Feeds:
Posts
Comments

Posts Tagged ‘privacy’

Followers of IT in Australia may recall in June 2011  it was reported by Crikey.com.au that a staffer at ABC Australia placed some code on an ABC server to mine bitcoins.

Back then, as Fairfax’s Sydney Morning Herald reported at the time, ‘ABC’s head of corporate communications, Sandy Culkoff, said that the ABC would not comment on IT security matters however “there is a serious misconduct case underway in relation to this matter”

During Australian Senate Estimates in February 2012, Senator Abetz asked ABC Australia a number of questions about the incident. This revealed the incident was not a case of someone attempting to use corporate CPU time for their own advantage, but instead use visitors computers without their knowledge.

To answer Delimiter’s question from last year, this would most likely place the actions of the ABC staffer in the class of ‘petty criminal‘ under section 478 of the Australian Cybercrime Act. Today, the answers to the questions from May 2012 have arrived and it once again raises the question whether the ABC’s board are guilty under section 477 of the act – the more serious computer crime.

The ABC will be telling parliament they’ve destroyed logs. The actual quote is “The ABC did not retain the server log files for that period” which leads to wondering how long the ABC maintain their logs and why possible evidence of a ‘serious misconduct case’, or even that of a possible criminal act, has vanished. They will be telling parliament that no record was kept of the offending code “The ABC did not retain the Bitcoin code.” They will also be telling parliament that a conscious decision was made to keep notification of trying to impair computers away from the public: “There was no ABC news coverage of this matter” (this is at direct odds to my recollection of coverage at the time, but I would agree that it would seem there are no references to this incident on the ABC’s own website as of today). The ABC have previously claimed that they “ha(d) not received any complaints from audience members as a result of this Bitcoin code.”  The ABC believes that it’s not for them to tell the public when their staff members attempt to execute unauthorised code on your computer: “The ABC considered that it would be contrary to good security policy to publish any information about breaches of site security as this could reward and encourage hackers.

This is not someone attacking the ABC’s site, this is an ABC staff member attacking external computers. The ABC have decided to show no one – not the public, not AusCERT, certainly not the Federal Police – any details. If you were visiting their website and your web browser did have performance issues at the time, they certainly haven’t put their hand up to say ‘Oh sorry it might’ve been us’. Instead, they’ve hidden, obfuscated and deleted data. To say that such behaviour reminds me of the genesis of reports on the News International phone hacking scandal would be an understatement. Maybe we should expect more of this behaviour from ‘our’ ABC in the future. In the context of the push by the current Australian government’s attempts at data retention, one can’t help but also think that parliament is putting the horse before the cart. It’s time enough for Australia to have mandatory disclosure laws about data breaches. I hope that scenarios such as the ‘ABC Bitcoin Incident’ will be included in the types of data breaches requiring mandatory disclosure.

Advertisements

Read Full Post »

Blink and you’d miss it, but unionist Tim Jacobson, Greens advisor Kartika Franks and Mayor Adriana Taylor are currently contesting a Tasmanian upper-house seat. As usual, interesting to note who has and who hasn’t complied with the Tasmanian Electoral Act as well as who doesn’t meet basic accessibility. The ultimate irony being the Commission’s own failure to meet basic accessibility.

For the record, I suspect I’ve written a great number of tweets that may not have been Authorised. Not living in an electorate that’s now at the polls lead to a situation where I was blissfully unaware I may have broken the law. Is this a case for a unicameral system? I have no idea. I do know if the Commissioner wants to stop me, he should already know where I live. He’s got my name and address on his electoral roll.

For the blood and gore, there’s Antony Green‘s blog about the contest for Elwick.

Read Full Post »

There are still some tangental frayed story cords that I’d like to tidy up after the election as it looks like this crap sammich will still have legs well in to this year, with all parties promising to make sure the law reform takes place during the life of the next parliament. But for now…

With less than 12 hours to go before opening of polls in the Tasmanian election, candidates are settling in for the wait. New tweeps are coming out of the woodwork and the Facebook pages are having their profile pictures changed despite section S191. A well-known political action group seem unaware of S191’s requirements and a famous national blog got in on the action and hosted an unauthorised live blog. This Possum corrected this so that things could continue. Then there’s the TV stations running apparently unauthorised polls on their websites

With everything I’ve written about S191 and how Tasmania entered the election phase with such a mad law in place, with stuff written by national tech journals, published by the national broadcaster one can really only reach the conclusion that the Electoral Commission has selectively enforced the law, and further have bent at right angles it where it’s faced the smallest of hurdles (eg, websites of newspapers, advice completely at odds for the cited websites of  local TV stations). As I wrote the other day, there’s even a possibility that the Commission completely ignored the law when providing advice to one of the major political parties. The Commission even went as far as releasing the numbers of complaints against the ‘Robocalls‘, yet point-blank refused to release similar numbers for S191.

