sky joined the rotation in 2011). At the time it was speculated that this decision reflected the Palace’s displeasure with the low-brow coverage of Royal matters within BBC News and Current Affairs. You can’t argue with that, although it was denied by Buckingham Palace. Subsequent revelations tend to back this up, and show it was the right decision.

It comes to something when the state broadcaster, funded by the nation, fails in its duty to make the Queen’s message available, forcing everyone on to YouTube to watch it. Perhaps its time to drop the BBC from the production rota and replace them with Google.

 

 

Posted on

Botnet shows itself with New Year spam :)

The crims have been at it again this Christmas season (more elsewhere). The latest interesting activity has been a flood of emails with :) as the subject and “Happy new year !” as the text-only payload. Don’t feel left out if you didn’t get one, as they’re only being sent to email addresses made of random numbers at various domains I monitor.

What are the crims up to? Probably testing out mail servers to see if they’ll accept things to random addresses. Every domain should, and deliver them to a human postmaster (not that many net newbies are even aware of this rule). However, there’s nothing to say they can’t also go to analysis tools.

What makes this latest caper interesting is that the botnet they’re coming from doesn’t show up on the usual lists of such things – it’s either new or extended rapidly from an old one. New botnets popping up after Christmas aren’t uncommon as the seasonal fake greeting cards and amazon purchase confirmation trojans are relentless in the days before, together with the lack of staff available over the holiday to deal with them. However, I find this one unusual as most of the IP addresses used to send out the probes are from Europe (Germany and Spain in particular).