Posted on

Crude Awakening plans to block oil refineries

So who are they? Part of the international Climate Action Justice network, but the group currently blocking the Coryton refinery are probably just an affiliated bunch.

Crude Awakening Coryton DemoThis idea is nothing new – people have been organising high-profile protests against oil dependency for some time. But what is “oil dependency”? Basically, it’s the tendency of politicians to favour the oil industry against all common sense.

One obvious example of this is the motor industry, which enjoys protected status in order to furnish votes. Look what happened when the economy crashed in 2008 – subsidies to the motor industry to “protect jobs”. If Gordon Brown and friends were simply interested in finding employment for redundant motor industry workers they’d have spent the money on building something useful, like cycle lanes or wind turbines. But no – bail out the motor industry as people like cars, and hope no one notices how hypocritical this sounds from a New Labour twittering on about the environment while using it as an excuse to raise taxes.

Other high-profile groups involved in this kind of thing are Plane Stupid and Climate Camp , although this lot are clearly more confrontational about it. If you want the other extreme there’s the World Naked Bike Ride. These are all groups who have woken up to what “Oil Dependency” really means – pollution, congestion, war, greenhouse gasses and political dodgy dealing to secure supply. Would certain countries get away with what they’re doing if they didn’t the off-button the oil supply?

As yet, however, none of these are a political force to be reckoned with. Blocking an oil refinery will get the issue in the news, if they handle things properly, but will David Cameron sit up and take notice?

So good luck to Terri Orchard and her merry bunch (not all-women as reported in the press). From what I understand, Coryton is only the first refinery on the list, and they’re planning to cover a lot more if they can. If this proves correct, I’ll be glad I ride a bike.

Posted on

Oliver Drage makes mockery out of RIPA

Oliver Drage, suspected trader in child pornography, has just been sent down for refusing to disclose the password he’d used to encrypt his PC. This is an offence under RIPA (the Regulation of Investigatory Powers Act 2000). So if you’ve got something dodgy on your computer, you’ll get locked up whether or not the cops can decrypt it (or you’ve lost the password).

A spokesman for Lancashire police was pleased: “Drage was previously of good character so the immediate custodial sentence handed down by the judge in this case shows just how seriously the courts take this kind of offence.”

Really. Drage is going to gaol for sixteen weeks  (read “two months”) . How long would he have been locked up for if he’d given them the password so they could decrypt whatever it’s alleged he was hiding? Five years? Ten years? Lock up and throw away the key?

This is not what I call “taking it seriously”.

The penalties under RIPA for not disclosing passwords are far lower than the likely sentence assuming someone’s been up to anything of interest of the authorities in this way. They don’t take it seriously at all.

Posted on

Comment spam from Volumedrive

Comment spammers aren’t the sharpest knives in the draw. If they did their research properly they’d realise that spamming here was a stupid as trying to burgle the police station (while it’s open). You’ll notice there’s no comment spam around here, but that isn’t to say they don’t try.

Anyway, there’s been a lot of activity lately from a spambot running at an “interesting” hosting company called Volumedrive. They rent out rack space, so it’s not going to be easy for them to know what their customers are doing, but they don’t seem inclined to shut any of them down for “unacceptable” use. For all I know they’ve got a lot of legitimate customers, but people do seem to like running comment spammers through their servers.

If you need to get rid of them, there is an easy way to block them completely if you’re running WordPress, even if you don’t have full access to the server and its firewall. The trick is to over-ride the clients Apache is prepared to talk to (default: the whole world) by putting a “Deny from” directive in the .htaccess file. WordPress normally creates a .htaccess file in its root directory; all you do is add:

Deny from bad.people.com

Here, “bad.people.com” is the server sending you the spam, but in reality they probably haven’t called themselves anything so convenient. The Apache documentation isn’t that explicit unless you read the whole lot, so it’s worth knowing you can actually list IP addresses (more than one per line) and even ranges of IP addresses (subnets).

For example:

Deny from 12.34.56.78
Deny from 12.34.56.89 22.33.44.55
Deny from 123.45.67.0/24

The last line blocks everything from 123.45.67.0 to 123.45.67.255. If you don’t know why, please read up on IP addresses and subnet masks (or ask below in a comment).