With all this, one can reach the reasonable following conclusions:

  1. The commission wasn’t sufficiently technically literate when S191.1.b was introduced
  2. Despite point one, the commission wilfully remained technically illiterate
  3. Because of points one and two, the commission utilised the tools of FUD to keep critics in a place where they cannot evaluate S191’s (and thus the Commission’s) enforcement during the election
  4. Possibly due to three, candidates and lobbyists were not ready to spend effort and time in comprehensive modern campaigning techniques as seen executed by the US Democrats in the 2007 Presidential Election (specifically Obama)

Because of point four, I believe that the election, whilst taking place in a fair way, may well be considered not to be free.

Read Full Post »

On Tuesday 16th March, the ALP started ‘cold calling’ Tasmanians with a warning about ‘what a vote for the Green party means’. This post is not intended as a critique of the call’s content. This is a critique of the Tasmanian Electoral Commission and their possible failure to police the Electoral Act.

The ALP’s state secretary, Mr John Dowling, has indicated that the company producing the calls is in Sydney. ABC Hobart reported that The Mercury (News Corp’s local rag) identified the name on the voice as a person from the Hobart suburb of Montrose who’d written 5 recent ALP positive letters to the editor. Mr Dowling claimed that the TEC had approved the cold calling.

However, given the company producing the call campaign is (according to Dowling) in Sydney and the voice is of someone is in Montrose, it’d would be reasonable to presume that the internet usage at some stage during production of the calls, either in preparation (eg, voice recording and transmission to Sydney), or the calling itself (eg, utilising VOIP to make the calls in to Tasmania).

With these reasonable presumptions in mind, as well as the TEC’s clear and concise request on the 13th of this month that everyone, including those interstate and overseas, respect Tasmanian law, it’s not unreasonable to ask the TEC the following questions:

Can the TEC confirm that the internet was not used at all in the production or delivery of any of the now infamous ‘ALP cold call’. This includes, but is not limited to:

  • transport of the audio to the company in phone company in Sydney that ALP secretary John Dowling says they used
  • utilising VOIP to call Tasmanians from Sydney (or indeed TCP/IP usage on the backbone switching required to make the calls)
  • transport of the “sound file” (Dowling’s phrase) from the Sydney company back to Dowling as indicated in his ABC Northern Tasmania interview
  • transport of the sound file from Dowling to others, including the media
  • if the TEC cannot confirm that the internet was not used, what steps will the TEC take to make sure trust in the Commission’s oversight of other Internet commentary during the election

Whilst I appreciate that Dowling sought TEC’s approval of the campaign, and that straight up cold calling campaigns do not need authorisation, I cannot see how it’d be possible to do the above in 2010 without using the internet in some way and thus not be subject to S191.

(I’ll return and tidy up this a bit later when I can start linking in source materials, I’ve just banged this out ASAP as a heads up for those interested)

Screenshot of ALP supporter commenting on ALP candidate's Facebook page

ALP supporter denies internet involvedment in cold calls

Update: ALP Candidate’s Authorised FB page carries statement from supporter saying internet was not used anywhere in production or transmission of cold calls. I’m curious what supporting evidence he has, given my queries above.

Update 2: After a brief analysis of an audio sample of the call that fell in to my lap, I’m happy to say a few of things about it.

Infamous Tas Labor Cold Call – How many crickets can you hear?

  1. It’s an accurate reproduction of the voice and words that was broadcast on ABC Radio this afternoon
  2. There is ambient noise
  3. It is unclear during cursory inspection whether the ambient cricket noise was in the pre or post production (that is, recorded at the voice source, by the person recording the call, or added in to the mix at production stage to mask edits). Such an examination is beyond my amateur butt, and should be left to experts (or the TEC).

Read Full Post »

There’s a tweet getting around that Damon Thomas, former head of Tasmanian Chamber of Commerce and Industry, political candidate in a recent council election (although afaik not in the upcoming state 2010 vote), as well as former State Crown Solicitor talked about the launch of iElect tonight on ABC TV News. I’ve been all over the website concerned, as well as the DNS servers and ASIC records, and cannot find anyone taking responsibility for the electoral comment beyond a name (Stephen James Reid) and a PO Box (GPO Box 1861 Hobart TAS 7001). It’s impossible to say whether this is a TCCI front, or independent, or precisely what (I’ll note that a Google search for Mr Reid and the PO Box turns up a document about Bellerive Oval Action Group). It’s certainly well organised and a professional job. (I’ll also note that their graphic for a ballot ticket is completely wrong in regards to Tasmania’s Hare-Clark system, but that’s a minor gripe)

Sure, there’s Greg Barns and Andrew Scobie writing for it and they’re as easy to track down as a dodgy water sample in the St Helens catchment area, there’s also iElect’s Facebook page which seems to have one person cheersquad – perhaps Scobie’s son – but that’s it. Before the site went on ABC News I didn’t link it here, but now it’s been mentioned in a broadcast sense I feel more confident linking it here.

