Friday, November 15, 2013

Intrusion Is The Word

First it was "routine maintenance", then "compromise", and now the latest turn of phrase is "intrusion". Love, it would appear, means never having to say "hack". The adulation that sycophants have for their glorious leader knows no bounds.

Mr Moo has now disclosed how the picture of the old hag with the pomade hairdo and raised middle finger came about. For the record, "Jiak Liao Bee" by no means can be construed as a string of offensive words as claimed by the mainstream media. It's just an apt description for shameless free-loaders in the Hokkien dialect.

Moo came across the code-string which could be inserted into the ubiquitous search bar of most websites. An IT professional in his own right, he tested it on his personal websites to check for vulnerability issues. They passed with flying colours. Then he tried it on the Prime Minister's Office (PMO) and Istana websites. Major fail. You don't want to know how much they spent on computer hardware and software at those places. Suffice to say, they give cause to invoke the Hokkien phrase again.

This is where Moo admits his "itchy fingers" drew the attention of the boys in blue. He took a screen capture of the Istana webpage and posted it on his own Facebook account, accompanied by the funny descriptive "Istana also kena". "Kena" is another of those quaint local colloquialisms implying someone got stiffed. Not exactly an offensive expression, unless you happen to be one of those with extremely thin epidermis.

Moo declares, "We have to understand one thing. I did not exploit the vulnerability (of the sites), I tested the vulnerability." In the worst scenario, what he did can be explained away as a "spoof". Now try to impress that on the guy who's idea of humour is to tell black tie diners at a formal Washington function that pork chop soup is available on tap in China. Or open the windows for a free smoke. Let's just say that he will never hack it as a stand-up comedian after he retires from office.

30 comments:

  1. Excellent piece. They obviously cannot see the woods for the trees. They should put Moo in charge of IDA in stead of charging him. Saves costs and "face".

    ReplyDelete
    Replies
    1. http://www.ted.com/talks/misha_glenny_hire_the_hackers.html

      Delete
    2. Seems like the normal everyday average-Joe websites - like Mr. Tattler's - are more secure than pmo and istana sites.....

      Delete
    3. this would involve Thinking. it would also call for Thinking Out Of The Box.

      we won't mention that it requires humility, admitting one is wrong and yes, a sense of humour and adventure.

      Delete
  2. So will the authorities send him to jail for testing the vulnerability of the websites or iinstead give him an award for doing a service to the nation ?

    I suppose maybe it all depends whether he is the son of some VIP, no ?

    ReplyDelete
    Replies
    1. I prefer a hacker with a hatchet anytime over a politician with a hatchet.

      Delete
    2. Also requires one to have money. If you do, you're ok. Which is why Lawrence Lien is safe despite his efforts to highlight something which, by all accounts, doesn't exist in Singapore - poverty.

      The last group that tried to do something about this a couple of decades back, was arrested.

      Delete
  3. They are trying to escalate the severity of the charges on Moo by using the word "intrusion". Note that in cross-site scripting, the server is never intruded upon. It only works when the user key in a specific string of code in the URL and the result can only be seen by the user alone unless he share that specially constructed URL to someone else who is willing to click on it.

    ReplyDelete
  4. So let me get this right.

    You leave your back door open and got burglarized after boasting to the world and citizens you will/can control the internet. Then you turn around red faced because someone proved you don't have a clue what you are talking about, you called them 'hackers' and to be condemned.

    Was there a cyberfraud that took place? Was data being stolen for illegal use/purpose? Has criminality of any sort taken place other than a mild inconvenience? Did major infrastructure break down or disrupted like major traffic disorder or hospital structure etc The answers are No, No and No.

    ReplyDelete
    Replies
    1. Weren't they looking for penetration testers?

      Delete
  5. Strictly speaking, intrusion or burglarized are not the case here, it should be only trespassing.

    ReplyDelete
    Replies
    1. More like dropping by for a friendly visit on the good for nothing PM and Jiak liao bee president .
      Netizens belonging to the 40% can return the favour when the PAP buggers make house calls during elections....tell them it is intrusion..........

