Colin Charles Agenda

This week has been nothing but disturbing following the happenings in Malaysian cyberspace. So much has happened and there will be much to learn from it, lest we forget what to do the next time around. This is broken up into pieces: Timeline, A Warning, What’s wrong with sweetyoungmalaysiangirls?, What about obscene images, What can you do as a victim/concerned Netizen?, What else to note?.

Timeline

Sunday – Netizens notice a blog, sweetyoungmalaysiangirls.blogspot.com and an Instagram account gadismukabukumy. They’re not too happy. Enough noise is made, The Star covers it: Blog with picture of young Malaysian girls, many of them minors, riling netizens.

Monday-Tuesday – (due to updates on initial posts) – The site goes down as many over-zealous Netizens click the ‘report to blogger’ button. Blogger ToS does not permit making money this way. The Star writes: Website hosting pictures of Malaysian girls taken down. But the best read from this is actually Harinder Singh’s account, Who’s behind these blogs. This is a must read – it’s a detective takedown story with a great amount of sleuthing and even entrapment (the video is golden – since been removed but surely archived somewhere). There is some back & forth here in the official statement about how he got hacked.

Wednesday – By then, the Netizens are all riling against this chap, Dustyhawk/Serge, pasting his WHOIS information in public, etc. His comeback is a little quirky: How to lose friends and make enemies – A social experiment. Harinder calls this Grasping for air. Wesley Chung writes an open letter which is also an interesting read. And a victim shares that her pictures were never public, they were just for Facebook friends, so by letting him into her circle, he transgressed her privacy.

Thursday – Dustyhawk/Serge posts An Apology and Asking for forgiveness while getting a few things off our chest. Before that, The Ant writes: Techie sheds ‘light’ on who’s behind offending blog site.

As I write this on Friday, it is worth noting that lawyer Foong Cheng Leong, who specialises in IT/cyber law writes about The law and the Sweet Young Malaysian girls blog. Another useful read!

A warning

Be very careful with what you share on social media or the Internet (this includes blogs, sites like Picasa or Flickr, etc.). Anything in the public eye can be saved (even if you disable saving there can be screenshots) and reused or aggregated later on. If you don’t want it to be public, do not share it. Be aware of those applications like Dropbox, Google Plus, etc. that auto-upload pictures – yes they put them in private by default, but if your accounts get broken into, these pictures can become public.

I am all for free speech on the Internet, but I draw a line at child pornography. Nudity, nude models, etc. may be obscene and against Malaysian law to some extent (which isn’t sensible), but child pornography is not tolerated in any jurisdiction. 

What’s wrong with sweetyoungmalaysiangirls?

Nothing. It is definitely in bad taste, but nothing is really wrong assuming these were curated images from the Internet. The images were re-blogged. Sure he slapped advertising on them. So that can be copyright infringement. 

There was once an estimate that about 5% of Tumblr blogs were nude/adult related. Recently Yahoo! removed them from public search. They still exist, but you’ve got to find the links elsewhere.

If the images were stolen from private Facebook profiles or a private Twitter feed, they are definitely not good. This is morally reprehensible and I would encourage the victims to make a police report immediately.

What about obscene images?

Nudity apparently may not be tolerated in Malaysia. Section 292 of the Penal Code says its an offence to post obscene pictures. Famously, this charge was a thought for using against the couple Alvivi (it wasn’t, they’ve been slapped with other charges). We also have the all encompassing Section 233 of the CMA 1998.

What can you do as a victim/concerned Netizen?

1. Victims, make a police report (if you’re over 18 now, you don’t have to inform your parents)
2. Victims or concerned Netizens might want to make a complaint to MCMC/SKMM. They have a content code, and Section 3 focuses on Obscene content that includes explicit sex acts/pornography, child pornography or sexual degradation. However, is a blogger a content provider? Or will this form of reporting just mean ISPs block offending URLs like they do for many porn sites? More on complaints to here.
3. MyCERT/Cyber999 is not a bad place to make a complaint (victim or concerned Netizen). Their definition of incidents are wide & varied, with cyber harassment to content related issues. Reports can be lodged here.
4. Complain to the abuse@ alias of the web hosting provider that the blogger is hosting at. They can either be DMCA takedown notices or just abuse notes. 

What else to note?

Freedom is a double-edged sword. One person’s morals cannot be imposed on another person. We want the Internet to be free, but within acceptability (so nudity, ala Alvivi is fine between consenting adults but not child pornography). The last thing we want is censorship of the Internet.

