taint.org: Justin Mason’s Weblog

Irish iPhone users — you may find this useful. I’ve written a web scraper which takes a couple of the more useful pages on Met Eireann’s website — the regional forecast and the rainfall radar page — and reformats them in an iPhone-optimised style. Enjoy:

• iPhone-Optimised Weather Forecast for Ulster
• iPhone-Optimised Weather Forecast for Munster
• iPhone-Optimised Weather Forecast for Leinster
• iPhone-Optimised Weather Forecast for Connacht
• iPhone-Optimised Weather Forecast for Dublin

(updated: supports all the provincial forecasts now)

Tags: iphone, ireland, scraping, weather, web

If you were listening to the Marian Finucane show on RTE Radio 1 last Saturday afternoon, you might have heard the mind-boggling stuff coming out of Michael Woods, the Fianna Fail former Education Minister with a “strong Catholic faith” who brokered the controversial backroom deal back in 2003 which allowed the Catholic Church and its institutions to evade prosecution on child abuse.

Here’s a great thread on Politics.ie where quite a few folks boggle at the incredible things he said.

Thanks to Podcasting Ireland, I was able to track down and cut out this segment, so here is a recording of Michael Woods coming up with the pathetic excuse of how the British forced the Christian Brothers to abuse children:

Michael Woods – the brits made us do it.mp3 (951KB)

The last refuge of a cornered FFer — blame the British. Absolutely incredible. It has to be heard to be believed. What century is this again?

Update: according to Mary Raftery in the Irish Times, this is a preview of the religious right’s tactics:

‘It Is easy to discount former government minister and senior Fianna Fáil member Michael Woods. A former minister, he is no longer a prominent figure. He has, however, left a festering sore behind him which continues to weep poison every now and then. The infamous church-State deal on redress for victims of institutional child abuse, under which the religious orders pay a mere 10 per cent of the compensation bill, was at its most septic over the weekend.

Woods, the main architect of the deal, defended it on the television news and gave a long RTÉ radio interview on Saturday. We were beginning to hear some of the defences likely to be chosen by religious conservatives as soon as they manage to regroup and fight back.’

We marched in the streets about this stuff. It’s like the 90’s never happened.

Tags: bizarre, child-abuse, fianna-fail, ireland, michael-woods, politics, radio, rte

Spirit of Ireland looks very nifty.

It’s extremely simple — a group of Irish ‘entrepreneurs, engineers, academics, architects and legal and financial experts’ are calling for Ireland to achieve energy independence and become a net exporter of green energy within five years, by building a number of wind farms on our western seaboard, buffering the generated energy in water reservoirs using pumped-storage hydroelectricity.

This kind of massive-scale public-works engineering project has a strong historical precedent in Ireland — Ardnacrusha, opened in 1929, was the largest hydroelectric station in the world for a time. Given that Turlough Hill is a pumped-storage facility, it can even be beautiful ;)

We can certainly do it, given sufficient government vision. I’d love to see it happen. Great stuff!

• the Spirit of Ireland site
• John of Dublin’s blog post
• comment by Prof. Ray Kinsella in the Irish Times
• Irish Independent
• Eddie Hobbs

(image credit: CC-licensed image from Ganders on Flickr. thanks!)

Tags: generation, hydroelectric, ireland, power, spirit-of-ireland, wind, wind-power

Don’t forget — next Monday, the Heritage Society of Engineers Ireland, in association with The Irish Computer Society, and the ICT and Electronic and Electrical Divisions of Engineers Ireland, will be hosting an evening lecture entitled “Reminiscences of Early days of Computing in Ireland”, by Gordon Clarke (M.A., CEng., F.B.C.S., C.I.T.P., F.I.C.S). Sounds like it’ll be great. More details.

Update: it starts at 8pm; useful info! Also, the event’s flyer can be found on this page, which notes:

For those new to using our webcast facility, please see www.engineersireland.ie/webcast for information on how to set-up and access our webcasts. To view the event, please log onto the url below: https://engineersireland.webex.com/engineersireland/onstage/g.php?t=a&d=841959965 The password: computer

Tags: computing, history, ireland, software

On Monday April 20th, the Heritage Society of Engineers Ireland, in association with The Irish Computer Society, and the ICT and Electronic and Electrical Divisions of Engineers Ireland, will be hosting an evening lecture: ‘Reminiscences of Early days of Computing in Ireland’:

In 1957 the Irish Sugar Company installed the first stored program computer in Ireland. Other large organisations slowly followed suit.

Gordon Clarke will discuss how the early computers enhanced the electro-mechanical systems that had developed over the previous 60 years. He will talk about their specifications, a few of the first applications and tell the story of the very early years of designing and developing computer based systems.

All Welcome. Admission Free. No booking required. This event will be web-cast

For Details: www.engineersireland.ie, or Con Kehely: (01) 6860113 (con.kehely /at/ dublincity.ie)

Location: Engineers Ireland, 22 Clyde Road D4

Sounds great! Thanks to Frank Duignan on the ILUG list for forwarding the notice.

Tags: computers, computing, dublin, events, gordon-clarke, history, ireland, talks

Reminder — Ireland’s Blackout Week starts tomorrow:

Take part in Blackout Week

1. To demonstrate your feelings about [IRMA's censorship demands], you can make your avatar black on any websites you have a presence on.
2. This is inspired by Creative Freedom New Zealand’s blackout campaign.
3. From Black Thursday on the 5th of March, for one week, set your picture on sites like Facebook, Bebo, Twitter, MSN, etc black to raise awareness for Blackout Ireland.
4. On that Thursday we encourage you to express yourself publicly about this issue, whether by blog posts, letters to newspapers or any form of communication you can think of.

Tags: blackout, blackoutirl, censorship, internet, ireland, irma, isps

As Adrian noted last week, IRMA are demanding that Eircom block the Pirate Bay — first on a list of websites they don’t like — on pain of being sued. On top of that, they intend for the other Irish ISPs to follow suit — here’s a key line from the letter they sent to Blacknight MD Michele Neylon:

in the event of a positive response to this letter it is proposed to make practical arrangements with Blacknight of a like nature to those made with eircom.

If that comes to pass, this will be an appalling situation for Irish internet users, and we need to act to ensure it doesn’t happen. Digital Rights Ireland:

The net effect of this scheme, if it is allowed to go into effect, will be to impose an internet death penalty on two groups. On users, who will be cut off on the allegation of a private body, with no court involvement, and on websites, which could be blocked to Irish users based on a court hearing where only one side is heard.

Pace Mulley:

So first they’ll start with the Pirate Bay. Then comes Mininova, IsoHunt, then comes YouTube (they have dodgy stuff, right?), how long before we have Boards.ie because someone quoted a newspaper article or a section of a book?

Digital Rights Ireland have posted an excellent document detailing the following plan of action for Irish internet users concerned about this:

• Contact your ISP and let them know that this is a key issue for you, as their customer.

• Join up with your fellow netizens. Subscribe to the Blackout Ireland blog. Follow the #blackoutirl hashtag on Twitter. Join the Blackout Ireland Facebook group. It looks likely that there’ll be a week-long blackout campaign starting next Thursday, March 5th.

• Contact politicians. This is likely to cause irreparable damage to the Irish internet, so our pols should be very worried. See the DRI post for details on getting in touch with Minister for Communications Eamonn Ryan.

New Zealand is running their own blackout campaign right now, so that may help our planning.

