The current sedition trial of RPK is a fairly interesting. I think that it is the first high profile case that involves a serious crime and computers. I find it interesting because computer forensics is being introduced as evidence. However, things did not turn out quite as the prosecution expected as the prosecution witness seems to have testified that no evidence was found in the RPK’s computers.
According to this article from TheStar: ” A computer forensics investigator told the Sessions Court here that data on a notebook computer seized from Malaysia Today editor Raja Petra Raja Kamarudin had been deleted. ASP Wa’ie Isqal Kria Abdullah, 38, said this was why there were no records of the computer accessing the Malaysia Today website between April 11 and April 26 this year.”
The reason that I find this interesting is because it reveals a great deal about the procedures employed and the capabilities of our computer forensic investigators. It is quite common for bloggers to compose and publish their blog entries directly using a web interface. As a result, there should not be any documents held in their harddisk except potentially in a browser cache, which is wiped over periodically.
So, the typical procedure when investigating any crime that involves an online website is to actually seize the servers that hold the website content. Granted, this will be a little more difficult to do if the servers are located in an overseas jurisdiction. Although all their servers are now located overseas, I do seem to recall that Malaysia-Today had some servers located in Malaysia in the recent past.
Now, assuming that RPK is an old man and actually likes to use an offline word processing tool to compose his entries before actually uploading them onto the server, there may be some files stored on his computer. As a precaution, RPK may have deleted these files after he was done with them. However, even Hollywood knows (one of the rare times that they are actually right) that files that are deleted, can still be recovered, unless of course the files never existed in the first place.
Another interesting thing to note about the investigation was that the investigating officer had limited his search of the computer to only specific folders, in accordance to the terms of reference for his investigation. One would think that files can be hidden anywhere on a computer and not necessarily in the “My Documents” folder. So, that is why the DPP has requested that the search be expanded to the rest of the harddisk.
Personally, I think that it was a good thing that the investigation officer did not go on any fishing expedition. This reflects a sense of professionalism on the part of the investigating officer to follow the rules when looking for evidence and not to just blindly toss things about. However, it also reveals to me the lack of technical knowledge on the parts of the investigators, which does not bode well.
If the police can be stopped by a simple file deletion, I shudder to think how they would actually go about extracting evidence from encrypted volumes. Any technology inclined person worth his salt would have his harddisks encrypted even just for privacy reasons. So, I seriously wonder about the police’s ability to investigate really serious commercial crimes.
It seems that RPK is being charged with sedition. I find that rather curious simply because I’m not sure if he had actually committed any act of sedition. According to the article in TheStar, he had written a blog entry entitled “Let’s send the Altantuya murderers to hell”. In that entry, he had implicated the involvement of our DPM and his wife in the scandal.
Alright, obviously RPK should not get away with randomly accusing people (especially prominent people) of being implicated in criminal offences, especially when the courts have not mentioned anything to such end. Regardless of what had transpired, it is generally considered wrong to fitnah anyone. As I understand it, this is an even more heinous crime than murder, in Islam.
This obviously qualifies as an act of libel. If our DPM or his wife feels slighted in any way, they should very well, sue RPK’s ass off in court for libel. They could very well bankrupt the man seeing that they are very prominent people, with fragile reputations to protect. So, the damages could be astronomical. However, it is rather curious to try to get RPK under the Sedition Act.
According to Wikipedia, under section 3(1), those acts defined as having a seditious tendency are acts with a tendency:
(a) to bring into hatred or contempt or to excite disaffection against any Ruler or against any Government;
(b) to excite the subjects of the Ruler or the inhabitants of any territory governed by any government to attempt to procure in the territory of the Ruler or governed by the Government, the alteration, otherwise than by lawful means, of any matter as by law established;
(c) to bring into hatred or contempt or to excite disaffection against the administration of justice in Malaysia or in any State;
(d) to raise discontent or disaffection amongst the subjects of the Yang di-Pertuan Agong or of the Ruler of any State or amongst the inhabitants of Malaysia or of any State;
(e) to promote feelings of ill-will and hostility between different races or classes of the population of Malaysia; or
(f) to question any matter, right, status, position, privilege, sovereignty or prerogative established or protected by the provisions of part III of the Federal constitution or Article 152, 153 or 181 of the Federal Constitution.
As I understand it, an act of sedition can only be committed against a government or ruler. You cannot commit a seditious act against a fellow citizen. So, reading the various definitions of sedition, I still don’t really know which one applies in this case. Obviously, I’m not a lawyer. So, I surrender to the better judgement of the legal people in these matters. However, it still smacks of a strong arm scare tactic in this case. Someone needed to shut RPK up for good and decided to invoke the heftiest penalties on him.
Seeing that RPK has been rather mischievous when it comes to the law, I doubt that he can expect any leniency from the magistrate. However, I do hope that things go well for him because he really seems to have a lot of insight into the inner workings of Malaysian politics. It would be a waste to see him go. I did enjoy reading some of his more flamboyant entries.
In light of recent developments in Malaysia, with the computers of certain prominent anti-establishment bloggers, consistently being confiscated for dubious investigative purposes, I thought that it might be a suitable time to write a little about information security. The whole idea behind information security isn’t to foil justice, but to make sure that the rights of people are not infringed.
With harddisk sizes going into the Terabyte range, there are lots of things stored on a person’s personal computer, including personal information that nobody has any right to access. Sometimes, these confiscated computers are subject to random checks in the hope of finding something, anything, that can be used to entrap the owner. So, let’s start with the basics.
