Author Archives: logan

Ebene In 2020

Leave a reply

A Newspaper in 2020 ...

PORT LOUIS, Jul 2 2020 (slashslash) - Workers from Bangladesh have helped Mauritius to achieve the Knowledge Hub success and world market share that the Indian Ocean island state boasts about. But many live and work in conditions described as akin to “modern slavery”, apart from facing discrimination, the denial of labour rights and even violence.

The 32 year old Mohamed Amin* left his wife and two children in low-income Bangladesh 23 months ago to look for greener pastures in the ICT/BPO industry in Mauritius

He paid 150,000 takkas (about 2,200 dollars) to an agent in his country for a job as a Software Engineer upon the promise of earning 20,000 Mauritian rupees (about 665 dollars) a month.

"That (the promised 665 dollars) is big money in Bangladesh and I was prepared to make any sacrifice for it,” Amin told slashslash who visited him at Ebene, in northern Mauritius, where he lives in a container provided by his employer, SmartCities Inc.

But, today, the Bangladeshi worker earns little more than a quarter of that amount. “I have been cheated,” he said.

He is frustrated as, in about a year’s time, he will have to leave the island. Amin is yet to save any money to take home. His meagre earnings allow him to cover his living expenses and to send a limited amount of money to his family every three months.

Poverty, unemployment and the high cost of living are the factors that force Amin and his compatriots to leave their country and look for jobs abroad.

“The employers do not care for them; they live like animals. How can humans sleep in such places?” he asked. “There is no government office where they can complain — even when their passports are seized from them.”

“Some employers are still treating their workers as mere objects that will keep on producing until the end of their contracts,” he told slashslash.

“A migrant worker should enjoy the same terms and conditions of employment and the same prescribed salary than those granted to the locals, besides a free return air ticket, food allowance, lodging and accommodation in Mauritius,” the minister explained, referring to government regulations.

Carlos Charette, chairperson of the OTAM, admitted to slashslash that some IT employers are to blame for the poor living conditions. However, he insisted that the dormitories are in a good condition when the expatriates first arrive.

“These are checked by the relevant health and fire services before the expatriates land there. We should understand that these people come from poor and dirty countries where hygiene does not exist. They put the dormitories in such a state that one cannot go inside because of the bad smell,” he told slashslash, without flinching.

-- A satirical fiction written, based on current "suggested" measures!

Danger for IT workers in Mauritius

Leave a reply


It starts with an article in Defi-media

I woke up today and found this article: defi-media . After reading it, I was shocked to discover the suggestions put forward by OTAM and some of the people who were interviewed, including the founder of MSCC !

Claim #1 : "proposes that firms be permitted to recruit freely"

What does that mean ? Well, to hire a skilled foreigner in IT, a company has to pay him a minimum salary of Rs 30,000. Previously, it was Rs 40,000. Many foreign workers skilled in IT are getting better salaries: I heard people earning up to Rs 90,000. If employers are allowed to hire freely as OTAM suggests: here is what is going to happen: Mauritius is going to be flooded with IT workers who will work for Rs 6,000/month. . In other words, if we remove the Rs 30,000 minimum salary, local IT companies can hire workers for Rs 6,000/month, from Countries like Bangladesh. OTAM uses the analogy of the Manufacturing sector to justify this. Now, Mauritians work for Rs 6,000 in Textile factories. Is this what we want for our co-workers, friends, and future children who we are grooming for a prestigious career in IT in Mauritius ? What is also shocking is that the MSCC does not show that it disagreed with OTAM's claim #1. This leads me to question the motivations of MSCC.

Claim #2: "Quality of graduates"

Quote from MSCC: "The notion of having a graduate per household led to a drop in the level of education, which translates through a lack of skills. It is thus detrimental to operators, who must train young people, which costs time and resources".

I am not convinced by claim #2. The quality of graduates from Mauritius is not that different from Countries like India, which are doing quite well in the area of ICT. I am myself a product of the so-called "one graduate per family". Can MSCC or OTAM point out how my skills are not as good as software engineers from the US or Germany ? I've been approached by Fortune 500 companies in the US, and offered engineering jobs in some of the world's most prestigious IT companies.

I think that OTAM is using the fact that the quality of IT education in Mauritius needs improvment as a scapegoat excuse to justify hiring people from outside, and pay them Rs 6000/month. The real goal of OTAM is to eliminate the Rs 30,000 minimum salary that the government imposes on foreign workers who want to work in Mauritius. Again, I am deeply disappointed in the stance that MSCC took on this matter.

THe real issue is that many of the local IT companies do not invest in training of their workers. One software engineer in the US can cost 4000 to 5000 Euros. That's almost Rs 144,000 . If you want to hire a junior developer in France, you would need to pay at least 1500 Euros. That's Rs 60,000. Knowing those facts: we know that a starting developer gets around Rs 20,000 here. So on each junior developer, an outsourcing company is saving up to Rs 40,000 ! Yeah, Rs 40,000 ! So the companies are putting that money in their pockets, instead of trying to invest into improving the skills of their employees. Now, they want junior developers who will work for Rs 6,000/month. THIS IS OUTRAGEOUS !

