News of the World Is Closed Down

 Media, Politics  No Responses »
Jul 072011
 

But is this merely a cynical move by a morally bankrupt management hierarchy to put a stop to the bad news in the hope it will not torpedo their plans to take over BSkyB ? Essentially News International has decided to blame the probably innocent journalists (who allegedly have all been employed after the phone hacking was routine) to avoid blame being placed squarely where it belongs – with the management who permitted such a lax regime at the old News of the World that illegal phone hacking, and potentially even corruption of police officers could carry on.

The odds are that the News of the World team will mostly get jobs in an enlarged Sun organisation which is supposedly going to shortly become a 7 day newspaper. But if any fail to find jobs, is it unreasonable to wish that News International could somehow be forced to pay their unemployment benefit ? After all, the journalists put together a profitable paper, and they have been thrown out of work because of what is in the end a failure of management.

It is clear that the old News of the World was responsible for phone hacking on an industrial scale involving hundreds of victims including not just the famous and infamous, but also ordinary members of the public caught up in tragic events – victims of crime or war. Plus it seems that payments were made to members of the police – not only illegal, but something illegal for so long nobody could claim they didn’t know it was illegal.

With any luck the individuals who were there listening into phone calls, commissioning such snooping, and passing brown paper bags to corrupt coppers will be found and prosecuted with the full weight of the law. But the managers who allowed such activities within their organisation also need to pay a price – they may not have known what was going in (if they were particularly dumb), but they are ultimately responsible for a regime in which such activities could take place.

Even if they did nothing more than profit from the results of the illegal journalism, they all deserve to go. Ever since the phone hacking scandal first burst on the scene 5 years ago, they have been claiming it was just the odd bad apple doing this. They at the very least, are responsible for sweeping the mess under the carpet and trying to conceal the magnitude of the crime.

There are people who are claiming that it was only a tiny cabal of journalists – perhaps 6 – who were up to this. Well we have heard all that before when News International were claiming it was just one journalist and one private investigator up to these criminal acts. Even if it was just six journalists, one thing has been neglected in all the noise about this – the other journalists, the newspaper, and News International all benefitted from the phone hacking that was going on.

Even if it was just a busy phone hacking journalist nodding the wink to another “more respectable” journalist in need of a story – perhaps “look into what celebrity X is up to”, they all benefited.

Our favourite hate figure Rebekah Brooks has commented that in a year’s time we will all know why it was necessary to shut the News of the World down – what other dirty little secrets have yet to see the light of day ? This isn’t something that is going to go away. She claims that it was “inconceivable” that she would know what was going on when Milly Dowler’s phone was hacked – which is completely unbelievable. An editor should know what is going on in her own newsroom – perhaps not who was being hacked, but that hacking was going on.

An editor who didn’t question the kind of information the phone hacking journalists were coming up with is either grossly incompetent, lying, or knew it was too good to be true and chose not to know so she could keep her hands “clean”.  Bear in mind that she admitted that News of the World was paying policeman for information in 2003!

You will often hear the pathetic excuse that journalists protect their sources even from their editor. Protecting sources is indeed important in serious investigative journalism, and an editor may well not want to know the name of a source, but will need to know the kind of source information comes from. If Rebekah (and other editors of the News of the World such as Andy Coulson)  didn’t query the kind of source behind certain stories, they could be accused of gross misconduct as editors.

And moving on, do we really imagine that it was only News of the World journalists subcontracting phone hacking out to dodgy private investigators ? At the very least some News of the World journalists went on to other papers and quite probably carried on the same old behaviour in other news rooms.

How many other newspapers are going to be closed down by the end of the investigation ?

Now onto the sorry story of the police corruption and the “investigations” that have taken place. The allegedly corrupt officers and the investigations that failed to find the blindingly obvious were both from the Metropolitan Police. One has to wonder if the earlier investigations into phone hacking were carried out by some of those corrupt officers. Maybe it was just incompetence.

However it has serious implications for the current police investigation into what went on – this is also being done by the Met. Which to many people will look a bit odd. Whilst I do not doubt that the current investigation will be carried out fully, it would be better by far if it were to be carried out by a force other than the Met. To avoid disturbing the current investigation, perhaps it could be as simple as bringing in a senior officer from outside the Met to head the investigation.

But most importantly of all, we have yet to give this scandal a good “gate” name in the traditional (at least ever since Watergate) fashion. I propose “hackgate” given the two appropriate meaning behind the word “hack”!

Milly Dowler’s Phone Messages Interfered With

 Media, Politics  No Responses »
Jul 042011
 

According to the latest bit of news leaked from the investigation into the News of the World’s phone hacking scandal, it is alleged that a private investigator hacked into Milly Dowler’s phone and even deleted messages to make space for more messages. Whilst listening to the phone messages of celebrities is one thing – not a good thing, but sort of understandable – this is well beyond the pale.