So when you get a a load of spammers from similar IP addresses, look up to see who the block belongs to using “whois”. Once you know you can block the whole lot. For example, if you’re being hit by the bot using Volumedrive on 173.208.67.154, run “whois 173.208.67.154”. This will return:

NetRange: 173.242.112.0 - 173.242.127.255
CIDR: 173.242.112.0/20
OriginAS: AS46664
NetName: VOLUMEDRIVE
NetHandle: NET-173-242-112-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
<snip>

If you don’t have whois on your comptuer (i.e. you’re using Windoze) there’s a web version at http://www.whois.net/.

In the above, the CIDR is the most interesting – it specifies the block of IP addresses routed to one organisation. I’m not going in to IP routing here and now, suffice to say that in this example it specifies the complete block of addresses belonging to volumedrive that we don’t want – at least until they clean up their act.

To avoid volumedrive’s spambots you need to add the following line to the end your .htaccess file:

Deny from 173.242.112.0/20

If this doesn’t work for you the the web server you’re using may have been configured in a strange way – talk to your ISP if they’re the approachable type.

I have contacted Volumedrive, but they declined to comment, or even reply; never mind curtail the activities of their users.

This isn’t a WordPress-only solution – .htaccess belongs to Apache and you can use it to block access to any web site.

Perhaps there’s some scope in sharing a list these comment spambots in an easy-to-use list. If anyone’s interested, email me. This is a Turing test :-)

Posted on

Why and how to hack a mobile phone

Anyone outraged that News of the Screws journalists have been “hacking” in to mobile ‘phones needs to get a grip on reality. They’re investigative tabloid journalists; what do you expect them to be doing?

To call it “hacking” is grossly overstating the case anyway – what they did required no technical knowledge other that that available in any playground in the country. All you need to do to retrieve people’s voice mail messages is dial their number, and when you get through to voice mail, enter the PIN. Most people leave the PIN as the system default.

You might argue that this is a gross breach of privacy and so forth. But it’s no more so than camping out on someone’s doorstep to see who goes in and out, following them, or tricking them into telling you something they wouldn’t if they knew your were a journalist.

New Labour was very keen to suppress the traditional liberties of the population in general and passed various dodgy laws to protect the lives of the guilty from prying journalists. In 2000, listening to other people’s voice mail was made a specific offence. “And quite right too!”. Wrong! It’s just another example of those in power making it difficult for us to check up on what they’re doing. We have (or had) a free press with a tradition of snooping on politicians, criminals and anyone else they wanted to using whatever means, as long as it was “In the public interest”.

Journalists are also out to sell papers, so the “public interest” defence is often strained to its limit, or broken. However, it should remain as a defence in a court of law and people should be able to argue their case there. It should be all about intent. But New Labour had other ideas.

People are uneasy about voice mail because it’s technological, so lets look at another example.

Suppose a journalist was camped outside someone’s house, noting down who came in and out. Another invasion of privacy, but right or wrong?

Well that depends – if it’s some innocent person then the journalist will probably end up throwing the notes away, so no harm done. If someone uses information collected in this way in the pursuance of a crime (e.g. Blackmail), that’s another matter, but journalists don’t do that.

Now supposing the journalist is investigating a suspected terrorist, and checking up to see who they’re associating with – or even a politician associating with a known crook. Clearly this information in the public interest.

It’s all about intent.

You could argue that investigations of this nature shouldn’t be carried out by private individuals but should be left to the security forces. That argument doesn’t bear scrutiny for more than a couple of seconds. The public needs the right to snoop as well as the government agents – anything else is known as a ‘police state’

As to the current difficulties – anyone who knows anything about the press will tell you that these and many other tricks are employed as a matter of course, although journalists won’t make a big noise about using them. It’s conceivable that an editor like Andy Coulson would neither know nor care exactly what his investigation teams were doing to come up with the information; you don’t ask. It’s also inconceivable that only the hacks on the News of the World had thought of it. Sources need protection.

It’s clearly a political stunt by old new Labour. Could they be upset that the press, including Mr Coulson’s old rag, turned against them? They used to be friends with the News of the World. At the time of the original scandal, it appears that the first politician to call Andy Coulson to commiserate with him about having to resign was none other than Gordon Brown. Apparently he went on to suggest that someone with his talent would soon find another job where he could make himself useful. (Source: Nick Clegg at today’s PMQs).

