To increase the level of people awareness about multimedia law!
Wednesday, December 16, 2009
Sunday, December 13, 2009
Phishing in Malaysia
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
The latest phishing attack on Malaysia's Maybank is the third in three months. The faked send address is from the Putrajaya World Trade Centre and the link is to a server at connhypo.com. The scam is as follows:
Reconfirm your online access
We would like to inform you that we are currently carring out scheduled maintenance.In order to guarantee the high level of security to our business customers.We require you to complete " Maybank Commercial Online Form "Please complete Maybank Commercial Online Form using the link below:
Maybank Commercial Online Form
This is auto-generated email, please do not respond to this email .
Phishing website of Maybank:
hxxp://sebastianschaper.net/aegabi06/cache/May2u-Service/Maybank2u_com.html
hxxp://tradewindcay.com/images/Internet-Customer/Maybank2u.html
The damage caused by phishing ranges from denial of access to e-mail to substantial financial loss. The damage ranges from loss of access to email and other online accounts to loss of money, investments, etc. Phishing is becoming more popular, because of the number of unsuspecting people who are easily tricked into divulging information to phishers.
There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing. Attempts to deal with the growing number of reported phishing incidents include user training, public awareness, and technical security measures.
References:
http://www.damnedspyware.com/fake-malaysia-maybank-website-phishing.html
http://www.shaolintiger.com/2009/03/23/maybank-phishing-scam-e-mails-in-malaysia/
http://www.bankinginsurancesecurities.com/sanctions_closures_fi_frauds/fi_frauds/fi_frauds_phishing_maybank_malaysia
Kaspersky Lab's Malaysian Web site hacked
Hacking is unauthorized use of computer and network resources. People who engage in computer hacking activities are often called hackers.
It is criminal because the hacker hacks the website without authorize permission and enable the hacker to gain control over the Web site. It causes the site to no longer open to the public and requires a user name and password for access. Although the attacks appear to be just vandalism, but there could be more serious risks because it is possible for an attacker to upload malicious software labeled as Kaspersky's software. This creates problems to user who were tricked by downloading the software and affected by it which will harm the computer system causing it to be error. Furthermore, hackers which inserted malicious software such as “key loggers” will obtain the information u keyed in and will abuse and use for their own their advantage.
Reference: http://www.itworld.com/internet/53700/kaspersky-labs-malaysian-web-site-hacked
Wednesday, December 2, 2009
Tutorial Exercise: Law on PDP and Cybercrime
According to The Electronic Frontier Foundation, defamation is a false and unprivileged statement of fact that is harmful to someone's reputation, and published "with fault," meaning as a result of negligence or malice. Libel is a written defamation while slander is a spoken defamation. It is also a false statement, presented as fact either deliberately intended to harm your reputation or as the result of negligence. The elements that must be proved to establish defamation are included
1. a publication to one other than the person defamed;
2. a false statement of fact;
3. that is understood as
a. being of and concerning the plaintiff; and
b. tending to harm the reputation of plaintiff.
4. If the plaintiff is a public figure, he or she must also prove actual malice.
Linda can actually take the case to court, but she has to consult online reputation expert to help her as well. She is actually being protected under the law of defamation which concerned with protecting the reputation of individual, corporation or other legal person from the harm caused by the communication of untrue statements to a third party. All the claims from the email can consider as a publication of permanent form as, according to the Law of Defamation Act 1957, Section (3) For the purpose of the law of libel and slander the broadcasting of words by means of radio communication shall be treated as publication in a permanent form. As for the severance of defences, in Section (19), Whenever in any action of libel the plaintiff sues more than one defendant, whether jointly, severally, or in the alternative, each defendant may file a separate statement of his case and appear at the trial by separate counsel or if he thinks fit, apologize or pay money into court or make other amends, whatever may be the defences set up by his co-defendants, and the plaintiff may accept such apology, money, or other amends and settle or compromise the suit and discontinue the action as between himself and one or more defendants without reference to the other defendants: Provided always that the rights and interests of the other defendant or defendants shall not in any way be prejudiced thereby.
b. Tommy, a Multimedia student at MMU, was caught by University authority after it was found that he had cracked the University’s information system, defaced the front page of University’s official website and stolen a bulk of confidential data regarding students’ academic records. It was also discovered that he had attempted to break several lecturers’ computer system but without avail. On the investigation he said that all his action was just for fun exploring the system’s weaknesses and without any criminal intention. In this case, advise the University regarding Tommy’s liabilities arising from his actions with reference to the law of computer crimes in Malaysia.
