More Linux servers defaced in 2007 than all Windows versions
By Mauricio Freitas, in
Technology, posted: 16-Mar-2008 09:05
According to Zone-H.org statistics, more Linux servers were defaced in 2007 than Windows machines - all versions of Windows.
And this comes from Slashdot, believe it or not.
And this comes from Slashdot, believe it or not.
"Zone-H have recently posted the statistical breakdown of the collected website defacements from the last few years. Surprisingly, in 2007 more Linux servers suffered a successful attack than all versions of Windows, combined. Similarly, more Apache installations were successfully attacked than all IIS versions combined.
Permalink to More Linux servers defaced in 2007 than all Windows versions
| Add a comment
(6 comments)
| Main Index
Unbundling has begun: Orcon and Vodafone
By Mauricio Freitas, in
Technology, posted: 14-Mar-2008 12:23
And so it has... New Zealand ISP Orcon has announced its "unbundled" service called Orcon+, which means their equipment is installed on Telecom New Zealand's premises and their service is provided over the existing copper network that already touches your home (unless you are like me and have a cable modem service coupled with a Voice over IP phone line which means no POTS line here).
This also means that you no longer need a Telecom landline contract just to support your Internet connection via DSL.
Two of the Orcon@home+ plans tie ADSL2+ connection with up to 24 Mbps downloads (the catch is that you must be at most 3 Km from the local exchange) with some advanced telephony services, of course provided over their IP network.
You can have additional unlimited calls to up to 15 international destinations, for an additional NZ$10 per country.
With all those new speeds you would think that the company would offer a better starter allowance - the top plan comes with 25GB of traffic included - but additional data allowance can be purchased
Of course there's a (long) discussion on Geekzone about this new Orcon LLU service. Duncan Blair, Orcon Product Group Manager, managed to answer lots of questions our users posted so it is worth reading the thread.
A couple of things that occur to me though: their press release says additional data is $1 / GB. But you can sign up fort $40/ 50GB which is cheaper. But does it means I have to sign up for this cheaper data before I use it, and if not then it will not available after?
The next comment is regarding number portability. Apparently you can keep your current Telecom phone number when moving to this service if you are staying in the same address. But you cannot keep the number if moving - so very different from number portability and probably dependent on which exchanges their equipment was deployed.
The service is currently available in some areas around Auckland (Ponsonby, Mt Albert, Browns Bay, Ellerslie, and Glenfield), with others coming later during the year. Only Auckland listed though...
Not to be outdone, Vodafone New Zealand also issued a press release yesterday telling everyone they too are installing equipments on Telecom's exchanges. Currently they are targeting fifteen exchanges, with five already completed. Vodafone will be providing services that include VoIP, ADSL2+ and VDSL. They even promise up to 50 Mbps download speeds - if you are within 1 km from the exchange.
Vodafone says by the end of the year they will completed installation in all 42 exchanges around Auckland, plus other 20 exchanges in other centres around the country. They say this will be the biggest unbundled network around here.
In the meantime I hear Telecom New Zealand is working on its own VoIP service - but no public information for launch date is available yet - and the same from TelstraClear, although I also hear TelstraClear's plan is to offer VoIP services to business customers only.
UPDATE: Duncan has answered my questions about number portability and data caps.
This also means that you no longer need a Telecom landline contract just to support your Internet connection via DSL.
Two of the Orcon@home+ plans tie ADSL2+ connection with up to 24 Mbps downloads (the catch is that you must be at most 3 Km from the local exchange) with some advanced telephony services, of course provided over their IP network.
You can have additional unlimited calls to up to 15 international destinations, for an additional NZ$10 per country.
With all those new speeds you would think that the company would offer a better starter allowance - the top plan comes with 25GB of traffic included - but additional data allowance can be purchased
Of course there's a (long) discussion on Geekzone about this new Orcon LLU service. Duncan Blair, Orcon Product Group Manager, managed to answer lots of questions our users posted so it is worth reading the thread.
A couple of things that occur to me though: their press release says additional data is $1 / GB. But you can sign up fort $40/ 50GB which is cheaper. But does it means I have to sign up for this cheaper data before I use it, and if not then it will not available after?
The next comment is regarding number portability. Apparently you can keep your current Telecom phone number when moving to this service if you are staying in the same address. But you cannot keep the number if moving - so very different from number portability and probably dependent on which exchanges their equipment was deployed.
