Reserved Words

March 25, 2010

Conroy fails to defend mandatory internet filter on 7PM Project

Filed under: technology — Craig Harvey @ 10:52 am
Tags: , , ,

Senator Conroy appeared on The 7PM Project last night (Wednesday 24th March 2010) in an attempt to defend the proposed mandatory ISP level filter. Watch the video below and see if you think he was convincing.

It was typical spin that tried to keep the focus for RC material on child pornography when the scope of RC material is much wider than that. To be fair to Conroy he got talked over a few times by the panellists, who I thought did a half decent job of asking him tough questions.

In this interview Conroy quotes that there are 355 web sites with child pornography ‘in the open’ now that would be on the blacklist. He proposes a contradictory approach of using a filter to block access to those, but using police to get into the peer to peer networks where the majority of this filth is trafficked (and for which the filter will not work). Why not just use the police for all of it Senator? Spend the filter money on the police instead.

Rather than reiterate why I’m opposed to this whole thing, I’m going to point you to this great article debunking the 10 common lies told about the internet filter.

 

 

 

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

February 24, 2010

People of NSW – don’t believe the spin about the SMH hacking a website

Filed under: politics — Craig Harvey @ 6:55 pm
Tags: , , , ,

Background

On Friday 19th Feb 2010, Sydney Morning Herald reporters Matthew Moore and Andrew West were advised by a contact to go to the website nswtransportblueprint.com.au, where material on the transport blueprint was available.

The reporters did not require a password to view the documents, which were available to anyone with the URL address.

The reporters immediately printed out as much material as possible.

The Premier’s chief of staff, Walt Secord, that evening told West: "This was a website in progress."

– paraphrased from this article on the SMH

Link to original article [smh.com.au] revealing the leaked plans on 20th Feb 2010.

Link to hansard transcript for Feb 23 2009 – see ‘Transport Plan Confidential Documents’ on page 19. Quoting the Minister for Transport:

An internal investigation by Bang the Table found a total of 3,727 unauthorised hits on the website’s firewall security over a two-day period—18 and 19 February. That is akin to 3,727 attempts to pick the lock of a secure office to take highly confidential documents.

Here is my explanation of the wrongness of the statement.

  • A hit does not equal a page load. A web page might be made up of many different resources (images, stylesheets, scripts), each of them has to be requested from the server and counts as a hit. It might take 50 hits to load all the things required for one web page. So don’t imply that this was 3,727 attempts to load a document that was supposed to be secure.
  • Port scanners and probes generate ‘hits’ all the time. These scanners make requests for well known documents and configuration information in an attempt to find vulnerabilities left by inept system administrators who do not properly secure their systems.
  • Governments don’t collaborate on small web sites set up for a limited purpose. Why would ‘working documents’ be stored on a public website?
  • The Premier’s Chief of Staff apparently confirmed it was a website in progress on Friday evening (according to the SMH)
  • As if the journalists involved would hack the website themselves – surely a third party would be used if they were really trying to be nefarious

Additional info

WHOIS information for the domain nswtransportblueprint.com.au reveals the following details:

image

Crikey article about Bang the Table – with appropriate counter-response from the company directors mentioned in the article in the comments below.

Slashdot Article about this saga [slashdot.org] for the technically minded.

The original website doesn’t appear to be available anymore – suggesting they scrapped the whole thing after this embarrassment.

Luckily Google has a cache of some of the pages and it appears that there was some attempt at security (at least for the GoogleBot).

A good description of this debacle here at Luddites hacked my website [Techeye.net].

Conclusion

  • Either someone did hack the web site to make it available to the public and tipped off the journos; or
  • Some mistake made the web site content available to anyone who knew the address (either temporarily or permanently)

Either way it’s not a good look for Bang the Table [bangthetable.com] and its customers. They should be concerned that their platform is either easily hacked or that there are not appropriate procedures in place to ensure that content is secured.

Update – 25 Feb 2010 10:20am

Apparently Bang the Table have owned up to a problem with the security and now the Transport Minister has apologised in Parliament. See SMH for more.

A director of Bang the Table, Matthew Crozier, said areas of the site were temporarily accessible on Friday.

”This is a matter of significant embarrassment to us,” Mr Crozier said in a statement. ”While security was in place on the front page of the site, clearly it was not sufficient to prevent the internal content being accessed.”

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

February 14, 2010

Channel 9 Twitter fail

Filed under: media,technology — Craig Harvey @ 6:11 pm
Tags: , , , ,

Now that we’ve had some success tackling the big issues, time to turn our sights on Channel 9, free to air broadcaster of cricket in Australia. Currently one of the major sponsors of cricket is mobile phone company Three. They have a promotion where you can get free access to Twitter for a period of time if you sign up (or something). Channel 9 have an info-graphic thingo to promote this and they are promoting their Twitter username as:

@ninecommentaryteam (have a look at how many people are attempting to tweet this address)

Problem is that this doesn’t exist, so fail on their part. OK, people make mistakes and maybe the guy who does the screen graphics got some dud info. The real username is actually @9commentaryteam.

But what gets me is that the real username has actually tweeted three fifths of bugger all. Their last tweet was the 7th of Feb (today is the 14th), and prior to that it was the 29th Jan.

So why promote this way of interacting with you when you’re not really into the whole tweeting thing anyway? If anything it just makes you look stupid, you’re better off not trying at all. Fail!

February 13, 2010

Thorpe’s financial dramas

Filed under: media — Craig Harvey @ 12:30 pm
Tags:

According to The Daily Telegraph today (13th Feb 2010), Ian Thorpe has had some cash flow problems. But lucky for him that he’s mates with Alan Jones who was able to call up the head of Westpac Gail Kelly. According to the Tele, Jones said:

“Ian’s had no training in this area because he’s spent so much of his life in a swimming pool. So I rang Gail Kelly for him. Simple as that. I said to Gail ‘Do you know Ian Thorpe’s been banking with you since he was 15’. Gail got someone from her personal banking unit, who coincidentally lived just two streets away from Ian – and they set up an appointment”.

That’s great news, good work Alan. It’s great to know that loyalty to Westpac is rewarded with indirect access to the CEO and her personal banking adviser of choice. I’d hate to think that there’s one set of rules for the rich and well-connected, but different rules for the peons. Mind you, I can’t find this exact quote in any online versions of this article so maybe my cynicism is not misplaced.

Blog at WordPress.com.