International readers — make no mistake, you’re next. IRMA in this case is acting as the local delegate of IFPI, which stated in 2007 that this was one of the 3 technical options for ISPs to control piracy:

Here’s some other interesting coverage:

Fantastic interview with BitBuzz CEO Alex French:

If ISPs, including Eircom, agree not to oppose blocking access to The Pirate Bay and other similar websites, is this not an agreement to web censorship? “I don’t think there is any other way to interpret it,” said French.

“They are essentially agreeing to censor certain websites at the behest of the recording industry, without these websites ever having necessarily shown to be illegal in the Republic of Ireland. I would have a huge concern over what other websites may be blocked and what other industries will pile in now that the precedent has been set.”

Some sample letters:

• letters to IRMA, and to Minister Eamon Ryan from Paul McCarthy

• A sample letter to your ISP from Charles Julienne

And further discussion — here’s a massive boards.ie discussion thread, now closed in favour of this newer thread.

Update: here’s the letter I sent to the Minister, if you’re curious or need inspiration.

Tags: blackoutirl, eircom, filesharing, grassroots, ifpi, internet, ireland, irma, isps, pirate-bay, politics

Somehow or other, I seem to have won the 2009 Irish Blog Award for Best Technology Blog/Blogger! To be honest, for the last year I haven’t been spending as much time on the blog as before, due mainly to a rather compelling distraction, so I’m doubly grateful for winning.

Unfortunately, I was out of the country, at Nishad and Janet’s wedding, so missed my chance to get up on stage and thank my fellow bloggers in person — but I asked John to do so instead. Seems he in turn got stage fright and delegated to his missus, who picked up the trophy. Thanks Fiona! That’s probably just as well, since I’m pretty incoherent in that kind of situation myself.

Cheers to my fellow nominees, Eoghan, Robin, Michele and Pat. One of you guys should totally have won ;)

And last of all — cheers to BitBuzz for sponsoring the category, and Mulley for the whole bash. I definitely have to turn up next year!

Now I need to put more time in this year to really earn that award…

Tags: awards, blogging, iba09, ireland, meta

So it seems that JC Decaux have been complaining about the costs of running the Velib scheme in Paris:

Since the scheme’s launch, nearly all the original bicycles have been replaced at a cost of 400 euros each.

Of course, this won’t be a problem in Dublin. Going by Newstalk’s estimates of how much the advertising space provided to JC Decaux for free, in exchange for the (as yet nonexistent) 450 bikes would have cost, each bike comes at a public cost of 111,000 Euros. That should cover a lot of “velib extreme”.

(OK, that may be overestimating it. The Irish Times puts a more sober figure of EUR 1m per year; that works out as EUR 2,000 per bike per year. Still should cover a few broken bikes.)

A quick reminder:

And, of course, there’s no sign of the bikes here yet… assuming they ever arrive. Heck of a job, Dublin City Council.

BTW, here’s the rate card for advertising on the “Metropole” ad platforms, if you’re curious, via the charmingly-titled Go Ask Me Bollix.

Tags: bikes, cycling, dublin, ireland, jc-decaux, paris, velib

I’ve switched my home broadband from Eircom’s 3Mbps all-in-one package to Magnet’s 10Mbps LLU package. It’s about a tenner a month cheaper, and significantly faster of course.

The modem arrived last Friday, about 2 weeks after ordering; that night, when I went to check my mail, I noticed that the DSL had gone down, and indeed so had the phone. I was dreading a weekend without the interwebs, it being 9pm on Friday night — but lo, when I plugged in the Magnet router, it all came up perfectly first time!

Great instructions too. Extremely readable and quite comprehensible for a reasonably non-techie person, I’d reckon. So far, they’ve provided great service, too.

I’m not actually getting the full 10Mbps, unfortunately; it’s RADSL, and I’m only getting 5Mbps when I test it. Just as well I didn’t pay the extra tenner to get their 24Mbps package. Still, that’s a hell of a lot faster than the sub-1Mbps speeds I’ve been getting from Eircom.

It’s hard to notice an effective difference when browsing though, as that kind of traffic is dominated by latency effects rather than throughput.

I haven’t even tried their “PCTV” digital TV system; it seems a bit pointless really, I have a networked PVR already, and anyway I doubt they support Linux.

One thing that’s wierd; when my wife attempts to view video on news.bbc.co.uk on her Mac running Firefox, it stalls with the spinny “loading video” image, and the status line claims that it’s downloading from “ad.doubleclick.net”. This worked fine (of course) on Eircom. If I switch to my user account and use Firefox there, it works fine, too — possible difference being that I’m using AdBlock Plus and she’s not. Something to do with the number of simultaneous TCP connections to multiple hosts, maybe? Very odd anyway. It’d be nice to get some time to sit down with tcpdump and figure this one out… any suggestions?

Tags: consumer, dublin, eircom, ireland, magnet, switching

The Digital Depot is ‘an innovative, state-of-the-art building specifically designed to meet the needs of fast growing digital media companies [...] developed as a joint initiative of Enterprise Ireland, Dublin City Council and The Digital Hub Development Agency.’ Generally, it’s a pretty nice place to work, and a great resource for startups and small tech companies.

However, recently, it looks like they’ve been embarking on some innovative, state-of-the-art cost-cutting exercises.

There’s a little canteen area, for companies to make tea and coffee, wash up their mugs, etc. Check out this snapshot from the canteen this morning, courtesy of JK’s phone cam:

Notice anything odd about that bottle of washing-up liquid?

Yum yum! Nothing nicer than washing your mug with a dash of toilet cleaner.

Tags: digital-depot, digital-hub, dublin, ireland, oh-dear, omgwtf, recession, toilet-cleaner

I think I just got my first spam from a government body! Specifically, VisitWicklow.ie spam from Wicklow County Tourism. It says:

Wicklow County Tourism is launching its sparkling 2008 Christmas campaign this month, with an extensive festive section on our website www.visitwicklow.ie/xmas . Here you will find all the information you need about what is happening in the Garden County this season including Christmas parties, seasonal events, carol singing, festive markets, Santa visits, great accommodation packages etc.

It was sent to a spamtrap address, scraped from an old mail archive. This address is a dedicated spamtrap; I’ve never used it for non-spam-trapping purposes, nor has it ever opted-in to receive mail. So there was no question that I granted permission to anyone to mail it.

The address delivers mail to my personal account — that’s what I do with my spamtraps, until their volumes get too high. So it still qualifies as a “personal email address”. Here’s the full spam with all headers intact.

It appears the message originated at IP address 87.192.126.62:

inetnum:        87.192.126.32 - 87.192.126.63
netname:        IBIS-PA-NET
descr:          BreezeMax-KilpooleHill-Comm-E 3MB 24:1 (2)
country:        IE
admin-c:        IRA6-RIPE
tech-c:         IRA6-RIPE
status:         Assigned PA
remarks:        Please do NOT send abuse complaints to the contacts listed.
remarks:        Please check remarks on individual inetnum records for abuse contacts, or
remarks:        failing that email abuse reports to abuse@irishbroadband.ie.
mnt-by:         IBIS-MNT
source:         RIPE # Filtered

Kilpoole Hill appears to be south of Wicklow town, just the right spot for a wireless tower used for Irish Broadband access from The Murrough, Wicklow Town (mentioned as the address for Wicklow County Tourism in the mail).