Posted on

In defence of TalkTalk

The ICO has just had a go at TalkTalk for snooping on their customers. Hmm. I wouldn’t be a TalkTalk customer if they paid me so I’m not bothered on that score. But I’m also not worried because I can’t see they’ve actually done anything wrong in this instance.

What they’re accused of is harvesting the URLs of web sites visited by their punters. Reality check: networks log traffic anyway. It’s necessary for maintenance and optimisation. All managed networks do it, all the time. The system the ICO is making a fuss about simply collects the URLs and then sends a malware scanner to the site to check for dodgy stuff so it can blacklist the URL in future.

You can’t scan the whole web for malware; it’d take too long by a spectacular margin. Scanning the relatively small subset of URLs your customers are actually accessing is as good a way of directing your effort as any.

So why’s the ICO making the headlines? Just to show they’re on the ball, I suppose. And TalkTalk makes an easy target. This is probably the first time ever I’ve defended them on any issue.

Posted on

DVLA tax disc renewal problems

Like most New-Labour government computer systems, the DVLA is broken. I don’t just mean it’s propensity for making mistakes – I mean it’s systemically flawed.

It goes something like this…

You buy a car in March and keep it for, say, four years (i.e. until it requires an MOT). The Tax Disc will expire at the end of February, as does the MOT and insurance. You’re expected to buy a new tax disc in advance – it should let you buy one from the 5th day of the month it’s due to expire. But it won’t – it says your MOT and insurance are about to expire (which is true, they’re bound to). So you get your MOT a couple of weeks early (wasting a couple of weeks of MOT time) and persuade your insurance company to insure you for eleven months instead of one year, or some such fiddle, to get the renewal dates out of alignment.

Why should you be forced into this performance? Life’s too short to argue, but any fool can see the system is flawed.

Couple this with the fact that they can’t organise a computer system properly and you have big problems – as I do now. The DVLA computer reckons my car isn’t insured. My insurer (of fifteen years) says it was renewed as usual at the start of the month, and can’t understand why the DVLA is having problems registering it.

You can call Swansea on 0300-7906802 if you actually need to speak to a person, although they’re not keen on giving this out, preferring the premium rate automated system numbers. I did this and was advised that I couldn’t drive my car now that the tax had expired, and that the government computer system responsible for the error wasn’t their responsibility. I could, if I wished, drive to the nearest post office issuing manual tax discs and they might be able to help – apparently they can now take faxed documentation but I bet they don’t know that! Anyway, how am I supposed to drive to the nearest Post Office if I don’t have a car.

To cap it all, they said they wouldn’t actually fine me for not renewing or declaring the vehicle off-road for 14 days. That’s big of them!

I asked about who to appeal to concerning DVLA problems and got the email address for their customer services department. I don’t I’ll get much satisfaction. My MP shall be hearing about this, although he’s not morally responsible for New Labour computer systems.

I think it’s time something was done about the DVLA, and would be interested in hearing about people having similar problems.

Posted on

NHS Direct is unwell

NHS Direct has the skids well and truly under it. Vandalism! Cutbacks! Distruction of the People’s NHS cries Labour.

But what was it all about? If you were ill, you were supposed to call NHS Direct and they’d tell you what to do about it – generally “Get the down to A+E or your GP service to check it out.” If you, or your child are ill, this is what you’re going to do anyway.

Having an telephone helpline for discussion of medical matters is a good thing, especially for anyone without any books on the subject or access to the Internet. Apparently this is just what we’re getting instead – it’ll be cheaper than having medically qualified on the end asking the questions and then suggesting a personal visit anyway. “Civilians” cand do that, as long as they’re briefed not to overstep their remit.

GPs came out against NHS Direct yet again in June, so presumably we’ll be hearing they’re pleased with the result. No one I know has every had much joy in calling them, although the “worried well” may have had some comfort – or had their hypochondria fueled. It’s just New Labour, upset that the new government has stopped paying for their gimmick. As to the staff that’ll be made redundent, apart from the management consultants they’re generally qualified nurses answering the ‘phone. Don’t we need more nurses actually nursing to the extent we’re importing them from the third world? I don’t see a problem with them being redeployed.

Posted on

Intel has just bought McAfee

Intel has just bought its neighbour in Santa Clara.

