Skip to main content

A bad case of writer's block

Of course the Image is copied from
http://calvinandhobbes.wikia.com/wiki/Writer%27s_Block

On Wednesday morning, like any other Wednesday, I emptied my waste basket into a polythene "paper" bag, and left it outside for collection, before boarding a matatu to work.

However, unlike other Wednesdays, I received a text message from a friend, telling me that he had "seen my story in the Nation". I ignored it, thinking that probably he had seeing a similar story , with facts similar and assumed that someone had copied my story.

Getting into the office, I was checking on recent stories I have written and how other media houses  reported them, when I stumbled onto an article titled "Tech gurus caught napping as 103 websites hacked" .

While the story of the hacking was exposed on the Security Forum, I was arguably the first journalist to cover it, with a little bit more facts that I added from some research and my experience.


I was therefore surprised to find lots of similarities between what I had written and what the journalist had written, (Note that the original article has been changed after I raised the issue) notably:

  • Such tutorials usually exploit programming errors in code, known as bugs, which have not been fixed. The hacker appears to have a website at http://www.direxer.com/ though this has not been updated to reflect the hacking. 
I was surprised that in addition to myself, here was another journalist who had made a general assumption that the hacking exploited bugs. Many websites nowadays are hacked from a technique known as server side scripting.

In addition, this was suspiciously similar to sentences I had written in my article.
The hacker appears to have a website at http://www.direxer.com/ though this has not been updated to reflect the hacking
Such tutorials usually exploit programming errors in code, known as bugs, which have not been fixed.
  •  In a message in the forum, the hacker says:
    show off by me...
    thanks for tutorial in www.code-security.com all...
    i have exploit from cs web, and i attacking to server Goverment Kenya,,,, and then,,, success full... this is deface in this night...
What I wrote. I have preserved the formatting, including the use of italics.
In a message in the forum, the hacker says

show off by me...
thanks for tutorial in www.code-security.com all...
i have exploit from cs web, and i attacking to server Goverment Kenya,,,, and then,,, success full... this is deface in this night...
  • The government has reportedly moved fast to take the affected websites offline through a Cyber Incidence Response Team (CIRT) based at the Communications Commission of Kenya.
  • The CIRT was formed to handle such situations and ensures Kenya's security in cyber space. In a comment, Vincent Ngundi who heads CIRT said: "We're on it. Thanks for the heads-up and comments" in Kenya's Security Forum where the news first broke.
What I wrote:
The government has moved fast to take the affected websites offline through a Cyber Incidence Response Team(CIRT) based at the Communications Commission of Kenya. The CIRT was formed to handle such situations and ensures Kenya's security in cyber space. Vincent Ngundi who heads CIRT has responded with the following comment "We're on it. Thanks for the heads-up and comments" in Kenya's Security Forum where the news first broke.
More
  • The government normally hosts several websites in one server at The Treasury thus compromising the server may expose several websites to a hacker.
  • The Administration Police website has been hacked several times in the recent past. At the same time, most of the websites hacked appear to have been running the Joomla Content Management system:  
What I wrote:
The government normally hosts several websites in one server at The Treasury thus compromising the server may expose several websites to a hacker. The Administration Police website has been hacked several times in the recent past. At the same time, most of the websites hacked appear to have been running the Joomla Content Management system.
I hope the journalist knows that the government websites are normally hosted at treasury because he did his Computer Science degree attachment at the Ministry of Co-operative Development and Marketing, and had to work with a website hosted at the treasury.

I hope the journalist knows that Direxer's site is actually a blog.

I hope the journalist  knows that the sites run Joomla because of a Firefox plugin known as Wappalyzer , which can show what popular technologies a site is using.

I hope the journalist knows Forum Code Security and code-security.net are the same.

I hope the journalist really made sure Direxer is Indonesian, cause in a hurry to post my article, I didn't.

I hope the journalist in addition to numbering the hacked sites to make sure they were 103 , he also confirmed that they had been hacked. I only checked a few.


I hope the journalist does know that he is listed as the author of this article too , and so am I.


I hope to grow my career under the journalist, who is also the president of the Kenya ICT Reporters Association (KIRA).

KIRA seeks to herald ICT journalism in Kenya and the region to the peak, by:
  • "keep pace and understand how the emerging technology tools like Twitter, Skype, Facebook, Youtube, google reader, RSS feeds, news alerts, blogs, websites, etc can be professionally utilised by journalists."
  • need to blog, tweet, skype and subscribe to feeds to remain on top of news.
A small correction, RSS can be traced back to 1995 and Google Reader is an RSS Feed Reader.

You can find out more about KIRA here, where the president also notes that "not many journalists are competent in this beat thus the skewed coverage of ICT matters" .


Below is the text of the original peice as it appeared on the Business Daily.

By JAMES RATEMO, jratemo@ke.nationmedia.com  (email the author)

Posted  Tuesday, January 17  2012 at  22:59

An Indonesian hacker has caught Kenya government tech gurus napping. In an unprecedented occurrence, an Indonesian hacker known as direxer has taken down 103 government of Kenya websites. 

