Wikipedia: Important enough to whitewash

This is an edited version of my weekly column for Loose Wire Service, a service providing print publications with technology writing designed for the general reader. Email me if you’re interested in learning more.

Wikipedia has gone through some interesting times, good and bad, but I think the last couple of weeks has proved just how powerful it is.

Powerful enough for those who feel denigrated by it to have been trying to spin, airbrush and generally rewrite how history — or at least Wikipedia — remembers them.

Take WikiScanner, cooked up by a young student, Virgil Griffith. WikiScanner does something very simple: It searches the Internet addresses of an organization — government, private, company or whatever — and matches them with any anonymous edit of a Wikipedia entry.

This means that while the edits themselves may be anonymous, the organization where the person is based is not. We may not know who did it, in other words, but we’ve got a pretty good idea of whom they work for.

The results have been surprising. Users of WikiScanner have come up with dozens of cases of companies, organizations and government departments apparently changing entries to either delete stuff they may not like, or making the text more palatable.

Some examples of apparent — none of these is confirmed but the Internet addresses match — self-interested alterations that have hit the news in the last few weeks:

* Diebold removes sections critical of the company’s electronic voting machines

* Apple and Microsoft trade negative comments about each other

* Amnesty International removes negative comments about itself, according to the Malta Star

(My own searches threw up no examples at all of institutions in my current home of Indonesia spinning on Wikipedia. Shame on them. What have they been doing with their time? One Indonesian embassy official seems to have spent most of his day editing an entry on rude finger gestures, but that’s about it. Clearly these people are not working hard enough for their country.)

The point about all this: Wikipedia is often derided as irrelevant and unworthy. Clearly, though, it’s important enough for these people, either officially or unofficially, on their own initiative or at the behest of higher-ups, to rewrite stuff to make themselves or their employer look better.

You might conclude from this that Wikipedia is not reliable as a result. I would argue the opposite: These edits have nearly all been undone by alert Wikipedians, usually very quickly.

(Wikipedia automatically stores all previous versions of a page and keeps a record of all the edits, and the Internet address from where they originate.)

The truth is that Wikipedia has come of age. Wikipedia is now important enough for ExxonMobil, The Church of Scientology, the U.S. Defense Department and the Australian government to spend time and effort trying to get their version of events across. If it was so irrelevant or unreliable, why would these people bother?

Of course, coming of age isn’t always a good thing. A recent conference on Wikipedia in Taiwan highlighted how Wikipedia is no longer an anarchic, free-for-all, but has somehow miraculously produced a golden egg.

It is now a bureaucracy, run by the kind of people who like to post “Don’t … ” notices on pantry walls. I’m not saying this is necessarily a bad thing. We all hate such people until our sandwich goes missing. Then we turn to them — or turn into them.

WikiScanner reveals that it’s probably good that such people take an interest in Wikipedia, because it’s clear that the site is under threat from people who would censor history and whitewash the truth to suit them.

Thanks to Virgil and the Wikipedians, that’s not going to happen anytime soon.

The Jakarta Post – The Journal of Indonesia Today

When Services Go Pro, Reach for Your Gun

Alarming and confusing news and views concerning Skype’s announcement of its new pricing strategy. Here’s a summary.

Key elements trumpeted in Skype’s press release (the most detailed information is here, courtesy of SkypeJournal):

  • Premium subscription package called Skype Pro, which includes free Skype Voicemail (€15 previously) and €30 off a SkypeIn number (previously €30). Cost: €2 per month
  • Removes per minute charges for SkypeOut calls (i.e. calls to ordinary phones) so long as they’re landlines and to the same country you’re in at the time of calling. I.e: unlimited calling, so long as it’s not to mobile phones.
  • Every SkypeOut (and I think SkypeIn) call, whether it’s to voicemail or not, incurs a separate connection fee of 0.039 Euro, excl VAT (5 U.S. cents). (This does not apply to existing unlimited calling plans if you’re calling within your specific country.)
  • Some SkypeOut destinations have been reduced (about seven, including Malaysia) for Skype Pro users to the Global Rate of 1.7 cents per minute).

Skype claims this option “offers our users more for less because they can buy additional Skype paid for products but for a smaller cost”. The service will be phased in from now in Europe, and, for now, will be available alongside the traditional service. (For Asian readers, Hong kong, Japan, Taiwan, South Korea and Australia are next.)

What does this mean for you? Well, of course it depends on what kind of user you are, and where you’re calling.