The service is currently available in some areas around Auckland (Ponsonby, Mt Albert, Browns Bay, Ellerslie, and Glenfield), with others coming later during the year. Only Auckland listed though...
Not to be outdone, Vodafone New Zealand also issued a press release yesterday telling everyone they too are installing equipments on Telecom's exchanges. Currently they are targeting fifteen exchanges, with five already completed. Vodafone will be providing services that include VoIP, ADSL2+ and VDSL. They even promise up to 50 Mbps download speeds - if you are within 1 km from the exchange.
Vodafone says by the end of the year they will completed installation in all 42 exchanges around Auckland, plus other 20 exchanges in other centres around the country. They say this will be the biggest unbundled network around here.
In the meantime I hear Telecom New Zealand is working on its own VoIP service - but no public information for launch date is available yet - and the same from TelstraClear, although I also hear TelstraClear's plan is to offer VoIP services to business customers only.
UPDATE: Duncan has answered my questions about number portability and data caps.
Xtra users be prepared for more e-mail troubles
By Mauricio Freitas, in
Technology, posted: 12-Mar-2008 09:31
If you are a Telecom New Zealand's Xtra customer and suffered through the Yahoo!Xtra Bubble migration, it might be good to brace yourself - again.
The word in our Geekzone forums is that Xtra is changing how it handles e-mail, again. And this page confirms those changes from 18 March.
Hoiw does this change affect you? If you are using Xtra for your e-mails and always send e-mails from an address that ends on @xtra.co.nz then nothing changes.
If you are using Xtra to send e-mails with address that end in something different thn @xtra.co.nz then keep reading.
Whenever someone sends an e-mail, a SMTP server is used to relay the message to other servers for distribution.
In most cases, ISPs allow access to their SMTP servers to users on their own network, or to authenticated users if coming for other networks.
But SMTP servers do not require the "FROM" field in the message to be exactly the user's e-mail address.
This means that once a user successfully authenticate with the SMTP server it is possible to send e-mails as someone else. And this can be a problem. People can just authenticate to a SMTP server and impersonate someone else. Or use it for spam purposes.
To eliminate ths problem Xtra has decided (or was it Yahoo! who decided this?) that a "validation" is required to confirm that the e-mail address you are using to send a message is actually yours.
It's simple to do it, just follow these instructions.
Even though it's simple to do it, I can imagine a lot of people will be caught on this. I just hope their help desk this time is preared to provide people with the correct answers.
The word in our Geekzone forums is that Xtra is changing how it handles e-mail, again. And this page confirms those changes from 18 March.
Hoiw does this change affect you? If you are using Xtra for your e-mails and always send e-mails from an address that ends on @xtra.co.nz then nothing changes.
If you are using Xtra to send e-mails with address that end in something different thn @xtra.co.nz then keep reading.
Whenever someone sends an e-mail, a SMTP server is used to relay the message to other servers for distribution.
In most cases, ISPs allow access to their SMTP servers to users on their own network, or to authenticated users if coming for other networks.
But SMTP servers do not require the "FROM" field in the message to be exactly the user's e-mail address.
This means that once a user successfully authenticate with the SMTP server it is possible to send e-mails as someone else. And this can be a problem. People can just authenticate to a SMTP server and impersonate someone else. Or use it for spam purposes.
To eliminate ths problem Xtra has decided (or was it Yahoo! who decided this?) that a "validation" is required to confirm that the e-mail address you are using to send a message is actually yours.
It's simple to do it, just follow these instructions.
Even though it's simple to do it, I can imagine a lot of people will be caught on this. I just hope their help desk this time is preared to provide people with the correct answers.
Permalink to Xtra users be prepared for more e-mail troubles
| Add a comment
(8 comments)
| Main Index
Who needs security - or is mobitv burying their heads in the sand?
By Mauricio Freitas, in
Technology, posted: 8-Mar-2008 09:45
It looks like mobitv didn't see this one coming - or did they just bury their heads in the sand?
The service streams live TV to mobile devices (no need to visit the site if you are not in the United States, Canada, Brazil, Mexico, Ecuador, Nicaragua, Peru or Dominican Replublic) and being the provider of such a service you would think they have a secure platform for content delivery.
