Category Archives: news

A Year in Singapore Search: Google’s Top Searches of 2013

Yesterday, Google announced its annual Year End Zeitgeist, a look at 2013 through the collective eyes of the world on the web, offering a unique perspective on the year’s major events and hottest trends based on Google searches conducted in Singapore.

So what got Singaporeans buzzing online in 2013?

The Southeast Asian haze grabbed attention and headlines this year, as Singaporeans searched for information about the phenomenon by looking up the latest PSI readings, facts about haze particles, and preventative masks. Singaporeans also kept an eye on other local news and events, including Singapore’s bird flu readiness, the investigation into American engineer Shane Todd’s alleged suicide, and news of local actor, Huang Wenyong’s death from lymphoma. Another celebrity death to make waves in Singapore was that of movie star Paul Walker, who died suddenly in a car crash in November.

Basketball is here to stay among Singaporean sport fans with the NBA’s Houston Rockets, Miami Heat, and the Dallas Mavericks emerging on Singapore’s most searched sports teams for the first time. The nation continued to follow international football favourites as well, with Arsenal, Manchester United, Chelsea, and Tottenham Hotspur all making the list, along with local team LionsXII.

Ever gadget- and bargain-savvy, Singaporeans searched for key dates for events like the 2013 IT Show, COMEX and the Great Singapore Sale. The nation also indulged its love for food—especially its sweet tooth—with searches for traditional treats like Kueh Bangkit and Snow Skin Mooncake, and contemporary favourites like Rainbow Cake, Leche Flan and Nutella Blossom, spiking on the trending recipes list.

Short trips and weekend getaways remained popular as Legoland Malaysia, the first Legoland theme park in Asia, came in as the top travel destination for Singaporeans for the second year in a row, along with Hong Kong, Penang, and Bangkok, cities famed for good food and shopping. On the whole, however, holidaymakers preferred to relax under the sun with well-known beach destinations such as Bali and Langkawi snagging 5 out of the top 10 travel hotspots.

Google spokesperson Sana Rahman said: “Google’s year-end Zeitgeist is a cultural barometer showing us what quickened our national heartbeat and drove our curiosity in 2013.”

As someone is online 24-7, I couldn’t agree more. Online trends often mirrors what goes on in the real world and sometimes give clues and insights on human behaviours.