  • You’re going to be paying more per call than you were before, because of the connection fee.
  • If you’re an international caller, it’s going to be harder to calculate your potential savings/losses. I must confess I’m still trying to figure this out.
  • Jean Mercier, based in Belgium, has done some sums on his calling habits, and concludes that “occasional SkypeOut users will pay for the heavy SkypeOut users”. In other words, if you don’t use it a lot, you’ll end up paying more than you would before. HIs conclusion: “I really am astounded, and not in a positive way!”
  • Olga Kharif at BusinessWeek says it’s part of general raising of VOIP rates. “Sure, they need to find a way to make money. But I think raising prices is a big mistake. In the past, users switched to VoIP because it was the cheapest calling option around. When it’s no longer that, customers might no longer hurry to abandon their traditional telecom services providers for upstarts.”
  • Phil Wolff of SkypeJournal says you’ll be better off if you SkypeOut an average 4.3 minutes per day, or a couple of hours per month. This does not seem to include the connection fee in the calculation, however, and may not be relevant for international calls. I’m checking this with Phil.
  • For Paul Kapustka of GigaOM, the reasons behind the move are simple: Skype is in trouble. “Just add some cash to the bottom line, quickly! For customers, the question is — do you want eBay to be your phone company?”
  • PhoneBoy says that “what they are really doing is raising the price”.

My conclusions: Skype has been a revolution for a lot of my readers and friends who aren’t usually all that enamoured of technology. They’ve bought a headset, got a cable connection, installed the software, bought some credits, all because of the savings Skype offers. Many of them also enjoy the benefits of being online in a buddy list.

But what if Skype is no longer the cheapest option? Or if they feel they’re being lied to by press releases that are less than forthcoming about the real deal? Will they turn their newfound confidence in technology to switch to something cheaper and take all their buddies with them?

Technorati tags: , , , , ,

Asia, the World’s Spam Factory

A new list from Sophos shows that spam is far from dying, thanks largely to Asia:

While the U.S. still tops the chart, for the first time it accounts for less than a quarter of all spam relayed. (Compare this to more than 50% two years ago.) But that’s not the problem anymore. The problem is a rise in non-English spam “with the vast majority now being relayed by ‘zombie’ computers hijacked by Trojan horses, worms and viruses under the control of hackers.”

Much of this is coming from China and South Korea, which together accounts for 32% of the world’s spam. Add Taiwan’s 2.1% to that and Asia is the world’s biggest relayer of spam. But lumping them together doesn’t do justice to the rise of China as a spam relayer: in the past two years it was responsible for less than 10% of the world’s spam; this year that figure has more than doubled, much of that rise in the last few months.

Of course by using percentages Sophos is able to avoid actually quantifying the problem — how much spam are we actually talking about here, and is it getting bigger or smaller? — saying only that “the level of non-English language spam is continuing to increase”, without offering any figures. But there’s no question of the trend: Crackdowns on spam in countries like the U.S. is only contributing to this, as “zombie computers – responsible for relaying more than 60% of the world’s spam – can allow spammers to escape country-specific legislation, as they no longer have to be located in the same country as the spamming machines they operate.”

The First U.S.-China Cyberwar?

There’s growing coverage of China’s Internet ‘cyberwar’ against the U.S., which seems to have been going on for more than two years with neither side wanting to go public. The U.S. is calling the attack Titan Rain, and as Bruce Schneier points out, the attackers are very well organized. This from AFP:

A systematic effort by hackers to penetrate US government and industry computer networks stems most likely from the Chinese military, the head of a leading security institute said. The attacks have been traced to the Chinese province of Guangdong, and the techniques used make it appear unlikely to come from any other source than the military, said Alan Paller, the director of the SANS Institute, an education and research organization focusing on cybersecurity. “These attacks come from someone with intense discipline. No other organization could do this if they were not a military organization,” Paller said in a conference call to announced a new cybersecurity education program. In the attacks, Paller said, the perpetrators “were in and out with no keystroke errors and left no fingerprints, and created a backdoor in less than 30 minutes. How can this be done by anyone other than a military organization?”

So what are they after? Paller says they’re after sensitive information, and may have gotten it, including military flight planning software from its Redstone Arsenal. Here’s a bit more detail about how these guys work, from a TIME story quoting Shawn Carpenter, the hacker who uncovered the attacks:

Carpenter had never seen hackers work so quickly, with such a sense of purpose. They would commandeer a hidden section of a hard drive, zip up as many files as possible and immediately transmit the data to way stations in South Korea, Hong Kong or Taiwan before sending them to mainland China. They always made a silent escape, wiping their electronic fingerprints clean and leaving behind an almost undetectable beacon allowing them to re-enter the machine at will. An entire attack took 10 to 30 minutes.