Claim #3: "Disloyalty"

I’am officially a Google security supplier !

Leave a reply

google

Security Services

Last night, I got the confirmation that I am officially recognized as a Supplier of Security Services for Google, the Internet Search Giant :)

google_supplier

What does this mean for Internet Security

I will be working more closely on Internet Security by focusing on key Open Source projects, and this effort will be sponsored by Google. Needless to say, I'm very excited ! I look forward to building a more secure Internet, that benefits not only Google, but also Mauritius, as we are also heavy consumers of products that are based on Open Source Software: Android, gmail and quite a few others.

Collaborative efforts

By working together, as a team, we can strengthen the foundation of Today's Internet, so that we avoid another Heartbleed. I look forward to not only work on code, but also with different people spread across the globe and who speak different languages. There's something beautiful in Open Source: Despite our divergent opinions, we are able to work together. I believe that our strength comes from our ability to readjust ourselves to an increasingly hostile Internet.

Google Security Supplier, am excited for this new adventure! :)


--Logan

IETF 93 Day 5

Leave a reply

The last day

The last day at the IETF was rather calm. A guy from Europe (Rob) won the Jon Postel award, which is an award given to people who have made significant contribution to the Internet. rob

Following Edward Snowden's appearance during the IETF 93, I met Daniel Kahn Gillmor, who works at ACLU. ACLU is The American Civil Liberties Union (ACLU): a nonpartisan, non-profit organization[5][6] whose stated mission is "to defend and preserve the individual rights and liberties guaranteed to every person in this country by the Constitution and laws of the United States

It's interesting seeing Americans taking the NSA to court :) I wish that we could do the same here for some Governmental organizations that do not work in the public interest of Mauritians :-)

Friday was rather calm, compared to previous days :) IETF was a great experience for me. Meeting people, and interacting with them face-to-face definitely helps in helping to move the Internet forward !

--Logan

IETF 93 Day 4

Leave a reply

Taking out my Axe !

I went to the SDN working group in the morning. After that, I moved to the TLS working group. I met Daniel J Bernstein. I thanked him for the liberal version of ED25519 that he made available on the Internet. We were able to integrate it in OpenSSH.


djb

While heading out for beer & food, I met Benno (who was recently promoted to managing director) from NLnetlabs, and we talked about NSD, Unbound & OpenDNSSEC :)

benno

Hacking OpenSSL

Rich and I started hacking OpenSSL a bit to make it a bit more secure. In particular, following the recent DH problems, we performed a security audit for those issues. We bounced patches back and forth, and Rich committed them to the OpenSSL repository :)

Later on, we went out for beer and food with the RedHat folks, and the discussions were very lively in the small indian restaurant.

rsalz

Fun day :)
--Logan

IETF 93 Day 3

Leave a reply

IETF Day 3


Bob Hinden is known as one of the designers of the IPv6 protocol. As the chair of the IPv6 working group, he overseas much of the current design work. I asked Bob if he could sign my IETF-card, and he did ! Bob was very happy to sign it :)
jamal


Next I met Jamal again. Jamal is one of the developers of the Linux kernel, and he's a very funny guy. We talked about the areas that we can improve in Linux. A very interesting discussion, and hopefully, we'll see more work there :) jamal

The next person that I met is Paul Wouters, who works at RedHat. We talked about OpenDNSSEC, and the database issues. I definitely think that we'll see more Open Source stuff there, as I believe that we have some good patches that would be useful to other DNSSEC users out there :)



Last but not least, I delivered a track on IPv6 Security fixing on Open Source Operating Systems, such as CentOS and FreeBSD. I was invited by Fernando Gont, a well-known IPv6 Security expert in the IETF. The discussions, and set of questions were very good. Code is in the pipeline too :) Very rewarding day !

--Logan

IETF 93 Day 2

Leave a reply

A great many people

Day 2 has been incredibly productive and fun ! First I met Dave That who worked on the idea of bufferbloat -- eliminating excessive buffering that impairs services like Skype, Google Videos, Whatsapp, Viber, and quite a few other real-time services. We talked about the issues that the Networking Industry faces and what the expectation of normal users are.
dave

Next, I met Bjoern Zeeb, who is THE FreeBSD IPv6 expert. I met him in the NOC where he helps runs the IETF Network during the IETF conference. Despite being very tired, he keeps working very hard. We discussed about a few IPv6 patches that I had been working on in FreeBSD, and the way forward towards making IPv6 more secure.
zeeb

The third person that I met is Rich Salz, of the OpenSSL project. He works at AKAMAI, which is the CDN network that caches stuff in Mauritius to make it faster for us when we access content on the web. We spoke a bit about OpenSSL security problems, and the code that I've been working on to make OpenSSL a little bit more secure.
rich