Trending

Searches

1.       PSI Singapore

2.       Harlem shake

3.       Little India riot

4.      Anonymous

5.       N95 mask

6.       Malaysia election

7.       Deepavali 2013

8.       Gwiyomi

9.       Boston

10.   Tampines accident

People

1.       Paul Walker

2.       Cory Monteith

3.       Huang Wenyong

4.       Nelson Mandela

5.       Gordon Ramsay

6.       Margaret Thatcher

7.       Lea Michele

8.       Jennifer Lawrence

9.       Rowan Atkinson

10.   Tom Hiddleston

Songs

1.       Wrecking Ball

2.       Gentlemen

3.       Blurred Lines

4.       Counting Stars

5.       Clarity

6.       Royals

7.       Get Lucky

8.       Thrift Shop

9.       Road

10.   Heart Attack

Movies

1.       The Conjuring

2.       Pacific Rim

3.       Despicable Me 2

4.       World War Z

5.       Man of Steel

6.       Iron Man 3

7.       The Great Gatsby

8.       Gravity

9.       Oblivion

10.   Warm Bodies

What is…

1.       PM 2.5

2.       Gwiyomi

3.       Twerking

4.       Obamacare

5.       Lymphoma

6.       OOTD

7.       Hail

8.      Mastectomy

9.       Gluten

10.   H7N9

How to…

1.       Rap

2.       Harmonize

3.       Cycle

4.       Twerk

5.       Paint

6.       Beatbox

7.       Factorise

8.       Crochet

9.       Deadlift

10.   Blog

Gadgets

1.       iPhone 5s

2.       Samsung Galaxy S4

3.       Samsung Note 3

4.       iPhone 5c

5.       iPad Air

6.       Nexus 5

7.       iPad Mini 2

8.       HTC One

9.       Sony Xperia X

10.   Xbox One

Recipes

1.       Shepherd’s Pie

2.       Kueh Bangkit

3.       Lasagne

4.       Snow Skin Mooncake

5.       Nutella Blossom

6.       Rainbow Cake

7.       Chicken Wings

8.       Beef Steak

9.       Leche Flan

10.   Cornflake Cookies

Most Searched

Travel Destinations

1.       Legoland Malaysia

2.       Bali

3.       Hong Kong

4.       Maldives

5.       Bangkok

6.       Taiwan

7.       Bintan

8.       Langkawi

9.       Krabi

10.   Penang

Local News

1.       Bird Flu

2.       Shane Todd

3.       Huang Wenyong

4.       Kovan

5.       Khaw Boon Wan

6.       Flood

7.       Singapore haze

8.       Singapore property

9.       Tey Tsun Hang

10.   Singapore riot

TV Shows

1.       Running Man

2.       Game of Thrones

3.       Breaking Bad

4.       Suits

5.       Naruto Shippuden

6.       The Big Bang Theory

7.       The Heirs

8.       The Voice of China

9.       The Walking Dead

10.   We Got Married

Korean Stars

1.       Kim Jong-kook

2.       Super Junior

3.       Girls’ Generation

4.       Hyuna

5.       Park Shin-hye

6.       Yoon Eun-hye

7.       Lee Min-jung

8.       Gary Kang

9.       Jo In-sung

10.   Jang Geun-suk

Events

1.       Singapore F1

2.       IT Show

3.       Australian Open

4.       COMEX

5.       PC Show

6.       Standard Chartered Marathon

7.       Wimbledon

8.       Sundown Marathon

9.       NATAS Fair

10.   Great Singapore Sale

Sports Teams

1.       Arsenal

2.       Manchester United

3.       Liverpool

4.       Chelsea

5.       LionsXII

6.       Tottenham Hotspur

7.       Houston Rockets

8.       L. A. Lakers

9.       Miami Heat

10.   Dallas Mavericks

Sportspersons

1.       Cristiano Ronaldo

2.       David Beckham

3.       Jeremy Lin

4.       Roger Federer

5.       Wayne Rooney

6.       Oscar Pistorius

7.       Rafael Nadal

8.       Jose Mourinho

9.       Thiago Alcantara

10.   Andy Murray

on Mobile

1.       PSI Singapore

2.       SGX

3.      Weather

4.       Arsenal

5.      Manchester United

6.      Liverpool

7.       iPhone 5s

8.      Restaurants

9.      Running Man

10.  Samsung Galaxy S4

To see more information about Google Zeitgeist across the globe, use interactive data visualizations and to watch Google’s annual video, visit google.com/zeitgeist.

What is Google’s Year-End Zeitgeist?

Google reveals the Internet “Zeitgeist” (German for “the spirit of the times”) through an exploration of the over one trillion search queries received each year. In addition to the Year-end Zeitgeist, which highlights the top trends of 2013, Google also have several tools that give insight into global, regional, past and present search trends. Google Zeitgeist tools can never be used to identify individual users because Google relies on anonymized, aggregated counts of how often certain search queries occur over time. These tools are available year-round for us to play with, explore, and learn from at google.com/zeitgeist

Launch of HashtagAsia.com and Alvinology.com site revamp to usher in 2014

As the year draws to an end, I am happy to have accomplished two major tasks:

1. Launched HashtagAsia.com

HashtagAsia.com is a project which I have been working on with a good friend, Tay Weikiat.

There are many hard news sites in Singapore and Asia, but we figured life need not always be so serious. Majority of online readers are probably looking for fun, casual content to read and we set up this site to cater to this group of audience.

Do visit HashtagAsia.com, LIKE our Facebook page and FOLLOW us on Twitter. Appreciate all the support!