More on Carpenter in a Wikipedia entry here, and on his whistleblowing experience here. There’s an interesting piece by SearchSecurity’s Bill Brenner which looks at an August report by LURHQ dissecting the Myfip worm which appears to have been used by Chinese hackers to ferret around and grab PDF files. The worm has been around since August 2004. Later variants looked for Word documents, AutoCAD drawings, templates, Microsoft Database files, etc:

[Joe] Stewart [senior security researcher with Chicago-based security management firm LURHQ Corp] said his team was easily able to trace the source of Myfip and its variants. “They barely make any effort to cover their tracks,” he said. And in each case, the road leads back to China. Every IP address involved in the scheme, from the originating SMTP hosts to the “document collector” hosts, are all based there, mostly in the Tianjin province.

China, according to AFP, yesterday denied its military was involved in hacking:

“We have clear stipulations against hacking. No one can use the internet to engage in illegal activities,” foreign ministry spokesman Qin Gang told a regular briefing on Tuesday. “The Chinese police will deal with hacking and other activities disturbing social order in accordance with law.”

Doesn’t make a lot of sense as a denial. Is he saying no one is doing it? Or no one official? Or that it’s going on and the police will deal with it? Not the first time a Chinese spokesman has uttered something meaningless. But I guess so long as the U.S. doesn’t make any official, public complaint this guerrilla war will remain unacknowledged by both sides. I guess the obvious lesson here is that security is not just against sleazeballs after your money, but after your PDF files too. And don’t think that because you’re not military you’re not affected. If you’re any kind of company you might have something that is valuable in the corporate and government espionage world.

Skype Cuts Some Rates

Skype has lowered rates of its SkypeOut service to some destinations as part of its first anniversary celebrations. Here are the details:

Six major new countries have been added to the SkypeOut Global Rate, a fixed, low-cost rate of 1.7 Euro cents per minute to popular calling destinations. China, Greece, Taiwan, Hong Kong, Poland and Switzerland have joined more than 20 additional destinations in the Global Rate. Skype has also significantly lowered SkypeOut rates for calling numbers in Armenia, Bangladesh, Belarus, Bulgaria, the Cook Islands, Croatia, the Czech Republic, Denmark, the Dominican Republic, Estonia, Finland, Germany, Hungary, Iceland, India, Indonesia, Ireland, Korea, Lebanon, Luxembourg, Malaysia, Mexico, the Netherlands, Poland (mobile), Portugal, Russia, Slovakia, South Africa, Spain, Sri Lanka and Turkey.

I’m not quite clear from the press release, but it sounds as if this is an average reduction of 15%.

It’s not all good news: Prices for SkypeOut calls to Saudi Arabia, Papua New Guinea, Oman, Lichtenstein and Haiti numbers will increase slightly.

Taipei’s Wi-Fi Dream

Taiwan is really going for it in the WLAN stakes: Taipei WLAN Wifly Takes off reports that: WiFly, a WLAN (wireless local area network) that will cover all of the main populated areas in Taipei City in its first phase, began operations on February 1. Qware Systems & Services is the builder and operator of the network under a BOT (build-operate-transfer) contract signed in September, 2004, with the Taipei city government.

The plan, the Digitimes says, involves setting up 10,000 access points around the city. The first phase covers about 20% of the population of the city, and the second phase, covering another 30%, will be done by June. By the end of the year, 90% will be covered. For now it’s free, and 10,000 people have already registered.

This figure, according to the Taipei Times, is not overly impressive: Taipei’s cyber city project is one of the largest in the world in terms of areas of coverage and the capital spent. Yet Wifly does not seem to have built a large customer base as statistics compiled by the city suggests since Wifly began its trial run in December, an average of 250 people use the service daily, and each user spends 48 minutes.

Still, the project, called the Mobile City Project, or M-City, is thinking big: The paper quotes Mayor Ma Ying-jeou as saying “Taipei will be the world’s first and largest mobile city, where users can access the Internet wherever they go”.

Taiwan: First Off The Blocks With Dual Networks?

Taiwan has launched what it’s calling the “world’s first dual-network application service”, according to today’s Taipei Times (which charmingly, and perhaps accurately, calls it a Duel Network in its headline).

The network combines wireless local area networks (WLANs) and General Packet Radio Service (GPRS). In a demo set up in Taipei’s Nankang Science Park, workers have access to “various functions, including access to personal e-mails and instant messages or connection to any printer in the park through wireless transmission. Other services allow parents to view their children in the park’s daycare center through a surveillance system.” From what I can understand in the piece, the government plans to spend NT$7 billion to build the same thing across the whole country over seven years. Taiwan Cellular, the paper says, will roll out dual-network service packages after the Lunar New Year (early next month).

