URL and Malware

Got this off Chester’s when looking through my RSS feeds.

There was a fracas recently about ping.sg having a virus and ping’s owner insistent statement that “You cannot get a virus from a URL.”

So much for that. He means that he cannot get a virus from a URL. The rest of us mere mortals don’t bother patching every single vulnerability update.

I am not sure how the malware installed on Chester’s system and I can only guess this happened because he was using IE.

It is however true – based on my understanding, and that of a few colleagues in the office – that there is no way one can get a virus from a Universal Resource Locator (URL for short). An URL is nothing more than an address, and if there’s a bunch of crooks at a particular address, it won’t harm you when you just look at the address or read it out loud. However, if you send an invitation to that address and invite them over for a party, then there might be some trouble.

So, this is what happens when you put that URL into your browser (or click on a link): The computer will now access the server containing the resources specified by the URL and download whatever necessary onto your computer. This is done so that the computing power of your system can be utilised to execute the code on your end, and the server will be free to perform other tasks. (In a way, the cyber-equivalent inviting people to come over for a party and they are given permission to do certain things.)

After the contents are downloaded onto your computer, certain codes will be executed, so it will display the way it is intended on your system. In the perfect world, these codes execute in a sandbox environment where they are unable to access the rest of your computer. Sort of like the White House throwing a party and yet the invited guest would not be given access to the Oval Office.

Unfortunately, where Internet Explorer is concerned, thanks to a little nicety called ActiveX, not only do some these code sometimes execute without your intervention, regardless if your patches are up to date or not, they are allowed to access other parts of your computer. This usually happens when the security settings in Internet Explorer are set too low but there are so much holes in ActiveX that collectively you can fly even fly the Death Star through it. But in simple layman terms, that means the guests are allowed to venture out of a controlled area to places they should never be allowed to go to.

So, as long as ActiveX remains an integral component of Internet Explorer, ‘self install’ malware will remain an un-escapable evil when surfing, and no matter how up to date your patching is, it will not stop that evil. And once it gets in behind the defenses, then it’s a different ball game entirely. But still, an URL on it’s own will never infect your system with a virus.

However, my understanding of this could be a little outdated and things might have changed recently. So I have switched to Opera or Firefox which at least are more secured. And when even MSN Live Mail only launch the ‘Classic’ Version in Opera, I do feel little safer.

Movies I watched recently…

These are some of the movies I have watch over the past 1 month or so…

Fool’s Gold (Watched: Sunday 2-March 2008)
My first comment when the show ended was: “It begins with the sinking of a boat, and ends with the sinking of an aeroplane.”

Starring Matthew McConaughey as Ben Finnegan and Kate Hudson as his estranged wife Tess Finnegan, the story revolves around finding the legendary 18th century Queens Dowry – 40 chests of exotic treasure that was lost at sea by the Spanish Armada in 1715, after Ben discovered a vital clue to the treasures whereabouts.

It was not as exciting as Nicholas Cage’s National Treasure, but while most of National Treasure’s hunt for treasure is on land, a lot of this movie is filmed at sea. In fact, it made up for the minor deficiency in excitement with fun and laughter with the other characters: Billionaire Nigel Honeycutt (Donald Sutherland), daughter Gemma (Alexis Dziena) and mentor-turned-nemesis, Moe Fitch (Ray Winstone).

A worthy watch, in my personal opinion.

Juno (Watched: Sunday 24-Feb 2008)
Juno MacGuff (Ellen Page) is 16. She became unexpectedly pregnant after having sex with classmate Bleeker (Michael Cera). Adolescent Juno originally intended to abort the baby, but changed her mind after visiting the abortion centre. She subsequently decided to have her unborn child adopted and with the help of her friend Leah (Olivia Thirlby), came into contact with couple Mark (Jason Bateman) and Vanessa (Jennifer Garner).

