Tag: infosec

Posted on

Weekly Wrap 119: Ducks, ducks, sheep and bull

The bulk of the business end of my week Monday 10 to Sunday 16 September 2012 was spent at Microsoft’s TechEd 2012 event on the Gold Coast, and the weekend at Parramatta.

Microsoft’s event, like all major vendor conferences, began with an intense burst of frustration thanks to the inevitable series of overly-long overly-staged buzzword-saturated propaganda events — “keynotes”, the industry has decided to call them — designed to hammer the new technology’s marketecture into your head while preventing the opportunity for critical thinking.

And, like nearly all others, it eventually settled down into something sensible once all the vice-presidents and managing directors and pointlessly-animated PowerPoint presentations and bass-heavy music had been stage-managed out of the room and actual engineers and designers and other geeks started talking through specific details.

I’ll have more to say about that in due course.

Parramatta, by comparison, delivered a delightful spring weekend full of ducklings and food and wine and almost no pretension whatsoever.

I’ll have more to say about that in due course also.

Podcasts

  • Patch Monday episode 154, “Good-guy hackers and other infosec anomalies”. A conversation with Michael Montecillo, a threat research and intelligence principal with IBM Security Services, covering good-guy hackers (well der!), click fraud, his views on the profile of hacktivism following the arrest of key Anonymous and LulzSec members, and more.

Articles

Media Appearances

  • On Tuesday I did a spot on ABC 105.7 Darwin, but it wasn’t recorded my end so I can’t bring it to you today. That’s a remarkable similar statement to last week, except that one was a pre-record with Richard Margetson and this one was live with Kate O’Toole. I’m annoyed that the recording didn’t happen, ‘cos I managed to give a coherent exposition of my thoughts about online bullying.
  • On Tuesday I did another regular Balls Radio spot with Phil Dobbie, talking about the High Court rejecting an appeal in the Optus TV Now case.
  • On Friday I spoke about the new iPhone 5 and the utility of smartphones for journalism on ABC Radio National’s Media Report.

Corporate Largesse

I attended Microsoft’s TechEd 2012 on the Gold Coast as their guest.

  • Microsoft covered my airfares from Sydney to the Gold Coast and return, airport transfers, three nights accommodation at Jupiter’s Hotel and Casino on Broadbeach Island, and all the food and drinks.
  • The conference backpack was a high-quality Targus job, containing marketing material from sponsors and other vendors. The former I’ve kept, because my The North Face backpack is starting to wear out. All the latter I’ve thrown into the recycling bin, unread.

Also:

  • On Monday evening I attended the SANS Sydney Community Event “Your Security Monitoring — An Attacker’s Perspective”, where the food and (soft)drinks were sponsored by Shearwater Solutions. An article about this will appear in due course.

The Week Ahead

It’s a busy week of (mostly) writing for me, with around five articles already committed to various mastheads, as well as my presentation at the Festival of Dangerous Ideas. I think my original plan to win the first annual Orkney Short Crime Fiction Prize will have to be dropped. I has disappoint.

I’ll be heading from Sydney to Wentworth Falls this afternoon (Monday) and will return to Sydney for the school holiday period on the coming weekend. I also plan to be in Sydney on Wednesday morning for Symantec’s announcement of their Australian expansion plans. How will that turn into an accommodation schedule? I’ll figure that out this evening.

[Photo: Ducks at Parramatta, a delightfully pastoral scene photographed on the banks of the Parramatta River on Saturday afternoon. I managed to get quite close to this family of ducks before they raised the alarm and took to the water.]

Posted on

Talking data retention on ABC Local Radio

The current parliamentary inquiry into Australia’s national security laws has become a mildly hot media topic this week, so I ended up doing a backgrounder on ABC Local Radio last night with Dom Knight.

I should probably write more about this some time. And I will. But for now, here’s that 18-minute conversation. Including our digression into talking about that fine TV drama The Wire.

Podcast: Play in new window | Download (10.3MB)

The audio is of course ©2012 Australian Broadcasting Corporation, archived here because it isn’t being archived anywhere else.

Posted on

Weekly Wrap 117: Cheese, booze and virtualisation

My week Monday 27 August to Sunday 2 September 2012 was spent in San Francisco, and as I write this on their Labor Day holiday Monday I’m still there. Here. Whatever.

Podcasts

  • Patch Monday episode 152, “Geo-engineering: fixing climate for just US$6 billion?” A conversation with Dr Caspar Hewett, visiting researcher at the University of Newcastle in the UK, and Danish author and political scientist Dr Bjørn Lomberg, director of the Copenhagen Consensus Centre in Washington.

Articles

Media Appearances

Corporate Largesse

VMware’s VMworld was such a large bunch of stuff that it deserves its own section.

  • VMware covered the travel and accommodation, including flights Sydney to Los Angeles to San Francisco, and back again San Jose to Los Angeles to Sydney. A car is being provided for today’s drive from downtown San Francisco to San Jose airport. Four nights accommodation was provided at InterContinental San Francisco.
  • Food ranged from the truly frightening breakfasts in the conference’s media rooms Monday through Wednesday to gorgeous canapés and cheese platters like the one pictured above at the evening cocktail parties. The latter were held at the InterContinental on the Sunday before this week commenced, the St Regis Hotel on Monday, and the Temple Club on Tuesday.
  • On Tuesday night I also went to the Sourcefire cocktail party at the Marriott San Francisco. That’s their cheese platter pictured above.
  • The big VMworld party was Wednesday night and featured Jon Bon Jovi, but I didn’t go because I was exhausted and the last thing I needed was to be in a room with 15,000 drunk nerds. Sorry.
  • The conference backpack contained a VMworld-branded t-shirt, hardcover notebook and ballpoint pen, along with a sheaf of sponsor-related crap on paper. Pretty much all of the latter was thrown out.

