This is the full text via Crikey:

Direction

Today I have directed that there be no further proceedings on all charges against 11 persons involved in The Chasers War on Everything entry into a restricted area during the APEC Meeting in Sydney in September 2007: Julian Morrow, Charles (”Chas”) Licciardello, Nathan Earl, Giles Hardie, Lauren Howard, Geoffrey Lye, Alexander Morrow, Benson Simpson, Esteban Alegria, Mark Kordi and Rodrigo Pena.

The matters are listed for mention in the Local Court tomorrow, 29 April 2008, when the charges will be withdrawn.

In the unusual circumstances of this case I consider it appropriate to give some explanation for this course.

Background

On Thursday 6 September 2007, during the APEC Meeting in Sydney, two presenting members of The Chasers War on Everything ABC comedy/satire team were charged, along with six Chasers crew and production team members and three hire car drivers, with entering a restricted area without special justification, contrary to section 19(1) of the APEC Meeting (Police Powers) Act 2007.

The legislation (which was in force from 4 July 2007 to 13 September 2007) provided for “declared areas” (setting in effect an outer perimeter of affected space) and “restricted areas” inside declared areas established around APEC Meeting venues and accommodation. The relevant areas for present purposes were along Macquarie Street, Sydney, north of King Street where a declared area was in place and north of a gate approximately 30 metres south of Bridge Street where a restricted area commenced.

Short Facts

The Chasers created a fake “motorcade” consisting of, in order: two motorcycle outriders, a black 4WD vehicle, a black sedan and another black 4WD. Five male members of the team (including Morrow who was directing operations) walked alongside the motorcade. After reaching Bent Street the motorcyclists dropped to the rear.

The three vehicles had obviously bogus APEC identification stickers and Canada identification stickers on their windscreens. The sedan had Australian and Canadian national flags on its bonnet. All had tinted windows. The five runners also wore obviously bogus identification. One of the motorcyclists wore jeans.

Nine cameras were in operation, some fixed, some handheld and worn and some with audio recording. Recordings from those cameras have been taken into consideration.

At about 11.30am on Thursday 6 September 2007 the fake motorcade approached along Macquarie Street from the south and stopped at the intersection of Bent Street. One of the motorcyclists and Morrow pointed forward. Police waved the motorcade on and indicated in a northerly direction along Macquarie Street towards the restricted area. It then proceeded through an open gate further into the declared area.

The motorcade then stopped briefly before moving north again towards a second open gate which in fact marked the beginning of the restricted area (although police in the vicinity were unaware of that and the Chasers were uncertain where the restricted area began). The motorcade then stopped just short of the second gate. Morrow asked people with whom he was in contact about the restricted area and was given to understand that it commenced at Bridge Street. The motorcade then proceeded again through the second open gate towards the intersection of Macquarie and Bridge Streets. There was no attempt by police lining the route to inspect or stop it.

The motorcade then stopped short of the intersection of Bridge Street and Morrow told police that there had been a change of plans and that they needed to turn back. Morrow suspected that they had entered the restricted area, which he had not intended to do. Macquarie Street had been narrowed by fencing and barriers between Bent and Bridge Streets and it was necessary to advance into the intersection to turn around. Police waved the motorcade forward into the intersection to enable that to occur.

The motorcade then stopped in the turn, Morrow consulted with Licciardello and he (dressed as Osama Bin Laden) got out of the sedan and with Morrow started to walk south in Macquarie Street. Police then arrested the 11 accused and seized items. (The two motorcyclists rode away.)

The Chasers had carried out an examination of the area on 5 September 2007 when police procedures had been different from those followed on 6 September 2007. The Chasers had also conducted a planning session on the morning of 6 September 2007 and some video and audio recording of that has been considered.

The evidence establishes that the Chasers plan, in what was considered the unlikely event that they were allowed to pass through any gates, was to stop short of the restricted area and to get Licciardello out of the vehicle.

Referral to ODPP

Police prosecutors were primarily responsible for the conduct of the prosecutions, they being for summary offences in the Local Court.

A large amount of evidentiary material was made available to the police prosecutors, along with representations on behalf of the accused and advice from senior officers and the Crown Solicitor.

Police could have prosecuted or withdrawn any or all of the charges. The case was first referred to the ODPP for the purpose of giving advice on 13 March 2008. On 14 March 2008 it was decided that the ODPP would conduct the matters and they were then taken over from police.