Tommy had cracked the University’s information system which can lead him to guilty as base on CCA Section 3(1): A person shall be guilty of an offence if (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorized; and (c) he knows at the time when he causes the computer to perform the function that that is the case. If Tommy is guilty under this section, he is liable to a maximum RM 50,000.00 fine or to 5 years imprisonment or to both.
Another wrongful act which Tommy defaced the front page the University’s official website and stolen a bulk of confidential data regarding students’ academic records can actually lead to punishable with a maximum RM 100,000.00 fine or to 7 years imprisonment or to both as according to CCA Section 5(1): A person shall be guilty of an offence if he does any act which he knows will cause unauthorized modification of the contents of any computer. If the act is done with further intention of causing injury, Tommy can be punished up to RM 150,000.00 fine or 10 years imprisonment or both.
Although Tommy said that all his action was just for fun exploring the system’s weaknesses and without any criminal intention. However, base on CCA Section(3), recreational hacking, unauthorized access to computer, computer system and computer network, computer cracking to explore loopholes in the system and system intrusion are the acts which prohibited in the provision as well.
Tuesday, December 1, 2009
The good hacking and bad hacking
Most of us would never have thought there was never a good side to hacking. Well there is, such as individuals and organizations that conduct security audits and research and publishing their findings for the security industry and to also help new users who aren't familiar with security, this can also help us be a step ahead to protect the online society from exploits and security risks. The people who find security holes and help fix them, and the people who develop security tools and techniques to help fight such acts in the future is also known as hacking, but is used in a good way.
Companies such as us who test security and help users understand security easier; this is an example of a good side of testing and hacking. This is done by examining the systems and examining software that is known to have security weaknesses, then informing the customer so that they can close the hole, by finding new solutions and techniques, this can minimize the work and effort of a hacker in the future.
The Bad Hacking:
This is where you can truly now add in the hackers that break into computer systems for criminal financial gain and as well stealing accounts and causing Identity theft. Base on Computer Crimes Act 1997 Section 3(1): A person shall be guilty of an offence if (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorized; and (c) he knows at the time when he causes the computer to perform the function that that is the case. Section 5(1): A person shall be guilty of an offence if he does any act which he knows will cause unauthorized modification of the contents of any computer.
Despite what people think, the bad side can get pretty ugly, such examples are the famous City bank hack and the UK cash-point hack that was successfully blocked before any substantial harm was caused or any information was stolen.
Hacking has a good and bad effect to itself. It can be used for positive things and negative things, no matter what the cause, everything, including hacking, has a positive effect/side. Security will get tighter as the years go by, but we don't need to contribute to the bad side.
Censorship in Malaysia
We have certain human rights, freedom of speech, freedom of press, and freedom of thought. Obviously, there is no absolute freedom in any countries.
I agree with that China government restrict the Internet, press, and some kind of our freedom. Malaysia is more freedom than China in some sides, such as YouTube and Facebook can open at Malaysia. We cannot open YouTube and Face book, there is lots of offensive information to China.
I feel uncomfortable when I watch film in Malaysian cinema. I think I have not seen a whole movie in Malaysian cinema, some kissing and violence scene is cutted. Even though there has classification of movie, such as U, 18 SG, 18 SX, 18 PA, and 18 PL, I cannot watch a whole film in 18 either. Some scene also is cutted in 18 SG, 18 SX, 18 PA, and 18 PL. Some films were banned at some point of time; some films are still banned, such as series of SAW, Underworld, and Sin City.
I think there is nothing to compare in different countries. Different countries have different censorship base on their norms, culture, environment, and economy.