From the point where Juno decided to keep the baby until its birth, Juno faced many tough decisions, and found strength from her father (J.K. Simmons) and stepmother (Allison Janney) during her pregnancy.

There is an unexpected twist in the movie, but the ending was still happy and yet remained realistic. It is in my opinion surprisingly well done and enjoyable.

CJ 7 (Watched: Tuesday 19-Feb 2008)
This is truly an atypical Stephen Chow movie. If you were expecting the usual witty remarks that’s common in movies such as Shaolin Soccer or Kung Fu; or the usual mindless humor and laughter, you will be quite disappointed. Many of my friends who are Stephen Chow fans finds the movie uninspiring in spite of the technology behind the making of the computer animation: the alien CJ-7.

I would say we give credit where it is due. The computer graphics blend in quite well with the real cast and it is not easy to act as if something is there when it isn’t. Although the animation isn’t as awesome and ground shaking as that of Monster, Inc, it was still made with the state of the art computers, not to mention with far less computers with higher processing power. Above which, the child actress Xu Jiao was playing the role of a boy in the movie and she has done quite well.

In the movie, Chow played the role of a single father earning a living at the construction site in his attempt to give his son a proper education and a better future. After feeling sorry that he couldn’t afford to buy his son (Xu Jiao) a mechanical dog toy, Chow bought home something he found in the garbage dump which he thought would have been the perfect toy. Soon his son would discover it to be what it really is, and the story would evolve around the relationship between Chow and his son, the school and classmates, and the alien creature nicknamed CJ 7.

Though it would be quite uninspiring compared to the typical Stephen Chow movies, the social divide depicted in the movie between China’s nuevo richie and the less affluent masses was very realistic. This is the same stuff you read regularly on Yazhou zhoukan, but now you see it with your own eyes. One needs to open his heart to appreciate this movie, and I would consider it a break through by Stephen Chow from his usual roles.

Jumper (Watched: Sunday 17-Feb 2008)
David Rice (Hayden Christenson), the son of an abusive father (Michael Rooker) and a mother (Diane Lane) who abandoned him when he was 5 years old, is a jumper – a human being with the supernatural ability to teleport to any part of the world instantaneously. David left home when he was a teen, after surviving a harrowing experience of near death when he almost drowned in an icy river, and discovering his super natural powers.

Unknown to him, there are ohters like him, and he has enemies known as the Paladins, headed by the ruthless Roland (Samuel L. Jackson) who have been mercilessly hunting and killing them. He soon run into fellow jumper and orphan Griffin (Jamie Bell), who would reveal to him the stark reality after David escaped from his first encounter with Roland. They soon form an temporal alliance of convenience as they deal with the threat presented by Roland and the Paladins.

I love the special effects of the movie and I wished I could jump too. Then I don’t need to suffer on our ‘Worse Class’ Transports anymore and every weekend I can just jump to any place in the world to have fun. However, the movie was not at all breath-taking or captivating. In a matter of 3 weeks I had almost forgotten the name.

And one thing bugs me in the movie. Roland became aware of David after David robbed a few banks. But by presenting Roland and the Paladins as merciless murderers, it seems to justify David and some of the Jumpers’ crimes. It sort of reminded me how some people cheered the rogue trader from SocGen who lost the bank 7 billion dollars as a champion fighting against capitalism and as some kind of financial Che Guevara. Is this how our world is coming to, where we either cannot differentiate right from wrong, or see a wrong for what it is as long as a bigger wrong is being done?

Mas Selamat Kastari – The Conspiracy Theories

Well, the longer Mas Selamat Kastari (MSK for short) is on the run, the juicier the conspiracy theories that are spun.

This is one version I heard and it goes like this:

MSK didn’t really escape * gasp *, and he is actually still safely in the custody of the ISD. All of these is actually just an elaborate ruse with some specific purposes.

Firstly, there is one last known JI operative still on the run. They are using MSK to bait this guy out of hiding. If this guy even so much as try and make contact with MSK or some hitherto unknown JI cells in Singapore, the security forces in South East Asia will be all over him like bad smell before he even knows it.