The matters have been assessed in this Office in the usual way for all briefs received. Regard has been had to the applicable law, the admissible evidence and the Prosecution Guidelines. There has been some urgency in the treatment of the matter by reason of the elapsed time since the events and the listing of the matters in court.

Reasons

It was an offence to enter a restricted area without special justification. Special justification was defined in section 37 of the Act and included circumstances where a person was permitted to be in the area by a police officer and where the person was required to be in the area for a work-related purpose.

The offence is one of strict liability. Consequently, the defence of honest and reasonable mistake of fact is available to the accused. Put another way, it is a defence to establish, or to raise a reasonable doubt that there existed, an honest and reasonable but mistaken belief in a set of facts which, if they had existed, would have rendered the conduct innocent.

In the cases of all 11 accused I am satisfied that on the evidence presently available the prosecution would not be able to negate, beyond reasonable doubt, the existence of an honest and reasonable (but ultimately mistaken) belief that they would not enter or be taken into the restricted area and that, when they did enter it, it was with the permission of police (given by waving them through the Bent Street intersection towards the first gate north along Macquarie Street, then allowing them through the second gate unhindered and then directing them to turn in the intersection of Bridge Street). Police permission in fact constitutes special justification for entry.

Accordingly, there is no reasonable prospect of conviction and for that reason the prosecutions should not proceed.

In the cases of Licciardello, the six crew and production staff members and the three hire car drivers a further defence may be available that they had special justification by reason of their requirement to be there for work-related purposes in the circumstances that unfolded. Morrow was directing the progress of all who were employed for the purposes of the stunt and they either followed or were swept along by the directions that he gave.

I am also satisfied that, if the prosecution proceeded against Morrow only on the basis that his situation could be distinguished from the rest, the court would be bound to find that the motorcade entered the restricted area in error and if the offence were otherwise proved (which I consider unlikely) it would be probable that a magistrate would dismiss the charge without conviction under section 10 of the Crimes (Sentencing Procedure) Act 1999 (considering also Morrow’s otherwise good character). That would provide an additional discretionary basis for not proceeding in Morrow’s case, in accordance with the Prosecution Guidelines.

There’s also a story at ABC Online. My comments to come tonight.

5 Random Semi-Related Posts

• The Great Wall of Sydney (2 comments)
• Who’ll be PM on Wednesday? (4 comments)
• The Secret: shite (2 comments)
• Sensis lawyers bully small fry over Yellow Pages trademark (3 comments)
• Stupid email disclaimers: don’t use them! (12 comments)

News has just come through that charges against The Chaser team for their APEC security breach stunt have been dropped. Good, someone has a brain. Yes, they did enter the APEC security zone — but you, dear police and security forces, stood back and saluted as you waved them through the checkpoints.

5 Random Semi-Related Posts

• Is this police provocation? (1 comments)
• APEC “security theatre” a joke, literally (10 comments)
• Why The Chaser’s charges were dropped (7 comments)
• Howard’s submissive body language (7 comments)
• More APEC “Great Fence” photos (0 comments)

5 Random Semi-Related Posts

• Links for 30 April 2008 (0 comments)
• All you need is 1000 True Fans (8 comments)
• Feeling flat? Blame Sydney! (6 comments)
• Savoradin on Depression (1 comments)
• Putting The Penis Into Envy (4 comments)

Speaking at the AusCERT conference on Monday, Ivan Krstic, director of security architecture for the One Laptop per Child project, says the computing industry relies on “utterly obsolete concepts and assumptions” and has “massively failed when it comes to desktop security”.

The way modern desktop security works is by relying on the user to make informed and sensible choices on things they don’t understand.

The early personal firewall software was a classic example:

A dialogue would pop up and say ‘Hi, we’ve intercepted this packet with this TCP sequence number and these flags set, and SYN and FIN are both on, and here are the destination ports and the source ports and here is a hex dump of the packet. Allow or deny? What do you think?’. Who is that protecting? It’s protecting me, but I don’t need that kind of protection in the first place.

The Apple Blog was sarcastic when they reported Krstic’s speech — I suspect because arrogant OS X users think security issues don’t apply to them — so I posted a response…

Despite your sarcasm, when you ask…

So does that mean ‘there is nothing in place to say that’ OS X’s Chess game cannot format my hard drive or turn over control of my Mac to third parties?

… yes, you’re right on the money. Krstic is absolutely correct. This is exactly the “trust model” of every desktop operating system currently in use.

