afp – Page 4 – Stilgherrian

26 October 201226 October 2012

Insulted, ASIO? That’s not really the problem, surely?

There aren’t many places in the world where you can openly accuse the nation’s top police and intelligence agencies of having an attitude problem, as I did on Monday, without being visited by the men in the van with the canvas sack. Which is a good thing.

In this week’s Patch Monday podcast, embedded immediately below for your convenience and CBS Interactive’s traffic logging, I departed from the usual format to present a personal opinion.

Data retention for law enforcement is one of the most important political issues relating to our use of the internet now and as far into the future as we care to imagine, I said, and it’s being mishandled.

The Australian government’s current one-page working definition (PDF) of what constitutes communications metadata (which can be requested by law enforcement agencies without a warrant) as opposed to communications content (which generally does require a warrant) is, to anyone with a technical understanding of how the internet actually works and is evolving, virtual gibberish.

“Dangerously immature” is how I described it.

I also raised three points where I think the version of reality being promoted by the Australian Federal Police (AFP) and the Australian Security and Intelligence Organisation (ASIO) is wrong.

This is a push for more power. We conduct so much more of our lives online than we ever did on the phone, and that means the balance of power is changing. We need to have a conversation about this.
The AFP says quite specifically that they’re not after our web browsing activity, but I don’t see how the working document supports that argument. And other agencies, including the Australian Securities and Investment Commission (ASIC), are after that stuff.
ASIO and the AFP constantly talk about the powers being needed to catch the terrorists and pedophiles. But the law will probably be modelled on the current law for the phone, which provides access to communication metadata to many other agencies with far less stringent accountability rules for many other, far less serious, crimes.

Please have a listen and tell me what you think.

Podcast: Play in new window | Download (21.5MB)

The podcast stands on its own, but I want to emphasise the thing that still disturbs me…

Continue reading “Insulted, ASIO? That’s not really the problem, surely?”

05 August 201207 August 2012

Weekly Wrap 113: Slow clones and their delays

My week Monday 30 July to Sunday 5 August 2012 was dominated by the insanity involved in cloning hard drives and restoring my backup system to good working order.

Doing all of this over USB 2.0 interfaces was not helpful, but they were the only ports I had available on the loaner MacBook I’ve been using. Remember, I’m nomadic and quite often 100km from Sydney.

And then my backup drive failed…

Creating a new Time Machine backup of around 450GB of data takes 6 to 7 hours. Encrypting a 1TB drive takes nearly 23 hours. Even zeroing out a 750GB drive takes 5 hours.

And whenever you make a mistake, or a drive throws an error, you have to start that process again.

It’s been a wonderful lesson in patience. See, that’s the positive angle. Sigh.

Podcasts

Patch Monday episode 148, “The politics of data retention”. It’s in the news because it’s one of the ideas being floated as part of the inquiry into potential reforms of national security legislation being conducted by the Joint Parliamentary Committee on Intelligence and Security. The podcast includes Assistant Commissioner Neil Gaughan, national manager of high tech crime operations for the Australian Federal Police; Bernard Keane, Canberra corresponded with Crikey; and network engineer Mark Newton.

Articles

An Anonymous attack in search of a purpose, Crikey, 30 July 2012.
Six tips for developing a security culture, CSO Online, 31 July 2012.
A dangerous cyber security disconnect, Technology Spectator, 3 August 2012.

Media Appearances

On Monday I did a spot on ABC 105.7 Darwin with a couple of other people about overly-busy lifestyles, but the internet stream from which I was recording it was dodgy so I haven’t posted the audio.
On Tuesday night I did another regular Balls Radio spot, but I didn’t record it. That’s probably for the best, it was rather disjointed.

Corporate Largesse

None.

The Week Ahead

I’m returning to Wentworth Falls on Monday, and have a day trip to Sydney on Thursday. In theory it’s a steady-paced week of writing. We shall see.

[Photo: Blue, being a photo of Wentworth Falls railway station on Thursday afternoon, one of the few bright spots in the week.]

10 January 201214 January 2012

Talking cyber threats on ABC NewsRadio

The Australian Federal Police were talking up the risk of “cyber threats” in the Fairfax news yesterday morning, so I ended up talking about it on ABC NewsRadio.

Now the AFP was bouncing off a report from McAfee, which from the title I assume is yet another of those “The internet is dangerous, m’kay?” fear pieces. 2012 Threats Predictions. I won’t bother linking, because all these reports from the major infosec vendors are much the same, jumbling together everything from minor vandalism to “cyberterrorism” — whatever the fuck that is — with little critical analysis.

But I suppose it is actually getting this stuff onto the agenda.

Slowly.

For six minutes.

At this point I reckon I should re-link to two of my pieces from the eCrime Symposium held in Canberra in November 2011. eCrime Symposium: Harden up, warns Aussie crime fighter and eCrime Symposium wrap: Satisfaction tinged with frustration.

The presenter was Cathy Bell (who seems to be missing from the station’s page of presenters), the producer Jared Reed.