Don’t call people a pedophile. Or a sex offender. To be a sex offender, one has to be charged and convicted of the crime. Its easy to name & shame, but last I checked, that is defamation. Please re-read the opinion of lawyer Foong Cheng Leong.

Tell young kids and yourselves to be mindful of what you post on the Internet. Look at the selfie search on Twitter. Or the amount of detail you can get from an Instagram search.

Back then, it was camwhoring. In 2013, selfie is a dictionary word!

Be mindful of what you post online.

I recently kitted all the TVs in our homes with a Google Chromecast. It streams content from YouTube very well, and if you want content from other services like Vimeo, etc. you use a web browser (Chrome) to do the task.

I see it as a great productivity gain. You make playlists or say you want to watch videos later on YouTube. You use your phone or tablet as a remote and just watch content on your terms. You can then go on and read on the tablet, or work on your laptop. If you use the Chrome browser plugin for desktops, you can’t work on the machine at the same time as Vimeo or another video source will take the full-screen (though this isn’t a huge use case for me).

Sara had a party recently and part of the attraction was that people picked their music videos and added them to the playlist. So there was not only music but music videos. Naturally, they were all adding to the queue using her iPad.

Suddenly I understand why Android has the option for Users. This is a missing feature on iOS. Tablets are personal devices with a lot of private information on them (think Evernote, 1Password, etc.). Sure you can setup individual passwords, but the option to have a “guest mode” makes a lot of sense. It is something Apple clearly needs to work on going forward.

That said, for $35, the Google Chromecast is a great little device. Well worth it, and provides hours more TV usage. I’m thinking of getting a TV in my office room again!

As Frederic posted, its time to submit talks for the MySQL & Friends Devroom at FOSDEM 2014. The next year, it will be on Saturday February 1 2014. I look forward to being in Brussels again, and I hope to see you there too.

Submit to the MySQL track here, and don’t forget to be there on Friday evening for the start of the beers. I’m told by Frederic & Kenny that we’re likely to have a much more interesting community dinner since things are getting larger year by year. See you at FOSDEM and remember, submit talks!

Since MariaDB aims to be a compatible/drop-in replacement to MySQL, its crucial that in 10.0 we support all the 5.6 options/system variables, else we have to clearly document them in the Knowledgebase article MariaDB versus MySQL – Compatibility.

To this extent, Sergey Vojtovich (svoj) has created MDEV-5277 as a tracker. There is also plenty of discussion on this topic at the maria-developers mailing list. I encourage current users of MySQL 5.6 to take a look at the list and comment either in Jira or on the mailing list to ensure that when we are ready for MariaDB 10.0, we cover what you’re using.

1. If you hire a PR firm, you tend to find that they “influence” journalists to write pieces. Fluff pieces even.
2. If you hire an analyst firm, they tend to be interested in you and start putting you on their subscribers radars. And in all their reports. And naturally press releases.
3. “Tech press” are more interested in covering M&A, money deals, etc. as opposed to real tech. This democratisation of media has caused the mainstream ones to follow suit too.

These are global observations not limited to a region. Gatekeepers still exist.

Today before Ivan’s tutorial, he told me that in the 10.0.5 virtual machine images he created, he couldn’t find the Cassandra storage engine. I told him it had to be installed separately, and this is true – you have to install some engines separately!

When you do a yum install MariaDB-server MariaDB-client like the installation instructions tell you to do, you don’t get all storage engines (so running SHOW ENGINES might have you wondering what happened to a bunch of engines). This can easily be seen by doing a yum search MariaDB. On a CentOS 6.4 server with the MariaDB 10.0 repository configured, you should see the following:

MariaDB-cassandra-engine.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-client.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-common.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-compat.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-connect-engine.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-devel.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-server.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-shared.x86_64 : MariaDB: a very fast and robust SQL database server
MariaDB-test.x86_64 : MariaDB: a very fast and robust SQL database server

So to get Cassandra or CONNECT engine support, don’t forget to install MariaDB-cassandra-engine and MariaDB-connect-engine.

Once you do that, don’t forget to actually load the engines – for example you do something like INSTALL SONAME 'ha_spider.so';.

In fact, why not check out what plugins exist in /usr/lib64/mysql/plugin? You can also see this from the MariaDB monitor: SHOW PLUGINS SONAME;. This shows active and non-installed plugins as well. Read the documentation for SHOW PLUGINS SONAME.