asd – Page 5 – Stilgherrian

21 February 201621 February 2016

Talking surveillance and privacy on ABC 774 Melbourne

ABC logo Earlier this month I was in Melbourne to speak at Pause Fest, as well as talk to the media about some of the issues surrounding digital surveillance and privacy.

Here’s the 19-minute conversation I had with Lindy Burns on ABC 774 Melbourne on Wednesday 10 February. As usual, we rambled all over the landscape of the topic, but I think you’ll find it interesting.

Podcast: Play in new window | Download (11.2MB)

[Note: Yes, I’m catching up on my blog posts, I should have them all caught up within the next 24 hours.]

26 October 201526 October 2015

Weekly Wrap 281: Melbourne again, with added chaos

My week of Monday 19 to Sunday 25 October 2015 didn’t unfold as planned, except for the fact that it concluded with me heading to Melbourne to cover Ruxcon. That bit did happen.

The photograph is misleading, therefore. Those relaxing moments at St Kilda, Melbourne, were a tiny minority of those seven days — and they only happened on Saturday night because I’d started suffering microsleeps during the afternoon, and I went back to the hotel for a nap.

Still, I wrote two articles that have been very well received — thank you — and most of the targets were eventually achieved.

Articles

Take a lead from Turnbull’s ‘forward-leaning’ infosec posture: senior ASD officer, ZDNet Australia, 19 October 2015.
Yes of course the NBN is buying copper, but so what?, ZDNet Australia, 21 October 2015. Notable for the phrase “claque of cud-munching cretins”.

Podcasts

None, again, but a new episode of The 9pm Edict will appear… eventually. No, it will. Truly.

Media Appearances

On Tuesday, I spoke about the Optus network’s latest time failure on ABC 891 Adelaide.
On Wednesday, I was quoted in a story about the future for ABC Online.
Also on Wednesday, I was a guest on Mark Pesce’s TWISTA podcast, talking about startups and Malcolm Turnbull.
On Thursday, I spoke about CIA director John Brennan’s email breach on ABC Radio’s PM.

5at5

Should 5at5 eventually reappear, you’ll know about it if you subscribe.

Corporate Largesse

While covering Ruxcon, there was a quantity of free food and drink. The Australian Signals Directorate (ASD) supplied lunch both days, and the after-party drinks were provided by Hacklabs and Assurance.
Michael McKinnon, social media and security awareness director with AVG Technologies AU Pty Ltd, has once more been generous with his hospitality and logistic support.

The Week Ahead

On Monday (today), I’m sorting out all my audio recordings from Ruxcon, organising a few more recordings, and probably writing for ZDNet, before a live radio spot at 1930 AEDT on ABC 774 Melbourne.

On Tuesday, I’ll be doing a few more media things in Melbourne before catching VA865 MEL-SYD at 1645 AEDT. Whether I return directly to Wentworth Falls after that, or pause a while in Sydney, is yet to be decided.

The remainder of the week will see me writing a column for ZDNet, producing an episode of The 9pm Edict, finally finishing the video of my UTS lecture, and doing some pre-production for my Future Tense documentary — but the exact order has yet to be arranged.

I am determined that the coming weekend will contain no work.

[Photo: St Kilda Dusk, photographed on Saturday 24 October 2015.]

02 August 2015

Weekly Wrap 269: Winning, mostly, with three kinds of fire

My week of Monday 27 July to Sunday 2 August 2015 represented a remarkable turnaround — perhaps the turnaround that I’d been detecting in the winds since June. And then there’s the bushfire. It’s all so complicated!

Why? It was a full week with a properly-working computer — a week spent in a house with a properly-working kitchen, heating, and inspiring view — and that brought back some of the clarity of thought which I’ve been sorely lacking. I got plenty done, the most important in many ways being the launch — finally! — of The 9pm Urgent Hardware Refresh.

I was very pleased when people started contributing to this crowdfunding campaign just as soon as it was launched. I’m even more pleased to report that as I write this, roughly half-way through the campaign period, we’ve reached 54% of the initial target. That means we’re likely to succeed.