Well there’s a surprise. According to today’s Wall Street Journal it’s a done deal at $48/share (about £5bn). Paul Otellini (Intel’s CEO) has been saying that “security was becoming important” in addition to energy efficiency and connectivity. This lack of insight does not bode well.

I’ve been expecting something like this since Microsoft really got its act together with “Security Essentials”, its own PC virus scanner by another name. Unlike other PC virus scanners, Microsoft’s just sits in the background and gets on with the job without slugging the PC’s performance. Why would anyone stick with McAfee and Symantec products in these circumstances?

Whether PC virus scanners have much benefit in today’s security landscape is questionable, but at least the Microsoft one does no harm.

Intel has (apparently) paid about £5bn in cash for McAfee. I wonder if they’ve paid too much. It’ll generate revenue while lusers and luser IT managers are too scared to stop paying the subscription, but as anti-virus becomes built in to Windows this is going to dry up. I suspect McAfee was aware of this situation ad was moving on to mobile device security – not by developing anything itself, but by buying out companies that are.

When McAfee bought Dr Solomons in 1998, it was basically to pinch their technology for detecting polymorphic viruses and close down their European rival, which they did – everyone lost their jobs and the office closed. (Declaration of interest: Dr Solomons was a client of mine). Whether McAfee has any technology worth plundering isn’t so obvious, so presumably Intel is buying them as a ready-made security division.

McAfee does, of course, have some good researchers in the background – we all know the score.

Posted on

India’s $10 laptop joke

There was a time when “Made in Hong Kong” was a byword for a cheap and nasty knock-off of the real thing, that didn’t really work. This was in the early 1970’s, and was pretty much true. In the late 1970’s I was horrified to discover that I’d bought a piece of electronic equipment “Made in Hong Kong”, but as it turned out, it was of really good quality and still works flawlessly today.

Hong Kong has now been assimilated by mainland China, and it seems that everything is made there – and is often none the worse for that. India has taken over Hong Kong’s mantel, although in this time of political correctness you don’t hear comedians joking about it.

But why is this? India seems to be a country desperate to be taken seriously – it has a space programme for no other reason than this. But artefacts manufactured in India tend to be either rough and ready, or inferior and semi-functional knock-offs of something made better elsewhere.

While still musing on the above I was sent this:

Apparently this thing, which looks like an iPad and runs Linux, would soon be produced for as little as $10. This in incredible. (Not credible). India’s Education Minister knows nothing about electronics or computing, and has announced this in spectacular style to the world. Apparently it was designed by the Indian Institute of Technology, and the Indian Institute of Science. Apparently they’re “elite” and “prestigious”. Their spokeswoman, Mamta Varma, said the device was feasible because of falling hardware costs. What they actually are, if this is anything to go by, is a laughing stock.

Of course, most people don’t know much about computing devices, but generally they have the good sense not to pretend they do. For the benefit of this majority: There is no way you can put a processor, colour touch-screen display and enough memory into a box for $10. It’d cost that for the battery and power supply.

Apparently this marvel has the facilities for video conferencing (i.e. a fast processor and a camera) and can run on solar power. Hmm. You’d need more than $10 worth of solar cells, for a start.

However, this won’t be “Made in India” – Sibal stated they were in discussions with a Taiwanese company about manufacturer. For $10? I don’t think so!

If India doesn’t want to be treated as a joke it needs to start by muzzling its ministers.

Posted on

No Justice for Ian Tomlinson

The CPS isn’t going to prosecute anyone over the death of Mr Tomlinson at the G20 protests following an unprovoked attack by a police officer (Simon Harwood). They say that he was definitely assaulted, but they can’t prove the link between the assault and his subsequent death. “There is no reasonable chance of a conviction” because of this. Two pathologists though he was killed because the injuries lead to a heart attack, one thought it was a heart attack that might have been from natural causes.

Actual Bodily Harm was also ruled out because, apparently, there’s dispute as to whether the internal injuries caused by fall lead to his death, and the appropriate charge would then be manslaughter – and you can’t have both.

Common assault (from the baton attack), which caused a less serious injury, can’t be pursued because the six month time limit has expired.

The Director of Public Prosecutions (Kier Starmer QC), Steven O’Doherty and Tim Owen QC are responsible for this decision. Kier Starmer (named after Keir Hardie) is, of course, closely associated with the Labour party and the previous government (appointed in 2008) .

This is a disgrace. There’s nothing more to say.