2. Revamped Alvinology.com

The template which I have been using has been in place for over two years. Time for an upgrade. Since WordPress just released their WordPress Twenty Fourteen theme a month ago, I decided to ride with it.

How do you like the new look?

I like that I can highlight selected content now in the form of a grid at the top of the site. However, the core content column has shrunk… I would prefer to keep it at around 800px width for larger embedded images, but will have to make do.

Anyone know if this is possible on the WordPress Twenty Fourteen theme? If so, drop me and email at alvinologist@gmail.com. 

TOP 10 Most Viewed YouTube Videos in Singapore (2013)

As we approach the end of 2013, YouTube did a recap of the top ten local videos enjoyed on their channel over the past year.

Humour it seems, topped the list.

How many of the videos in the top ten list have you seen?

1. Ylvis – The Fox (What Does the Fox Say?) [Official music video HD]

2. Gangam Style – PSY (Jayesslee Cover)

3.”Beauty And A Beat” – Justin Bieber (Alex Goot, Kurt Schneider, and Chrissy Costanza Cover)

4. Ah Boys to Men 2: THE JOURNEY (making of)

5. 16 Types of People at Sentosa

6. 11 Reasons Why Singaporeans Complain!

7. Singaporean Gentleman (Psy- Gentleman Parody)

8. 17 Types of Singaporean Couples

9. Telekinetic Coffee Shop Surprise

10. 10 TYPES OF GIRLS IN SINGAPORE CLUBS

On Anonymous declaring “War” on Singapore PAP government – Note from a regular IT dude

This post is contributed by a friend of mine, Wei Kiat, who is a regular IT dude. He has some interesting perspectives to share on the recent Anonymous and Messiah saga. If you found what was written here useful, do share this post to stop the fear-mongering:

1. Fear Mongering & the State of things

There had been a number of cyber attacks over the past few days by someone who calls himself “Messiah”. The attacks sparked panic island-wide, with people fearing about a “cyber” doomsday where everything would magically stop working and the whole island in chaos. I thought it would be prudent to set the records straight, to help layman understand what these attacks actually entail and to prevent the spread of needless panic and fear. Cases of blind-leading-blind when it comes to attacks and its implications are too rampant.

The usual disclaimer:

1) I’m not an IT security professional or a white or black hat hacker, merely a programmer, IT consultant & entrepreneur. If I have made any factual mistakes, please kindly feedback and I will rectify them.
2) The following are my theories. Many of my assumptions on the capabilities of Messiah I do not know as facts. I may be wrong. Please take it with a kilogram of salt.

Now, let’s consider Messiah’s technical capabilities.

2. Messiah’s Technical Capabilities

2.1 The Difference between “Web Systems” & “Internal Systems”

In other to understand what really went on behind cyber attacks over the past few days, for the sake of simplicity, let’s divide computer systems into two main categories, web systems and internal systems. By “web systems”, I refer to all the servers and systems behind an organization’s website. By “internal systems”, I refer to mission critical systems used by an organization for their day to day functions. For example, LTA’s website is on a “web system”, LTA’s traffic controller system is an “internal” system.

The attacks over the last few days all involved web systems, which are easier targets for attack because these systems are more public while generally having weaker security mechanisms. There is no sign that Messiah was able to gain access to any internal systems to date. Fear-mongers have been preaching and misleading people in thinking that as an example, if LTA’s website got hacked, our traffic lights will stop working. That is simply not the case, and Messiah has not yet demonstrated his ability to carry out ”infrastructure crippling” attacks. Sad to tell you, but ERP will still continue to work even if LTA’s website is down.

2.2 Understanding attacks on “Web Systems”

To help layman in understanding the nature of attacks on websites, let’s imagine that every time you type in a URL on your web browser, a tiny truck comes out of your computer (a web request), look up the destination on street directory (a DNS server), drives to the warehouse (website server) to pick something up (the actual website) and bring it back to you (website loads on your screen).

To attack a website, the attacker can either prevent your tiny truck from ever reaching the factory while leaving the factory untouched, or enter the factory to shut it down (a.k.a hack into the server.)