The stress of not having a working computer is subsiding, but I’m not counting my chickens before they’re hatched.

People who write or perform for a living will also understand the importance of the kind of reassurance that comes with people supporting the plan which, until then, had existed solely in your own head.

That has helped. Thank you. If you haven’t done so already, please check out The 9pm Urgent Hardware Refresh

Thanks also to the many people who asked whether I was in any danger from this weekend’s bushfire at Wentworth Falls. No, I’m not.

The fire is only 3km from Bunjaree Cottages, but between it and me there’s some significantly challenging terrain, and the wind has been taking the fire in a different direction. More than 100 volunteers from the NSW Rural Fire Service have been keeping us safe.

I’m certainly paying attention to what’s happening, though, and I see that there’s a wind change forecast for Monday. Depending on how the RFS people go with their plans for the rest of today and overnight, well, my risk assessment may change.

Just as I write this, the alert for the fire area has been raised from WATCH AND ACT to EMERGENCY WARNING — the latter being described thusly:

You may be in danger and need to take action immediately. Any delay now puts your life at risk.

I must stress again, though, that I am not in the alert area, and I currently face no risk.

Articles

ACSC publishes first threat report, but… ho hum, ZDNet Australia, 30 July 2015. The Australian Cyber Security Centre lost a real opportunity here.
Should we let cyber espionage victims hack back?, ZDNet Australia, 31 July 2015. This idea was raised during a panel discussion at the Atlantic Council in Washington, and it horrifies me.

Podcasts

On Friday, I posted “The 9pm I Can’t Believe Itâ€™s Not a Planet”, being The 9pm Edict episode 46. I turned out better than its convoluted production process led me to imagine. I may tell you about that during the week.

Media Appearances

On Thursday, I spoke about the ACSC cyber threat report on 1395 FIVEaa Adelaide.

5at5

The hiatus has ended. There were two editions, on Thursday and Friday. Why not subscribe so you’ll get all the future ones?

Corporate Largesse

None. But there’s quite a bit scheduled for the coming week.

The Week Ahead

This is going to be a better-structured one, folks.

Monday will be a media production day — but I’ll decide the exact details on the day, depending on the bushfire threat level.

On Tuesday, I’ll be catching the 0706 train to Sydney, because on Tuesday and Wednesday I’ll be covering the ADMA Global Forum, presented by the Association for Data-driven Marketing and Advertising. Also, at 2030 AEST on Tuesday night, I’ll be a guest on ABC Local Radio around NSW. And on Wednesday night, I’ll be going to Text100’s (in)famous Christmas in August event, a preview of their clients’ consumer technology for Christmas.

On Thursday, I’ll be going to a lunchtime briefing by NetSuite, and writing something for ZDNet, before taking the train back to the Blue Mountains. Thursday is also the last day of The 9pm Urgent Hardware Refresh, with the campaign ending at 2100 AEST that evening.

On Friday, I’ll be confirming what’ll happen with the funds so raised.

[Photo: The Final Redoubt, photographed on 2 August 2015. Should I ever need a final hiding place from a severe bushfire — and everything has happened so quickly that we skipped straight past three levels of warning, the fire jumped the road and railway, and all escape routes were blocked — then this cutting on Railway Parade near Wentworth Falls is where I’d wrap myself in wet woollen items and hope for the best.]

30 July 2015

Talking the ACSC cyber threat report on 1395 FIVEaa

The (relatively) new Australian Cyber Security Centre (ACSC) released its first-ever unclassified threat report yesterday, but as I wrote at ZDNet, I was disappointed.

The report (PDF) has dropped, and indeed it contains few surprises. It tells the now-familiar story of serious and organised criminals, foreign state-sponsored actors, and other “cyber adversaries”, all of whom are getting better at what they do.

“The cyber threat to Australian organisations is undeniable, unrelenting and continues to grow. If an organisation is connected to the internet, it is vulnerable. The incidents in the public eye are just the tip of the iceberg,” begins the report’s foreword.

“Cyber adversaries are aggressive and persistent in their efforts to compromise Australian networks and information. They are constantly improving their tradecraft in an attempt to defeat our network defences and exploit new technologies,” it says later.

