Reserved Words

March 25, 2010

Senator Fielding also fails internet school

Filed under: politics,technology — Craig Harvey @ 6:39 pm
Tags: , , , ,

According to this ABC News article, links to child pornography were posted on the website of Senator Steve Fielding of Family First. The website hosted a forum (under the link ‘Have Your Say’) where anyone can register as a user and then post comments. I’m unable to verify because the forum is now closed, but I suspect someone registered an account and spammed the site. Childish and puerile but hardly uncommon on the internet, particularly when you’re a politician who is very ‘pro family values’!

The news article contains this quote:

"It is disturbing. But I suppose this is the reason why we do need to have some sort of classification, some sort of filtering, and I do know that is controversial."

If this quote is true, then let me explain why this is scary. While Senator Fielding is an independent and not part of the government, he will surely support the proposed mandatory internet filter when the legislation comes before parliament.

Yet this is just another example of a politician who fails to understand how the Internet works – scary because they are going to be imposing legislation that will impose a filter that is a waste of money and time.

Senator Fielding if you’re going to host a discussion forum on your web site you need to take responsibility for the fact that people may post unsavoury content on there – you need to impose a system of moderation on this web site and actively screen content for this kind of spam and abuse. This is a far more sensible approach than imposing a mandatory ISP level filter that will not work.

Let’s hope the Australian Federal Police have more sense than this and laugh in his face when this matter is referred to them.

 

 

 

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

February 24, 2010

People of NSW – don’t believe the spin about the SMH hacking a website

Filed under: politics — Craig Harvey @ 6:55 pm
Tags: , , , ,

Background

On Friday 19th Feb 2010, Sydney Morning Herald reporters Matthew Moore and Andrew West were advised by a contact to go to the website nswtransportblueprint.com.au, where material on the transport blueprint was available.

The reporters did not require a password to view the documents, which were available to anyone with the URL address.

The reporters immediately printed out as much material as possible.

The Premier’s chief of staff, Walt Secord, that evening told West: "This was a website in progress."

– paraphrased from this article on the SMH

Link to original article [smh.com.au] revealing the leaked plans on 20th Feb 2010.

Link to hansard transcript for Feb 23 2009 – see ‘Transport Plan Confidential Documents’ on page 19. Quoting the Minister for Transport:

An internal investigation by Bang the Table found a total of 3,727 unauthorised hits on the website’s firewall security over a two-day period—18 and 19 February. That is akin to 3,727 attempts to pick the lock of a secure office to take highly confidential documents.

Here is my explanation of the wrongness of the statement.

  • A hit does not equal a page load. A web page might be made up of many different resources (images, stylesheets, scripts), each of them has to be requested from the server and counts as a hit. It might take 50 hits to load all the things required for one web page. So don’t imply that this was 3,727 attempts to load a document that was supposed to be secure.
  • Port scanners and probes generate ‘hits’ all the time. These scanners make requests for well known documents and configuration information in an attempt to find vulnerabilities left by inept system administrators who do not properly secure their systems.
  • Governments don’t collaborate on small web sites set up for a limited purpose. Why would ‘working documents’ be stored on a public website?
  • The Premier’s Chief of Staff apparently confirmed it was a website in progress on Friday evening (according to the SMH)
  • As if the journalists involved would hack the website themselves – surely a third party would be used if they were really trying to be nefarious

Additional info

WHOIS information for the domain nswtransportblueprint.com.au reveals the following details:

image

Crikey article about Bang the Table – with appropriate counter-response from the company directors mentioned in the article in the comments below.

Slashdot Article about this saga [slashdot.org] for the technically minded.

The original website doesn’t appear to be available anymore – suggesting they scrapped the whole thing after this embarrassment.

Luckily Google has a cache of some of the pages and it appears that there was some attempt at security (at least for the GoogleBot).

A good description of this debacle here at Luddites hacked my website [Techeye.net].

Conclusion

  • Either someone did hack the web site to make it available to the public and tipped off the journos; or
  • Some mistake made the web site content available to anyone who knew the address (either temporarily or permanently)

Either way it’s not a good look for Bang the Table [bangthetable.com] and its customers. They should be concerned that their platform is either easily hacked or that there are not appropriate procedures in place to ensure that content is secured.

Update – 25 Feb 2010 10:20am

Apparently Bang the Table have owned up to a problem with the security and now the Transport Minister has apologised in Parliament. See SMH for more.

A director of Bang the Table, Matthew Crozier, said areas of the site were temporarily accessible on Friday.

”This is a matter of significant embarrassment to us,” Mr Crozier said in a statement. ”While security was in place on the front page of the site, clearly it was not sufficient to prevent the internal content being accessed.”

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

February 14, 2010

Channel 9 Twitter fail

Filed under: media,technology — Craig Harvey @ 6:11 pm
Tags: , , , ,

Now that we’ve had some success tackling the big issues, time to turn our sights on Channel 9, free to air broadcaster of cricket in Australia. Currently one of the major sponsors of cricket is mobile phone company Three. They have a promotion where you can get free access to Twitter for a period of time if you sign up (or something). Channel 9 have an info-graphic thingo to promote this and they are promoting their Twitter username as:

@ninecommentaryteam (have a look at how many people are attempting to tweet this address)

Problem is that this doesn’t exist, so fail on their part. OK, people make mistakes and maybe the guy who does the screen graphics got some dud info. The real username is actually @9commentaryteam.

But what gets me is that the real username has actually tweeted three fifths of bugger all. Their last tweet was the 7th of Feb (today is the 14th), and prior to that it was the 29th Jan.

So why promote this way of interacting with you when you’re not really into the whole tweeting thing anyway? If anything it just makes you look stupid, you’re better off not trying at all. Fail!

February 13, 2010

Google Android logo fun

Filed under: humour,technology — Craig Harvey @ 11:22 am
Tags: , ,

image

I was in my local Harvey Norman and walked past their display for the HTC Hero, out of the corner of my eye something just didn’t look right. Check out their use of the Windows logo to promote the fact that the phone time Android! I don’t think they get it. Or maybe that logo is now a generic logo for operating systems now.

Update: @HarveyNormanAU contacted me via Twitter to ask which store it was so that they can fix this up. Never let it be said that we’re not tackling the big issues here people! Making the world a better place – one incorrect sign at a time.

February 8, 2010

Junkware Alert: Hear loud and clear on the telephone

Filed under: Uncategorized — Craig Harvey @ 8:12 pm
Tags: , ,

So you’ve got a hearing problem and you’re too embarrassed to see a medical professional and get a proper hearing aid. Why not self-medicate and use a range of gadgets that help you hear more clearly?

Like this telephone earpiece amplifier:

From Magnamail.

Too bad if you want to actually hear at other times… perfect if you’re locked in some kind of room where your only contact with the outside world is via telephone though.

Blog at WordPress.com.