Saturday, November 28, 2009
web site’s privacy policy is very important
Let me share an article. This article is about the website’s privacy policy that is very important. Do not copy privacy policy from other websites, it may be not correct when it comes to the new site using the policy, and when it comes to privacy policies, inaccuracy can be expensive. If you have to copy, be careful. Don’t forget that your privacy policy has to remain accurate over time. There are also organizations like TRUSTe and P3PWiz that offer templates and consulting to help with policies.
Source: http://www.businessweek.com/smallbiz/running_small_business/archives/2009/08/why_web_site_pr.html
Monday, November 23, 2009
Bill to address concerns over personal information
The people’s concerns over how their personal data are processed and stored during commercial transactions will be addressed in a new Bill, which was tabled in Parliament.
We need Data Protection Regulation to protect ourselves. The Data Protection Regulation is very important to us. Firstly, if there is no regulation about Data Protection, Consumers can suffer financial loss. Secondly, there must be a regulation that guarantees to prevent miss-use of technology. Lastly, if there is no DPR, we will feel unsafe to do some activities.
We have rights to give or not to give our personal data. We do not want anyone miss-use our personal data to do activities that can disturb our privacy. Increasing losses of privacy will inevitably lead to corresponding losses of personal freedoms.
The Bill seeks to prevent the occurrences of people losing their money through credit card fraud, customer-privacy infringements and data theft.
Reference: http://thestar.com.my/news/story.asp?file=/2009/11/20/parliament/5149736&sec=parliament
Thursday, November 19, 2009
Tutorial exercise
Don agreed with Mamat and Lim, student leaders in the Uiversity, to supply breakfast every day to their hostel room during last semester, and that the payment would be made at the end of the semester. However, the two students now refused to pay and said that the contract was not enforceable. Don found out lately that Mamat was once admitted to mental hospital few years back for some treatment, and Lim was 17during the agreement term. Don asked you if he can enforce the contract against them.
This is our tutorial exercise NO.2. I have some doubts of this question. There are two legal issues in this question. First, Lim was 17, according to Section 11 of the Contract Act that a contract entered by a minor is void unless it is for necessities, scholarship and insurance. Lim promises to supply breakfast every day. Food is a necessity. So, this can be a valid contract. Second, According to Section 11 of the Contract Act, the contract is not competent due to Mamat was once admitted to mental hospital few years back for some treatment, but she is student leader now that means she is fine. So, the contract be valid.
I have a doubt of second issue. Mamat is a student leader in University now; does this mean she is fine? Maybe, she is fine in most of times, and she also has mental problem that nobody finds it out. How can we identify mental problem, is there a standard for mental problem. Once patient leave hospital, does this mean the patient is fine. She/he will probably have mental problem again. I think that people who has mental problem is very dangerous to society.
Saturday, November 14, 2009
some doubts
1) What is different between voidable and invalid?
I think invalid means not based on all the facts, and therefore not correct and voidable have almost same meaning which is capable of being made or adjudged void. I am not really known that what is actually different between them.
Free consent is another essential of a valid contract. Consent means that the parties must have agreed upon the same sense. For a valid contract it is necessary that the consent of parties to the contract must be free. Free consent is said to be missing due to existence of five factors which are fraud, misrepresentation, coercion, undue influence, and mistake. If contracts are entered into by any of these factors, they will become voidable.
2) I am very confused of fraud. Mr. Sonny Zulhuda told us a example of fraud during class, I am very confused with something about delay, something like if you did not do anything the contract will be valid (I am sorry that I cannot remember details of that example), I am very confused with fraud.
my experience of online shopping
E-Commerce is using electronic information based systems to engage in transactions or commerce online. This includes automating purchasing through Web sites.
There is more and more online transactions, the e-commerce law will be more important and needed to consummate.
I am going to tell one of my online shopping experiences. Maybe 6 years ago, I wanted to buy a bag online in China’s website. At that time, I did not have credit card or online banking card, so I need to pay money by post-office. I posted my money to online seller, I was waiting for some days, the seller still did not mail bag to me, then I sent message to him, he did not replay me. At the end, I paid money without receiving my bag. I think there are few laws about e-commerce during that time, and I have less knowledge of laws, so I did not do anything to the seller.