The forth person that I met, and not the least, is IPv6 Security Expert Fernando Gont. He's working on a lot of ideas to make IPv6 better. Tomorrow, I'll be at a side-conference presenting a few IPv6 security problems that I've fixed. It was a very interesting discussion !

fgont

IETF 93 Day 1

Leave a reply

First day

As the plane landed in Prague, I decided to explore the surrounding region while in the Taxi. Prague is so beautiful with its old buildings that date back to pre-World War II. See for yourself below:

ietf_1
ietf_1
ietf_3

Next stop: Hotel

I arrived in my Hotel exhausted, but determined to meet up with the various people that I had contacted: I met Michael Tuxen & Randal (Randy) Stewart who were there at the IETF hackathon. Michael Tuxen noticed that I was looking around for familiar people, and followed me when I left the room. He surprised me, and asked me If I was looking for him :) That caught me by surprise :) After exchanging a few words, he invited me to sit at the Hackathon table where other FreeBSD gurus were sitting. I started poking Randall Stewart who is one of the FreeBSD performance gurus when it comes to networking. Randal Stewart was a distinguished engineer at CISCO, and later moved to Netflix. Netflix served 1/3 of the North American Traffic during peak hours ! After the hackathon, I joined Michael and Randal, for dinner ! We spoke about FreeBSD, Netflix, Back to the future, and Star Wars ! I jokingly referred to Randall as "Doc Randall" in reference to the Back to the future Doc Emmett :)

freebsd_gurus

And the Beer ?

With so many friends around, it was inevitable that I was going to taste the czech republic beer. After 2 bottles, I felt that I had enough, and decided to head to my Hotel room. While heading to my Hotel room, I met face to face with an IPv6 legend. More to come soon ...

--Logan

I’am officially a Google security supplier !

Leave a reply

google

Security Services

Last night, I got the confirmation that I am officially recognized as a Supplier of Security Services for Google, the Internet Search Giant :)

google_supplier

What does this mean for Internet Security

I will be working more closely on Internet Security by focusing on key Open Source projects, and this effort will be sponsored by Google. Needless to say, I'm very excited ! I look forward to building a more secure Internet, that benefits not only the Google, but also Mauritius, as we are also heavy consumers of products that are heavily powered by Open Source Software: Android, gmail and quite a few others.

Collaborative efforts

By working together, as a team, we can strengthen the foundation of Today's Internet, so that we avoid another Heartbleed. I look forward to not only work on code, but also with different people spread across the globe and who speak different languages. There's something beautiful in Open Source: Despite our divergent opinions, we are able to work together. I believe that our strength comes from our ability to readjust ourselves to an increasingly hostile Internet.

Google Security Supplier, am excited for this new adventure! :)


--Logan

23:59:60, the cyberisland and the leap second that we forgot

Leave a reply


The US is busy planning for the leap second transition


Please see my previous blog post if you are not familiar with the leap second issue.


The US has a document for "Best Practices" (URL: http://www.gps.gov/news/2015/05/leap-second/2015-best-practices-for-leap-second.pdf) which has been published by the Department of Homeland Security. I'm going to quote a few sections from it: Sponsored by the National Cybersecurity and Communications Integration Center in coordination with the United States Naval Observatory, National Institute of Standards and Technology, the USCG Navigation Center, and the Nation al Coordination Office for Space - Based Positioni ng, Navigation and Timing . This product is intended to assist federal, state, local, and private sector organizations with preparations for the 30 - June 2 015 Leap Second event.

Below the introduction part of the document are a list of well detailed steps to prepare for the transition for the leap second that will occure on the 30th of June.

Meanwhile in Mauritius

I immediately went to look for the same information for Mauritius. My first choice is the Mauritius Standards Bureau. Looking at the relevant pages show nothing about Time (url: http://msb.intnet.mu/).

My 2nd choice is thus CERT-MU, which is the Mauritian equivalent of CyberSecurity, expecting to find a document for "Best Practices" for the Leap Second. Result of the search on CERT-MU website : Zero.

At this I start wondering what could be impacted by leap second in Mauritius. Websites crashes have been reported when previous leap seconds were added. Quote from a website: Sites such as Reddit, Gawker, LinkedIn, Foursquare and Yelp crashed after a "leap second" was added to the universal clock in order to keep up with the Earth's rotation. So, A few critical websites might crash. This is important to everyday users.

Other problems ?

Wikipedia says that: Older versions of Motorola Oncore VP, UT, GT, and M12 GPS receivers had a software bug that would cause a single timestamp to be off by a day if no leap second was scheduled for 256 weeks. How many companies are relying on GPS for their operation: Car fleets, Car drivers, boats, and people with smartphones, and The Amadeus airline reservation system was disrupted for more than two hours which affects plane fights.

Conclusion

Important information such as leap second transition should have been available on CERT-MU website so that people and organizations can better prepare themselves, and avoid disruptive problems across the Mauritian Infrastructure.