Software like Minesweeper in Windows, Chess in OS X or whatever — everything from Adobe Photoshop and Microsoft Office to that cute little widget you just downloaded from… who? — are supplied as pre-compiled binary programs. Unless you reverse-engineer them and do a complete audit, you have no way of knowing for sure what they do. Not 100%.

Even then you have to be really good at software auditing to know you’re not overlooking some trick. And you have to audit every software library they call. And, if you want to be completely sure, audit the microcode on the processor chip while you’re at it.

When you run any software, you’re trusting the author to do only what they claim they will do.

There is no global auditing program to ensure software does what it says and only what it says. In any event, how can you know whether the file you just downloaded is the same one that was audited?

And, despite the “I’m more secure than you” arrogance shown by so many OS X users, there’s nothing about OS X that makes it any different to Windows in this regard: run a program, and it runs with the same privileges as you have.

At this point open-source advocates will say that they have the source code so they’re OK — but honestly, when was the last time you read through the source code before compiling and running a program?

5 Random Semi-Related Posts

• Technology review of 2008 (sort of) (0 comments)
• Apple becomes biggest music retailer in US (0 comments)
• Immobilised by Apple’s MobileMe (3 comments)
• Mac vs PC spoof ads (0 comments)
• Remember 20 megabyte hard drives? (4 comments)

“Safety is paramount and we respond to concerns from members of the public in the way they would expect us to,” said a Durham Police spokeswoman. Too right.

5 Random Semi-Related Posts

• Howard goes all passive aggressive (4 comments)
• Not all groups are gangs (0 comments)
• End of the “War on Terror”? (3 comments)
• Fed Police chief proposes “Reprogramming” (0 comments)
• Drop that goddam Citizenship Test, Senator Evans! (2 comments)

The 5 April story Police secret password blunder explains how a database of email passwords was published on the Internet.

The names, email addresses and passwords of as many as 800 people who signed up to receive NSW Police media releases are listed on the database.

Among the exposed passwords is that of Detective Chief Superintendent Mark Jenkins, the man responsible for the state’s Counter Terrorist Co-ordination Command unit.

The headline’s “secret” is misleading. Nothing secret was revealed, apart from the passwords themselves. They only gave access to mailing list functions such as unsubscribing and changing your address.

But as the Herald points out:

Many [passwords] appear to be the secret codes journalists use to access their email accounts and other password-dependent information.

Well that’s not the police’s fault, that’s the journalists being stupid. People are told over and over again never to use the same passwords for different accounts — precisely because this sort of accident can compromise everything using that password.

The Herald makes a point of noting…

… bizarre passwords such as “smellyundies”, “enforcer”, “chunder” and “crunchymaggots”.

But “smellyundies” and “crunchymaggots” are good passwords, longer phrases less likely to be uncovered by a dictionary attack. And what on earth is bizarre about “enforcer”? Particularly when the user was a member of the Australian Protective Service.

What is “bizarre”, or at least disappointing, are such lame passwords as the Channel 7 newsroom’s “news”, Damian from the South Sydney City Council’s “damian” and AAP Sydney’s “editorial”.

Of the 40 passwords I could still dig out of Google’s cache, only three were halfway decent or better — 7.5%. “Could do better.”

Oh, and just for the record, the “smellyundies” belong to Channel 7 producer Anna Szymanski. Choice.

Now the NSW Police should really have been paying more attention to the website security. But they could have avoided all this embarrassment with a simple email. “We are rebuilding our mailing list to improve security,” which would have been true, “and we are issuing new passwords.” Routine. End of story.

But they didn’t. And so their counter-terrorism chief was caught with his pants down.

He said he had no idea it was available on the internet.

“I’d like to make some inquiries with our media unit before I make any comment whatsoever,” he said.

And the official police response was clumsy.

To rectify the problem, Police Media has arranged for all access to the service to be deleted.

All subscribers will have to re-register and can do so without a password.

This poor media management was probably cock-up rather than cover-up.

The Police Media Unit was informed by its Internet host, that the passwords used by subscribers are visible on the Internet. [Their comma, not mine.]

The media team was probably too embarrassed to tell the bosses and didn’t understand The Power of the Google Cache. But the journalists who re-used passwords should be equally embarrassed.

Yes, the police made a mistake. But, journalists, the only reason your email accounts might have been compromised is because you were stupid enough to use the same password.

5 Random Semi-Related Posts

• The Psychology of Security (0 comments)
• Why The Chaser’s charges were dropped (7 comments)
• Who do you trust? Everyone! (4 comments)
• The Chaser’s APEC charges dropped (0 comments)
• Clash of Taste leads to Detention (7 comments)