According to a Tuesday discussion on Kenya's online tech forum, Kictanet, the hacker is part of an online Indonesian security forum known as Forum Code Security and says he took down the websites following tutorials from the forum.
The news of the hacking was first exposed on the site code-security.net/archives/114, a forum on code security.
The title on the website read: “Joint Discussion — Forum on Code Security”.
"Such tutorials usually exploit programming errors in code, known as bugs, which have not been fixed. The hacker appears to have a website at http://www.direxer.com/ though this has not been updated to reflect the hacking.
In a message in the forum, the hacker says:
show off by me...
thanks for tutorial in www.code-security.com all...
i have exploit from cs web, and i attacking to server Goverment Kenya,,,, and then,,, success full... this is deface in this night...
The government has reportedly moved fast to take the affected websites offline through a Cyber Incidence Response Team (CIRT) based at the Communications Commission of Kenya.

The CIRT was formed to handle such situations and ensures Kenya's security in cyber space. In a comment, Vincent Ngundi who heads CIRT said: "We're on it. Thanks for the heads-up and comments" in Kenya's Security Forum where the news first broke.
The government normally hosts several websites in one server at The Treasury thus compromising the server may expose several websites to a hacker.
The Administration Police website has been hacked several times in the recent past. At the same time, most of the websites hacked appear to have been running the Joomla Content Management system:
Also see details here












Comments

Popular posts from this blog

Events Surrounding March 2009 KU Riots

Following the much publicized Kenyatta University riots of Wednesday 18th March and Sunday 22nd March 2009, below are my own versions of the happenings leading to and during the riots. I have omitted several occurrences that i did not witness in first or second party. the happenings below are NOT eye witness reports, and are INADMISSIBLE legally. you can help by filling in the missing gaps, by commenting below the note.

The time frames are approximate in nature, and are issued more as checkpoints than as exact time.

Please also note that these are events, rather than causes or results of any action.

First Week of March
KUSA(Kenyatta University Student's Union) Elections

About March 16th 2009
KUSA officials meet the administration to vouch for extension of the Registration Deadline. Several students had paid after the deadline and were denied registration which was to begin on 27th March. Negotiations unsuccessful, with what transpired during the negotiations been unclear.

Tuesday 17…

A Kenyan in Addis Ababa (Part 2) - The "University Girls"

This post continues from Part 1. 

The residents of Addis are friendly too. On my first day, I did meet a guard at a hotel, who later offered to show me around. Among the places he suggested, was this place where some “University girls” were holding some "dancing ceremony". He added, that Ethiopians being Orthodox Christians, were about to go on a sex, alcohol and meat fast, hence the importance of this “ceremony.”
I had some suspicion that I was being sold to sex, but my guide insisted that this was not a sex sale. Just dancing University girls. We did end up in some nondescript compound, and into a house. There was sort of a sitting area, with a radio system, low benches and tables, and grass sprinkled around the floor. Grass sprinkled around the floor is an Ethiopian tradition that indicates you are welcome to a place.

It was about 5 PM,  and the hosts seemed not to be expecting any visitors at this time. My guide disappeared down some corridor into the back to call them. In…

Beers in Kenya: A sober opinion

I have had a short beer swigging stint in my life. It has however been long enough for me to share my opinions of Kenyan beer. Interestingly, over the course of sharing such opinions with other drunkards connoisseurs,  I have found that we all have different views as to what beer is the best, which one makes you too drunk, or which one gives a free,  extra hangover for every hangover you get from it.
For starters, like everyone else, I discovered that beer isn’t as sweet as it looks like in those adverts that show golden barley swaying in breezes,  happy men smiling and toasting chilled, foaming glasses of beer as a deep voice does some narration in the background.
Beer is bitter! Now, it turns out beer is intentionally made bitter. See,  beer shares the same ingredients as bread. The major difference is that bread isn't fermented. Bread is sweet, so why isn't beer sweet?

Why we loved Mixcrate and Where to next?

There are two types of music listeners: those who listen by artist or by album, and those who listen by top hits. The second lot of us do not care much about what other music made it to an album besides the top 2 hits.

Mixcrate served the second lot of us very well. You could search for a song title or an artist, and you would have dozens of DJ mixes to choose from which contained more than the one hit you searched for.

Listening to music on Mixcrate also meant that once you settled into a mix, you had uninterrupted music for the next one hour.

Why Kenyans love Kigali (Part 2)

See part 1 of why Kenyans Love Kigali, which this articl is a continuation.

In my previous post on why Kenyans love Kigali, or Rwanda for that matter, I had mentioned on the security of the city. The post however widely dealt with the feel and appearance of the city, and a little bit of the country.

Both of my visits to Kigali have been through the airport, though you may opt for a more adventurous journey by road. Getting to Kigali then required a Kenyan passport, but no visa. Now, all you need to go through both Uganda and Rwandan borders are a National Identity Card.

For travel by air, Rwandair is a cheaper option for Kenyans as compared to our national flag carrier, Kenya Airways. Ironically, most other Africans get to Kigali via Kenya Airways, thought most Kenyans will opt for the cheaper Rwandair. The flights are comfortable and the service on board the 1 hour 15 minutes flight is great.

Depending on the weather, your landing can be quite full of turbulence in Kigali. The airpor…