It’s not clear, and I’m not clear, about how exactly this works, and what it’s for. The point of dual-network devices makes sense — you can use them for VoIP on WLAN hotspots, and switch to cellular in cellular-only areas, but why have both technologies in the same place? I guess, as it implies above, the idea is to offer more options and services atop the existing structure. So you might prefer to have one data connection via GPRS, but print locally via Wi-Fi. Or is there more to it that I’m missing?

Taiwan ‘Phisher’ Arrested, May Not Be Kingpin, Beaten Up By Father

A Taiwanese teenager has been arrested for phishing, but don’t expect it to bring an end to the problem.

The China Post today reported that the 16-year old, surnamed Wu, who was studying at a south Taiwan junior college, has been charged with forgery and fraud. The paper says it’s Taiwan’s first phishing case: If convicted, he faces three to five years’ jail.

That said, it doesn’t sound like the guy is exactly the mastermind behind the Internet’s fastest growing crime: The paper quoted an officer as saying that all the boy wanted was “to appear smart. He studied a hacking manual and tried to show off his knowledge by ‘phishing’ a dozen (computer) users.” All he managed to phish were their addresses and information. The paper reported his family was not particularly proud of his alleged phishing activities:

His irate father, who knows nothing about hacking, berated and tried to beat up the boy, when arresting police officers confronted them. The youth begged for mercy, one police officer said. “He was scared to death, when he saw us,” the officer said, “and we had a hard time calming his father down.”

Taiwanese Government Computer ‘Hosts Phishing Scam’

Somewhat embarrassingly for Taiwan’s education system, a phishing email aimed at customers of US Bank operaties via a script which appears to be on a computer at the Taiwan Ministry of Education Computer Center in Taipei.

MillerSmiles Scam Alert Service reports that the phish urges recipients to access a new message in their personal mailbox by using the link provided. “The link has been disguised using HTML code and appears to be a genuine link to the usbank.com site, but it is not and will in fact open your browser to a forged US Bank web page,” says MillerSmiles. The forged US Bank page takes the form of a webform which requires your account, card and social security numbers.

Of course they, and I, are not saying the Taiwanese government has started phishing, but it may be worth the education ministry’s while to plug holes in its own computers.

 

The Charting Of An Urban Myth? Or A Double Bluff?

Here’s a cautionary tale from Vmyths, the virus myths website, on how urban legends are born.

Vmyths says that Reuters News Agency filed a report from Singapore last week quoting anti-virus manufacturer Trend Micro (makers of PC-cillin) as saying computer virus attacks cost global businesses an estimated $55 billion in damages in 2003. That’s a lot of damage. Two spokesmen at Trend Micro have since called Vmyths to “correct” the report. One said it was “wrong.”  Another said Trend Micro “cannot gauge a damage value — because they simply don’t collect the required data”.

Vmyths says the report was later pulled, but without any explanation. I’m not so sure. I can still see it on Reuters’ own website, Forbes, Yahoo, The Hindustan Times, ZDNet, MSNBC, ComputerWorld, The New York Times, etc etc. And the story still sits in Reuters’ official database, Factiva (co-owned by Dow Jones, the company I work for.) I’ve sought word from Trend Micro (I wasn’t able to reach anyone in Taiwan, Singapore or Tokyo by phone and emails have gone unanswered for 10 hours; I guess Chinese New Year has already started. Perhaps the U.S. will be more responsive). Emails to the author of the Reuters report have gone unanswered so far.

As Vmyths points out, it’s great that Trend Micro has tried to set the record straight.  But if the story was wrong, why is it still out there on the web, and, in particular, on Reuters’ own sites? And why hasn’t Trend Micro put something up on its website pointing out the report is wrong? Has Trend Micro done everything it can to get things right? Was the report wrong, or the original data?

This episode highlights how, in the age of the Internet, an apparently erroneous story can spread so rapidly and extensively, from even such an authoritative source as Reuters, and how hard it is to correct errors once the Net gets hold of them. In the pre-WWW world (and speaking as a former Reuters journalist) it was relatively simple process to correct something: overwrite it from the proprietary Reuters screen with a corrected version, withdraw the story, or, in the case of subscribers taking a Reuters feed (newspapers, radio stations and what-have-you), sending a note correcting the story. Proprietary databases could be corrected. So long as the story wasn’t already in print, you were usually safe. Nowadays it’s not so easy.

Vmyths is right: Expect to see the $55 billion figure pop up all over the place. (Of course, until we know for sure, it’s possible that the real myth that comes out of this could be that the story was wrong, when in fact it was right.) Ow, I’m getting a headache.