Attacks over the past few days can be categorized into two main types: defacement attacks (when the website got vandalized, such as Straits Times’ Blog) and service availability attacks (when the website becomes inaccessible for a period of time, such as the supposed hack on government websites).

2.2.1 Defacement Attacks

A very strange pattern emerged. It seemed as if only sites running open source CMS (content management systems) and/or or cheaply outsourced were defaced. For example, only the blog section of Straits Times was hacked, because out of the entire Straits Times site, only the blog section uses an open source CMS. Hacking into a CMS involves gaining access to either (1) the CMS admin dashboard or (2) the web server. The CMS admin dashboard is a simple system that allows non-IT personnel to update the content of a website. Hacking into the CMS admin dashboard does not mean the hacker has complete access the entire web server.

Gaining access to CMS admin dashboard is easy. For open source CMS solutions, exploits are always discovered and published, in order for security fixes to be written and distributed in a very short amount of time. However, most solution vendors in Singapore hand off CMS to their clients immediately after project conclusion, and seldom advice their clients to do constant upgrades, opening huge opportunities for attack. Many CMS admin dashboards also use the same default username, such as “admin”. In most cases, such accounts are shared among different staff, so to help everyone in remembering the password, plain english passwords are commonly used. It is then easy to use a simple dictionary attack to hack. Dictionary attack simply involves using a program to try different passwords at high speed. Given enough time (days, months, years, centuries), any account could be hacked this way.

From the very specific targets of attack (only open source CMS sections of a website were hacked i.e. Straits Times Blog, and only websites using open source CMS were hacked i.e. CHC website), I think it is safe to conclude that Messiah did not attempt or did not have the necessary skills to hack into an actual server.

2.2.2 Service Availability Attacks

How about supposedly bringing down a couple of government websites as well as Straits Times, Stomp and Hardwarezone (all owned by SPH) for a couple of minutes? For this post, let’s assume the government websites were down because of a cyber attack, not a “scheduled maintenance”.

Server hacks are hard to recover from if there’s damage done. Looking at how fast we recovered from those attacks, it is possible to speculate that the servers were never actually hacked. Using the tiny truck analogy from above, the attacker simply prevented your tiny truck from ever reaching the factory (so when you try to access a website, it could not load). Two common methods are known as DoS (denial of service) and DNS Spoofing or poisoning.

Denial of service attack is an attack that doesn’t require much skills. To prevent your tiny truck from reaching the factory (connecting to the web site), the attacker simply had to send millions of tiny trucks to the same factory at the same time so that the highway became so congested your truck couldn’t get through.

While I am not too familiar with DNS poisoning, DNS servers are like street directories. DNS poisoning attack messes up the directories, causing your tiny truck to lose its way and can never reach the factory.

Let me repeat, both DoS and DNS poisoning attacks do not involve actual hacking (e.g the factory in the analogy above was never compromised). There is no need to infiltrate any government or SPH servers to execute these attacks.

2.3 What does this say about Messiah?

In summary, Messiah was only able to breach certain web systems; he was not reported to have breached any internal systems. In cases where web systems were breached, Messiah was only able to do so via the CMS. He was never able to hack into the actual web server. For websites that does not use weak CMS, he simply did a service availability attack. This doesn’t sound like someone who is an extremely skilled hacker as proclaimed in the video.
Conversely, the skill-set required for the attacks we have seen so far are very different from those crazy hardcore attacks we have seen Anonymous do on news reports. I am speculating that Messiah may not even be from Anonymous.

3. What’s next?

I think Messiah will continue looking for easy exploits among high profile websites, and when he or they can’t hack, they will simply do a DoS or DNS poisoning attack to make a statement.

I trust the security capabilities of our government sites, and I still believe that unless there are different hackers who join today, our data on government servers and infrastructures will remain safe.