Secondly, the ISD released several JI detainees not long ago in January, and this might also be a litmus test to see how they react, and to see if there’s any reason they should detain them again.

Finally, the ISD may want to detain certain people, who are suspected to be members of JI sleeper cells. However, being sleeper cells, that means they have done nothing that would be a threat to national security. Therefore, the ISD cannot at this moment detain them on mere suspicion alone. They would need some solid evidence to work on, and should these cells activate to try and aid their on-the-run leader, then the ISD will then have sufficient grounds to detain these members.

And that will really be a big coup for our security services… and that’s really so Sun Tzu – you make yourself look weak so your enemies under-estimates you and make a mistake.

The human mind is a scary thing, indeed. Now get back to work… I am just putting down in words some of the garbage I have gathered over several MSN and coffee shop chats.

Of Mas Selamat and Horsies…

I noticed that the local Chinese media has started to call Mas Selamat Kastari – ‘The Lame Horse’ (跛脚马). I can’t help but remember Sea Biscuit.

It is almost comical for them to call Mas Selamat that. After all, if Mas Selamat is still on the island, he has managed to elude our security forces for 5 days! I just hope this isn’t prophetic in itself in which Mas Selamat, like Sea Biscuit, recovers and come back to become a legend in which we used to scare our kids just like the ancient Romans do with the Carthaginian general, Hannibal.

And to modify the famous Deng Xiaoping famous ‘cat saying’ a little to suit the situation, I say: 不管跛脚黑马、汗血宝马… 能逃走就是好马。[Translation: It doesn’t matter if it’s lame horse or flying horse… the horse that can escape is a good horse.]

再说,到了今天你都抓不到,还不丢官,人民真的得 ‘丢’ 你 ‘黄’ 阿玛!(And this I really don’t know how to translate and yet keep the humor of it. But the gist of it is, ‘If you still don’t resign after failing to catch him for so many days, the people should fxxk Wong’s ‘Ah Ma’. 阿玛 in Manchurian means Father, and 玛 and 马 sounds almost the same, so pun intended.)

And as I was writing this post, my dad came into my room and showed me an article on Shin Ming (the evening Chinese tabloid), which reported that a structural flaw in the Whitley Road ISD facility has since been fixed after Mas Selamat’s escape.

Well, while the Chinese might say that it’s not too late to mend the fence after the loss / demise of one’s sheep (亡羊补牢,为时未晚), I must ask why when even a member of the YPAP like Nicholas Lazarus – a laughing stock and the butt of many jokes after this piece – would know that Mas Selamat is the leader of JI and thus extra-ordinary, our 3 million dollar mini$ter with helicopter vision – and allegedly one of the best talent that this country can offer, according to the Tali-PAP – has failed to even see this. Is this not more reason why Wong Kan Seng Can’t Sing should resign? It is obvious he has lost his edge and perhaps the Tali-PAP should put Lazarus on the job instead. In fact, just why the heck was Mas Selamat kept in a facility that isn’t even rated as maximum security in the first place? Frankly, even the Singapore Boys Home with its 2-storey tall walls – for rehabilitation and reform of incorrigible youth – looked far more challenging to anyone trying to escape.

In other words, whoever made the decision to keep this guy at the Whitley Road facility has fxxked up. If it’s not Mr Can’t Sing himself, then whoever this useless bum is, should resign! But yet, we haven’t seen anyone who has exercised the moral courage to resign, and this is completely shameful when we are now a international joke as far as security matters are concerned.

The failure of this person to take responsibility and the lack of guts to offer to resign is almost as shameful as the Taiwanese President Chen Shui-bian who continually refused to step down in spite of the numerous scandals that is plaguing him!

