ITS Broadcast App for Android and Privacy Implications

There is a lot of buzz about the new ITS Broadcast Android app, which upon debut has received hundreds of 5-star reviews. I don’t have an Android phone so I won’t comment on the app features or lack thereof, but from my understanding this is a tool that ITS wants to use to broadcast messages to its’ users.

ITS Broadcast is a messaging tool for ITS dept (E-Jamaat).
After installation you will have to provide ITS (E-Jamaat) ID and password to register.
This app can be configured only for Single ITS (E-Jamaat) ID.
Once registered future communication will be made by using this App.

Given that ITS already has a unique identifier for all users and a listed contact email, reviewing the app permissions with the above stated purpose in mind seems to raise some concerns. Importantly, the application asks for permission to Find Accounts on the Device:

Allows the app to get the list of accounts known by the tablet. This may include any accounts created by applications you have installed. Allows the app to get the list of accounts known by the phone. This may include any accounts created by applications you have installed.

Why does the ITS application need to know what other accounts its’ users have on their phones? Is it necessary for ITS to be able to know what Google, Facebook, Twitter, Tumblr, Instagram, Flickr, and other accounts are active on your phone? How will ITS use this data?

Those are some questions to ponder before you go ahead and click the Install button…

India TV Airs News with Fake Photos

No doubt many of my readers will be aware of the horrendous debacle at India TV which resulted in them broadcasting a report with a fake photo of Syedna Mohammed Burhanuddin (TUS) “performing” the nikah of the Taleban terrorist, Baitullah Mehsud in Afghanistan.

Of course, Syedna Mohammed Burhanuddin (TUS) never performed this nikah and during the time of the said nikah, Syedna Mohammed Burhanuddin (TUS) was in Mumbai, not Afghanistan.

The TV channel has published an apology and also aired an apology for the indicident which can be seen here:

Source: Youtube

The source image and the doctored image can also be seen below:

India TV Source Image
India TV Source Image
India TV Fake Image
India TV Fake Image

Without making any attempt to justify what is obviously abhorrent or non-existent editorial control, I do have a suspicion regarding how this came to pass. Rather than a deliberate attempt to slander Dawoodi Bohras, it is more likely the case that the “reporter” (and I use this word in the loosest term possible) did a Google Search on “nikah”, and found these results:

Google Search Results for nikah
Google Search Results for "nikah"

The first usable photo became the “source” for the doctored “news report”. While this in no means justifies what happened and it should never have happened to begin with, it does mean that objectively, there was likely no intended malice towards Dawoodi Bohras.

Does it excuse the event? Absolutely not. Does it mean that it’s acceptable for news stations to doctor images to fake news events? No way. Everything that happened here should never have happened. But I think it does provide an insight into how it came about.

Also of interest to some readers may be the search engine referral statistics for Planet Bohra on 8 April, 2009. I’ve made these available as a PDF.

Pacnet’s poor support

Today between 11am-12pm Hong Kong time, Pacnet‘s routing tables got completely screwed up. How, I don’t know, but I was getting traceroute results like this:

C:\Documents and Settings\Ali>tracert news.bbc.co.uk

Tracing route to newswww.bbc.net.uk [212.58.226.75]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.1.1 2 20 ms 17 ms 19 ms crsall.pacific.net.hk [202.64.10.27] 3 198 ms 242 ms 224 ms v152.tmhc1.pacific.net.hk [202.64.4.1] 4 * * * Request timed out.C:\Documents and Settings\Ali>tracert www.ebrahim.org

Tracing route to ebrahim.org [216.92.73.127]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.1.1 2 23 ms 20 ms 18 ms crsall.pacific.net.hk [202.64.10.27] 3 19 ms 17 ms 19 ms v152.tmhc1.pacific.net.hk [202.64.4.1] 4 * * * Request timed out.C:\Documents and Settings\Ali>tracert blog.ebrahim.org

Tracing route to blog.ebrahim.org [66.39.91.220]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.1.1 2 19 ms 18 ms 18 ms crsall.pacific.net.hk [202.64.10.27] 3 20 ms 20 ms 20 ms g2-1.tmhr7601.pacific.net.hk [202.64.4.150] 4 20 ms 19 ms 20 ms Gi1-7.gw1.hkg4.asianetcom.net [203.192.153.225] 5 18 ms 19 ms 23 ms gi1-0-0.cr3.hkg3.asianetcom.net [202.147.16.201] 6 78 ms 81 ms 79 ms po13-0-1.cr1.nrt1.asianetcom.net [202.147.0.61] 7 189 ms 192 ms 198 ms po1-0.gw1.sjc1.asianetcom.net [202.147.50.133] 8 206 ms 204 ms 204 ms gige-g5-10.core1.sjc2.he.net [72.52.99.5] 9 247 ms 247 ms 246 ms 10gigabitethernet1-1.core1.chi1.he.net [72.52.92.74] 10 249 ms 250 ms 251 ms a1-0-3.br1.snjsca.us.lightning.net [216.66.3.42] 11 * * * Request timed out. 12 254 ms 254 ms 253 ms blog.ebrahim.org [66.39.91.220]Trace complete.What's the real kicker? That blog.ebrahim.org and www.ebrahim.org are hosted on the same machine, but that I can get to one and not the other. Judging by the vague similarity between the IP addresses of www.ebrahim.org and news.bbc.co.uk (both are 21x.x.x.x, which is very vague indeed), I figure that Pacnet has their routing tables all messed up.