      Delete
    2. Maybe to them "jiak liao bee" is a serious crime by itself, just like saying nothing good about the Monarch in Thailand except here it is the unwritten law?

      Delete
  6. Can't even defend your public sites from those digital Banksy, how to expect them to defend SG from the real Anonymous group?

    I say may there be more righteous geeks who will keep showing the citizens how million-dollar-worthy our politicians and civil servants really are.

    ReplyDelete
  7. If this doesn't show up IDA's incompetence, I don't know what does:
    "Google's search widget and the two government websites had functioned properly, but what was missing was the input or data validation--a process which validates data entered into the search bar is "clean" and accurate based on validation rules or "check routines". These rules are typically set by the Web application developer, or in this case, the website owner.
    In this instance, the lack of input validation allowed hackers to use cross-site scripting (XSS) to compromise the two government websites, exploiting the erroneous way search functions were handled on the sites to inject content from external sources." - ZDNet

    Moo is definitely more competent than IDA.

    ReplyDelete
    Replies
    1. If IDA and PM wants to improve cyber security.
      They should hire Moo and sack the CEO.

      Delete
    2. Likewise, if sinkies want to stop the Foreign Intrusion on their island they should focus on sacking the PM.

      Delete
  8. Good question.
    What Moo has done wasn't a 'hack'
    He indeed has done a service to them that they need to beef up their websites
    Imagine a real hacker had done it instead of Moo

    ReplyDelete
  9. Kim Jong Un reportedly shot a former colleague of his wife for sharing a gossip that the little emperor's wife was 'fun-loving and shared her pleasures in groups' when she was single. Compare that to the lousy mess of Obamacare website and finally, both the Secretary of Health and the President did the right thing and admitted they screwed up big time rather than blame hackers.

    When the emperor loses face, someone has to pay - that's how medieval dictatorships work. We might think that they should just admit they were incompetent and learn from this, take corrective actions, and move on. For them, admission of incompetence is not admissible. So they will need to spin it as if someone has committed a treasonous, heinous crime against the state, and now the low-life criminal will be lynched and that will whitewash the shame. Its unreal how up there people have become, but that's how it has been for a long time. Sad.

    ReplyDelete
    Replies
    1. To admit incompetence, especially on a major scale, you need to be an adult. You need to be educated, in the real sense of the word. You need humility. You need to be big-minded, rather than petty. You need a realistic sense of your worth, of your strengths and weaknesses. You must be willing to learn.

      Do people in power here display such qualities?

      Hey, they still will not admit that all the infrastructure and social problems the country now faces is due to lack of planning and foresight, not to mention some basic understanding of human nature.

      Delete
  10. Citizens as cash milking cows. Moo.

    ReplyDelete
    Replies
    1. We'll have more luck with citizens as opposition voters.

      Delete
    2. Unfortunately for mr and mrs citizen mr Gerry and mr Mander are scheming little buggers.

      Delete
    3. Yup, that is the real secret to papigs' success: Tax and milk and tax and milk. Just like Magnolia song ... "I'm a cow, I'am a cow, here me moooooo..." When you have unfettered power to tax, even lousy standup comedians aka ah loongsan can become PM :)

      Delete
    4. It's not luck that you need, just a level playing field.

      Delete
  11. I seriously doubt they can nab the "real" hackers. It's all much ado about nothing. After Ah Loong's "bold" declaration, they have to show results, by hook or by crook, otherwise his words will sound as empty as him. Like the Bard said:
    "Ho, now you strike like the blind man – ‘twas the boy that stole your meat, and you’ll beat the post."

    ReplyDelete
  12. Intrusion is good exercise.
    Extremely vital to national
    defence.
    Must thank the intruders
    for providing our defence
    experts the real opportunities
    to practice their skills.

    ReplyDelete
    Replies
    1. Penetration is good exercise for procreation.

      Delete
    2. So bend over and let the intrusion begin - loh.

      Delete