Blog – Page 132 – Stilgherrian

26 May 201326 May 2013

AusCERT 2012 and the militarisation of cyberspace

I didn’t make it to information security conference AusCERT 2013 this year. I’m about to read what’s been written and compile a list — but first, a reflection on what happened in 2012.

When I look back two years to what I wrote from AusCERT 2011, I’m reminded that we were just getting our head around the implications of the Stuxnet worm. Not only was malware being written by organised criminals, and we were facing an explosion of anti-banking malware and mobile malware, and looking ahead to when an angry child might deploy malware against their neighbours — we were now made well aware that malware was also being written by nation states with budgets in the millions of dollars and beyond.

But looking through the list (below) for AusCERT 2012, what jumps out is the emphasis on the militarisation of information security, as well as the emphasis in the scale of criminal activities. I won’t expand on that, because the conversation with AusCERT general manager Graham Ingram speaks for itself.

Articles from AusCERT 2012

AusCERT 2012: DNS poisoning the ‘thin end of a wedge’, ZDNet Australia, 17 May 2012.
AusCERT 2012: Russian crims evade transaction profiling, ZDNet Australia, 17 May 2012.
AusCERT 2012: NSA, FBI split on comms intercepts, ZDNet Australia, 21 May 2012.
The dawn of the cyber posse, ZDNet Australia, 28 May 2012.

Podcasts from AusCERT 2012

Patch Monday episode 139, “War talk dominates AusCERT 2012”, the first of two episodes based on material recorded at the information security conference. The overall theme is that infosec is becoming militarised. We no longer talk about “information assurance” but “defensive cyber operations”. Click through for the full list of speakers.
Patch Monday episode 140, “Cybercrime: it’s just too easy”, the second of two episodes based on material recorded at the AusCERT 2012 information security conference. AusCERT general manager Graham Ingram explains why cybercrime is here to stay, and F-Secure chief research officer Mikko Hypponen details a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow, as well giving his views on hacktivism and the level to which antivirus companies should cooperate with governments.

Bonus Extra Video

After the conference, my flight back to Sydney was delayed. With the need to kill some time, this video was the result.

5 Conference Tips for PR Professionals, an impromptu video message from Gold Coast airport.

~~My compilation of reports from AusCERT 2013 will be posted later today.~~ My compilation of reports from AusCERT 2013 is now online.

25 May 2013

Weekly Wrap 154: California, with wine and Bloody Marys

My week Monday 13 to Sunday 19 May 2013 was spent in San Francisco and San Jose which, I am reliably informed, are cities in The America.

It also finished nearly a week ago, so I’ll just list the things for now. Should I be in the mood, I’ll reflect upon the week tomorrow.

Articles

Reckless Oz regulator runs roughshod over rights, ZDNet Australia, 16 May 2013.

Media Appearances

On Wednesday I spoke about astronaut Chris Hadfield very, very briefly on ABC Radio’s AM.

Corporate Largesse

I travelled to the US as a guest of NetSuite Inc. Their largesse consisted of: return flights Sydney to San Francisco with United Airlines; limousine airport transfers (well, one way at least, ‘cos the return journey was buggered up); two nights accommodation at the St Regis Hotel, San Francisco, plus USD 100 in American Express gift cards to cover meals; dinner and drinks at Colibri Mexican Bistro; private bus to San Jose; three nights accommodation at the Hilton San Jose; dinner and drinks at ARCADIA by Michael Mina, San Jose; dinner and drinks at Testarossa Winery, Los Gatos, followed by moar drinks at ARCADIA; an iPad Mini 16GB Wi-Fi, engraved with the NetSuite logo; a 3.5-ounce tin of Wine Lover’s Chocolate by Bridge Brands Chocolate; a NetSuite-branded HydroFlask thermos; a NetSuite-branded North End Sport windbreaker (that is, a kind of polyester jacket); a NetSuite-branded ball-point pen and notebook; a re-usable shopping back by RuMe; the usual conference satchel full of never-to-be-read pieces of paper and cardboard, and endless food and drink in the press lounge.

The Week Ahead

Since it’s already Saturday afternoon, there’s not really much point, is there? There’ll be a new Weekly Wrap tomorrow.

[Photo: Vesuvio’s $8 Bloody Mary. At Vesuvio in San Francisco, the bar where Jack Kerouac used to drink, you can get one of these fine Bloody Marys for just $8. Plenty of vodka, spiced as you require, with a huge stuffed Spanish olive, white pickled onion, lemon and lime.]