Didn’t anyone at the News of the World stop and think for a moment ? Apparently not, which goes to show that everyone at the News of the World at the time must share responsibility in this sordid example of what happens when you give the gutter press a free hand. It’s time to take serious action on this :-

  1. Drive the News of the World out of business. Easily done – everyone should refuse to buy a single copy of the newspaper. Even if you like the gutter press, buy something else. And sneer at everyone who does buy a copy. And well done to Ford who have pulled ads from News of the World – lets see more of that!
  2. Get the investigation into this into the hands of a police force who don’t care and don’t need the co-operation of the London-based press. One of the Scottish forces would work quite well. And tell them there’s no need to be gentle.
  3. Prosecute, prosecute, prosecute. Those responsible should be in jail. This isn’t a freedom of the press issue – this is blatant interference in a serious police investigation.

Can ARM Servers Work ?

 Computing  1 Response »
Jul 022011
 

One of the many obsessions in the IT industry going around at the moment is the possibility of low-energy ARM-based servers. ARM-based processors are currently very popular in the smartphone and slate markets because they eat much less energy than Intel-based processors. What is less commonly realised is that ARM-based processors have also long been used in general purpose desktop computers.

ARM processors were originally designed and built by a home computer company called Acorn as a replacement for the 6502 processor in their immensely successful BBC Micro. The replacement micros were collectively known as the Acorn Archimedes and were probably the most powerful home computer before the crash of the home computer market, and the eventual dominance of the IBM PC compatibles.

And of course a general purpose computer running a well-designed operating system is just a short step away from being a capable server.

So of course it is possible for someone to release a server based around the ARM processor and for it to be useful as a server. Whether it is successful enough to carve itself a respectable niche in the server market as a whole is pretty much down to the vagaries of the market.

Some of the criticisms I have seen around the possibilities for ARM servers :-

But ARM Cores Are Just So Slow

Actually they’re not. Sure they are slower than the big ticket Xeons from Intel, but they are quite possibly fast enough. Except for specialist jobs, modern servers are rarely starved of CPU; in fact that is one of the reasons why virtualisation is so popular – we can make use of all that wasted CPU resource. Modern servers are more typically constrained (especially when running many virtual servers) by I/O and memory.

And the smaller size of the ARM core allows for a much larger number of cores than x86-based servers. And for most modern server loads (with virtual machines), many cores is just as good as fewer but faster cores.

In the case of I/O, the ARM processor is just as capable as an Intel processor because it isn’t the processor that implements links to the outside world (that is a bit simplistic, but correct in this context). In the case of memory, ARM has an apparent problem in that it is currently a 32-bit architecture which means a single process can only address up to 4Gbytes of memory.

Now that does not mean an ARM server is limited to 4Gbytes of memory … the capacity of an ARM server in terms of memory is determined by the capabilities of the memory management unit. I am not aware of any ARM MMUs that have a greater than 32-bit addressing capability, but one could relatively easily be added to an ARM core.

Of course that is not quite as good as a 64-bit ARM core, but that is coming. And except for a certain number of server applications, 64-bit is over rated outside of the x86 world – Solaris on SPARC is still delivered with many binaries being 32-bit because changing to 64-bit does not give any significant advantages.

But It Is Incompatible With x86 Software

Yes. And ?

This is a clear indication that someone has not been around long enough to remember earlier server landscapes when servers were based on VAX, Alpha, SPARC, Power, Itanium, and more different processor architectures. The key point to remember is that servers are not desktops; they usually run very different software whether the server is running Windows, Linux, or some variety of Unix.

There are server applications where x86 binary compatibility is required. Usually applications provided by incompetent third party vendors. But most jobs that servers do are done by the included software, although in the case of Linux and Unix, the width of “included” software is somewhat wider than with Windows. Indeed for every third party application that requires an x86 processor, there are probably as a minimum half a dozen other server jobs that do not require x86 servers – DNS, DHCP, Directory services, file servers, printer servers, etc.

If you buy an ARM-based server, it will come with an operating system capable of running many server tasks which can be used to offload server tasks from more expensive x86 hardware (either in terms of the upfront cost, or in terms of the ongoing power costs). Or indeed, will be sufficient to provision thin clients to the point where they can use the cloud.

 

Pensions: Public Sector and Private Sector

 Politics  No Responses »
Jun 302011
 

Disclaimer: I am a public sector worker who can expect a public sector pension. This may reflect my views on the issue. It also reflects the views of others who write about this issue but do they declare their interest?

Today many of the public sector unions were on strike in protest at government proposals to “reform” public sector pensions. This caused quite a bit of disruption to people trying to use various public sector services – especially as many schools were closed. The government is of course condemning those who went on strike – how dare they inconvenience the public by going on strike when the discussions are not even complete.