Suggestions? Did anyone else get this? How do I report spam sent by the Wicklow County Tourism Board?

Update: they also hit the Irish Linux User’s Group submission address. I wouldn’t be surprised if they scraped the addresses of other ILUG subscribers, then…

Tags: idiots, ireland, spam, wicklow

Dublin is a city that, photographically at least, can be reduced to a set of clichés, but a new exhibition offers a fresh, vibrant perspective of the Irish Capital. Dublinr is organised by a group of photographers that came together through the photo sharing website Flickr.

The exhibition opens at 6.00pm on Wednesday 5 November, runs until Sunday 9, from 11:00am – 6:30pm daily, and admission is free.

The Joinery Gallery | Arbour Hill | Stoneybatter | Dublin 7.

Some fantastic local photographers, including Andy Sheridan, whose work I’ve been following for a couple of months now; and a good location. D7 is full of good stuff nowadays — in fact, ever since I moved out ;)

Tags: art, d7, dublin, exhibition, ireland, photos, pictures

I didn’t win a Web Award — but then, given the competition from a couple of very professional news organisations, I really wasn’t expecting to ;) Silicon Republic won, and rightly so. Good on ‘em.

I had a great night nonetheless, hanging out with Vishal, Walter (who won his category!), Conor O’Neill, Jason and a bunch of others.

Thanks to Moviestar.ie and BH Consulting for their sponsorship of a great event — marketing money well-spent, I suspect. Extra thanks to Moviestar for the freebie DVD player. And thanks of course to the mighty Mulley for organising the whole thing — at this stage he’s a finely-honed events machine!

Tags: awards, events, ireland, iwa08

So, the Irish Web Awards are happening on Saturday night — I’m booked and looking forward to it! Say “hi” if you’re there and spot my ugly mug ;)

Tags: awards, ireland, irish-web-awards, iwa2008

• Dabble DB : looks like a web-based version of good old Filemaker
  (tags: dabble-db databases web db spreadsheets analytics groupware)

• retrocomputing hackers reminisce about the 1541 diskette drive : skip to the comment thread, it’s fantastic. I used to know lots of this stuff (via Donncha)
  (tags: via:donncha commodore-64 hacks 1541 disks copy-protection drm hardware hacking history retro c64)

• MPLC racketeering Irish playschools : the ‘Motion Picture Licensing Company’ sent a letter to 2,500 Irish playschools, demanding a fee of EUR3 per child to cover license fees for the kids watching DVDs. However, it seems they themselves hadn’t registered as required by law, so were acting illegally in issuing demands… oh the irony
  (tags: mplc racketeering law ireland dvds movies mpaa licensing copyright legal children kindergarten playschools)

• Komplett’s new Dublin pick-up point is open : routing around the Irish couriers and An Post’s brokenness by allowing customers to pick up their items directly. a shame this is necessary
  (tags: an-post delivery couriers dublin ireland komplett components pc hardware)

Tags: 1541, an-post, analytics, c64, children, commodore-64, components, copy-protection, copyright, couriers, dabble-db, databases, db, delivery, disks, drm, dublin, dvds, groupware, hacking, hacks, hardware, history, ireland, kindergarten, komplett, law, legal, licensing, movies, mpaa, mplc, pc, playschools, racketeering, retro, spreadsheets, via:donncha, web

• Vint Cerf interviewed on spam, malware etc. : pretty much the EFF party line, I think: “every man for himself”. also talks about net neutrality
  (tags: vint-cerf internet filtering spam malware abuse network-neutrality anti-spam eff)

• video of a fake e-Passport being accepted by airport security reader : an e-Passport for “Elvis Aaron Presley”, no less, happily scanned by an Amsterdam passport security station. hahahaha!
  (tags: elvis funny security e-passports video via:slashdot rfid)

• Facebook adds Ireland as a Friend : ‘Dublin will be the centre for Facebook’s international operations and will provide a range of online technical, sales and operations support to Facebook’s users and customers across EMEA region.’ good news
  (tags: facebook dublin ireland web2.0 emea)

• RFC-5321 (Obsoletes: 2821) : The newest rev to the Simple Mail Transfer Protocol (via fanf)
  (tags: rfcs rfc-2821 standards internet smtp email rfc-5321)

• RFC-5322 (Obsoletes: 2822) : the newest rev to the Internet Message Format for email (via fanf)
  (tags: via:fanf rfc rfc-2822 rfc-5322 standards email internet)

Tags: abuse, anti-spam, dublin, e-passports, eff, elvis, email, emea, facebook, filtering, funny, internet, ireland, malware, network-neutrality, rfc, rfc-2821, rfc-2822, rfc-5321, rfc-5322, rfcs, rfid, security, smtp, spam, standards, via:fanf, via:slashdot, video, vint-cerf, web2.0

• Addictions, Think Amazon, not Google : Brian “Krow” Aker: ‘Google’s AppEngine is much closer to [...] “Digitial Sharecropping” [...] S3 and EC2 have little tie in to them. You can end up with a physical addiction to the services but the mental addiction to a framework does not exist. S3 is just storage and EC2 for most is just a hosted Linux image.’ +1!
  (tags: google gae aws ec2 amazon hosting s3)

• The Porterhouse to get a shiny new bottling line : hooray, great news for Irish beer drinkers sick of Guinness
  (tags: porterhouse beer ireland brewing)

Tags: amazon, aws, beer, brewing, ec2, gae, google, hosting, ireland, porterhouse, s3

Crazy! Somehow or other, this blog has made the shortlist for “Best Technology Site” at the Irish Web Awards 2008, up against TechCentral, Silicon Republic, Camara, and Robin Blandford’s ByteSurgery blog. I have no idea how this happened, given the quality of the sites I’m up against — two of them are even proper news sites, with journalists! ;)

I’ve registered for the Oct 11 event; looking forward to it now…

Tags: awards, ireland, irishwebawards2008, meta, taint.org

• A unique place for creating and preserving knowledge : swan song for Iona Technologies. as an ex-Ionian, all I can say is +1; great place to work in the ’90s
  (tags: iona dublin ireland software business 1990s)

• Deletionpedia : ‘an archive of about 63,556 pages which have been deleted from the English-language Wikipedia.’
  (tags: wp:vfd deletion wikipedia archives web)

• Michelle Malkin » The story behind the Palin e-mail hacking : Yahoo!’s password recovery feature is pretty trivial to defeat: ’seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)’
  (tags: yahoo passwords security web sarah-palin 4chan)

Tags: 1990s, 4chan, archives, business, deletion, dublin, iona, ireland, passwords, sarah-palin, security, software, web, wikipedia, wp:vfd, yahoo

• Build a Web Page Monitor with Google Docs : incredible. the GDocs spreadsheet supports getting a remote URL, extraction using XPath, and RSS output, making it a pretty credible scraping platform
  (tags: google-docs google xpath rss feeds scraping)

• PayPal phishes their own customers : ‘Your monthly account statement is available anytime; just log in to your account at https://SECURE.UNINITIALIZED.REAL.ERROR.COM/au/HISTORY.’ doh
  (tags: paypal phish phoul funny errors anti-spam via:risks)

• laptopsdirect.ie crappy reviews : wow. I dodged a bullet when I bought my work Thinkpad T61p last year; since then they’ve accumulated a truly atrocious customer service reputation. avoid
  (tags: laptopsdirect.ie laptops shopping ireland boards.ie reviews customer-service cluetrain)