Email Security
Although the technology has been around for more than a decade, I’m surprised that most people do not know about it, much less use it. Email, is transmitted in the clear. So, anything that is said through an email, can be easily intercepted and read by others. The only way to protect the content of email messages is through the use of public key (PKI) cryptography.
The most commonly used software is PGP or if you want an open source version, GNUPG (GPG). Both these software integrate fairly well with all popular email programmes, whether it be Outlook, Thunderbird or Kmail. So, you wouldn’t even need to know any voodoo to get it to work. If you use a webmail programme, these tools also provide a regular text based mode, which can encrypt/decrypt plain text documents, which you can then cut-and-paste into the webmail client.
This software allows you to encrypt every email that you write, so that the only person who can read it is your intended receipient. So, I would urge everyone to install and learn how to use these tools. These tools should be used for all business communications as well, if you don’t want your competition eavesdropping on your sensitive communiques.
How PKI works is by exchanging public keys. A public key is a very large number that is represented in text, as shown below. When you send me an email message, your private key and my public key is used to generate a secret key that is used to encrypt the message. When I receive it, I will be able to decode the email using my private key and your public key. So, at no time would either of us need to expose our private keys. All these things happen mathemagically.
Any eavesdropper would only end up reading a bunch of random letters and numbers (much like the ones above). As an additional step of protection, do not store your emails locally in an unencrypted form. Leave them encrypted and have your email programme decrypt them each time you wish to read them. All these steps add an additional layer of protection.
There are no known exploits that can easily defeat this scheme, at least not until computers can factorise extremely large numbers quickly enough, at which point, you just double the size of the encryption key and continue using it. The easiest way to steal a PKI protected email is to just haul you to court and force you to divulge it’s contents.
Harddisk Security
It’s no use just protecting our communications channel if we do not protect our data storage as well. So, all harddisks, whether internal or external, should be encrypted. Truecrypt is a tool that runs on all platforms, which allows on-the-fly-encryption (OTFE). OTFE essentially intercepts all access to the harddisk and encrypts anything being saved and decrypts anything being read, transparently.
So, if you ever lose your laptop due to carelessness, theft or legal confiscation, at the very least, your data is safely tucked away. Anyone who tries to access your data without the correct keys, will only end up reading a bunch of random gibberish again. So, all your private communications, photos and videos, will be protected under heavy lock and key.
However, there is one caveat to using OTFE encryption, which only applies if you’re traveling to the US. The government is legally allowed to make copies of your harddisk data at the border. If your computer is encrypted, they are also empowered to deny you entry or to confiscate your computer. So, it may not be a good idea to travel with encrypted data through US customs.
There is one currently known exploit, to defeat this system, but it involves a lot of preplanning. The attacker would need to physically compromise your computer within minutes of it being shutdown, and preserve the memory contents by freezing your memory module, as illustrated through the following video. The solution to this problem is to not leave your computer running, unattended. Given enough off-time, the following attack would not be plausible.
I always find it interesting when news about Malaysia makes it onto Slashdot. Today, something did make it: an article from CNN about politics and blogging. It’s not about how blogs have affected the political climate in Malaysia, but about the problem endemic with the establishment, i.e. short-sighted stoopidity. From the article:
Abdul Rahman Dahlan, secretary general of the United Malays National Organization party’s youth wing, said all those vying for national youth posts must have blogs to introduce themselves and their programs ahead of party elections in December. All candidates must have blogs. If not, they are not qualified to be leaders.
This kind of talk from the leader of a major political party, goes to show the kind of detachment from reality that these people suffer. Turning a blog into a pre-requisite for candidates contending for a position seems rather arbitrary to me. Instead of insisting on integrity, education, or leadership qualities, they are now turning a blog into a license for political leadership.
The trouble with this kind of arbitrary criterion is that it’s difficult to enforce. Having a blog or not, is not a objective selection. Like I had mentioned in my previous entry, trying to define a blog itself is not an easy task to do. It’s a subjective decision on whether or not something is a blog. So, in the end, the selection process will be a thoroughly arbitrary one.
I know that I’ve previously asked for more pro-establishment bloggers in order to counter the claims of the anti-establishment ones. However, this is not the way to do it. A person should not blog as a license to political office. It takes the whole spirit away from blogging. Yes, they should be encouraged to blog, but making it into a box to tick, is not the right way to do it. But this is just the way that they do things back home, checking boxes.
So, these people don’t really want to have blogs and they will only do it to get a sticker on their report card. So, they’ll just end up hiring somebody to do it for them. Then they will end up just uploading officially licensed press releases from the party. In the end, these ‘blogs’ will just turn into another regular news website like TheStar. Then, are these blogs still blogs?
The biggest danger in this move is that they risk diluting the whole blog space. Where once blogs were the cool anti-establishment tool, if everyone has a blog, then it becomes something very blase. The fact of the matter is that we already have too many Malaysian bloggers, as mentioned in an earlier article, which claims that there are about 500,000 active bloggers in Malaysia. That’s almost 5% of the whole Internet population of Malaysia.
If they want these leaders to connect to the younger generation of Malaysians, they shouldn’t stop at blogs. They should encourage them to get Facebook and Youtube accounts too, so that everyone can pry into their private lives.
PS: The best quote from the article is: But now, even youth deputy Khairy Jamaluddin — who once compared bloggers to monkeys living by the law of the jungle — has a blog.
It seems that RPK is being charged with sedition. I find that rather curious simply because I’m not sure if he had actually committed any act of sedition. According to the