Well the government “negotiators” have already put their foot in it by implying that many things are not subject to negotiation – if all you’re left with is to negotiate what the measures are to be called, then you’re not negotiating at all. Plus anyone watching the news would be mistaken for thinking that these pension reforms are all about making public sector pensions affordable.

What the government fails to point out is that measures taken in the past – including unilaterally (i.e. without negotiating) changing the index linking to a lower rate – have already made the public sector pensions affordable. According to the latest calculated figures, the cost of public sector pensions peaked in 2009-2010 at 1.9% of GDP which is expected to fall to 1.4% of GDP. This is according to this BBC article (I’ve been very lazy and have not hunted down the original report).

As one BBC commentator pointed out, these measures are aimed not at making public sector pensions affordable but at making public sector pensions fairer in comparison to private sector pensions. So the government is lying; no surprise there!

But it isn’t fair for a low-paid private sector worker to be paying taxes that contribute towards a more generous public sector salary for those lucky enough to hang on to their public sector job! To be more clear, the public sector scheme should should not be excessively generous in comparison to private sector schemes.

One thing to point out is that pension schemes usually work by the employee making a hefty contribution out of his or her monthly salary and their employer also making a contribution each month. That is no different in the public sector!

So what we have here is a government determined to bring down public sector pensions to the level in the private sector rather than tackle the admittedly harder problem of bringing up the level of private sector pensions. Or in other words we have a government working to keep the average worker poor so the rich can get richer.

Just what you would expect a Tory government to do.

PC Malware Handling

 Security, Working Notes  No Responses »
Jun 182011
 

This is a series of notes on dealing with PC malware (viruses, worms and the like) gathered because I’m looking into it and published as a way of reminding myself about this stuff. Bear in mind that I’m not an expert but neither am I a complete dunce – I’m normally a Unix or Linux person but I’ve been keeping half an eye on Windows infections for years.

Some links to tools are contained within. However you should be aware that tool recommendations change over time; you will need to check how outdated this document is before following any recommendations blindly.

At present this blog entry is a work in progress … lots of testing needs to be done before being confident this is right.

Cleanup Process

This is not :-

  1. How to approach this forensically – if you’re dealing with an investigation, it’s a whole other ball game and you probably need professional assistance to avoid corrupting evidence.
  2. A technical guide as to which tools to use.

1. For The Ultra Cautious Or When Handling Real Important Data

The process of removal can be destructive, and in the worst cases you can end up cleaning the malware and ending up with a brick. So make an image of the hard disk as it is. Two basic ways this can be done :-

  1. Removing the hard disk from the infected machine, attaching to an appropriate machine (USB->SATA, USB->IDE converters are handy here), and making an image of the disk.
  2. Booting off a “rescue” CD on the infected machine, and imaging the hard disk to a network share of some kind. This is the preferred option.

This will be slow. So be it. Cleaning an infected PC is not going to be a quick job whatever you do. The best you can hope for is that there are many periods where you can leave it churning away and get on with something else.

2. Boot A Rescue CD

There are those who tell you that there is no need to boot off a known uninfected disk to clean an infected machine; their anti-malware/virus product can clean an infected machine “live”. There are others who claim that the only way to be sure is to boot off that disk and clean the machine that way. Both are wrong.

If you are paranoid (and in the presence of malware paranoia is fully justifiable), you will do both.

3. Boot Infected Machine and Clean

As suggested previously after booting off a rescue disk and cleaning, boot the infected machine and clean again.

Tools

The following is a list of rescue CD’s that have been suggested :-

  • UBD4Win. Has to be “built” with the assistance of an XP installation; somewhat tedious but it isn’t the end of the world. However it does need preparing in advance – building a rescue CD with the assistance of an infected machine isn’t the most sensible idea!
  • Knoppix. Graphical, pretty, feature packed, but seems to be lacking in anti-malware tools (for instance the only AV tool included is Clam).
  • Trinity Rescue Disk. Menu interface. Virus definitions update over the net; choice of Clam, F-Prot, Bitdefender, Vexira, AVast (need to obtain license key). Various other utilities.
  • F-Secure Rescue CD.

Some of the above are Windows based; some are Linux based. The choice of which to use should be based on results not whether they tickle your prejudices (or mine!).

The following is a list of “live” tools to be installed that have been suggested :-

Asides

Nothing to do with the main subject. Merely some notes worth mentioning.

It seems that at least some malware can detect it is running within a virtual environment. In some cases it ceases to do anything, and in others may try to “break out”. This indicates that analysing malware within a virtual environment may not give sensible results, and in some cases may be dangerous! That is not to say that using a virtual environment is no longer of any use, but you may need to take special case such as running the virtual environment under Linux and/or ESX rather than Windows. And be careful about negative results.

 Older Entries  Newer Entries