Tags: anti-spam, boards.ie, cluetrain, customer-service, errors, feeds, funny, google, google-docs, ireland, laptops, laptopsdirect.ie, paypal, phish, phoul, reviews, rss, scraping, shopping, via:risks, xpath

• Va. Supreme Court Strikes Down State’s Anti-Spam Law : argh! IMO the judge has confused misleading forged headers with anonymous speech
  (tags: anonymity legal law jeremy-jaynes spam anti-spam virginia)

• Watch out for that Dropbox Public Folder : Joe has a good point: ‘you hereby grant all other Dropbox users a non-exclusive, worldwide, royalty-free, sublicensable, perpetual and irrevocable right and license to use and exploit Your Files in your public folder.’ wtf
  (tags: dropbox ip backup legal terms-and-conditions legalese)

• Microsoft Open Source inside Google Chrome : namely the Windows Template Library, now distributed under the (OSI-approved) Microsoft Public License. strange days (via reddit)
  (tags: microsoft open-source osi google chrome wtl windows)

• Irishmen buy up island of England : ‘an Irish consortium has emerged as the buyer of the island of England in The World development, a man-made scheme off the coast of Dubai.’ hahaha!
  (tags: funny ireland england dubai unintended-consequences property the-world)

Tags: anonymity, anti-spam, backup, chrome, dropbox, dubai, england, funny, google, ip, ireland, jeremy-jaynes, law, legal, legalese, microsoft, open-source, osi, property, spam, terms-and-conditions, the-world, unintended-consequences, virginia, windows, wtl

This is a little late, since I was off on holliers when it came to light — Galway News reports ‘hundreds hit by skimming scam’:

The account details of shoppers who used credit or laser cards to pay for their groceries and other items in a number of Galway shops and supermarkets were illegally skimmed by a gang who apparently managed to interfere with the Chip & PIN terminals at the stores’ check-out counters.

The Irish Times story:

However, it has emerged some cardholders had several thousand euro taken from their accounts overseas before they realised what was happening and alerted their card provider. And it is feared that thousands of other customers do not yet realise their cards have been cloned. Garda sources have confirmed the case involves thousands of cards.

The Galway investigation is centred on one large shop in the county. Gardaí believe several thousand cards have had all of their details skimmed, including pin numbers, over the past month. Some of the cards have already been cloned and used in Canada and other countries where, unlike Ireland, chip and pin protective technology is not in use.

In the Galway case [...] Detectives are working on the theory that somebody in the Galway shop may have facilitated the card skimming for an Eastern European crime syndicate.

Gardaí do not believe the payment terminals were tampered with. Gardaí have recovered CCTV images of suspects from in-store cameras.

In the past, cards have been copied using very small hand held devices through which a card is quickly and discreetly skimmed at the point of payment. The information is then copied, or cloned, onto a blank card which is then used like a regular payment card.

Skimming devices around the size of a cigarette lighter can store details from thousands of cards.

The payment terminals from the Galway shop have been taken by gardaí for technical examination as a precaution. The Garda Bureau of Fraud Investigation is leading the inquiry.

This Boards.IE thread is a real eye-opener, containing lots of reports from victims of this scam — many reports saying that they suspect it was in Joyces’ Supermarket in Knocknacarra, although one poster reckons ‘there are now over 20 suspect premises in Galway City and outskirts’. blimey.

On a related note — while shopping in my local supermarket at the weekend, I was pleased to note that when I paid with my credit card, I was asked to sign the slip, instead of using Chip-and-PIN. So it looks like at least one retailer is taking additional care.

On the other hand, the thread also notes many cases of skimming which took place from in-store ATMs in small convenience stores — those are very widespread now. eek. :(

Tags: atm, chip-and-pin, credit-cards, fraud, galway, ireland, pos, scams, skimming

• Independent group’s trigger-happy copying : allegations that Irish newspapers have copied content from blogs. There’s been a lot of cases of this recently. good round-up from Cian Ginty
  (tags: plagiarism ireland newspapers independent)

Tags: independent, ireland, newspapers, plagiarism

• Dublin’s new M50 electronic toll tags : what a mess! there are no less than 8 tag operators and a bewildering array of prices and penalties. typical
  (tags: ireland dublin m50 tolls roads pricing)

• Sustained IO on EBS == No Bueno : worrying stats for Amazon EBS data throughput, dropping from 160 MB/s to a rather paltry 42.4 MB/s
  (tags: amazon ebs ec2 speed networking hosting benchmarks)

• MXLogic on the economics of spam : Sam Masiello of MXLogic works out that phishers may be netting a 7300% profit margin; this is why spam’s not going away. mind you he does this by believing Gartner figures, which is never a good idea
  (tags: sam-masiello mxlogic via:tzink phishing spam money)

Tags: amazon, benchmarks, dublin, ebs, ec2, hosting, ireland, m50, money, mxlogic, networking, phishing, pricing, roads, sam-masiello, spam, speed, tolls, via:tzink

Cian Ginty at the Irish Times writes:

As clunky helmets, yellow reflective gear, and Lycra could be used as a stereotype for Irish cyclists, it might come as a surprise that women wearing high heels are a common sight on bicycles in Copenhagen.

The general image of cycling here is vastly different to so-called bicycle cultures where cycling is normalised and there is talk of a “slow bicycle movement”.

“Among thousands and thousands of cyclists on my daily routes, I think I see one or two reflective vests a week, if that,” says Mikael Colville-Andersen, a cycling advocate living in Copenhagen.

With Denmark, the Netherlands and Germany – where bicycle usage is high – the helmets and reflective clothing we think of as “a must” for cyclists are far from standard.

It then goes on to rehash some of the stuff that has cropped up recently on cycling blogs about cycling safety, helmets, etc.

The only problem with casualization of cycling, removing gear like helmets, is that without corresponding changes to the road and cycleways to make them safer, it will increase accidents and fatalities. I looked this up a couple of weeks back when I came across an anti-helmet site. Chasing up the figures and doing some research, it became clear that if you simply want to cycle without hurting yourself, the facts were not on their side — helmets save lives, especially when dealing with shared roadways as we have here.

Copenhagenization is a result of a better, safer road environment for cyclists, as seen in Denmark and the Netherlands, which makes safety gear not as much of a requirement. But on the other hand, Ireland’s roads are designed mainly for cars, and Dublin Council have done little to help — that makes safety gear a requirement, unfortunately :(

However, I think this is the real reason why people don’t cycle in Dublin:

Let’s take a fictional person, let’s call her Kassandra. Kassandra lives a little north of Copenhagen and rides every to work every day between 07:25 and 07:55 and back again between 15:35 and 16:05. Kassandra doesn’t mind a little light showers, but if the intensity increases to over 0.4 mm over 30 minutes (light rain), then she thinks it is too wet. Kassandra works five days a week and has weekends and holidays free. That gives her 498 trips between September 2002 and the end of August 2003.

How often does Kassandra get wet either to or from her job that year? The answer is, in fact, rarely. On those 498 trips it was only 17 times. That is only 3.5% or on average 1.5 trips a month.

3.5%. Compare that with what’s happened in Dublin this month — I’d estimate that’s meant that at least half of my rides have involved some degree of rainfall, occasioning many cries of woe.