Podcast: Play in new window | Download (3.1MB)

The audio is Â©2012 Australian Broadcasting Corporation. While the audio was posted shortly after broadcast at the ABC NewsRadio website, I’m going to post it here anyway. It’s easier for me than trawling their automated daily audio archive.

This is being posted a full day after the actual radio appearance, even though the post was ready within an hour of the broadcast. Why? Because I didn’t want it on the website before I’d posted last week’s Weekly Wrap. Is that good editorial judgement? Or just a little bit too anally-retentive?

31 October 201005 November 2010

Data retention by ISPs: your comments?

Tomorrow’s Patch Monday podcast will be about data retention for law enforcement. Specifically, internet service providers (ISPs) retaining the metadata of all your online communications, possibly for years. I’d like your comments.

Here in Australia, it was revealed in June that the Attorney-General’s Department (AGD) had been discussing these issues in secret with ISPs, law enforcement and other government agencies. I covered that in Patch Monday in July, Is Australia’s data retention idea that scary?

Since the AGD activities were revealed, and following the Google Wi-Fi sniffing incident, the Senate Standing Committee on Environment, Communications and the Arts has been running an inquiry into The adequacy of protections for the privacy of Australians online.

On Friday the committee heard evidence, and late in the afternoon the discussions turned to ISP data retention. Delimiter has published a summary, and a story explaining that the Privacy Commissioner won’t talk about those AGD discussions. ZDNet.com.au stories say the Privacy Commissioner is against the idea although Neil Gaughan, Assistant Commissioner of the Australian Federal Police reckon it’s really just the status quo translated to the new medium.

Here’s a recording of Friday’s Senate hearing, starting from when the AGD’s Catherine Smith introduced the topic. She’s Assistant Secretary, in charge of the Telecommunications and Surveillance Law Branch.

Podcast: Play in new window | Download (Duration: 49:46 — 22.8MB)

This was recorded off the internet, so there are some gaps where the audio stream re-buffered. I have cleaned up the sound but it’s otherwise unedited. I’m compiling a 10- or 15-minute summary for Patch Monday. This is really only for the political tragics — or those who simply can’t wait to hear the persistent questioning by Greens Senator Scott Ludlam.

If you’d like to provide an audio comment on this issue for Patch Monday, Skype to stilgherrian or phone Sydney +61 2 8011 3733 and leave a voicemail. ~~The deadline is 8.30am Monday morning, Sydney time.~~ The podcast is now online, but you cal still leave an audio comment for next week’s episode.

[Photo: SATA beehive data storage, adapted from an original photograph by Konstantinos Koukopoulos, used under a Creative Commons Attribution license. Audio: Many thanks to journalist Josh Taylor for providing the audio recording.]

16 February 200926 August 2020

“Clive Hamilton, you’re really starting to shit me!”

Well, he is! As part of The Australian‘s “super blog” on Senator Conroy’s Rabbit-Proof Firewall plans, Clive Hamilton has remixed his favourite old party piece. This time his rant is entitled Web doesn’t belong to net libertarians. Have a look. It’s a giggle.

OK, back? Cool.

Now I’ve dismantled most of Hamilton’s logical fallacies, baseless slurs and misinformation before, here and over at Crikey. Still, if Clive wants to sing the same old tune I’m happy to hum along one more time…

Clive, you started by saying, “Here is the kind of situation the Government’s proposed internet filter is aimed at,” and then provide a detailed description of an unsupervised schoolboy looking for porn.

Is it?

Continue reading ““Clive Hamilton, you’re really starting to shit me!””

17 January 200917 January 2009

Rudd hampers police child-protection efforts

If you really wanted to protect children from sexual abuse, why would you take money away from the very people who could best stop it? Better ask Kevin Rudd, because that’s exactly what he’s done.

$2.8 million, which the Howard government allocated to expand the Australian Federal Police’s Online Child Sexual Exploitation Team (OCSET), was instead used by Rudd to help create Conroy’s $44.5 million Rabbit-Proof Firewall.

That’s a shame, because OCSET’s entire annual budget in 2007 was only $7.5 million. Without that money, OCSET simply doesn’t have the staff to investigate all of the suspected pedophiles it already knows about. Some cases get palmed off to the states — that is, to police who don’t have the specialist training and experience of OCSET. The rest…?

“Only half are likely to be investigated by child protection police,” reported the Daily Telegraph. “The rest will be farmed out to local commands or dropped”.

What a great way to “protect the children”, eh? Take money from the police, where it’d do some good, and burn it on a poorly-defined Internet filtering project. Anyone who knows anything about IT will tell you the same thing: without clearly-defined goals up front, you will go over budget, over schedule and in all likelihood, your project will never be completed.

[This article is based on material which first appeared in my subscriber-only Crikey piece Another nail in the coffin of Conroy’s Rabbit-Proof Firewall on 15 January ~~2008~~ 2009, and would not have been possible without Irene Graham’s superb research at Libertus.net. Another part of it, with some fascinating discussion in the comments, is over here.]