What with the massive Optus data breach, the somewhat smaller Telstra data breach, and even a breach at security firm G4S, consumer cybersecurity is back on the agenda big time. So this morning I was on ABC Canberra.Continue reading “Talking passwords and cybersecurity on ABC Canberra”
As bushfire smoke engulfed the Sydney region, giving the city the worst air quality in the world, my week of Monday 18 to Sunday 24 November plodded along in a satisfactory manner.Continue reading “Weekly Wrap 495: Bushfire smoke, cybers, and a random magpie”
Australian news outlets ran stories today about a Russian website that shows live video cameras that haven’t been properly protected, and I ended up talking about it with Will Goodings on Adelaide radio 1395 FIVEaa.
I disagreed with the Fairfax story, which called the Russian site “Online IP net surveillance cameras of the world” the result of “hacking”. For me, hacking implies some sort of technical trick. But I did point out that unprotected devices on the internet are not new. The Shodan search engine shows all manner of exposed devices.
The audio includes a subsequent guest on the program, Con Kosmidis from Alpha Security Systems, who amplified some of my points, and a small rant from Mr Goodings.
The audio is Â©2014 dmgRadio Australia.
My week of Monday 13 to Sunday 19 October 2014 must have been influenced by the photo I posted last week, because it did end up snowing in the Blue Mountains — but no closer than 8km from me.
So, in the interests of triggering pleasant spring conditions for the week ahead, I’ve kicked off with another pleasant photo from my archives.
- Dropbox password scam shows up our sloppy infosec, ZDNet Australia, 14 October 2014.
- How ABC 702 Sydney failed the Blue Mountains, and Twitter won this morning, Crikey, 15 October 2014.
I’ve also written a second piece for ZDNet Australia, but it won’t appear until Monday.
- On Wednesday, I moderated an event for Electronic Frontiers Australia and the Australian Privacy Foundation, “Data Retention: the European Experience”, which was a public conversation with Privacy International’s legal director Carly Nyst. A full audio recording will appear on Monday as an episode of the Corrupted Nerds: Conversations podcast.
- On Friday, I spoke about voiceprints and biometric ID on 1395 FIVEaa.
The Week Ahead
It’ll be a busy one. While I haven’t mapped out exactly what will happen each day — I can’t do so until a certain tardy clients pays me and I can lock in certain commitments — there’s plenty of media objects to make.
A new ZDNet Australia column and a new Corrupted Nerds podcast will appear on Monday, as I said. After that, I’ve got two ZDNet Australia pieces to write, and an episode of The 9pm Edict to produce. I also want to resurrect the 5at5 newsletter, but that has a lower priority.
The weekend is unplanned.
A few minutes after doing the live spot on Nova 100, I recorded an interview on the alleged Apple iCloud hack for ABC Radio’s national current affairs program AM.
Reporter Emily Bourke would have gone away with a disjointed mess of soundbites, but the disjointedness isn’t so important when it’ll be edited into a multi-voice report.
I think this one quote best summarises my view of the compromise we enter into when using cloud services:
The big problem with creating massive online cloud storage systems — which is now the way we do things on the internet, whether it’s Apple or Microsoft or Google or Amazon or whoever — is that you create a vast honey pot of a target for the attackers.
Once you find one way to get in, you can potentially get access to hundreds of thousands, if not millions of people’s data.
The plus side is such concentrated services means they can hire some of the best security people they can find, putting brains onto the problem is obviously important. So at one level the cloud providers can, if they do it right, protect things far better than you or I could on computer systems under our own control.
The failures are therefore going to be far less frequent. It’s just that when the failures do happen they can be catastrophic.
Here’s the full story, served directly from the ABC website, where you can also read the transcript.
The audio is of course Â©2014 Australian Broadcasting Corporation.
A few sentences of my comments were also used in a later report on The World Today at lunchtime, which featured security researcher Troy Hunt.
It’s starting to look like an alleged hack of Apple’s iCloud service was the source of a series of nude photos of female celebrities that has appeared online. That news led to a series of radio appearances for me today. Starting with this one.
The story itself has already been widely reported, and I won’t go into any detail about the victims of this invasion of privacy. One good place to start is this summary at The Guardian, and there’s more technical details at TUAW. These blog posts will simply present the media spots that I did.
First up was Nova 100 in Melbourne. This was done live with breakfast presenters Meshel and Tommy at 0720, and my coffee hadn’t kicked in yet. That’s why I screwed up my first, embarrassingly-wrong go at the explanation — at least that’s my excuse and I’m sticking to it.
It seems Meshel was quite taken with my name. That’s so sweet.
The audio is Â©2014 dmgRadio Australia.