It takes dedication — and lots of wet-weather gear — to ride a bike here…

(Of course, having said that, I look out the window and it’s immediately sunny ;)

Update: Ryan Meade corrects me in the comments:

Justin, you need to take a look at Owen Keegan’s paper to Velo-City 2005, “Weather and Cycling in Dublin : Perceptions and Reality”. The probability of getting wet is actually pretty comparable to the Copenhagen scenario detailed above – 5.5% for a 30 minute journey if you take 0.2mm per hour at the threshold for “getting wet”. On the other hand the vast majority of both cyclists and motorists think it’s more than 15%, with half thinking it’s above 30%.

Amazing how the psychological, “glass half-empty” factor influences my thinking on this. I had no idea!

Tags: cycling, dublin, flooding, helmets, ireland, rain, safety

• 2 Stage Transfer Drawing (advancing to a future state) on Vimeo : some great performance art from Irish artist Joan Healy; the installation appears to be a kiosk with a screen, and a touch pad. The pad itself is supposed to have a warm, soft, fleshy feel that ‘adds to the bond between people and machines’. However — in reality, it’s the artist’s back; she’s inside the kiosk, Mechanical Turk-style. Super-creepy
  (tags: art creepy cool ireland joan-healy performance-art touchpads ui interface hci video)

• The Daily Show’s TiVo setup : cool details on how TDS captures the news networks’ TV output every day; they use TiVos, not MythTV. what they have works well enough, and that’s good enough for them (via Waxy)
  (tags: mythtv tv the-daily-show tivo via:lhl)

Tags: art, cool, creepy, hci, interface, ireland, joan-healy, mythtv, performance-art, the-daily-show, tivo, touchpads, tv, ui, via:lhl, video

Wow, this is pretty massive. The Irish Payment Services Organisation has again released details of a credit-card breach, this time on retail Point-of-Sale card terminals. Quoting the Irish Examiner story:

Una Dillon, head of card services at the Irish Payment Services Organisation, said the criminals went into the shops pretending to be doing maintenance work on behalf of the banks.

“We have discovered only in the last 48 hours that a number of retailers have been affected by a point-of-sale compromise,” she said. “We are in the lucky position that it was discovered quickly and the gardaí are working on it.

“Gardaí have uncovered a lot of the devices and CCTV footage. We have a list of all the card numbers that have been used. They have either been blocked or restrictions put on those cards.

“With the devices recovered it may just be that the cards were only saved and the criminals did not have a chance to get hold of the card numbers.”

“There will be an emergency meeting today with the gardaí, the terminal vendors and the banks to try and close down on this,” she said, adding the gardaí were in pursuit of the gang.

Insufficient authentication of maintainance staff is being blamed:

“The criminals have been going into shops claiming to be engineers working on the terminals. Staff are used to their bank officials coming to update terminals so unfortunately they have been able to do that.

Bank of Ireland estimated 3,100 of its debit and credit cards were affected and Ms Dillon said the other eight card providers could have similar numbers.

Bank of Ireland said, as a temporary measure, it had reduced the daily withdrawal limit on all its debit cards for ATM transactions outside Ireland to just €100 to protect customers from fraud.

They haven’t released the names of the affected shops yet; 20,000 cards, though, sounds like it’s been going on for while, on a large scale. Yikes.

The SiliconRepublic story claims that the gang ‘plugged in wireless devices that pushed the data to the internet and allowed the card numbers to be used overseas.’ However, in the past, these ‘wireless devices’ didn’t use the internet; instead they use parts from mobile phones, which relayed PINs, card numbers and CVV security codes via SMS text messages to Romania. That model seems more likely here, I would guess, due to the reliability of phone networks.

Update: last night’s RTE Six-One news bulletin (viewable as streaming RealVideo or transcoded 5MB AVI file), made it clear that the hardware used phone components and SMS. It had some pretty good pics of what appears to be a sample subverted POS terminal:

VISA have been warning about attacks on petrol-pump-based POS terminals since 2006, e.g. this story, but they’re more easy to attack since there’s few or no staff present by the pumps when the POS terminal subversion takes place. This has resulted in most petrol stations in Ireland disabling POS credit-card payment systems, requiring customers to pay at the counter; we lose convenience, but at least we’re probably not being skimmed. But these in-store POS terminals seem to be increasingly under attack; there are reports from Livigno, Italy, Rhode Island, and Canada.

The tamper-proofing of POS terminal hardware is unreliable; it’d be nice to see them made harder to tamper with. I would guess the gang used secondhand, hacked POS terminals, which supposedly should be tamper-evident (ie. easy to spot modifications).

Better yet, if Chip-and-PIN cards used end-to-end crypto between a crypto smartcard and the bank’s central systems, POS hacks would be impossible. But there’s no sign of that happening.

Most importantly, IPSO has promised that ‘banks will refund any customers whose details have been used to make fraudulent transactions.’ That’s key. It’s interesting to note that IPSO have been hammering home this point repeatedly in their stories — they’re worried about customer confidence, I’d guess.

Tags: banking, fraud, ipso, ireland, pos-terminals, skimming

• Emergent Chaos: Certifiably Silly : Adam Shostack tells the truth re Firefox 3’s stupid self-signed cert bug. ‘imposing yet another security tax, based on a static analysis of attackers and some certificate authority pixie dust, isn’t going to help things for very long.’
  (tags: firefox firefox-3 security certificates ssl tls ca pki adam-shostack ui usability)

• Image Cerberus: a SpamAssassin plug-in against image spam : a new plugin, subject of a paper at this year’s CEAS conference it looks like
  (tags: plugins spamassassin anti-spam image-spam images ceas conferences)

• Twitter drops SMS-notification support for EU users : interesting, I haven’t received the mail, and it claims to still be sending updates to my Irish mobile (update: I’m not actually *getting* any updates, though)
  (tags: twitter phones mobile sms ireland eu uk)

Tags: adam-shostack, anti-spam, ca, ceas, certificates, conferences, eu, firefox, firefox-3, image-spam, images, ireland, mobile, phones, pki, plugins, security, sms, spamassassin, ssl, tls, twitter, ui, uk, usability

• Dublin bike scheme billboards threat to drivers : JC Decaux’ “free” bikes are now delayed another 6 months — to next spring. in the meantime, the ads are up all over Dublin. what a rip-off
  (tags: jc-decaux bikes cycling dublin advertising spam civic ireland)

• Return Path to Acquire Habeas : that’s the two main legit-email whitelisting reputation dbs merged into one
  (tags: return-path habeas ssc bsp bonded-sender spamassassin anti-spam dnswl dnsbl reputation deliverability)

• scammers buying phones, then wardialing the nearby number-space to scam them : this just happened to Simon Willison, pretending to offer to cancel extremely expensive insurance, but with a “cancellation fee”. great demo of why consecutive assigned numbering schemes are bad for security
  (tags: phishing scams phones uk iphone via:simonw security numbering ids)

• DRI calls for data-breach disclosure in Ireland : +1
  (tags: breach-disclosure security exploits social-welfare ireland identity-theft)

Tags: advertising, anti-spam, bikes, bonded-sender, breach-disclosure, bsp, civic, cycling, deliverability, dnsbl, dnswl, dublin, exploits, habeas, identity-theft, ids, iphone, ireland, jc-decaux, numbering, phishing, phones, reputation, return-path, scams, security, social-welfare, spam, spamassassin, ssc, uk, via:simonw

A friend writes:

‘I switched my Vodafone bill to “online”, to cut down on junk mail. When I tried to log in to view my bill, I was asked for a second level password, specifically:

“your password is the last 4 digits of your customer number (which appears at the top of your phone bill). “

So, I can’t see my phone bill because I can’t see my phone bill.’