As an average Joe, I don’t think there’s much to fear about these attacks because:

1) As concluded above, Messiah doesn’t seem competent enough to actually compromise important servers
2) Once again, “web systems” and “internal sustems” are different. Hacking into LTA website does not equate hacking into LTA. Your traffic lights will still work. They are different things.
3) Assuming that even if he or they have the ability, there is no reason for Messiah to try to gain unauthorized data, or to abuse or leak them. The youtube video called for support from Singaporeans. There will be more haters than supporters if such things happened.
4) The attacks so far are more in line trying to “make a statement” than to retrieve or leak any sensitive data. This trend may continue.

Hope this post help provide some insights into the confusing world of cyber security, and to maybe help with allaying the fear and reducing confusion after all the blind-leading-blind articles that have been popping up lately.

That said, organizations and individuals should remember to always exercise prudence and preemptive diligence when it comes to security. Cyber attacks are very real and may strike you when you least expect it.

On Anonymous declaring “War” on Singapore PAP government

Via Yahoo! Singapore News (31 Oct 2013):

A hacker group claiming to be the notorious Anonymous collective has put up a YouTube video promising that it will declare war on the Singapore government if it does not stand down from an internet licensing framework that critics have said restricts freedom of speech.

The video, which surfaced online two days ago, was removed from YouTube just minutes after it went viral on Facebook and Twitter today with over 4,000 shares. The video, however, has been reposted on Facebook, other channels on YouTube, and various video platforms.

The message goes: “the primary objective of our invasion was to protest the implementation of the internet licensing framework by giving you a sneak peak of the state of your cyberspace if the ridiculous, communistic, oppressive and offensive framework gets implemented.”

It continues: “We have faced much larger and more secured corporations such as the FBI and the NSA. Do you think the IDA will be a problem for us? … so mark our words when we say that we Anonymous stand firm on our belief that no Government has the right to deprive their citizens the freedom of information.”

The video then called on “fellow Singaporean brothers and sisters” to start a public protest by dressing in black and red on November 5 and blacking out their Facebook profile pictures.

A day later, via Yahoo! Singapore News (1 Nov 2013):

Activist group Anonymous hacked a Singapore newspaper website Friday over Internet freedom in the city-state, where government agencies are now reportedly on alert for wider cyber attacks.

The website of the pro-government Straits Times was hacked early in the day by apparent members of the group, which is opposing recently introduced licensing rules for news websites in Singapore on censorship grounds.

The attackers, using the name “Messiah”, took over the blog of a Straits Times journalist, saying she had distorted “our words and intentions” in a report on the group’s threat a day earlier to “wage war” on the Singapore government.

“We oppose any form of Internet censorship among other things,” said a post on the journalist’s hacked blog, which is part of the newspaper’s website and has been taken offline.

The hackers urged the journalist to apologise within 48 hours “to the citizens of Singapore for trying to mislead them”.

If she fails to apologise, “then we expect her resignation”, the hacker said in the hacked account, still visible in online caches.

“If those demands are met we will be on our way. But in the event our demands are not met in the next 48 hours, we will place you in our ‘to do’ list and next time you wont (sic) be let off this easy.”

Asian media giant Singapore Press Holdings, which publishes the newspaper, said: “We have made a police report, and the police are investigating.”

Reported on AsiaOne another day later (2 Nov 2013):

Many government websites were down on Saturday since 1.30pm.

Besides gov.sg, many users also complained of difficulties accessing other government ministries websites.

The list of government websites down so far: ACRA.gov.sg, AVA.gov.sg, Careers.gov.sg, CNB.gov.sg, GOV.SG, IDA.gov.sg, ISD.gov.sg, ICA.gov.sg, LTA.gov.sg, PUB.gov.sg, MHA.gov.sg, Prisons.gov.sg, SGDI.gov.sg, Singpass.gov.sg, SPF.gov.sg.

IDA said in their Facebook page that “government websites are under planned maintenance and will be back ASAP (as soon as possible).”

Some members of the public commented on IDA’s Facebook page, noting tha the IDA’s latest update was done via a mobilephone, which was highly unusual as all its previous Facebook updates were posted from a web browser.