I think I gained about 20kg in weight, 75% of which was my liver.

Also this week:

The Week Ahead

I leave San Francisco on Monday evening. That’s tonight. The limousine is scheduled collect me at 1745 PDT to take me to San Jose airport for a 1945 flight to Los Angeles, from where I take the 2250 Qantas flight to Sydney. I arrive in Sydney at 0740 AEST on Wednesday morning and will be heading straight to my hotel to collapse.

Wednesday night is the conference dinner for the ACCAN National Conference. I’m speaking at that event on Thursday afternoon.

Symantec is launching the Norton Cybercrime Report at Sydney’s Justice and Police Museum at 1100 Thursday morning, and I plan to be heading to that.

The rest of the latter part of the week will be full of an awful lot of writing, I imagine.

[Photo: Cheese platter at the Marriott San Francisco, courtesy of Sourcefire.]

Posted on

Weekly Wrap 112: Security, hacks, unexpected encounters

I was in Sydney for most of my week Monday 23 to Sunday 29 July 2012, and despite some minor annoyances I’m reasonably pleased with the results.

I also started a new gig on a SEKRIT project. It looks like it’ll be quite fun, but I won’t be able to tell you about it for ages.

Podcasts

  • Patch Monday episode 147, “Mid-2012 malware: new flavours, same ice cream”. Has 2012 turned out to be “the year of cyberwar” accompanied by an explosion of Android malware? Hear from Alex Kirk, senior research analyst with the Sourcefire Vulnerability Research Team (VRT); David Hall, Symantec’s consumer spokesperson for Asia Pacific; and Bob Hansmann, senior product marketing manager at Websense.

Articles

If ever there was a week that illustrated my transition to grumpy-old-man writing, this is it.

Media Appearances

Corporate Largesse

None.

The Week Ahead

It looks like it’ll be a relatively easy week, but with most of it spent at Wentworth Falls — both because that’s the schedule and because it’s that end-of-the-month week where I really don’t have any money left.

[Photo: Diary of the Lost Crane being the view from level 12 of the Metro Sydney Central Hotel on a foggy Wednesday morning.]

Posted on

And for the trifecta, I’m speaking at ACCAN’s conference

Since I’m blogging about my forthcoming speaking engagements, I should probably also mention that I’m on a panel at ACCAN’s National Conference on 5 to 6 September.

ACCAN is the Australian Communications Consumer Action Network, and the panel I’m on is called “Privacy & Security”.

Privacy dilemmas are getting bigger every year as more of our lives and essential information are moving online. This discussion will explore online privacy and security policies. A top tech journalist [that’s me!] will examine whether there is such a thing as privacy in the online world, and a broadband services expert will explain the key privacy and security challenges likely faced in providing medical and other services over broadband.

The other panellists are Nigel Waters from the University of New South Wales’ Cyberspace Law and Policy Centre and Dean Economou from NICTA.

So, privacy and security. That seems to be my gig now…

Posted on

Two podcasts on Telstra’s web monitoring ultragaffe

A couple weeks ago Telstra was caught monitoring the web browsing done by customers of its Next G mobile network and reporting them to an overseas company, Netsweeper. I’m writing more about this soon, so here’s some background so I can link to it.

Josh Taylor explained the story for ZDNet Australia, I did for Crikey, and of course there were others. In brief, though, Telstra told Netsweeper what URLs were being visited by Next G customers — in theory with any personally-identifiable information removed — so Netsweeper could discover new web content and classify it for the content filtering system they were developing for Telstra.

It’s a bit wrong. Telstra stopped the project quick smart. But some people, including me, reckon the situation is rather more serious.

Geoff Huston, chief scientist of regional internet registry Asia-Pacific Network Information Centre (APNIC), reckons it’s so far outside the law that law enforcement agencies should be getting involved. As a common-carrier telco, Telstra is in a privileged position. It shouldn’t be reporting anything about any aspect of digital communications to third parties, except as strictly required under law, just as it can’t do anything with analog phone calls.

Huston explained his views in a blog post, All Your Packets Belong to Us, and discussed it with me on this week’s Patch Monday podcast, Hands off our packets, it’s the law.

You can hear Telstra’s PR response on Phil Dobbie’s Twisted Wire podcast, Is your phone watching you?

(Neither of those podcasts are yet appearing in iTunes or other podcast application feeds. On Monday ZDNet Australia was merged into a new global content management system and the podcast feeds broke. I know the CBS Interactive technicians know it’s a problem, but I don’t have an ETA on when it might be fixed yet.)

On Tuesday, Whirlpool had what purported to be an internal Telstra memo from chief executive David Thodey, who seemed to agree that they’d very much crossed the line.

That’s why I want to remind everyone that privacy is not an aspiration at Telstra — it is an essential requirement and our license to operate.

Privacy at Telstra is everyone’s responsibility. We have to do better.

Now there’s some complicated issues in all this. I’ll be exploring them in the coming week. Meanwhile, do listen to those two podcasts and have a bit of a think.