Tags: billing, fail, inept, ireland, login, security, vodafone

TechCrunch UK campaigning for a “Digital Hub” I have to say, the Digital Hub is actually a great place to work; it’s well worth duplicating, if such a thing is possible

419eater anti-scammers fool 419ers into performing the Dead Parrot sketch “Possibly, he is pining for the fee-ords”

Google taking action against Nigerian/419 fraud spammers Good news. About time, too ;)

Tags: 419, anti-spam, charts, digital-hub, dublin, fjords, fraud, funny, google, ireland, mail, monty-python, pining, scams, spam, tech, work

Del.icio.us 2.0 goes live yay! I’ve been waiting for this for yonks

10 years of Boards.ie massive ~50GB RDF/XML dump, for open crunching, to generate interesting “SIOC Semantic Web” apps

Postmaster.comcast.net how to get mail delivered successfully to Comcast, the usual stuff

Why we’ll never replace SMTP ‘The reason that e-mail is uniquely useful is that you can exchange mail with people you don’t already know. The reason that spam exists is that you can exchange mail with people you don’t already know.’ +1

“Bikes-for-Billboards” scheme exposes major planning flaws ‘what was initially hailed as “free bikes” has become one of the biggest planning controversies to hit Dublin in years.’ No shit. 70% of sites are on the Northside, rather than the richer Southside; and each bike will cost over EUR300k in ad revenue!

Rob Enderle’s page on Wikipedia detailing this analyst’s hilariously wrong pro-SCO, anti-Apple/Linux predictions over the years. John Gruber: ‘the only way it would be worthwhile for reporters to [quote him] would be if they were willing to describe him as “almost always utterly wrong”‘

Tags: ads, advertising, analysts, anti-spam, apple, bikes, billboards, blogging, boards.ie, comcast, cycling, del.icio.us, dublin, email, enderle-group, funny, fussp, guidelines, history, internet, ireland, isps, jc-decaux, john-gruber, Links, linux, mail, microsoft, oh-dear, planning, postmaster, releases, rob-enderle, scandals, sco, semantic-web, sioc, smtp, spam, tech, urban, via:archiseek, wikipedia

So, Nelson is apparently contemplating a trip to Ireland, and was looking for tips. Since he’s not the first to ask, I thought I’d do some research among my friends on things to do and good places to stay and eat in our native country. Here’s the result.

First off — it’s worth noting that we’re all thirty-somethings, so backpacker stuff and heavy boozing is no longer on the menu. If you’re after that, though, head for Temple Bar in Dublin ;) This is mainly nice hotels, good food, and interesting things to look at.

To start with, I’d recommend driving as a means of getting around. Lots of the good stuff can’t be reached any other way, and the roads are generally pretty good nowadays (if a little narrow).

Prepare for rain.

Things to do: Connemara and Kerry are stunning; in my opinion, they’re unmissable, if you’re coming to Ireland in search of natural beauty. Clare and West Cork are pretty good too. Generally, the west coast is the place to go.

A friend recommends the Skelligs: ‘the best thing I’ve seen in Ireland. If its sunny. If its raining it sucks so don’t go.’ (I’ve never been — appalling, given that my great-grandfather wrote one of the definitive works on them, I need to fix that.)

Stuff to avoid: Dublin’s not too hot, unfortunately. Over-priced and hard to get around due to traffic. I mean, it’s quite nice, especially to live in, but as a tourist destination compared to other cities around the world I don’t quite get the attractiveness. Also, the south-east corner of the country, while full of nice friendly people, is exorbitantly expensive in my experience (even pricier than Dublin!), short on good stuff to see, and a bit of a washout, so I say skip it. (I have no idea why it’s so expensive, BTW. my theory is that it’s a traditional in-country holiday venue for Dubliners, and the Wexford inhabitants love to fleece us, so we got fleeced. whatever.)

In general, I’d say the larger towns aren’t too exciting; stick to the country.

The Lonely Planet guide to Ireland, while frequently backpacker-oriented, is pretty good for non-backpacker stuff as well. If you’re driving around, it’s a good source of offbeat stuff to check out. I used it a lot when driving around Connemara last year. They also do a great book of hikes which I can recommend.

Next, places to stay… that friend again: ‘if you’re doing the Ring of Kerry, I strongly recommend diverting to Valentia and staying in Glanleam House (beautiful grub, beautiful gardens, cheap) and doing a day trip from there to the Skelligs.’

Temple House in Sligo also comes recommended: ‘a classical Georgian mansion set in an estate of 1,000 acres, overlooking a 13th century lakeside castle of the Knights Templar.’

There are lots of useless hotel/B&B sites in Google, making it hard to tell crap from quality. But these sites come recommended:

• Ireland’s Blue Book – ‘luxury accommodation in Irish Country House Hotels, Manor Houses and Castles. Also listed are Ireland’s finest gourmet restaurants.’ This is high-end stuff, but it’s pretty reliable, as far as I can see.

• Friendly Homes of Ireland - another friend says ‘aka crazy houses of Ireland — terrible webpage, but good accommodation (its also a more attractive guide). We stayed here and loved it.’

• Hidden Ireland – ‘a unique collection of historic private houses which provide the very best and most stylish country house accommodation available in Ireland – great Irish hospitality at an affordable price. Our houses are not hotels and are very much more than ordinary guesthouses. They all offer a rare opportunity to experience the lifestyle of a bygone age – a special and fascinating alternative to conventional tourist accommodation.’

• Irish Landmark Trust, if you’re interested in self-catering stays at heritage houses.

• Georgina Campbell guidebooks are apparently quite good.

Finally, scams and rip-offs are few and far between, so that’s not something to worry about. Crappy service and mediocre food, however, is more likely to be the source of problems. At least you can now get decent espresso pretty much everywhere!

Hope that helps someone ;) Got tips of your own? Feel free to add comments!

Tags: connemara, holidays, hotels, ireland, kerry, tourism, tourist, vacation

Phew! The rumours were untrue. Diageo will not be closing down the Guinness brewery in Dublin 8, and will continue brewing the black stuff in Dublin 8, thankfully:

Diageo is to close its breweries at Kilkenny and Dundalk, significantly reduce its brewing capacity at St James’s Gate and build a new brewery on the outskirts of Dublin under a plan announced today.

The company said it would invest EUR 650 million (£520 million) between 2009 and 2013 in the restructuring.

The renovation of the St James’s Gate brewing operations is expected to cost around EUR 70 million and will see the volume of Guinness brewed there fall from around one billion pints a year, to just over 500 million.

This plant will serve the Irish and British markets and will be based on the Thomas St side of the site. The company said this would ensure that every pint of Guinness sold in Ireland would be brewed here. Approximately half of the 55 acre site will then be sold once the five-year project is complete.

Around 65 staff will remain in brewing operations at St James’s Gate with about 100 others due to transfer to the new Dublin plant. Although the company has yet to announce the exact location of its new brewery, the company says it will have a capacity of around nine million hectolitres, or around three times that of the refurbished St James’s Gate site. This new brewery will produce Guinness for export and ales and lagers for the Irish market.

Diageo said when the two Dublin breweries are fully operational in five years time it will transfer brewing out of the Kilkenny and Dundalk breweries and close these plants. This move will result in ‘a net reduction in staff of around 250′, the company said.

