Skip to main content

A bad case of writer's block

Of course the Image is copied from
http://calvinandhobbes.wikia.com/wiki/Writer%27s_Block

On Wednesday morning, like any other Wednesday, I emptied my waste basket into a polythene "paper" bag, and left it outside for collection, before boarding a matatu to work.

However, unlike other Wednesdays, I received a text message from a friend, telling me that he had "seen my story in the Nation". I ignored it, thinking that probably he had seeing a similar story , with facts similar and assumed that someone had copied my story.

Getting into the office, I was checking on recent stories I have written and how other media houses  reported them, when I stumbled onto an article titled "Tech gurus caught napping as 103 websites hacked" .

While the story of the hacking was exposed on the Security Forum, I was arguably the first journalist to cover it, with a little bit more facts that I added from some research and my experience.


I was therefore surprised to find lots of similarities between what I had written and what the journalist had written, (Note that the original article has been changed after I raised the issue) notably:

  • Such tutorials usually exploit programming errors in code, known as bugs, which have not been fixed. The hacker appears to have a website at http://www.direxer.com/ though this has not been updated to reflect the hacking. 
I was surprised that in addition to myself, here was another journalist who had made a general assumption that the hacking exploited bugs. Many websites nowadays are hacked from a technique known as server side scripting.

In addition, this was suspiciously similar to sentences I had written in my article.
The hacker appears to have a website at http://www.direxer.com/ though this has not been updated to reflect the hacking
Such tutorials usually exploit programming errors in code, known as bugs, which have not been fixed.
  •  In a message in the forum, the hacker says:
    show off by me...
    thanks for tutorial in www.code-security.com all...
    i have exploit from cs web, and i attacking to server Goverment Kenya,,,, and then,,, success full... this is deface in this night...
What I wrote. I have preserved the formatting, including the use of italics.
In a message in the forum, the hacker says

show off by me...
thanks for tutorial in www.code-security.com all...
i have exploit from cs web, and i attacking to server Goverment Kenya,,,, and then,,, success full... this is deface in this night...
  • The government has reportedly moved fast to take the affected websites offline through a Cyber Incidence Response Team (CIRT) based at the Communications Commission of Kenya.
  • The CIRT was formed to handle such situations and ensures Kenya's security in cyber space. In a comment, Vincent Ngundi who heads CIRT said: "We're on it. Thanks for the heads-up and comments" in Kenya's Security Forum where the news first broke.
What I wrote:
The government has moved fast to take the affected websites offline through a Cyber Incidence Response Team(CIRT) based at the Communications Commission of Kenya. The CIRT was formed to handle such situations and ensures Kenya's security in cyber space. Vincent Ngundi who heads CIRT has responded with the following comment "We're on it. Thanks for the heads-up and comments" in Kenya's Security Forum where the news first broke.
More
  • The government normally hosts several websites in one server at The Treasury thus compromising the server may expose several websites to a hacker.
  • The Administration Police website has been hacked several times in the recent past. At the same time, most of the websites hacked appear to have been running the Joomla Content Management system:  
What I wrote:
The government normally hosts several websites in one server at The Treasury thus compromising the server may expose several websites to a hacker. The Administration Police website has been hacked several times in the recent past. At the same time, most of the websites hacked appear to have been running the Joomla Content Management system.
I hope the journalist knows that the government websites are normally hosted at treasury because he did his Computer Science degree attachment at the Ministry of Co-operative Development and Marketing, and had to work with a website hosted at the treasury.

I hope the journalist knows that Direxer's site is actually a blog.

I hope the journalist  knows that the sites run Joomla because of a Firefox plugin known as Wappalyzer , which can show what popular technologies a site is using.

I hope the journalist knows Forum Code Security and code-security.net are the same.

I hope the journalist really made sure Direxer is Indonesian, cause in a hurry to post my article, I didn't.

I hope the journalist in addition to numbering the hacked sites to make sure they were 103 , he also confirmed that they had been hacked. I only checked a few.


I hope the journalist does know that he is listed as the author of this article too , and so am I.


I hope to grow my career under the journalist, who is also the president of the Kenya ICT Reporters Association (KIRA).

KIRA seeks to herald ICT journalism in Kenya and the region to the peak, by:
  • "keep pace and understand how the emerging technology tools like Twitter, Skype, Facebook, Youtube, google reader, RSS feeds, news alerts, blogs, websites, etc can be professionally utilised by journalists."
  • need to blog, tweet, skype and subscribe to feeds to remain on top of news.
A small correction, RSS can be traced back to 1995 and Google Reader is an RSS Feed Reader.

You can find out more about KIRA here, where the president also notes that "not many journalists are competent in this beat thus the skewed coverage of ICT matters" .


Below is the text of the original peice as it appeared on the Business Daily.

By JAMES RATEMO, jratemo@ke.nationmedia.com  (email the author)

Posted  Tuesday, January 17  2012 at  22:59

An Indonesian hacker has caught Kenya government tech gurus napping. In an unprecedented occurrence, an Indonesian hacker known as direxer has taken down 103 government of Kenya websites. 

