Parliament has kicked off for 2023. There’s no new legislation to concern us here, but there’s news of spooks and spies, electronic warfare, Medicare, My Health Record, TROVE, cryptocurrency, and more.Continue reading “Digital developments from Canberra 24”
Digital developments from Canberra 9
This week’s big-ticket items are public service reform, the new post-Optus telco regulations, robodebt and a bunch of audit-related activities.Continue reading “Digital developments from Canberra 9”
Digital developments from Canberra 3
In the three weeks since the first sitting of the Albanese Labor government, the major developments in the digital and cyber realms have been about robodebt royal commission and the COVIDSafe app.Continue reading “Digital developments from Canberra 3”
Weekly Wrap 261: Two conferences, two states, many cybers
My week of Monday 1 to Sunday 7 June 2015 has been both productive and exhausting, covering two conferences in two states.
It’s a long time since I’ve written five articles in week. It’s at least six months since I’ve done four, which is as far back as I could be bothered scrolling let alone five. But of course, there’s podcasts and other projects that have generated revenue, including random geekery and technical consultancy, so “number of articles” isn’t a fair measure.
Still, this has been one of my most productive weeks in a while. Excellent.
- ASIC still able to wield its magic hammer online, Crikey, 2 June 2015. The hammer I refer to is section 313(3) of the Telecommunications Act 1997.
- Australia’s cyber defence ‘pretty ordinary’ before ASD’s Top Four, ZDNet Australia, 3 June 2015. This piece quotes Major General Stephen Day, who heads up the defensive side of the Australian Signals Directorate (ASD). This and the following piece were generated from Check Point’s Cyber Security Symposium in Sydney.
- Tâ€‹elstra CISO blasts cyber ‘attribution distraction’, ZDNet Australia, 4 June 2015. Mike Burgess is said CISO.
- Air gaps still a cheap and effective defence for critical networks: Kaspersky, ZDNet Australia, 4 June 2015. This is the first of two articles that came out of the AusCERT Information Security Conference, and there’ll be more next week.
- Islamic State has ‘best cyber offence’ of any terrorist group, ZDNet Australia, 5 June 2015. This article cites Mykko Hypponen, chief research officer at F-Secure in Helsinki.
None. The next episode of The 9pm Edict is scheduled for Monday 15 June, or the day after.
There were two editions of 5at5 this week, on Monday, and Sunday. To save me having to tell you this, you could just subscribe.
- On Monday, I spoke about Chinese ATMs with face recognition on ABC 891 Adelaide.
- On Friday, I took part in the AusCERT Speed Debate. The Livestream recording has bad audio, so I’ll link to the YouTube version when it becomes available.
- Also on Friday, I was interviewed by the University of Melbourne student newspaper Farrago. I’ll link to that story when it goes live.
- On Tuesday, I went to the Check Point Cyber Security Symposium in Sydney, or at least part of it. The goodie bag included a signed copy of Brian Krebs’ book Spam Nation, a Check Point branded notebook, a chocolate from A10 Networks, and of course copies of Check Point’s promotional material. Food and drink were supplied.
- From Tuesday night through to Friday, I was at the AusCERT Information Security Conference as AusCERT’s guest. They provided return flights from Sydney to the Gold Coast, airport transfers, three nights accommodation at RACV Royal Pines Resort, and of course all the conference food and drink — and there was plenty of that. For taking part in the Speed Debate, I was given a bottle of Jim Barry The Lodge Hill Shiraz 2012 from the Clare Valley. And everybody got a copy of Bruce Schneier’s book Data and Goliath, an AusCERT-branded shirt, and a rather well-made courier bag. From CyberArk: A macaron, delivered creepy-like into my hotel room while I wasn’t there. From Firemon: A branded glass-cleaning cloth. From Mimecast: a keyring bottle opener. From NCC Group: a golden bath duck. From the US Naval Criminal Investigative Service: an NCIS cap — yes, from the real NCIS, not the TV show.
The Week Ahead
Monday is a public holiday for the Queen’s Birthday, but nevertheless I’ll be working. I’ll be writing a feature for ZDNet, as well as returning to Wentworth Falls after a week away.
From Tuesday to Thursday, I’ll be working on another feature for ZDNet, as well as my “regular” column, as well as the running so late it’s embarrassing ebook.
I see there’s an Apple keynote at 0300 AEST on Tuesday, so that may feed into something. [It didn’t.] And I’ve got an interview to do on Thursday afternoon. On Friday, I’ll be heading down to Sydney for a media briefing by Cisco. Friday is another writing day.
I’m not sure how the weekend will go, but I see that there’s Poetry in the Pub in Katoomba on Sunday afternoon. I happened to be there last month, and I thought it might be interesting for The 9pm Edict podcast. We’ll see.
Update 11 June 2015: Edited to reflect the abandoning of the Friday trip to Sydney.
[Photo: Sunset on the Gold Coast, Photographed from the 16th floor of the RACV Royal Pines Resort on 3 June 2015.]
Weekly Wrap 221: An exhausting end to winter
My week of Monday 25 to Sunday 31 August was hectic. Again. Hence so many missing blog posts until now. But it also marked the end of winter. I therefore have some hope that today, 1 September, will mark some new beginnings.
“New beginnings” sounds a bit naff, I know, but “spring cleaning” sounds a bit naff too.
- The 9pm Edict episode 28, The 9pm Road to War, was posted on 31 August 2014.
