Target achieved, indulgent food, bushfire pensiveness

Bushfire sunset, as seen from Camperdown, Sydney: click to embiggenI’d scheduled time tonight to write about my crowdfunded journalism project — the initial target was achieved in under 17 hours! — but after a complex day I’m mentally exhausted.

I woke up happy that I’d raised the funds to cover the Breakpoint and Ruxcon hacker conferences in Melbourne next week. I booked my flights.

Then I enjoyed breakfast with a magnificent view of Sydney Harbour while being briefed by executives from data centre provider Equinix. Then a magnificent lunch at Rockpool while being briefed by NEC and analyst firm Telsyte.

And then the smoke rolled over Sydney.

Some of the more serious fires are in the lower Blue Mountains, between where I am in Sydney tonight and where I’m based at Bunjaree Cottages in the upper Blue Mountains.

The magnificent sunset, pictured at the head of this post, is the result of destruction. Towns have been evacuated, dozens of homes have been destroyed. I’m scheduled to return to Wentworth Falls tomorrow evening, but that assumes that transport lines are still open.

My journalism project is ahead of schedule. That’s enough for now. What I’ll need most tomorrow is energy. My thoughts are with the people with real problems to deal with. Goodnight.

[Photo: Bushfire sunset, as seen from Camperdown, Sydney, earlier this evening.]

Is crowdfunded journalism a thing? My first experiment…

I’m getting sick of the “journalism is dying” meme. The old media factories are in trouble, sure, but I reckon journalism can do just fine without them. Stockholm Syndrome, people! So I’m going to put my money where my mouth is.

Well, your money.

I’ve just launched a Pozible crowdfunding campaign to send me to the Breakpoint and Ruxcon hacker conferences in Melbourne at the end of next week.

I won’t go into too much detail here. Just click through to the Pozible project page. All I’ll say for now is that there’s just seven days to raise $1800 more. Tight, but possible. More thoughts tonight.

[Update 2240 AEDT: Wow. Just, wow. It’s less that 17 hours since the Pozible project was launched, and it’s just passed 100% of the initial target. That means I’m definitely going to Breakpoint and Ruxcon, thanks to a raft of generous people. The project remains open until 1200 AEDT on Tuesday 22 October, though, with further funds going to the production of “Stream 2” items. See the Pozible project page for details of how that works. Thank you.]

Sixth “Corrupted Nerds” posted, on SoundCloud too

Cover art for Corrupted Nerds: Conversations episode 6: click for podcast web pageYes, I’m working through the backlog. Another Corrupted Nerds podcast has just been posted.

Distributed denial of service (DDoS) attacks are cheap and easy to do. It’s just a matter of overwhelming the target site with a flood of internet traffic. According to Michael Smith, head of Akamai Technologies’ computer security incident response team (CSIRT), such attacks will only get worse as we roll out faster broadband infrastructure.

“That increases the amount of bandwidth available to the home, but that also increases that amount of bandwidth that a bunch of computers at the home can throw at a target site,” Smith says.

That’s not the only reason that DDoS is becoming more challenging to defend against — but you’ll need to click through to the podcast to hear why.

Corrupted Nerds is also available via iTunes, and now also on SoundCloud. So you’ve really got no excuse not to listen. Well, unless you’re deaf. But that’s different.

Fifth “Corrupted Nerds” podcast posted

Cover art for Corrupted Nerds: Conversations episode 5: click for podcast web pageAfter a gap that was altogether far too long, a new episode of the Corrupted Nerds podcast has just been posted.

“Networks are living and breathing things. They don’t sit still. Your vulnerabilities will change on a daily basis, for sure, and you need to be on top of that,” says Dick Bussiere, principal architect for Tenable Network Security in the Asia Pacific region.

That’s why Tenable is advocating what they see as a revolution in maintaining a data network’s security posture.

“We’re kind of advocating that people perform vulnerability assessment, and remediation of vulnerabilities, as a constant and continuous process, rather than something that you do on a periodic basis,” Bussiere says.

So that worldview, plus a few comments about advanced persistent threats (APTs), the Syrian Electronic Army (SEA) and the revelations of Edward Snowden, are all part of Corrupted Nerds: Conversations episode 5. Enjoy.