A user said: “Shouldn’t planned maintenance be announced in advance?”

Another user also added: “Why did you plan a maintenance on a weekend when many Singaporeans are using websites like ICA’s to renew their passports and other important government functions? Why was this not publicised much earlier given that many Singaporeans are affected. If it’s planned, why is there a need to make it ASAP?”

What is next?

Will the hackers be caught and invited to ‘lim kopi’?

In a news article published in tabloid newspaper, The New Paper, an anonymous lawyer was quoted saying that “such videos proclaiming war against the Government actually contravene the penal code, and the possible penalty is death”.

DEATH.

Yes, you read it correctly.

What if the hacker was a ten year old computer genius?

Death sentence too?

The string of incidents is like a movie plot with one revelation made with each passing day. The deadline was given as 5 Nov 2013. I will be watching this date.

I wonder how many people will really dress in black or red this Tuesday to support the hacker group and how many will ‘black out’ their Facebook profile picture.

I am quite ambivalent over the whole saga.

The first thought which came to my mind was whether Anonymous had hacked into NS.SG since it was launched because it sucks so much…

Jokes aside, I find it alarming that most people online seems to be on the side of the hackers. Either that or they are like me, just sitting by and enjoying the show with popcorns in hands. There is not much love for the PAP government these days.

Meanwhile, my sympathy goes out to all the folks working in the IT department of government ministries, statutory boards and government-linked corporations in Singapore. While the rest of us were enjoying our Deepavali weekend, they were probably busy buffing up their security systems to keep Singapore safe.

On National Service – Part 2

Since my previous posts on National Service generated so much attention, I feel obliged to blog about the recent slew of news from the Ministry of Defence (MINDEF).

To recap on the conversations, read my previous posts:

On Alex Liang, a Singaporean who gave up his Singapore citizenship

On National Service

Blogger slammed for calling NS a “slavery system”?

Dr Lim Wee Kiak: Serving two years NS privilege belongs to Singaporeans

On Joseph Schooling’s NS Deferment

The government has granted Singapore top swimmer, Joseph Schooling’s request to defer his National Service obligation, enabling the 18-year-old to focus on training until after the 2016 Olympics. He is due for enlistment in 2014 but has been granted deferment until 31 August 2016.

I think this is the first time such a deferment has been granted and I applaud MINDEF for making this decision. I am very happy for Schooling and I believe it is a step in the right direction for greater flexibility in deferment.

On IPPT changes in 2014

Mixed feelings on this one. We asked for a review of the IPPT system and we got it. The 2.4km run has been upgraded to 3.2km. Be careful what you wish for… to be fair, details remain sketchy on the exact amendments. Running a longer distance, but with a more reasonable timing for non full-time soldiers may not be a bad thing and may be a fairer assessment of health level. Not everyone is a Spartan, but I do agree a minimum level of fitness is good for everyone.

I have no qualms on setting high standards for IPPT for full-time NSFs and regulars who signed on for a career in the army on their own accord, but I think the expectations for NSmen should be fairer, taking into account that we are just part-time conscripts, not career soldiers.

On Volunteer Corps for Women and Foreigners

You want to volunteer for this and reservist obligations till over 40 years old?
You want to volunteer for this and reservist obligations till over 40 years old?

Seriously?

My utmost respect goes to those who step forward and volunteer. I am highly skeptical that the number will be even more than a 3 digits figure though.

Overall, I do get the impression that MINDEF seems to be making some efforts to improve itself and the whole NS system.

The one thing I really wish MINDEF can look into is to shorten the ten ‘work year’ reservist system. Correct me if I am wrong, but I believe Singapore has the longest reservist and IPPT system in the world for conscripts. Is this really necessary?

What can we do in the meantime?

Just suck thumb and hope for the best and that MINDEF really gets it this time.

I am not going to complain anymore in case another surprise like the 3.2km upgrade for IPPT pops up again.