The ISD Whitley detention centre has been described in Francis Seow's book "To catch a Tartar", and MHA surprisingly even provided a satellite photo from CRISP of the detention centre's vicinity in the public version of the report on Mas Selamat's escape from the centre:

http://www.mha.gov.sg/news_details.aspx?nid=119

Combining satellite imagery from Google Earth and information released to the media, we can infer the probable location of the weak spot in the detention centre's security where the double fences converged with an enclosed walkway, and over which Mas Selamat is assumed to have climbed to escape from the centre. The infamous toilet is reported to have been 20 m from the enclosed walkway/fence, which would put it at the Southern end of the building, on the ground floor.





Google Earth placemark is at

http://tiny.cc/PnFbq

The Family Visitation Centre was apparently converted from former officers' quarters and was originally outside the boundaries of the detention center proper. Enclosed walkways between the cell blocks appear much wider and were presumably designed more securely. The walkway leading to the visitation centre is much smaller and was presumably added later, at the time that the building was converted to a visitation centre. Prior to that the building had been used as officers' quarters and administrative offices so would presumably not have required such high security.

Distance to Whitley Road from the breach point is 180 m straight line but 240 m via Onraet Road. This would be consistent with the distance that could be covered in 2 min 44 seconds as mentioned by WKS, but we cannot tell whether this really was the escape route taken by Mas Selamat.

The New York Times ran an article on a Virgina woman who campaigns against the posting of American's Social Security numbers (sort of like NRIC numbers) on the web.

http://www.nytimes.com/2007/02/24/business/24money.html/partner/rssnyt

As a result of her lobbying, the Texas attorney general, Greg Abbott, issued a legal opinion that county clerks could be committing a crime by revealing Social Security numbers on the Internet.

Meanwhile, in Singapore, we still dutifuly give out their IC numbers to all and sundry, and even hand over their physical ICs to anyone wearing a security guard uniform. That despite the numerous cases of people discovering that their personal particulars have been used to sign up for handphones and other things.

Apparently, the powers-that-be gave instructions that newspapers have to stop pubishing the full IC numbers of lucky draw winners, so now you see things like S123XXXE. But legal notices still have full IC numbers published. I guess nobody reads the back pages of the Classifieds so its ok.

Interesting juxtaposition of headlines here



A critical time for democracy, indeed !

The xch perl script (posted on Oct 11) Xtracts URLs from a file and CHallenges the proxy server to determine which URLs are blocked.

xch source_file out_file

will extract URLs from source_file (which is an html file of links to other sites) and use curl to retrieve the http header of the URL. If the header corresponds to Error 403 Forbidden, that (usually) means that URL is on the SBA blacklist. The URL will then be written to out_file.

As I mentioned earlier, this algorithm stopped working sometime between 3Q last year and this year. SCV's proxy server now returns a header that says everything is OK, but the server transparently gives you back a HTML document that says the URL has been blocked by the caching server.

Maybe I can continue to just retrieve headers and rely on the "Content-Length: 1090" string in the header to act as a marker for blacklisted sites.

If you just want to extract URLs from a file but not challenge the proxy server, use

xch -x source_file challenge_list

This puts all the extracted URLs into challenge_list

If you already have a list of URLs you want to test, use

xch -c challenge_list out_file

where challenge_list is the list of URLs in a text file, one URL per line.

The list I posted earlier (October 12, 2003) was compiled around 3Q 2002 but when I checked the list recently, I discovered that some of the sites that used to be blocked were now unblocked. SCV also changed its proxy server so my old xch script didn't work any more.

Specifically, before I could just check the HTTP-header to see whether a file was blocked (Error 403 Forbidden). Now, the header that comes back is OK, but the server actually sends back a page that says the URL has been blocked. That means that we have to ask curl to retrieve the whole web page before we can tell if it has been blacklisted. Consumes a lot more bandwidth.

Anyway, a lot of the sites on the old blacklist are not blacklisted anymore. Only 26 out of the original 59 sites are still blocked. Reason unknown. No obvious pattern for what's in or out.

Rot13'd as usual (See Oct12 post for decoders) :

-------
uggc://jjj.4nqhygfbayl.pbz
uggc://jjj.nqhygf-bayvar.pbz
uggc://jjj.nfvnacyrnfherf.pbz
uggc://jjj.obbglpnzc.pbz
uggc://jjj.pnsrsyrfu.pbz
uggc://jjj.pbzchgrefrk.pbz
uggc://jjj.qnavfurebgvpn.pbz
uggc://jjj.robalsnagnfl.pbz
uggc://jjj.srgvfuubgry.pbz
uggc://jjj.serrurnira.pbz
uggc://jjj.cragubhfr.pbz
uggc://jjj.cragubhfryvir.pbz
uggc://jjj.cragubhfrznt.pbz
uggc://jjj.cvaxpubpbyngr.pbz
uggc://jjj.cynlobl.pbz
uggc://jjj.cbeagi.pbz
uggc://jjj.chffl.pbz
uggc://jjj.chfflynaq.pbz
uggc://jjj.frk.pbz
uggc://jjj.frkrqvgvba.pbz
uggc://jjj.fvzcylnfvna.pbz
uggc://jjj.fbncl.pbz
uggc://jjj.hasnvgushy.pbz
uggc://jjj.jvyqpureelf.pbz
uggc://jjj.jbeyqfrk.pbz
----------

Are any of the sites on my challenge list now blocked that were not blocked before ? Don't know. I'm reluctanct to re-run the test completely because the change in SCV proxy's response means that I would have to actually retrieve entire web pages instead of just headers a few thousand times.