Or not... Someone posted on HowardForums detailed instructions on to access the service and a direct link to a single file that allows acess to the entire service. The file in question (qtv.mobitv.com/sprintTVlive.mcd) seems now to have been removed, but until this whole thing started it was available to anyone to access it - no authentication, no encryption, nothing.
Basically the trick was to download the file, and using your browser open the local version to then have access to many of the live TV streams offered by Sprint to their customers.
The folks at mobitv didn't like that someone posted detailed instructions on HowardForums about this and sent out a notice. They actually contacted the hosting provider to have the HowardForums taken down.
What's wrong here? First, I agree detailed instructions on how to go around getting free services is a bit too much.
But on the other hand mobitv created a content delivery platfotm that would not guarantee access to members only, apparently lacking authentication, encryption and possibly more.
C'mon guys, sharpen up. If you create a service, make it right. Don't plan on putting the locks after the doors are wide open. You should have done this before. You have your system fixed, Be sure to create better system next time.
As for HowardForums, leave the forum alone. For what I read it's wasn't even posted there first, because the poster says this was found in another Sprint forum somewhere else on the Internet.
The service streams live TV to mobile devices (no need to visit the site if you are not in the United States, Canada, Brazil, Mexico, Ecuador, Nicaragua, Peru or Dominican Replublic) and being the provider of such a service you would think they have a secure platform for content delivery.
Or not... Someone posted on HowardForums detailed instructions on to access the service and a direct link to a single file that allows acess to the entire service. The file in question (qtv.mobitv.com/sprintTVlive.mcd) seems now to have been removed, but until this whole thing started it was available to anyone to access it - no authentication, no encryption, nothing.
Basically the trick was to download the file, and using your browser open the local version to then have access to many of the live TV streams offered by Sprint to their customers.
The folks at mobitv didn't like that someone posted detailed instructions on HowardForums about this and sent out a notice. They actually contacted the hosting provider to have the HowardForums taken down.
What's wrong here? First, I agree detailed instructions on how to go around getting free services is a bit too much.
But on the other hand mobitv created a content delivery platfotm that would not guarantee access to members only, apparently lacking authentication, encryption and possibly more.
C'mon guys, sharpen up. If you create a service, make it right. Don't plan on putting the locks after the doors are wide open. You should have done this before. You have your system fixed, Be sure to create better system next time.
As for HowardForums, leave the forum alone. For what I read it's wasn't even posted there first, because the poster says this was found in another Sprint forum somewhere else on the Internet.
Permalink to Who needs security - or is mobitv burying their heads in the sand?
| Add a comment
(2 comments)
| Main Index
Should telcos store your SMS for a (possible) investigation?
By Mauricio Freitas, in
Technology, posted: 8-Mar-2008 09:34
The New Zealand government is proposing a change in laws that would see telcos being required to store SMS that go through their networks, to facilitate police investigations if needed.
This is wrong, very wrong, and David Farrar says it why:
The New Zealand government should not propose this, and this should not be allowed.
This is wrong, very wrong, and David Farrar says it why:
It is one thing to have a law which requires telcos to record the content of text messages *after they receive a search warrant targetted at a particular individual. But this is about having the telcos store every single text message we send or receive, so it can then be accessed.
The precedent this would set is that ISPs should also keep a copy of every e-mail message you ever send or receive, in case the Police should ever want it. And then how about also requiring them to keep track of every website you have ever visited.
Telcos and ISPs should co-operate with the Police *after* a warrant has been served requiring interception or recording of data which a Judge/JP has authorised as necessary for a criminal investigation. But that is very different to having them forced to store personal communications on every NZer, so that law enforcement authorities can access them at some later date if they wish. Why not also have the teclso [sic] record every voice call, just in case they are also needed?
The New Zealand government should not propose this, and this should not be allowed.
Permalink to Should telcos store your SMS for a (possible) investigation?
| Add a comment
(3 comments)
| Main Index
The 2008 Democratic National Convention gets a little help from New Zealand company
By Mauricio Freitas, in
Technology, posted: 6-Mar-2008 22:40
I have been holding this for a while, since I was told about it by SilverStripe's Sigurd Magnusson during the Kiwi Foo Camp - I was keen to write about it back then but he asked me to hold a bit.
Now it's official and I can tell: the Open Source content management system (CMS) SilverStripe, developed here in Wellington, was selected by the U.S. Democratic Party as the platform for its pre-election conference, the Democratic National Convention 2008.