What gets me going, though, is that it’s one thing where citizens cannot make public comment without fear of breaching privacy – I feel quite right to rant against that. However it’s completely different when the business lobby – with help of a former State Solicitor – so clearly break S191 without due regard of  the Commissioner’s directive. Maybe they have the money to fight the law in courts? I believe this is akin to the recent ‘win’ by corporates in the US Supreme Court where corporations were found free to spend as much money as they like without regard to undue political interference. These people hide behind some corporate mask and talk the talk of democracy and freedom, yet can barely think and chew gum at the same time.

I don’t think it’s hypocritical of me to call for revocation of S191’s internet clauses for private citizens, yet complain about such a flagrant clear breach takes place by the paid corporate political lobby within the state.

I admit I didn’t see all the short news report. I had to take a phone call, and then blinked and missed hearing the guts of the story. As well as my earlier comment about the site’s dud graphic, I’ll also note that the site still has ‘Lorem Ipsum’ text in at least one place – where they ask for your full name and postcode. As such, I encourage people to sign up with as much fake detail as possible.

UPDATE: Would seem in the last few minutes (around 22:00 2010/02/28), iElect have finally admitted to taking responsibility for their website. The notice is on their front page. But it’s still dubious. More on this in a post during this coming week.

Read Full Post »

It would seem officially unofficial: the first part of the S191 fight is over. All three major party leaders have publicly agreed that the law’s a pig and needs urgent review as soon as possible after the election. Premier Bartlett stated as much on Monday morning on ABC Tasmania Statewide Mornings hosted by Tim Cox thus prompting my earlier post.
A little later in the day at the Australian Computer Society luncheon at the Hobart Function and Conference Centre, the leaders of the Liberal and Green parties also called for changes to the law within the sitting of the next parliament (I’m not able to link audio, I believe it’s paywalled at ACS – haven’t heard it but I did manage to gatecrash the event and hear it with my own ears). I am hoping that DigitalTasmania can get the three leaders to agree to a co-signed public statement before the election. Right now, the declarations are around the ‘net and I think it’d be a great show of the leaders’ professed intent on the digital future for this state if they could at least agree to this on the one piece of paper.
At Hobart ‘Tech Tuesday’ this week, I briefly covered the S191 situation with some of the ‘doers’ in the industry within the state’s capital. We were looking at the situation from a practical level, as the act is still in place and theoretically some of us could be called upon to give evidence. Our conversation inevitably wandered on to the result of the law. There seemed  general agreement that, to varying levels, the fundamental reason for S191 (to make it difficult for anonymous party activists to skew the electoral debate) is fair and reasonable. In politics, they’re likely party hacks. Online, we’re used to the term ‘tentacles‘, ‘sock-puppets‘ or ‘trolls‘. And as tech folks we know they’re the bane on any informed commentary (early in a geek’s career, one experiences flame wars conducted about different technology platforms). But here in the area of fakery is where the Tasmanian Electoral Commissioner’s in a bit of a pickle.
Personally I cannot see how the Commissioner can put aside attempting to police S191.1.b during this election, as to announce an intention to do so would invite many troublesome sites. Yet even as I write this there are high-profile candidates from the three parties who still aren’t in compliance with my most basic understanding of the law. As I’ve said before, if after the vote we end up without a clear majority as many are predicting, it will be open season for the candidates to attempt to dislodge others from the count using any means available. And this will probably include attempting to get the Commissioner to use  S191.1.b – in which case it’s not entirely implausible that the outcome of the vote will end up in the Supreme Court. This second phase of the problems with S191 would be fairly lengthy, as it stands now I can’t see a way around it. Only time will tell what happens.
But even still, after all this, we’re left with the very real issue of how to deal with online election commentary where that is easily faked. The law for authorisation is for a different age, of newspapers and journals that took days to circulate the state. When there’d only be one John Smith of South Hobart (and if there were two, everyone in South Hobart would know both). Not for an era where a comment can fuel random Facebook hate sites with tens of thousands of fans before the ‘fact’ is proved false and the person allegedly authorising the comment turns out to be from FakeNameGenerator.
Curiously enough, identification is the very same issue that’s at the cutting edge of national security and modern commerce. How does one guarantee who one’s allegedly dealing with, either in person or online, is who they claim and codify this within law? If the political parties and leaders are truly committed to fixing S191’s issues, then maybe – just maybe – Tasmania can have a proper enquiry in to this and we can come up with a solution that evenly balances civil liberties and state’s interest in such a way that the public are content to encourage the new commerce that will prosper from such a solution.
Finding such a solution would be the truly sensible outcome of the corner that we find ourself painted in to. Anything short of such a solution would be just as full of fail as the current situation we find ourselves in.

Read Full Post »

Now there’s clear difference of opinion with candidates on S191, the definition of ‘Electoral Matter‘ is far more important. Seeking legal advice before blogging again.

Read Full Post »

Older Posts »