Did find a few new sites by doing variations of the original 59-site list. Just tacked on a variety of country-code TLDs and challenged the proxy again, e.g. www.playboy.com becomes www.playboy.com.hk, .tw, .au, .co.jp etc.

This gave a few more sites:
-------
uggc://jjj.4nqhygfbayl.pbz.nh
uggc://jjj.nqhygynaq.pbz.nh
uggc://jjj.ploretveyf.pbz.nh
uggc://jjj.ubgfrk.pbz.nh
uggc://jjj.chffl.pbz.nh

uggc://jjj.cynlobl.pbz.gj
--------

(.nh = .au and .gj = .tw)

ARTFL Project: Webster Dictionary, 1913:

"Hack, a. Hackneyed; hired; mercenary. Wakefield.

Hack writer, a hack; one who writes for hire. A vulgar hack writer.' Macaulay."

So what exactly is a hack ?

A Hack's Progress:

"Hack:
A common drudge; especially a literary drudge; hence a poor writer, a mere scribbler.

Hack:
A half-breed horse with more bone and substance than a thoroughbred..

Hack (verb):
To make rough cuts, to deal cutting blows."

Rot13'd to discourage attention from robots and such.

Cut and paste the list into ROT13 JavaScript coder/decoder if you don't have another decoder.

Or use the perl script

#!/usr/bin/perl -p
y/A-Za-z/N-ZA-Mn-za-m/;

shamelessly stolen from http://www.miranda.org/~jkominek/rot13/

This is the list as compiled in late 2002.

-------------------------------
uggc://jjj.4nqhygfbayl.pbz
uggc://jjj.nqhygynaq.pbz
uggc://jjj.nqhygf-bayvar.pbz
uggc://jjj.nyyfrklzra.pbz
uggc://jjj.nyygrraf.pbz
uggc://jjj.nfvnaahqrf.pbz
uggc://jjj.nfvnacyrnfherf.pbz
uggc://jjj.onqtvey.pbza
uggc://jjj.obbglpnzc.pbz
uggc://jjj.oernfgf.pbz
uggc://jjj.pnsrsyrfu.pbz
uggc://jjj.pnebypbk.pbz
uggc://jjj.pryroahqr.pbz
uggc://jjj.pbzchgrefrk.pbz
uggc://jjj.ploretveyf.pbz
uggc://jjj.qnavfurebgvpn.pbz
uggc://jjj.robalsnagnfl.pbz
uggc://jjj.rebgvpnkkk.pbz
uggc://jjj.srgvfuubgry.pbz
uggc://jjj.serrqnvylcbea.pbz
uggc://jjj.serrurnira.pbz
uggc://jjj.serrcvpgherftnyyrel.pbz
uggc://jjj.tveylfrkcvpf.pbz
uggc://jjj.ubgfrk.pbz
uggc://jjj.ubgfrkgrraf.pbz
uggc://jjj.ubggrra.pbz
uggc://jjj.vgrraf.pbz
uggc://jjj.zrfflphzfubgf.pbz
uggc://jjj.zgerrkkk.arg
uggc://jjj.anxrqtveyf.pbz
uggc://jjj.cragubhfr.pbz
uggc://jjj.cragubhfryvir.pbz
uggc://jjj.cragubhfrznt.pbz
uggc://jjj.crefvnaxvggl.pbz
uggc://jjj.cvpghercbfg.pbz
uggc://jjj.cvpjnerubhfr.pbz
uggc://jjj.cvaxpubpbyngr.pbz
uggc://jjj.cynlobl.pbz
uggc://jjj.cbeaab.pbz
uggc://jjj.cbeagi.pbz
uggc://jjj.chffl.pbz
uggc://jjj.chfflynaq.pbz
uggc://jjj.frk.pbz
uggc://jjj.frkrqvgvba.pbz
uggc://jjj.frkarg.pbz
uggc://jjj.frkfubccre.pbz
uggc://jjj.frkgi.pbz
uggc://jjj.frklpbyyrtrtveyf.pbz
uggc://jjj.fvzcylnfvna.pbz
uggc://jjj.fbncl.pbz
uggc://jjj.grratbqqrff.pbz
uggc://jjj.gurbetl.pbz
uggc://jjj.hasnvgushy.pbz
uggc://jjj.ipq1.pbz
uggc://jjj.jrgayhfgl.pbz
uggc://jjj.jvyqpureelf.pbz
uggc://jjj.jbeyqfrk.pbz
uggc://jjj.kcvk.arg