Hackers in the Media – Autovoting Polls etc

One little thing that REALLY bugs me, is the medias cluelessness about anything computer related at all. Often referring to ‘Hackers’ without a second thought at all.

A few months back a man was harassing another person on trademe, was blocked, and created another trademe account to harass them further. The media titled the article something akin to ‘man hacks trademe to abuse woman’. Hang on, wouldn’t that mean he did something illegal? or had some sort of computer skill? Are they seriously not aware that any old person who knows next too nothing about computers, can use a second email address signed up freely at gmail.com or hotmail.com, and sign up another trademe account?

This happens regularly, and today is no exception. In the media today i see this article. http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10606941

Hackers force web poll to close after skewing results

4:00AM Tuesday Nov 03, 2009
By Beck Vass

Online polls on nzherald.co.nz have been pulled until further notice.

Online polls on the Herald’s website nzherald.co.nz have been pulled until further notice after hackers entered the system, skewing the results of three polls.

The polls – which included questions relating to whether people thought Destiny Church was a cult or a church, if people thought it was okay for MP Rodney Hide to take his girlfriend on tour at taxpayers’ expense and if people were sick of being told they were ruining the planet – were hacked late last week.

Jeremy Rees, nzherald.co.nz publisher, said a staff member was alerted to the hacking when, in the space of four hours last Thursday, the Destiny Church poll swung from 97 per cent of people saying it was a cult to 60 per cent saying it was a church, with an unusually high number of responses.

On Friday, the Rodney Hide Poll showed 90 per cent of people thought it was unacceptable that he took his girlfriend Louise Crome overseas, leaving taxpayers to foot the $25,163 bill. But that poll also swung rapidly, moving in favour of the MP.

The poll was pulled down and the one that replaced it asked if people were sick of being told they were ruining the planet and from 4pm it was noticed that the number of votes was unusually high for a Friday afternoon, with about 2000 votes an hour.

Mr Rees said IT specialists were looking into the problems and had identified internet protocol (IP) numbers 118.92.185.135, 118.90.40.97 and 203.109.154.13 as the source of the problems but polls had been stopped until issues were resolved.

While some people might think the poll hacking was a conspiracy from interested parties, that was often not the case, Mr Rees said.

“Often most likely it’s some kind of 18-year-old guy in a black T-shirt who’s bored from looking at the new Google wave [a type of software] product and has decided to take a hack.”

Now, seriously, men in black shirts? really? are we back in the 90s when most people on a computer had to be fairly technical to do such a thing, and usually teenagers ergo wearing black shirts?

I’ve been known to use autovoting a few times on various game websites for a little fun. Its not hacking, its skewing the results for sure, but these are not for a competition, they are not voting for a particular government party, and in fact if they were serious about wanting the results to be accurate they would enforce logins, and dynamic hidden fields to help control it.

I notice that they also have included the IP addresses of the computers that were doing the voting, hmm not such a good idea really to do so, however this illustrates that these are not ‘hackers’ , they didnt even use an anonymous proxy.

liz@tulip:~$ host 118.92.185.135
135.185.92.118.in-addr.arpa domain name pointer 118-92-185-135.dsl.dyn.ihug.co.nz.
liz@tulip:~$ host 118.90.40.97
97.40.90.118.in-addr.arpa domain name pointer ip-118-90-40-97.xdsl.xnet.co.nz.
liz@tulip:~$ host 203.109.154.13
13.154.109.203.in-addr.arpa domain name pointer atm1-0-939.akl-grafton-car1.ihug.net.

They are using ihug, xnet and the last one looks much like router or business connection – clearly in Grafton Auckland.

Whilst they may have loaded up something simple like greasemonkey on firefox, then written a few lines of code, they more than likely just downloaded an application similar to those used for runescape to automate things.

So, lets get this straight, there is MUCH debate over what a hacker is, and the difference between a hacker, and a cracker. However, neither one covers whatever the heck the medias idea is. They are what’s generally referred to as a pain in the butt, and in any case, if you are one of the top websites in a country, you should have a LOT better security if you are worried about the validity of your poll data.

ps. I’m a female, and i rarely wear black shirts, i’m also nowhere near 18 , however my son is almost 18, who also doesn’t wear black shirts, and who also could easily ‘hack’ those polls.

Be careful with your Follow friday

Every friday i see lovely awesome people handing off follow friday greets on twitter to their favourite people, its amazing and awesome. However I do also see the same mistake again and again!

If you prefix a message with an @username , then twitter sees this as a message TO that person, therefore this wont show up in anyones timeline except your own, and theirs, and anyone who follows you or them.

This means if you start your follow friday with a username then only you, and them, and anyone else mentioned in that tweet or following both of you will see it. It somewhat defeats the purpose of follow friday which is advertising people to watch.

I love to find new and interesting people to follow on Fridays, i don’t however often do them myself (ok so im lazy!) So in the interests of spammy follow fridays and great friendships, do the honerable thing and start your follow fridays with a #ff tag !:D

Shit like this makes my blood boil – BMI accuracy

Having been overweight for sometime, then managing to loose 80kgs, seeing this crap in the media really makes me angry http://www.stuff.co.nz/opinion/2662605/BMI-a-bit-thin-on-credibility

Pretty much what it sums up to is ‘all you fatties arnt actually fat its just the BMI measurement to blame’ . I hate to break it to you, but the BMI is actually fairly accurate for anyone whos not an uber athlete! And just because somebody is super fit, doesnt mean they dont also carry fat!

Media like this just allows people who are ovweight to justify being so and/or staying so and continue to kid themselves into thinking that everything is fine and dandy, and honestly its really not their fault they are fat!

I’ve heard all the excuses, in fact i reckon i invented a good portion of them! My point being that media or blogs saying that BMI is completely wrong based on something silly like that, is incredibly irrisponsible (and retarded )

Anyway, rant over, thanks for getting this far!

Liz