The company employs 800 people in its brewing operation and a total of 2,500 in the Republic and Northern Ireland.

Diageo said these two plants “do not have the scale necessary for sustained success in increasingly competitive market conditions”.

The company said it would offer those employees relocation opportunities where possible. Those for whom relocation is not possible will be offered “a severance package alongside career counselling”.

Operations at its Waterford brewery will be “streamlined” as part of the re-organisation leading to “some reduction in output”. the current workforce of 27 in Waterford would be reduced to ‘around 18′ but Diageo was unable to confirm the extent of the output reduction.

The company says the St James’s Gate site it proposes to sell and the Kilkenny and Dundalk sites have an estimated value of EUR 510 million.

The Guinness Storehouse, which receives around 900,000 visitors a year, will continue to be based at St. James’s Gate.

The company estimates it will incur one-off costs of EUR 152 million during the restructuring and says this would be treated as an exceptional cost in the fiscal year ending in June 2008.

Paul Walsh, chief executive of Diageo said: ‘Over the last twelve months we have conducted a rigorous review of our brewing operations in Ireland. It examined many options and I believe it has identified the right formula for the long-term success of our business in Ireland and for the continued global success of the Guinness brand.’

“Our ambition is to combine the most modern brewing standards with almost 300 years of brewing tradition, craft and heritage.”

Guinness has been brewed at St James’s Gate for almost 250 years. Guinness extract produced at the Dublin site is exported to more than 45 countries.

Tags: beer, brewing, dublin, dublin-8, guinness, history, ireland, st-james-gate, thomas-st

So, Irish voters will soon be voting in a state-wide referendum on the upcoming Treaty of Lisbon — the latest set of amendments to how the European Union is run.

Since ratification will require changes to the Irish constitution, we get to vote on these intricacies where most EU inhabitants do not. Unfortunately this means it’s not particularly “sexy” — it’s a pretty obtuse and boring set of issues, and deciding which way to vote is not easy, with such snore-worthy stuff at stake.

One of the organisations campaigning for a “no” vote in the referendum is called Libertas. Aileen forwarded on a very interesting article by Chekov Feeney on Indymedia Ireland about them, which is well worth a read if you’re interested in Irish politics and the international reach of US lobbying. Here’s some snippets:

Declan Ganley, president of Libertas, happens to be president of Rivada Networks, a US defence contractor (they supply emergency communications networks to the US intelligence community).

[...]

On Sunday April 20th, Libertas announced that Ulick McEvaddy was “joining the No To Lisbon Campaign” and publicised the event with a photo-opportunity of the two ‘entrepreneurs’ in front of the Libertas Campaign bus. McEvaddy is the first member of the Irish business and political elite to join the Libertas campaign since it emerged under the stewardship of Declan Ganley.

What’s particularly interesting about this is that McEvaddy is the CEO of Omega Air, a US defence contractor (they supply cargo planes and inflight refuelling services to the US military). [...] According to the [ US Air Force's Integrator Magazine ], “industry insiders say [McEvaddy's] company has even approached U.S. intelligence agencies about tanking services for detainee transfers, to reduce dependence on foreign air fields.” In other words, offering to provide inflight refuelling services to rendition flights so that they wouldn’t have to stop over at foreign airports such as Shannon on their way to “interrogate” suspects. A very accommodating offer indeed.

McEvaddy was also the figure who got himself appointed to the board of Knock airport with a view to opening it up to US military flights.

Nice guys, then.

The article goes on, and on, and on, detailing some shady transactions involving these guys and their US military/intelligence connections, the “astroturf” nature of the Libertas organisation, and the odd behaviour of the Libertas campaign in general.

It comes to this conclusion:

This article has examined the reality behing the Libertas campaign, the connections of its two high-profile backers, the implausibility of its message, the peculiar nature of its campaign and some of the underlying strategic differences at play. The conclusion is that the evidence suggests that Libertas is most likely to serve primarily as a vehicle for advancing US strategic interests.

Check it out — it’s a must-read.

Tags: eu, ireland, libertas, lisbon, lisbon-treaty, referenda, referendum, voting

More on the Bank of Ireland 30,000-customer data breach (which is up to 31,500 people by now — BoI promised to contact the “affected” customers by post, warning them that their data had been leaked. If you were wondering what those letters might look like, wonder no more. Here’s one, via a friend who found himself in this unenviable position:

• Page 1

• Page 2

So it’s not just name, date of birth, and address — he notes that they’ve leaked ‘information on the current account I use to pay for the policy.’

Interestingly, he says that his life assurance policy was set up directly with their life assurance department, not via the local branch — which directly contradicts what BoI say on their website:

The laptops contained information relating to some customers who either obtained a quote or took out a Life Assurance policy with Bank of Ireland Life from the following branches: [... list of branches omitted...]

The update from 28 April doesn’t clarify this, either. Hmm.

Tags: bank-of-ireland, boi, breaches, data, identity-theft, ireland, privacy, security

So Mulley mentions that Moviestar.ie are planning to offer downloadable movies. Great concept, but I can guarantee the execution will be crap on a stick. :(

First off, the content available:

‘When the service goes live on 1 May, customers will be able to avail of content from several Irish producers including Network Ireland Television, as well as Video International’s film library which includes films like The Little Shop of Horrors. The company is also seeking content from both the History and Biography Channels, which would mean a substantial back catalogue of documentary shows.’

Sorry, but: snore.

Secondly, the technology used:

‘Moviestar.ie content must be downloaded onto a PC or laptop but can then be transferred over to digital media players like the iPod Touch for viewing on the go. This service will be compatible with Apple Macs but only if the user downloads Windows Media Player.’

So in other words, it’s Windows Media. That means it won’t play on my TV through my MythTV box, on a USB stick plugged into a Philips DVD player, on my Linux laptop, or even on a normal DVD player using a burned DVD.

Too little, too late. Plenty of Irish consumers are already consuming downloaded video — as the popularity of the Philips DVP5960 demonstrates. For legal video downloads to work, they need to be somewhere remotely near as convenient and usable as BitTorrent.

Using DRM is just falling down the same rabbit hole that swallowed up downloadable music for 5 years. Nobody used that either, until gradually the companies involved realised that opening up was the only way to get customers, bringing us to where we are today — legal downloads using the MP3 format.

BTW, I know that’s the same DRM technology used by Channel 4’s “4oD” download service. Big deal — I don’t bother trying to watch that stuff either, for the same reasons. If Channel 4 jumped off a cliff, would Moviestar.ie jump after them?

(By the way, that Philips DVD player is a total success story. That’s a name-brand hardware manufacturer, making a low-end, $60 DVD player, with support for viewing downloaded XviD AVI movies on a USB stick. Apparently it’ll also play off USB hard disks, too. It’s immensely popular; for example, here’s a customer review of 10/10: “Best thing ever”. Several of my friends have them, and praise them highly. I’m coming up to DVD player replacement time, and I’m planning to get one too.)

Tags: downloading, dvds, dvp5960, ireland, movies, moviestar.ie, philips, video

Steven Murdoch at Light Blue Touchpaper notes that the UK banking code now includes wording to make the customer liable for losses attributable to them “acting without reasonable care”, where “reasonable care” bizarrely includes installing anti-virus software on their PCs.

The Register also picked up on this, as did Brian Krebs in the Washington Post, comparing it with the vastly superior customer protection offered by the US banks.