Visiting Newcastle for DiG Festival

DiG Festival logo: click for official websiteThis coming Wednesday I’m catching the Shitkansen north from Sydney to Newcastle for the inaugural DiG Festival and Conference: digital plus interactive plus green technology.

I won’t repeat the event’s own website. You can read that for yourself. The key days are this coming Thursday 3 and Friday 4 October 2013.

But I will say that apart from the conference program itself, I’m interested in catching a few glimpses of the city. It’s been three years since I visited Newcastle to speak at the National Young Writers Festival, and four years since I looked around properly and wrote my Letter from Newcastle. So of nothing else, there’ll be an observational essay about that.

There’s a strong-looking conference thread about the future of online payments — could the fact that Commonwealth Bank is a major sponsor have something to do with that? — and I’ll be writing about that for Technology Spectator. It’ll be a nice follow-up to my recent piece about Westpac’s $2 billion invisible bank. And I’m sure I’ll be writing about other things for other outlets.

If you’re in Newcastle at the time, don’t forget to say hi. I plan to stick around until Saturday afternoon.

Adventures in Identity: ASIC Connect

Stylised screenshot of ASIC ConnectMy legal name, a single word or “mononym” that’s a given name, with no surname, isn’t handled well by poorly-designed bureaucratic information systems — that is, the usual kind. Today I launch Adventures in Identity, a blog series where I politely request every guilty organisation to fix the problem — and post their responses.

First up, our corporate regulator, the Australian Securities and Investment Commission (ASIC), and in particular their ASIC Connect online service.

This was drawn to my attention because the registration for one of my business names, Skank Media, is due for renewal — and ASIC Connect is the easiest way to do it.

Part of the ASIC Connect account creation screen: click to embiggenThe first problem I encountered is that ASIC Connect’s account creation form has both “Given name” and “Family name” as required fields, so immediately I must enter something other than my legal name to create an account — although to ASIC’s credit, the rest of the process was painless.

ASIC had previously sent me a letter with an “ASIC key” that linked this new account to my existing ASIC business name record.

I have another business name, Prussia.Net, so I decided to link that in too. But ASIC Connect wouldn’t let me. My name didn’t match the name of the registrant of Prussia.Net. Really?

Sure enough, while Skank Media is now registered to “Stilgherrian Stilgherrian”, and it was previously registered to “Mr Stilgherrian”, Prussia.Net is registered to “_____ Stilgherrian”. Five underscores! What an excellent work-around.

Then when I tried to link both business names to my Australian Business Number (ABN), the basic business identifier for entities other than registered companies — I’m a sole trader — that’s now listed as “Stilgherrian Stilgherrian”. It was once correct, though, as an historical ABN search shows a single-name version from 4 October 2000 to 27 February 2010. See the attached PDF.

One of key problems with this mess — apart from the untidy data that makes it look like something shonky is going on — is that these are all legal records. “To the best of my knowledge, the information supplied in this transaction is complete and accurate (it is an offence to provide false or misleading information to ASIC),” we are warned. But I can’t do that.

As I write this, it’s still before 0900 AEST, so my tweets directed to @ASIC_Connect have yet to receive a reply. They may well have a straightforward way to sort this out. Stay tuned.

I should also point out that in ASIC’s defence, they’ve recently merged data from state-based business name registries, cross-matching it with the Australian Business Register — and the latter was notoriously inaccurate.

[Update 1415 AEST: I just got a call from the ASIC staffer who was monitoring their Twitter account earlier today. This isn’t the first time they’ve encountered a mononym, but so far they’ve just carried across records from the state databases so left the work-arounds in place. In my case, they have to cleanse the data so all my records match — and they’ll need to decide on a policy so that similar cases are handled uniformly in the future. So I sent them some photo ID, and they’ll take it from here, and let me know what they decide. Pleased.]

[Update 1620 AEST: The ASIC staffer just called again. They have a system. The back-end database can handle mononyms, it’s just that the web front end has the more stringent input validation. So they’ve settled on putting “Stilgherrian” in the given name field, and a single underscore “_” in the family name field, so I can still enter something and get a match. They’ve manually updated all my records, and now I should be able to merge them. Now that’s service.]

Note: I’ve previously called ASIC incompetent and reckless, calling for a head on a spike, but that was a completely unrelated matter. Obviously.