“Australia is an innovative country with a globally important resources sector. We are a regional leader with global interests and important partnerships. This makes Australia a target-rich environment for cyber adversaries.”

All of which is true, of course, but all of which has been said so many times before.

I spoke about the report today with Will Goodings on 1395 FIVEaa Adelaide — with somewhat less disappointment in my voice.

Podcast: Play in new window | Download (5.5MB)

07 June 201511 June 2015

Weekly Wrap 261: Two conferences, two states, many cybers

My week of Monday 1 to Sunday 7 June 2015 has been both productive and exhausting, covering two conferences in two states.

It’s a long time since I’ve written five articles in week. It’s at least six months since I’ve done four, which is as far back as I could be bothered scrolling let alone five. But of course, there’s podcasts and other projects that have generated revenue, including random geekery and technical consultancy, so “number of articles” isn’t a fair measure.

Still, this has been one of my most productive weeks in a while. Excellent.

Articles

ASIC still able to wield its magic hammer online, Crikey, 2 June 2015. The hammer I refer to is section 313(3) of the Telecommunications Act 1997.
Australia’s cyber defence ‘pretty ordinary’ before ASD’s Top Four, ZDNet Australia, 3 June 2015. This piece quotes Major General Stephen Day, who heads up the defensive side of the Australian Signals Directorate (ASD). This and the following piece were generated from Check Point’s Cyber Security Symposium in Sydney.
Tâ€‹elstra CISO blasts cyber ‘attribution distraction’, ZDNet Australia, 4 June 2015. Mike Burgess is said CISO.
Air gaps still a cheap and effective defence for critical networks: Kaspersky, ZDNet Australia, 4 June 2015. This is the first of two articles that came out of the AusCERT Information Security Conference, and there’ll be more next week.
Islamic State has ‘best cyber offence’ of any terrorist group, ZDNet Australia, 5 June 2015. This article cites Mykko Hypponen, chief research officer at F-Secure in Helsinki.

Podcasts

None. The next episode of The 9pm Edict is scheduled for Monday 15 June, or the day after.

5at5

There were two editions of 5at5 this week, on Monday, and Sunday. To save me having to tell you this, you could just subscribe.

Media Appearances

On Monday, I spoke about Chinese ATMs with face recognition on ABC 891 Adelaide.
On Friday, I took part in the AusCERT Speed Debate. The Livestream recording has bad audio, so I’ll link to the YouTube version when it becomes available.
Also on Friday, I was interviewed by the University of Melbourne student newspaper Farrago. I’ll link to that story when it goes live.

Corporate Largesse

On Tuesday, I went to the Check Point Cyber Security Symposium in Sydney, or at least part of it. The goodie bag included a signed copy of Brian Krebs’ book Spam Nation, a Check Point branded notebook, a chocolate from A10 Networks, and of course copies of Check Point’s promotional material. Food and drink were supplied.
From Tuesday night through to Friday, I was at the AusCERT Information Security Conference as AusCERT’s guest. They provided return flights from Sydney to the Gold Coast, airport transfers, three nights accommodation at RACV Royal Pines Resort, and of course all the conference food and drink — and there was plenty of that. For taking part in the Speed Debate, I was given a bottle of Jim Barry The Lodge Hill Shiraz 2012 from the Clare Valley. And everybody got a copy of Bruce Schneier’s book Data and Goliath, an AusCERT-branded shirt, and a rather well-made courier bag. From CyberArk: A macaron, delivered creepy-like into my hotel room while I wasn’t there. From Firemon: A branded glass-cleaning cloth. From Mimecast: a keyring bottle opener. From NCC Group: a golden bath duck. From the US Naval Criminal Investigative Service: an NCIS cap — yes, from the real NCIS, not the TV show.

The Week Ahead

Monday is a public holiday for the Queen’s Birthday, but nevertheless I’ll be working. I’ll be writing a feature for ZDNet, as well as returning to Wentworth Falls after a week away.