I was curious, so I went looking at the Irish situation. Needless to say, it’s not pretty.

I couldn’t find anything in the Irish Banking Federation’s Code Of Practice for Personal Customers, unfortunately. However, AIB’s terms and conditions for use of their Internet Banking product contain this:

5 Transactions on the Account:

5.1 The User authorises AIB to act upon any instruction to debit an Account received through AIB Phone & Internet Banking which has been transmitted using all or part of the Registration Number, PAC and/or any other authentication process which AIB may require to be used in connection with AIB Phone & Internet Banking (including but not limited to a Code Card) without requiring AIB to make any further authentication or enquiry, and all such debits shall constitute a liability of the User. Where the User’s Account is maintained in joint names the liability of the Account Holders shall be joint and several.

5.6 Entries in an Account in respect of Bill Payments, Fund Transfers and Top-Ups shall be prima facie evidence that the transfer or debit represented thereby has been duly authorised and shall be binding on AIB and the User unless and until proved to the contrary.

6 International Payments:

6.9 To the extent permitted by law, and notwithstanding anything to the contrary herein, AIB shall not be liable for, and shall be indemnified in full by the User against, any loss, damage or other liability that the User or AIB may suffer arising out of or in connection with the User’s use of the International Payment services (whether as the sender or receiver of an International Payment) unless such loss, damage or liability is caused by AIB’s fraud, wilful default or negligence. In no circumstances will AIB be liable for any increased costs or expenses, or for any loss of profit, business, contracts, revenues or anticipated savings or for any special, indirect or consequential damage of any nature whatever.

As far as I can tell, basically the AIB have no liability here at all — if a bad guy gets hold of your PIN code and account number, and empties your account, tough luck.

What about Bank of Ireland? It seems they agreed to refund phishing losses in an incident back in 2006. But their 365online Terms and Conditions now say this:

13 Indemnity

13.2 Without prejudice to the generality of Clause 13.1 above, the Bank shall have no liability whatsoever in respect of any loss suffered by the Customer as a result of their breach of Clause 4 [jm: Security/Authentication] by way of knowingly, negligently or recklessly disclosing the Security Devices or any of them.

So it’s all pretty bad news for Irish banking customers. This is pretty bad news — it’s only a matter of time before Irish banks are targeted by a new Banking Trojan, and given that antivirus software has an 80% miss rate these days, even having an up-to-date AV scanner isn’t going to be much help.

My answer? Don’t do internet banking on Windows machines. Simple as that.

Tags: banking, fraud, ireland, liability, phishing, security

The Irish Internet Association have a weblog at blog.iia.ie. Back on January 30, this had a Technorati rank of 587893, with 21 inbound links from 14 blogs. That’s about what you’d expect — comparable with Chris Horn’s blog, for instance.

However, fast forward to today, and in the intervening 3 months, it seems to have suddenly shot up to 23,322 inbound links from 550 blogs, giving it a Technorati rank of 6,870.

To put that in perspective, that puts it comfortably in the top 3 in the Irish Blogs Technorati Top 100 — beating Damien Mulley’s 7,859, but just short of Donncha O’Caoimh’s stellar 3,434 — and ahead of these other gods of the Irish blogosphere:

• Tom Raftery (14,800, 9,224 links)
• THE Graham Linehan (13,165)
• Slugger O’Toole (17,279, 2,941 links)
• Twenty Major (18,001)
• Nialler9 (24,286)

Pretty impressive ;)

I was curious, so I went investigating. Of those thousands of inbound links, here’s some samples of the most recent, pasted from the Technorati inbound links page:

barkingmoose

Atacand Free instant online credit report Application credit card Cheap Paxil Does your credit score Household bank credit card application Apr for credit cards Buy Cephalexin? Aciphex Cheap Feldene Zovirax Risperdal Buy Naprosyn, Propecia Credit score codes Poor credit score, Propecia Uk Canada credit card online application Motrin Business credit score Cheap Cialis Jelly 50 Cent Free Ringtones Celexa How to improve my credit score Buy Inderal

4 days ago in barkingmoose by barkingmoose · Authority: 3

The Peninsula’s Edge

Jc penny credit card application Credit cards 1.99 apr ny Affect credit score For credit score American express credit card application Freee credit report Instant fleet 0 apr credit card application? Hydrocodone For low credit scores, No credit instant approval credit cards Annual creditreport.com, Tramadol Credit reporting service Configuration VPN Cheap credit reports. Buy Premarin Carisoprodol Soma Propecia Generic

6 days ago in The Peninsula’s Edge by ricsmith510 · Authority: 9

The Incredible Blog

Prepaid credit card uk Phentrimine Cheap Zovirax: Calan Highest credit score Ambien Valtrex: Ultram 3 credit reporting agencies Credit cards online application Instant approval student credit cards, Apr balance transfer credit cards Free government credit report Transunion free credit report Credit card debt bankruptcy? Propecia Propecia Uk! Correcting credit reports Cialis Uk Credit rating report Buy Synthroid Instant capital one 0 interest credit card application

7 days ago in The Incredible Blog · Authority: 1

Quilters’ Blogs

Annualcreditreport Instantly instant free online credit report Credit cards instant approval Guaranteed instant approval credit cards Lexapro Get my credit score, Card consolidation credit debt financial internet Chevron credit card services. Risperdal Lower credit card debt VPN connection One credit card application Xanax Viagra! Vasotec Diazepam Fix my credit report Credit report bureau. Cialis Soft Tabs! Ativan? Secured loans to increase credit score Cheap Amaryl Cheap Prednisone Alprazolam! Cheap 7 days ago in Quilters’ Blogs · Authority: 5

TPN :: Martial Arts Explorer

Luvox Credit score of Plavix 50 Cent Free Ringtones, Cheap Elavil? Free consumer credit report: Famvir Improve credit score fast Phentermine Online Zovirax Cialis Soft Tabs Apr for credit cards! Ultram Zoloft Credit card deal 0 Deltasone! VPN: Cheap Cardura Credit score rankings! Annual credit report .com Interest rate credit score: Carisoprodol Flagyl ER Online Cialis Soft Tabs Enable VPN 0 apr credit card application Free business credit report Ambien Low 7 days ago in TPN :: Martial Arts Explorer · Authority: 56

Take a look at the ‘inbound links’ list — thousands more just like that.

All of the affected blogs have been hacked to deliver these spam links. They run unpatched versions of Wordpress vulnerable to a major security hole. On a casual visit, their pages seem fine — but “View Source”, scroll to the bottom, and there are thousands of spam links for drugs, ringtones, cheap credit, etc. on each one, exactly as above, and as described by Kevin Burton in his description of the current epidemic of blog spam.

How did links to the IIA’s blog wind up in this collection?

It’s worth noting that the IIA’s blog does not display the same symptoms — the links aren’t present on their pages.

However, this post provided a good tip as to what has happened. Those infected blog pages point, in turn, to other infected blogs. Somewhere within the IIA’s blog setup, there’s a page inserted by a bad guy, collecting thousands of illicit links from thousands of other infected sites — and sure enough, Irish Web Watcher found it on the IIA’s site — here it is.

Looks like the IIA have a pretty major disinfection job on their hands, and urgently — there’s already a lot of spammy results appearing in the Google index from that site, and the next step after that is usually removal from the index once Google notice it.

Tags: blogs, iia, ireland, security, technorati, wordpress