Monday, August 04, 2008

Declan’s data is deleted

It seems bad luck keeps bumping into Declan and me: at 5.10am on Saturday I was urinated on while I slept in my sleeping bag in the porch we have been sleeping in since 3 November 2006 (see previous blog); and yesterday afternoon both our booked computers in the local Council's Idea Store Whitechapel library contained a virus which infected each of the two USB drives we were using – Declan lost his database of over 3,000 scientists and academics from around the world (although he had an up-to-date copy of it in Google Mail), as well as a Word document of a categorised list of British signatories of his petition to the UN on therapeutic cloning.



It is not the first time that our data has been deleted through no fault of our own: on 26 January all emails sent to Declan after 12 August 2007 were moved to Trash and 300 draft documents, which included the names and email addresses of over 2,500 scientists and academics, were deleted for good (see blog “Declan’s Google Mail is raided”).

Perhaps it is unfortunate that the Idea Store is situated in Tower Hamlets, one of the poorest boroughs in London: for instance, the Methodist Church Whitechapel Mission, a day centre for homeless people, is just across the road (on 18 June 2007 we were barred by the minister's wife due to concerns about our safety). Still, the library is a modern building and the computers are up-to-date and well-equipped: a firewall, virus program, and filter software are installed across the network; moreover, all computers are programmed to automatically restore custom settings (and delete all activity by prior users), if you re-start them.

I was under the impression that all these things are supposed to be covert – but apparently not. The Independent ran a piece on 10 July entitled: “J'accuse! Ségolène Royal links Sarkozy 'clan' with break-in at apartment”. On France 2’s nightly news programme, the defeated French presidential candidate, Ségolène Royal, said she believed that there was a “link” between a break-in at her apartment on 27 June and her accusation the previous day that the President's wealthy friends were mounting a "take-over" of France. This followed a decision by Sarkozy to ban advertising from state-owned television – potentially increasing by €450m (£350m) annually the revenue of commercial television channels owned, or controlled, by his close friends. "I observe that on the day after I said that it was time to halt the Sarkozy clan's take-over of France, my home was ransacked," Royal told astonished viewers. "I make a link between the two events." Her comments were immediately dismissed by politicians close to Sarkozy who said they were the result of a "martyr complex". However, senior opposition figures sprang to Royal's defence. Jean-Marc Ayrault, the leader of the Socialist group in the lower house of parliament, said that President Sarkozy's 14 months in power had created a "climate" which "recalled the most unpleasant periods of French political history". Once such a climate is created, he said, "anything can happen".

For the record, this is Declan's email yesterday to the manager of Idea Store Whitechapel:

Subject: Idea Store Whitechapel

Dear Mr Abidin

Previous correspondence refers.

Yesterday evening my wife and I booked two computers for today - computer 16 from 1.00pm to 4.45pm and computer 15 from 2pm to 4pm. For security reasons, and as usual, we both re-started our computers prior to log in so as to automatically delete all prior activity. Nonetheless, we were both greeted by an announcement: "Tazebama.dll". Shortly after my wife then put her USB drive into her computer, she discovered that most of the portable programs contained in her USB drive were now inoperable. In my case, after I then put my USB drive into my computer, I was unable to open a database (containing the names and email addresses of over 3,000 scientists and academics from around the world) through Microsoft Excel due to "an error trying to open", and a related Word document entitled "List-Breakdown UK" was "corrupt and unreadable" (see attachment).

According to information derived from the internet, Tazebama.dll is W32.Mabezat.B, which is "a backdoor worm that spreads through network shares and allows attackers to access and gives full control over infected computer". In respect of Tazebama.dll, the Symantec website advises to "perform a forensic analysis and restore the computers using trusted media".

If I am in any way mistaken, please so advise at your earliest convenience.

Please would you acknowledge receipt.

Yours sincerely
Declan Heavey
Card no. D000355837