25 May 201326 August 2020

Australia’s Budget 2013 keeps us stuck in the past

[As it turns out, my planned Budget commentary for Crikey didn’t happen. I got up early in San Jose, read the budget papers and made notes, but then my as-yet-unwritten article got spiked. This is a quick and somewhat belated post based on my notes, not as polished as it might have been if written for Crikey.]

The problem with Australia’s Labor government is that after having had One Big Idea for a bold new future in the National Broadband Network (NBN), they’ve come up with almost nothing anywhere else. This year’s federal budget was a dull plod. Again.

There was even one move which struck me as remarkably dumb: capping the available tax deductions for self-education expenses at just $2000 a year. Apparently that saves $500 million, and that’ll go to the schools — and schools are good for the kiddies, of course — but that’s half a billion dollars less for people to be able to keep up with a rapidly-changing work environment.

This strikes me as particularly stupid when so many of the people servicing the computers, networks and other technology that powers small business are often freelancers, as are so many web developers and designers.

Two grand a year doesn’t go far when it costs nearly half that just to attend the annual user conference for just one of your core software toolsets — more if you have to add airfares and accommodation — and the rest would soon be burnt up on a handful of reference books.

Back when I used to work in various management and staff development roles, I was told that any organisation that wants to advance its knowledge base should be spending at least 5% of its time on staff development. In a technology field, in my opinion, that should be at least 10%. That’s four hours a week, or a week or so every three months.

That still doesn’t sound very much, but it’d cost at least four times that capped amount. And that’s still not compensating freelancers for the loss of billable hours.

“Business and training groups have already said capping the expenses will stop employers from being able to offer staff new training initiatives. There were reports [the week before the budget that] the government would end up reversing the move, but the budget papers now state the change is locked-in,” wrote Patrick Stafford at SmartCompany.

“The announcement is sure to raise the ire of small business groups. Many business owners also use these deductions for short courses and industry-based training sessions.”

There’s two particularly galling lines in the budget papers themselves. First, the tax deductions are now only available…

…where these expenses are incurred in the production of the taxpayer’s current assessable income.

So you’re discouraged from educating yourself for the jobs that will become available even in the very near future. Why?

The potential for uncapped claims for a wide range of expenses provides an opportunity for some people to enjoy significant private benefits at taxpayers’ expense.

Orly? That’s a bit rich, given that vast sums already given to private schools. Or the “baby bonus” that people on quite significant household incomes still get for extruding another brat. That simply reeks of hypocrisy.

Continue reading “Australia’s Budget 2013 keeps us stuck in the past”

14 May 201325 May 2013

So how should I cover Budget 2013?

I’ve commented on Australia’s federal Budget for Crikey every May since Labor took power in 2007. This year will be no exception — but how will I top last year’s rant?

Why do politicians and their groupies always go on about the budget “sending a message”? Canâ€™t they just use Twitter, email and the phone like we all do? But there is indeed a message in the budget: the government has no real vision for transforming Australia, and isn’t particularly interested in developing one with us.

I talked about the $240.3 million allocated to new IT systems for the National Disability Insurance Scheme (NDIS); $43.7 million for upgrades at the Australian Securities and Investments Commission (ASIC); adding a further $233.7 million to the $477 million already spent on the National e-Health Initiative; $198 million for an “aged-care gateway”; $17 million to “enhance” the MySchool website; and so on. And then I concluded:

Why, in a cashed-up nation that is, or was, renowned for its eagerness to develop and adopt new technologies, is all this stuff just mouse nibblings at the edges, buried under the dull plod of business as usual? Sometimes I just want to cry.

To see how I approached the topic in previous years, check out the summary I wrote last year.

So once more I’ll be up early local time — I’m currently in San Jose — to knock out something before or perhaps in between conference sessions. Are there any particular angles you think I should look out for?

[Update 25 May 2013: Crikey decided they didn’t need my input after all. Rather than waste my notes, today I wrote Australia’s Budget 2013 keeps us stuck in the past.]

13 May 2013

Weekly Wrap 153: Dumb tribalism and a long flight

My week Monday 6 to Sunday 12 May 2013 is technically still continuing, because as I write this it’s the start of a beautiful Sunday morning in San Francisco — and I’ve got the day to myself.

But it’s already well after midnight Sunday night in Australia, so here we are.