Tag: infosec

Posted on

Patch Monday: Proving your identity online

ZDNet Australia logo: click for Patch Monday episode 31

“Please log in with your Facebook ID”, says the website. But it’s not Facebook. Sure, they’re trying to make things easier by using your existing login. But can you trust them?

Of course not! However, there are systems that allow you to sign in securely across multiple sites using a common login. They’re called “federated ID”.

In the Patch Monday podcast this week, David Simonsen, manager of Where Are You From (WAYF), a Danish electronic identification system, explains how so-called “federated IDs” and pseudonyms are already being used in Austria’s public health system and in Denmark’s education system.

We also have our first audio comment. A Scientologist tells us precisely what he thinks of the protesters from Anonymous, the kind of people who ran the denial-of-service attack on Parliament House we covered last week.

You can listen below. But it’s probably better for my stats if you listen at ZDNet Australia or subscribe to the RSS feed or subscribe in iTunes.

Please let me know what you think. We accept audio comments too. Either Skype to stilgherrian or phone Sydney +61 2 8011 3733.

Posted on

Crikey: How I brought down the Parliament House website

Crikey logo

I wrote about the Anonymous attacks on the Parliament House website for Crikey as well as covering it in this week’s Patch Monday podcast.

In How I brought down the Parliament House website there’s a few quotes from c0ld blood, who was one of the attack’s organisers, as well as some of the other podcast participants.

The new angle is a few comments from the Secretary of the Department of Parliamentary Services, Alan Thompson, who runs Parliament House. He is not amused, and rightly so.

Posted on

Patch Monday: Tough titties: Govt sites stormed

ZDNet Australia logo: click for Patch Monday episode 30

A scoop in the Patch Monday podcast this week: an interview with c0ld blood, one of the organisers of the denial-of-service attack on the Parliament House website by Anonymous.

While Anonymous is better known for its masked protests against the Church of Scientology, some people operating under the Anonymous brand have branched out into protests against the Rudd government’s mandatory internet “filtering” program. Their attack in September 2009 brought down the Prime Minister’s website for about 10 minutes.

This time they were a lot more effective, with the target site being with with up to 7.5 million requests per second.

As well as c0ld blood, we hear from security consultant Crispin Harris, the vice-chair of Electronic Frontiers Australia Colin Jacobs, and a statement from AnonSA who distance themselves from the attacks.

You can listen below. But it’s probably better for my stats if you listen at ZDNet Australia or subscribe to the RSS feed or subscribe in iTunes.

Please, let me know what you think. We now accept audio comments too. Either Skype to “stilgherrian” or phone Sydney 02 8011 3733.

Posted on

Zombie Generation: The spreading infection

ZDNet Australia logo: click for the Zombie Generation article

“If you had to identify the biggest single issue confronting the security and safety and the confidence of the internet these days, particularly in the commercial space, you could only point to zombie botnets as the major concern,” says Peter Coroneos, chief executive of the Internet Industry Association (IIA).

On Wednesday, ZDNet.com.au published my feature story Zombie Generation: The spreading infection, which kicks off with a backgrounder on zombie botnets and then some worrying trends.

  • The malware used to create botnets is getting more sophisticated. Traditional stay-safe-online messages are no longer adequate — if they ever were.
  • Young people’s eagerness to share cool new things amongst their peers is natural human behaviour, but it runs counter to the “don’t share” messages.
  • It’s easy for kids to break out of the security restrictions of the laptops supplied under the Australian Government’s Digital Education Revolution program — something we also spoke about on Patch Monday.

Australian ISPs are now developing a more formal code of practice to detect and deal with their customers’ zombie computers.

I also posted a lengthy rebuttal to some fool trying to over-simplify this as “a Microsoft problem”.

Posted on

Patch Monday: CCTV surveillance and Rudd laptops

ZDNet Australia logo: click for Patch Monday episode 28

A double-headed Patch Monday podcast this week. Are multitudes of video surveillance cameras value for money? And do teenagers with free Rudd government laptops represent a security risk?

Security consultant Crispin Harris is co-author of the soon-to-be-published paper Information overload: CCTV, your networks, communities and crime [PDF], and he’s been digging into the numbers.

Meanwhile, a 15-year-old Sydney lad reckons he’s broken out of the security restrictions on the Lenovo netbook he got as part of the Digital Education Revolution and could install games and browse the school’s file server.

You can listen below. But it’s probably better for my stats if you listen at ZDNet Australia or subscribe to the RSS feed or subscribe in iTunes.

Please, let me know what you think. We now accept audio comments too. Either Skype to “stilgherrian” or phone Sydney 02 8011 3733.

[Update 11 February 2010: The paper Information overload: CCTV, your networks, communities and crime [PDF] is now online.]

Posted on

Patch Monday: Online industrial espionage

ZDNet Australia logo: click for Patch Monday episode 27

Following the allegedly-Chinese attacks on Google (and 33 other corporations), and following Hillary Clinton’s assertive speech on Internet Freedom, online espionage is in the news — and it’s my topic on the Patch Monday podcast this week.

My guests are Mark Goudie, who heads the forensics practice at Verizon Business in Melbourne; and Ajoy Ghosh, security executive with Logica in Sydney.

You can listen below. But it’s probably better for my stats if you listen at ZDNet Australia or subscribe to the RSS feed or subscribe in iTunes.

Please, let me know what you think. We now accept audio comments too. Either Skype to “stilgherrian” or phone Sydney 02 8011 3733.