Well done guys, congratulations on this win.
Now it's official and I can tell: the Open Source content management system (CMS) SilverStripe, developed here in Wellington, was selected by the U.S. Democratic Party as the platform for its pre-election conference, the Democratic National Convention 2008.
Permalink to The 2008 Democratic National Convention gets a little help from New Zealand company
| Add a comment
(3 comments)
| Main Index
Broadband connections take over dialup in New Zealand. ISPs should wake up about now
By Mauricio Freitas, in
Technology, posted: 6-Mar-2008 15:25
Today Statistics New Zealand released some interesting information, showing that for the first time broadband connections passed dialup in numbers in this country.
Good news. I understand those ISPs who complained of the cost of international bandwitdth as a barrier are right in some points.
But they also have to understand that broadband is not going back, and connections are only likely to go up in numbers. So there's not much they can do about it, except better capacity planning (currently lacking in almost every New Zealand ISP it seems) and apply more realistic prices to their plans.
In the last two years we've seen many examples of ISPs (Xtra, Woosh, Slingshot) who offered "unlimited" broadband plans, only to later realise people do take "unlimited" seriously. Some of these ISPs closed the plans to new customers, applied rate shapping technologies to limit the utilisation ("unlimited"?) or simply denied anything was happening, while constraining resources until users had to cancel their accounts.
It is time for ISPs to stop doing this and be realistic about the services people expect from them.
The number of broadband subscribers in the six months to September 2007 overtook the number of dial-up subscribers for the first time ever, Statistics New Zealand said today.
Broadband subscribers continued to increase – up 14.4 percent in the six months to September 2007, to reach 829,300. However, this growth rate has slowed from an increase of 28.6 percent in September 2006 and 18.5 percent in March 2007. Subscribers with dial-up connection fell 8.6 percent from March 2007, down to 675,800.
The number of broadband subscribers grew from 9 per 100 inhabitants to 19.6 per 100 inhabitants in the two years ended September 2007, while the number of dial-up subscribers per 100 inhabitants fell from 21.2 to 15.9. Of the additional 10.6 broadband subscribers per 100 inhabitants, half switched from dial-up and the remaining half were new subscribers.
There was a 47 percent increase in the number of Internet service providers reporting that the cost of international bandwidth had been a barrier to growth in the past two years.
Good news. I understand those ISPs who complained of the cost of international bandwitdth as a barrier are right in some points.
But they also have to understand that broadband is not going back, and connections are only likely to go up in numbers. So there's not much they can do about it, except better capacity planning (currently lacking in almost every New Zealand ISP it seems) and apply more realistic prices to their plans.
In the last two years we've seen many examples of ISPs (Xtra, Woosh, Slingshot) who offered "unlimited" broadband plans, only to later realise people do take "unlimited" seriously. Some of these ISPs closed the plans to new customers, applied rate shapping technologies to limit the utilisation ("unlimited"?) or simply denied anything was happening, while constraining resources until users had to cancel their accounts.
It is time for ISPs to stop doing this and be realistic about the services people expect from them.
Permalink to Broadband connections take over dialup in New Zealand. ISPs should wake up about now
| Add a comment
(6 comments)
| Main Index
Samsung worldwide warranty is not...
By Mauricio Freitas, in
Technology, posted: 4-Mar-2008 14:25
A friend of mine spent some hard earned cash buying a Samsung Q1 UMPC. He bought it in th U.S., with a standard worldwide warranty.
The only problem is that Samsung doesn't seem to understand "worldwide" more than some ISPs understand "unlimited".
The device has developed a (now) well known problem which causes the touchcreen to stop working around the edges. This is a manufacturing fault that requires replacing the LCD/touchscreen or the device.
So he contacted the support at Samsung New Zealand, who flatly rejected the request saying Samsung New Zealand can't service the worldwide warranty, suggesting he should send the unit to the U.S.
He visited the Samsung U.S. webiste, which apparently allows you to lodge worldwide warranty claims - except that its "worldwide" is only the 50 U.S. states.
He then contacted an Australian reseller, who can only service the units they sell themselves.
How is that for a "bait and switch", Samsung?
The only problem is that Samsung doesn't seem to understand "worldwide" more than some ISPs understand "unlimited".
The device has developed a (now) well known problem which causes the touchcreen to stop working around the edges. This is a manufacturing fault that requires replacing the LCD/touchscreen or the device.