At around 11:30 or 11:45am I call up their support to report the problem, and am asked to send them a traceroute report. That makes sense, and I do that. I ask when I can expect a resolution and the drone on the other end tells me that since today is a Sunday, nobody at their NOC is at work, and I can expect a resolution on Monday or Tuesday, up to a full 2 days later.

That’s really appalling support, Pacnet. If you have routing issues that are blocking off entire swaths of the internet, you need to fix this yesterday, not two days later. What kind of NOC goes on holiday on a Sunday? Does the internet take a rest day too?

In case anybody at Pacnet is keeping score, my ticket number is TEC3511 and it’s now 7:15pm and it looks like nothing has been done.

SMS.ac are Knavish Spammers

I recently found out (somewhat belatedly, I know) that the SMS.ac service (for which many of you will have already received “invitations”, and a few of you may have already signed up for) is a scam. I advise those who have already signed up to keep a close watch on their mobile phone bill and their email account (especially if it is a Hotmail email account). I will explain how the scam works below:

During sign up, the user is presented a notice that mentions that they should “Use your Hotmail email for best results!”. If the user enters a Hotmail address at this stage, later they will be explicitly asked for their Hotmail login information. If provided, using this login information, by default, the SMS.ac site will log into your Hotmail account, download your entire addressbook, and begin spamming each of the people listed in your addressbook multiple times, asking them to sign up for this “service”.

A potentially worse effect is that if you provide them with your mobile phone number, they may begin to send you SMS messages which you, as the recipient, will be charged for. This may happen even though you have not provided them credit card information, because during the sign up process you will have (likely unwittingly) agreed to have these messages sent to you and be charged for them by your mobile phone provider.

If you have already signed up for SMS.ac and have provided them with your email password, your first step should be to immediately change that compromised password so that SMS.ac will not continue to have access to your email account.

Second, if you have signed up for their SMS “services”, I recommend that you cancel your account with SMS.ac immediately and scrutinise your mobile phone bill at the end of the month for any unexpected charges.

If you have not yet signed up for SMS.ac, then you can prevent being affected by deleting all emails from SMS.ac without clicking on any links offered in their emails. If your email provider offers a ‘Mark as Junk/Spam’ option, you may wish to use that instead of doing a regular delete.

There is a wealth of information about SMS.ac online (most of which is rather negative), which you will be able to find using most search engines.

As a general reminder, divulging passwords to any third party website is never a good idea. It is good practice to have unique passwords for services for which security is essential, such as online banking and email. Good passwords are never less than 8 characters long, and there are tools online that will help you to create strong passwords.

UPDATE: SMS.ac is not just reading addressbooks from Hotmail accounts, but also from Gmail and Yahoo! accounts as well! Please don’t encourage this kind of repugnant behaviour by signing up for their “service”.

AIM 5.9.3690 sucks

Don’t be duped like I was into installing it. It’s gone through about as much QA testing as Netscape 6.0, if even that. Some of the gems:

a) The “Don’t show AIM.com window on startup” preference doesn’t work.
b) Incoming message sounds don’t work for me 90% of the time.
c) When I do complex things like say, quit the program, it decides to crash instead.

Nice work guys! I just made the trip over to OldVersion.com to grab the latest AIM 5.5 release.

do people really fall for this?

I was somewhat bored today, so I decided to click on one of the links in my Junk mailbox. It popped up an ad for Levitra, which is apparently an alternative to Viagra. While reading through the ad, I came across this choice statement:

The active ingredient in Levitra is much more potent than Viagra, so a patient has to take less of it, meaning it has fewer side effects.

Am I the only one who sees the flawed logic here? Clearly, if something is more potent, then taking a smaller amount of the drug should cause a similar effect to taking more of another drug which is less potent, should it not?

So I repeat: Do people really fall for this?

the ‘wilder side’ of the internet

Was just reading Slashdot, and got pointed to a NYT article that examines the usefulness of IRC today. When I say ‘examine’, I use the word in just about the loosest sense possible. Basically, its a piece that derides IRC as being the backwater of the net where all the warez and script kiddies hang out, and where not a whole lot of legitimate stuff happens. They say that it’s hard to find a decent technical conversation on IRC. Funny, I seem to have them daily. I guess they just spend too much time hanging out of EFNet. It’s not often that the NYT really does trashy reporting, but this has to qualify as one of those times.

period formatting rant

There is only supposed to be one space after a period. Maybe back in the days of typewriters two was okay, but today, with computers typesetting things so beautifully, one is enough, thank you. Even worse is when people send you blurbs to upload to websites you manage, and there are two spaces after each period. While it’s not really technically hard to fix, it’s something that I don’t want to have to deal with on principle.

I repeat, only one space should follow a period.