According to a Tuesday discussion on Kenya's online tech forum, Kictanet, the hacker is part of an online Indonesian security forum known as Forum Code Security and says he took down the websites following tutorials from the forum.
The news of the hacking was first exposed on the site code-security.net/archives/114, a forum on code security.
The title on the website read: “Joint Discussion — Forum on Code Security”.
"Such tutorials usually exploit programming errors in code, known as bugs, which have not been fixed. The hacker appears to have a website at http://www.direxer.com/ though this has not been updated to reflect the hacking.
In a message in the forum, the hacker says:
show off by me...
thanks for tutorial in www.code-security.com all...
i have exploit from cs web, and i attacking to server Goverment Kenya,,,, and then,,, success full... this is deface in this night...
The government has reportedly moved fast to take the affected websites offline through a Cyber Incidence Response Team (CIRT) based at the Communications Commission of Kenya.

The CIRT was formed to handle such situations and ensures Kenya's security in cyber space. In a comment, Vincent Ngundi who heads CIRT said: "We're on it. Thanks for the heads-up and comments" in Kenya's Security Forum where the news first broke.
The government normally hosts several websites in one server at The Treasury thus compromising the server may expose several websites to a hacker.
The Administration Police website has been hacked several times in the recent past. At the same time, most of the websites hacked appear to have been running the Joomla Content Management system:
Also see details here












Comments

Popular posts from this blog

Dar mpaka moro (part 1)

Briefly about Dar
Dar es salaam is an expansive city on the Indian Ocean coast. The city has a peninsula (for the geographically challenged, its a piece of land that juts into the ocean) and a few large islands which are protected marine parks. The Tanzanian government and the people appear to be appreciative about Nature and protect it well. There is also the famous resort of Zanzibar which is tow hours away. In comparison, Mombasa appears restricted by the islands and the Likoni channel which have restricted northward development of the city. Dar es salaam is on the mainland, and even appears to have a larger harbor. You are likely to spot more ships near Dar es salaam, probably due to the harbor and distance from the pirate stricken shores of Somalia.

Dar es salaam, once the capital of Tanzania is quite distant from many areas in Eastern Africa. Dodoma is now the country's capital, but Dar remains the financial and social capital.

Nairobi to Dar by Road
Catching a bus from Nairob…

In a Westernised World, Covid-19 is the Perfect Pandemic

Over the last more than 100 years, the world has undergone numerous advancements. Human beings have been to space and the moon, we have powerful nuclear bombs and nuclear energy, bullet trains, planes that fly half around the world, and we can now treat and cure hundreds of diseases that tormented our ancestors. 
Yet, despite all these scientific advancements, the world is being ravaged by a pandemic. Worse, one that can be eradicated by people just staying home for 3 weeks. What went wrong?
Well, it is important to understand that the world, by nature, is destined for pandemics. 
Forests get extreme wildfires, wild animals get almost wiped out by diseases or drought, and human beings get pandemic. Drought too was once a problem, but the wonder that is the modern supply chain means shiploads of grains and all sorts of food can be easily moved from one part of the world to another. 
Pandemics, like wildfires, droughts and much more are nature’s way of introducing chaos into a system.

Dar mpaka moro (part 2)

This post has been continued from Dar mpaka moro (part 1)

Exchange Rates: 1 Tsh = 0.58 Kshs , 1 Ksh =17.2 Tshs (note to divide rather than multiply fractions/decimals)

Arusha is the capital of the East African Community, and might be referred to as Tanzania's third most significant city. Arusha also marks the end of Tanzania's dry region, quite small compared to Kenya's expansive Northern and Eastern regions.

You will also notice the presence of Traffic lights at major junctions and round abouts, a difference from Kenya's preferred police controlled junctions. However, motorists will at time jump the lights. Be warned though that Traffic Police might be present and will not hesitate to fine you. Overlapping , a common aspect of road behaviour in Kenya is taken seriously in Tanzania, it may land you a Ksh. 10,000 fine and/or a jail term.

Our bus did not stop over at Arusha, which though is quite a large town. Arusha is on the slopes of Mount Meru, one of Tanzania's m…

Beers in Kenya: A sober opinion

Note: This is a dated post and has since been mostly passed by events. SAB Miller beers including Castle and Peroni are no longer widely available in Kenya after their exist. Sirville Brewery was bought out by Brew Bistro before being permanently shut in a tax dispute. Kenya is a land of milk, honey, beaches and taxes. I have penned, or is typed, a newer post here

I have had a short beer swigging stint in my life. It has however been long enough for me to share my opinion of Kenyan beer. Interestingly, over the course of sharing such opinions with other drunkards connoisseurs,  I have found that we all have different views as to what beer is the best, which one makes you too drunk, or which one gives one free, extra hangover for every hangover you get from it.
For starters, like everyone else, I discovered that beer isn’t as sweet as it looks like in those adverts that show golden barley swaying in breezes, happy men smiling and toasting chilled, foaming glasses of beer as a deep voi…

Why Newspapers Should Shift to Digital Sales to Survive

The digital world is a very different one for newspapers, and this explains why many have shut down.

The ones that survived took some time in the wilderness before figuring it out.

Yet the ones that are transitioning seem doomed to repeat the mistakes of those who have been ahead of them.

The first problem with digital news publishing is competition. Print newspapers are near monopolies. Setting up a newsprint plant and investing in distribution vans is very costly. You therefore end up with a handful of papers or even just one for a certain geographical zone.