So he contacted the support at Samsung New Zealand, who flatly rejected the request saying Samsung New Zealand can't service the worldwide warranty, suggesting he should send the unit to the U.S.
He visited the Samsung U.S. webiste, which apparently allows you to lodge worldwide warranty claims - except that its "worldwide" is only the 50 U.S. states.
He then contacted an Australian reseller, who can only service the units they sell themselves.
How is that for a "bait and switch", Samsung?
Another government mandated system update: IRD numbers
By Mauricio Freitas, in
Technology, posted: 3-Mar-2008 12:02
If you live in New Zealand or your company works in New Zealand then you problaby have an IRD Number. This is the unique identifier for all things related to tax in this country.
Today I got some information from the IRD telling me about a change coming in May 2008: the department is going to start issuing nine-digit IRD numbers.
This means you need to make sure your systems can actually handle these new numbers. And May is just a couple of months away. This is the information:
Today I got some information from the IRD telling me about a change coming in May 2008: the department is going to start issuing nine-digit IRD numbers.
This means you need to make sure your systems can actually handle these new numbers. And May is just a couple of months away. This is the information:
Inland Revenue customers applying for a new IRD number this year may find that it has an extra digit.
The first nine-digit IRD number is expected to be issued in May. All current eight-digit numbers remain unchanged.
Colin MacDonald, Deputy Commissioner Business Development and Systems, said the extended number range is needed to cater for growth.
"Inland Revenue issues around 250,000 IRD numbers a year. No IRD number is ever re-used, and we need to extend the number range to keep up with population and business expansion,'' he said.
The first eight-digit IRD number in New Zealand was issued in 1975, and there are currently 12 million numbers in circulation.
All Inland Revenue forms have been updated to show nine boxes for the IRD and GST numbers. If a customer with an eight-digit number needs to fill in a form with nine boxes, the first box should be left blank.
Inland Revenue has worked with software developers, payroll providers, and financial institutions to ensure their products can accommodate both eight and nine-digit numbers.
Small business owners in the process of choosing payroll software should check that it is nine-digit compliant before purchase. Many international 'off-the-shelf' payroll software products are already set up to accommodate longer numbers.
There is no change to GST invoicing requirements. Customers will still be required to display their GST number on the invoice, whether it is eight or nine-digits.
Permalink to Another government mandated system update: IRD numbers
| Add a comment
(7 comments)
| Main Index
Computerworld Excellence Awards 2008 open
By Mauricio Freitas, in
Technology, posted: 27-Feb-2008 16:14
Are you involved in the New Zealand IT landscape? I just got a notification that the Computerworld Excellence Awards 2008 is now open for entries.
According to the e-mail, the Computerworld Excellence Awards is "calling for entries from ICT professionals who can demonstrate an outstanding application of technology".
The Computerworld Excellence Awards website lists these categories:
This year Computerworld has introduced some new awards, including for the ICT Educator of the Year, Excellence in Infrastructure Innovation and Best Sustainable ICT Project. I would like to see something for technology startups as well - although some could claim "Innovative Use of ICT" could fit the category.
Three of these are individual awards (ICT Educator of the Year, Young ICT Talent and CIO of the Year) and the others are team awards.
Final submissions due by Friday 11 April.
According to the e-mail, the Computerworld Excellence Awards is "calling for entries from ICT professionals who can demonstrate an outstanding application of technology".
The Computerworld Excellence Awards website lists these categories:
CIO of the Year ICT Educator of the Year Young ICT Talent Excellence in the Use of ICT for Customer Service Excellence in the Use of ICT in Government Excellence in the Use of ICT in Health Excellence in Infrastructure Innovation Excellence in the Use of ICT in an SME Best Mobile, Wireless or Telecommunication Solution Best Sustainable ICT Project Innovative Use of ICT Most Successful Project Implementation Overall Excellence in the Use of ICT
This year Computerworld has introduced some new awards, including for the ICT Educator of the Year, Excellence in Infrastructure Innovation and Best Sustainable ICT Project. I would like to see something for technology startups as well - although some could claim "Innovative Use of ICT" could fit the category.
Three of these are individual awards (ICT Educator of the Year, Young ICT Talent and CIO of the Year) and the others are team awards.
Final submissions due by Friday 11 April.
