Weekly Wraps 350 to 357: Gosh is that the time?

Sunset over Ho Chi Minh CityThis Weekly Wrap is actually eight Weekly Wraps in one, covering Monday 6 February to Sunday 2 April 2017, numbers 350 to 357. Eight times the value!

Of these four weeks, I’ve spent roughly a week each in San Francisco, Ho Chi Minh City, and Canberra. I also visited a Cold War relic near San Francisco, namely Nike Missile Site SF-88L at Fort Barry. Other stuff happened too.

There’s so much in this Eight-Week Wrap, the bulk of it is over the fold. I won’t be able to list all the highlights, but I will mention two of the lowlights. I caught a conference plague, which slowed me down a bit. And my stress and anxiety levels, which had not been declining, went through the roof. And they’re still there.

This health issue is being addressed, so no sympathy is needed. (Instead, perhaps send me a tip to help with the revenue shortfall, especially with the low-reveue holiday periods of Easter and Anzac Day coming up.) But it does mean that my alleged plans for the next few weeks should be taken with an even bigger grain of salt than usual.

Continue reading “Weekly Wraps 350 to 357: Gosh is that the time?”

Mark Newton on Telstra’s P2P DPI plans

Crikey logoMy Crikey story today on Telstra’s plan to trial the “shaping” of peer-to-peer internet traffic includes quotes from network engineer Mark Newton — but he said so many interesting things I though you should see his entire email.

Mark Newton writes:

From Telstra’s point of view, it’s a good thing: ISPs are a bit like electrical networks, in that they need to provision capacity for peak even though peak is only ever used for an hour or two per day (or, under adversity, a day or two per year: consider capacity planning for the ABC’s ISPs during flood events, or CNN on Sep 11 2001).

P2P users push the peak up, so in electrical network terms that’s like servicing a bunch of customers who leave their air conditioners on all the time.

Anything a telco can do to “squash” the peak is going to have an immediate impact on their bottom line.

If, by side effect, it inspires a bunch of the heaviest-using customers to migrate to other ISPs, that’ll reduce the profitability of those other ISPs and improve Telstra’s margins, so that’s a net positive. Why “fire” your worst customers when you can convince them to resign?

From a user’s point of view it’s more dismal, and the impact will depend on how Telstra uses their systems.

Continue reading “Mark Newton on Telstra’s P2P DPI plans”

Two podcasts on Telstra’s web monitoring ultragaffe

A couple weeks ago Telstra was caught monitoring the web browsing done by customers of its Next G mobile network and reporting them to an overseas company, Netsweeper. I’m writing more about this soon, so here’s some background so I can link to it.

Josh Taylor explained the story for ZDNet Australia, I did for Crikey, and of course there were others. In brief, though, Telstra told Netsweeper what URLs were being visited by Next G customers — in theory with any personally-identifiable information removed — so Netsweeper could discover new web content and classify it for the content filtering system they were developing for Telstra.

It’s a bit wrong. Telstra stopped the project quick smart. But some people, including me, reckon the situation is rather more serious.

Geoff Huston, chief scientist of regional internet registry Asia-Pacific Network Information Centre (APNIC), reckons it’s so far outside the law that law enforcement agencies should be getting involved. As a common-carrier telco, Telstra is in a privileged position. It shouldn’t be reporting anything about any aspect of digital communications to third parties, except as strictly required under law, just as it can’t do anything with analog phone calls.

Huston explained his views in a blog post, All Your Packets Belong to Us, and discussed it with me on this week’s Patch Monday podcast, Hands off our packets, it’s the law.

You can hear Telstra’s PR response on Phil Dobbie’s Twisted Wire podcast, Is your phone watching you?

(Neither of those podcasts are yet appearing in iTunes or other podcast application feeds. On Monday ZDNet Australia was merged into a new global content management system and the podcast feeds broke. I know the CBS Interactive technicians know it’s a problem, but I don’t have an ETA on when it might be fixed yet.)

On Tuesday, Whirlpool had what purported to be an internal Telstra memo from chief executive David Thodey, who seemed to agree that they’d very much crossed the line.

That’s why I want to remind everyone that privacy is not an aspiration at Telstra — it is an essential requirement and our license to operate.

Privacy at Telstra is everyone’s responsibility. We have to do better.

Now there’s some complicated issues in all this. I’ll be exploring them in the coming week. Meanwhile, do listen to those two podcasts and have a bit of a think.

Weekly Wrap 51

A weekly summary of what I’ve been doing elsewhere on the internets. This week returned to something a little more normal after the crazy fortnight of travel and conference coverage.

Podcasts

  • Patch Monday episode 89, “Stuxnet, routing hacks and a seized iPad”, based on material connected with the AusCERT Conference on information security. Security analyst Eric Byers warns of imminent Son of Stuxnet copycat malware. APNIC chief scientist Geoff Huston warns of the security problem in the internet’s routing protocols. And a whole bunch of people talk about the demonstration of a Facebook hack that led, eventually, to the arrest of a journalist.

Articles

Media Appearances

  • I was part of the first ZDNet Tough Talk panel discussion, recorded on video at the AusCERT information security conference, along with Longhaus and Business Aspect board member Sam Higgins, IBRS analyst James Turner, NetWitness chief security officer Eddie Schwartz and Kaspersky CEO Eugene Kaspersky. The moderator was ZDNet Australia’s editorial director Brian Haverty. The topic was: Is cloud secure enough for business? I still haven’t watched it yet. What do you think?
  • On Wednesday I was interviewed by ABC Radio 891 Adelaide about changes to the internet’s top-level domain names. I can post the audio here should you care.

Corporate Largesse

  • On Tuesday I attended a briefing on various information security issues hosted by Sourcefire. They served a light breakfast and handed out a notebook and a toy pig.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream. The photos also appear on Flickr, where I eventually add geolocation data and tags.