There is big change of online shopping in China. My experience will not happen again. The online shopping website has intermediary between seller and buyer. Buyer pay money to intermediary, seller can know buyer already paid money, and then seller will mail goods to buyer. After buyer confirms to receive goods (the buyer needed to confirm in 7 days, after 7 days the money will transfer to buyer’s account automatically), the seller can receive money. Those systems and e-commerce law enforce safety of online shopping.
There is ELECTRONIC COMMERCE ACT 2006 of Malaysia. It will make online transaction to work better.
Sunday, November 8, 2009
Trader charged with maid’s killing
Muntik, 36, died in the intensive care unit of the Tengku Ampuan Rahimah Hospital at 10am on Monday, about a week after being rescued from the house.
Police rescued her from a toilet in the house after a tip-off. She succumbed to her injuries despite being treated by specialists.
Murugan surrendered himself to the police on the second day Muntik was rescued, and was supposed to be remanded till Nov 4.
A. Murugan, 35, was alleged to have committed the offence between Oct 18 and 20 at No 11, Jalan Dato Yusof Shahbudin 6, Taman Sentosa here.
He remained calm when the charge was read to him in Tamil. No plea was recorded.
Deputy Public Prosecutor Manoj Kurup applied for an early mention date and for the case to be transferred to the Shah Alam High Court.
Magistrate Afifah Mamat @ Yusof allowed the case to be transferred and set Nov 3 for mention in the High Court.
He was charged under Section 302 of the Penal Code. If convicted, he faces the mandatory death sentence.
Stepmum abused us, says boy
According to state deputy CID chief Supt Nordin Mustapha, a neighbour lodged a report after the boy, who lives in a village along Jalan Gambang here, complained of pain following beatings from the stepmother at about 2pm on Thursday.
“The neighbour claimed he had often heard cries from the children and the boy had prior to this told the neighbour about the stepmother’s conduct.
“This was said to have been going on for four years. The neighbour, however, only listened to the boy without doing anything until the boy complained again that he could not take any more abuse,” Supt Nordin said yesterday.
Police had arrested the woman and her 35-year-old husband, who works at a fertiliser factory.
Two children are abused by their stepmother, this is legal issue.
Currently, under the Child Act, offenders can be sentenced to a maximum of two years’ jail or fined RM5,000, or both, if convicted.
In Kuala Lumpur, Wanita Gerakan said it supported the proposal by Women, Family and Community Development Minister Datuk Shahrizat Abdul Jalil that harsher penalties be imposed on child abusers.
The two children will be handed over to the welfare department after they are discharged from hospital.
The children’s father should be responsible in the story. He should find a kind woman to be children’s stepmother. The children have no power to protect themselves, the society and government should pay more attention to children.
Sunday, November 1, 2009
The reason we have laws in society
The law plays many functions such as peacekeeping; checking government power and promoting personal freedom; facilitating planning and the realization of reasonable expectations; promoting economic growth through free competition; promoting social justice; and protecting the environment
Law acts as a deterrent to control the evil and treacherous behavior of humans, to maintain discipline and imposes restrictions on some freedom. We live in a chaotic and uncertain world. Without an orderly environment based on and backed by law, the normal activities of life would be lacerated with chaos.
Just Follow Law
The film takes a satirical look at the inflexibility of outdated governmental rules and regulations and the rigid mindsets of local civil servants who follow rules to a fault. We can do not follow some kind of outdates rules and regulations in a certain extent.
The reason we have laws in society is to keep general order to our everyday living. We have to follow the law. Law creates social cohesion or harmony throughout all people. We cannot walk through the street when traffic light is red, even though there is no car. Every citizen has to follow law in any situation.
I am very wonder about Malaysia can import laws from England. I think this is not a good way to solve problems of law in any situations. If there is no law to refer, the government can constitute new laws for certain problems. The laws of England can be referenced, but it cannot be used directly without changing. I am not local, maybe I have some misunderstanding.
Welcome to my blog!
I am international student in Multimedia University. I am going to learn some rules of Malaysian Legal System; I thought this is hard to learn MLS for me since I am not Malaysian at the first. However, the lecturer said this is good for international student to know the law of Malaysia for protecting yourself by using local law.
I expect the rest of lectures for knowing Malaysia and law better.