For the sake of this ball-less wonder, he better pray to whatever gods he believed in that Mas Selamat be caught soon. I am wondering how this psychological eunuch would be able to sleep soundly when Mas Selamat pulls off a big one in any other part of South East Asia, if not Singapore itself. But again, maybe he can always drown his conscience by giving himself a higher paycheck in the next mini$terial or civil service pay hike.

And before I forget, all these posters, MMS, and advertisement will cost the country a lot of money. Can we charge that all to Mr Can’t Sing’s cost centre and deduct it from his pay?

Wong Can’t Sing 倒す!!

A foul up and all we get is an apology!

Home Affairs Minister Wong Wua Kan Seng has cited a lapse in security at the Whitley Detention Centre on Wednesday as the cause for the escape of Jemaah Islamiyah (JI) member Mas Selamat Kastari.

He told MPs, who had raised the matter in Parliament, that Mas Selamat had been taken from his cell to another part of the detention centre for a visit from his family. He then asked to be allowed to visit the toilet, where he escaped.

“This should have never have happened. I am sorry that it has,” said Mr Wong in an update to the House, adding that an independent investigation is underway.

Is that all you can offer Singapore, after this guy has escaped, Wong? With 3 million Singapore dollars of pay p.a., an apology is not good enough. If you have any sense of shame and responsibility at all, you should just resign and shut the hell up for a long time. (Though personally, I would prefer you use a store room somewhere in Parliament house to commit hara-kiri to atone for your disgraceful failures!)

Recalled how George ‘Warmonger’ Bush failed to follow up on intelligence on Osama bin Laden? We all knew what happened on September 11, 2001. I’m going to hold you personally responsible if Mas Selamat managed to pull off a big one after this escape. So, if there are any personal god you believed in, I suggest you put on your sack cloth, act downcast, and fast and pray for the next 40 days that Mas Selamat will be caught!

Frankly, this is not the first time the Home Team has fxxked up. All these for show patrols at the MRT doesn’t make one feel any safer when it has been fxxk ups after fxxk ups since 2004. I have completely lost confidence in the security forces of this country. It’s high time someone admit he has fxxked up and stop shamelessly taking his 3 million dollar annual pay and seek lateral career shift, preferably in Zimbabwe or some other war torn, strife infested African country.

Here’s 3 of recent Home Team boo-boos:

  1. Took Leng How – (exerpt from Wikipedia) On 21 October 2004, when the police officers escorting Took for another round of questioning (in connection with Huang Na’s disappearance) allowed him to drop by at a coffee shop for a meal en route, he went to the toilet and escaped through an open back door. He hailed down a taxi, and asked the driver to send him to the Woodlands Checkpoint. At the checkpoint, Took went to the bus station, where the gate between the roads for buses entering and leaving Singapore had been left open, and used this gate to go onto the road for buses leaving Singapore at 3:38 a.m. in the morning.
  2. Tan Chor Jin – Nicknamed ‘One-Eye Dragon’, Tan shook Singapore with the execution-style slaying of a 41-year-old businessman (nightclub owner Lim Hock Soon at his home in Serangoon) on February 15, 2006. Tan subsequently escaped to Kuala Lumpur, and was only arrested with the assistance of the Royal Malaysian Police Force. He was flown back to Singapore on March 1, 2006.
  3. Richard Yong – (exerpt from Wikipedia) Former NKF chairman, was declared bankrupt on May 16, 2007. After selling personal properties worth $7.5 million, Richard Yong left Singapore without permission early on the morning of May 17 but was arrested on Jul 4 2007 in Hong Kong and extradited back to Singapore on Aug 3 2007 where he was charged the next day for charges that the NKF levied on him as well as escaping from Singapore hours before being declared a bankrupt. Yong said that he had left to settle some personal matters.

And by the way, I didn’t even include the fact that the home team showed up with 4 anti-riot vehicles against some guys who put up some figurines at the Youth Corner to protest against Odex.

That’s a little obsessive display of force and a tad over-reacting, don’t you think?

1 95 96 97 98 99 186