From Tuesday to Thursday, I’ll be working on another feature for ZDNet, as well as my “regular” column, as well as the running so late it’s embarrassing ebook. ~~I see there’s an Apple keynote at 0300 AEST on Tuesday, so that may feed into something.~~ [It didn’t.] And I’ve got an interview to do on Thursday afternoon.

~~On Friday, I’ll be heading down to Sydney for a media briefing by Cisco.~~ Friday is another writing day.

I’m not sure how the weekend will go, but I see that there’s Poetry in the Pub in Katoomba on Sunday afternoon. I happened to be there last month, and I thought it might be interesting for The 9pm Edict podcast. We’ll see.

Update 11 June 2015: Edited to reflect the abandoning of the Friday trip to Sydney.

[Photo: Sunset on the Gold Coast, Photographed from the 16th floor of the RACV Royal Pines Resort on 3 June 2015.]

13 October 201315 October 2013

Weekly Wrap 175: Lots of security, lots of productivity

[Update 14 October 2013, 0800 AEDT: As foreshadowed, “The Week Ahead” has been fleshed out with the current version of The Plan. However there’s evidence to suggest that this might change again later today. Update 15 October 2013, 1915 AEDT: The plan has changed again.]

My week Monday 7 to Sunday 13 October 2013 was relatively busy, although more on the research and information-gathering side rather than the final output side.

Podcasts

Corrupted Nerds: Conversations 6, being a chat with Michael Smith, head of Akamai Technologies’ computer security incident response team (CSIRT) about distributed denial of service (DDoS) attacks.

Articles

Tech boom? Innovation drives Newcastle’s (slow) renewal, Crikey, 7 October 2013, being my write-up of the DiG Festival.
Internet use: we’re more mobile, but we still need a cable, Crikey, 9 October 2013, being my response to the latest internet usage figures from the Australian Bureau of Statistics (ABC).

I also wrote my usual column for ZDNet Australia, The Full Tilt, but we’re currently waiting on a decision as to whether the planned headline is, um, pushing the boundaries.

Media Appearances

On Monday I spoke about Tor and Silk Road on ABC Local Radio across New South Wales.
On Sunday, I was a guest for the recording of this week’s Reckoner podcast.

Corporate Largesse

On Wednesday I went to a lunchtime briefing by Unisys at Wolfies Restaurant at Circular Quay — apparently it doesn’t have an apostrophe — where the food was lovely and the weather was gorgeous. They paid, of course.
On Thursday I went to the annual conference of the Australian Information Security Association (AISA) at the Sydney Convention & Exhibition Centre, where I was fed and watered. Check Point Software Technologies Ltd gave me a branded shirt. Watchguard Technologies Inc gave me a novelty USB memory device (4GB) packed with PR material.

The Week Ahead

~~The exact shape of the week will depend upon news arriving overnight, so I’ll add in the details tomorrow morning.~~

On Monday I’ll be mapping out the coming three weeks or so, including preparing some of plan for getting to Melbourne for the Breakpoint and Ruxcon hacker conferences. On Tuesday I’ll be continuing that work towards Melbourne and writing a piece for Technology Spectator that’ll due to be published on ~~Thursday~~ Friday.

~~On Wednesday I’ll be setting up the framework for another Technology Spectator yarn, as well as writing my ZDNet Australia column for Thursday.~~

On Wednesday I’ll be heading to Sydney for a lunchtime briefing by Dasault SystÃ¨mes about their new SolidWorks thingo, setting up the frameworks for Technology Spectator and ZDNet Australia stories en route. I may stay in Sydney overnight, depending on several factors. If I don’t…

On Thursday itself, I’ll be heading to Sydney again for a lunchtime briefing by NEC and Telsyte, staying overnight until Friday for a tour of the Pacnet data centre and some personal stuff.

There’s more in the schedule than that, of course, but they’re the relatively fixed pegs upon which the rest of the schedule hangs.

The weekend is currently unplanned.

[Photo: Not the ASD, photographed at the annual conference of the Australian Information Security Association (AISA) in Sydney on 10 October 2013. The signage for the Australian Signals Directorate (ASD), formerly the Defence Signals Directorate (DSD), seems to have gone astray…]