- Mining, logistics, utilities least ready to face threats, ZDNet Australia, 26 August 2014. This was the first article to emerge from the Gartner Security & Risk Management Summit.
- Govt modelling says NBN is just fine — as long as you don’t want to use the internet much, Crikey, 28 August 2014.
- Leaked paper reveals Australia’s obsessive metadata secrecy, ZDNet Australia, 28 August 2014.
- On Wednesday I spoke about internet banking security on Radio 2UE Sydney. A link to the audio recording will appear here in due course.
- Also on Wednesday, I spoke about ASIC’s big IP address oopsie on ABC Radio’s PM. This was later turned into a news story that quoted my description of ASIC’s actions as “both hilarious and frightening”.
Only one edition this week.
- 5at5 number 97, 27 August 2014.
Head to the 5at5 site to subscribe or browse through recent editions.
- On Monday and Tuesday I covered the Gartner Security & Risk Management Summit, a task made slightly more burdensome by the lingering effects of food poisoning the immediately previous Sunday. I was suitably fed and watered at Gartner’s expense. Also, Vormetric Data Security gave me a t-shirt.
The Week Ahead
It’s another busy one. Monday has already gotten off to a slow start — though deliberately. I’m writing this post on the train from Sydney to the Blue Mountains. En route and later this afternoon I’ll be planning a month-long fundraising campaign for my podcasts, and particularly The 9pm Edict.
On Tuesday I’ll launch that fundraising campaign with a podcast and appropriate noises on Twitter. I’ll also be starting some spring cleaning, starting off with the backlog of audio recordings that need sorting out.
Wednesday will see a continuation of the spring cleaning theme. It’ll also see 5at5 number 100, so I might mark that occasion in some way. Bursting into tears, perhaps.
Thursday will be a day of writing, with the usual column for ZDNet Australia, and perhaps something else. Friday will also be a day of media production, but I’m not sure what that’ll entail, apart from another mini-podcast.
Saturday is a day of cleaning and tidying at Bunjaree Cottages, before heading to Sydney to spend a month housesitting in Hurstville.
[Photo: Sydney skyline at dawn, photographed from Camperdown on 31 August 2014. Not quite the first day of spring, but it certainly had that feel about it.]
Adventures in Identity: ASIC Connect
My legal name, a single word or “mononym” that’s a given name, with no surname, isn’t handled well by poorly-designed bureaucratic information systems — that is, the usual kind. Today I launch Adventures in Identity, a blog series where I politely request every guilty organisation to fix the problem — and post their responses.
First up, our corporate regulator, the Australian Securities and Investment Commission (ASIC), and in particular their ASIC Connect online service.
This was drawn to my attention because the registration for one of my business names, Skank Media, is due for renewal — and ASIC Connect is the easiest way to do it.
The first problem I encountered is that ASIC Connect’s account creation form has both “Given name” and “Family name” as required fields, so immediately I must enter something other than my legal name to create an account — although to ASIC’s credit, the rest of the process was painless.
ASIC had previously sent me a letter with an “ASIC key” that linked this new account to my existing ASIC business name record.
I have another business name, Prussia.Net, so I decided to link that in too. But ASIC Connect wouldn’t let me. My name didn’t match the name of the registrant of Prussia.Net. Really?
Sure enough, while Skank Media is now registered to “Stilgherrian Stilgherrian”, and it was previously registered to “Mr Stilgherrian”, Prussia.Net is registered to “_____ Stilgherrian”. Five underscores! What an excellent work-around.
Then when I tried to link both business names to my Australian Business Number (ABN), the basic business identifier for entities other than registered companies — I’m a sole trader — that’s now listed as “Stilgherrian Stilgherrian”. It was once correct, though, as an historical ABN search shows a single-name version from 4 October 2000 to 27 February 2010. See the attached PDF.
One of key problems with this mess — apart from the untidy data that makes it look like something shonky is going on — is that these are all legal records. “To the best of my knowledge, the information supplied in this transaction is complete and accurate (it is an offence to provide false or misleading information to ASIC),” we are warned. But I can’t do that.
As I write this, it’s still before 0900 AEST, so my tweets directed to @ASIC_Connect have yet to receive a reply. They may well have a straightforward way to sort this out. Stay tuned.
I should also point out that in ASIC’s defence, they’ve recently merged data from state-based business name registries, cross-matching it with the Australian Business Register — and the latter was notoriously inaccurate.
[Update 1415 AEST: I just got a call from the ASIC staffer who was monitoring their Twitter account earlier today. This isn’t the first time they’ve encountered a mononym, but so far they’ve just carried across records from the state databases so left the work-arounds in place. In my case, they have to cleanse the data so all my records match — and they’ll need to decide on a policy so that similar cases are handled uniformly in the future. So I sent them some photo ID, and they’ll take it from here, and let me know what they decide. Pleased.]
[Update 1620 AEST: The ASIC staffer just called again. They have a system. The back-end database can handle mononyms, it’s just that the web front end has the more stringent input validation. So they’ve settled on putting “Stilgherrian” in the given name field, and a single underscore “_” in the family name field, so I can still enter something and get a match. They’ve manually updated all my records, and now I should be able to merge them. Now that’s service.]
Note: I’ve previously called ASIC incompetent and reckless, calling for a head on a spike, but that was a completely unrelated matter. Obviously.