Australian Government approach and position on IT, Information Economy, Security
May 9, 2009

I admit to being somewhat confused in terms of what our government’s true strategy is in regards to IT, the Information Economy, IT security and related areas. I felt I somewhat understood what the government was trying to do many years ago when NOIE (National Office for the Information Economy) was the “department” covering all of government strategy. It then became AGIMO and from there, it seemed to get a bit lost for me. http://www.noie.gov.au/

In recent times, I have totally lost track of where our single point of reference to links and pointers to all else is (re: our strategy). If someone could guide me to it, that would be great. I am aware of things like Stay Safe Online and http://www.dbcde.gov.au/ but there seems to also be a few legacy sites (still relevant?) or am I just not understanding how everything links together?

More concerning is our government’s seeming lack of long term strategy and planning. Is anything really being “worked” at for any period of time greater than that coinciding with the next election? In addition, where and why have we lost the plot? See section in this related post; What does the digital economy encompass? Where did all the work from the past go? Does each new government just wipe the slate clean…..conveniently forgetting/rubbing out the past (1984 style)?

What are the longer term strategies (of substance)? Where is the “source” of information? What happened to the previous government’s projects and longer term strategy(s)? Are the broader issues being neglected as the government battles with the NBN and Internet censorhip? Does the government have any real idea of what it should be doing or is skirting around the edges of core problems and issues we have? From where I sit, I don’t see it. I just see a bunch of failed and forgotten projects. I am keen to hear others thoughts on this. Set me straight if I am just lost and missing it!

Comments (6)
Posted in: Dumb Security, Internet Filtering, Risk Management


Aussie Press Finally Picks up on Security Implications of Internet Filtering…
May 4, 2009

The Australian Internet filtering/censorship mainstream media releases about this topic have covered everything bar security until now. Finally, the local press has woken up to this issue in Computerworld: Web filters threaten national security. (Cred to Darren Pauli)

The work of nodecity Donal and Wade has now gotten local press interested/involved. But it took OS “experts” (as part of this) before anyone decided this was worth reporting. Smart and quality product…..interesting and well put together to support the cause!

We were there a long time ago but not so smart in our approach thinking the facts spoke for themselves:
http://beastorbuddha.com/2009/01/05/security-implications-for-internet-filtering-censorship/
http://beastorbuddha.com/2008/12/17/matt-talking-about-potential-internet-filtering-problems-on-banthisurl/

Cred to Ban.This.Url. (Though quiet lately). But we’re not “famous” so who would listen? :)

Thanks to Donal and Wade for giving BorB the scoop on this.

Aside: It’s sad to see so many (initially vocal) people and groups drop off this cause as it has dragged on. No longer web 2.0 “flavour of the month”?….you have to ask? Also interesting to see so few question why a trial of ~2000 sites would/could constitute a “true” trial?! Will it be a surprise that it’s successful? I am sure we could whip up a filter for 2000 odd sites in about an hour….but it’s all how you “sell” it. :)

Comments (1)
Posted in: Bad Stuff, Dumb Security, Internet Filtering, WTF


Australian Internet Censorship – Take The Power Back
April 27, 2009

This video was put together by Donal and Wade at the recent RSA Conference in San Francisco (April 2009). For more information and/or to get involved, go to: www.nodecity.com/empower.

Dan Kaminsky, Pete Lindstrom and Marcus Ranum put forward their thoughts on Australia’s plan to censor the Internet. Dan talks about many of the issues that Securus Global’s Matthew Strahan talked about in his interview with ban.this.url. Surprising that these concerns have barely rated a mention here. Marcus certainly adds some interesting analogies and angles to the whole debate.

Related Posts on Internet Filtering. Thanks to Donal and Wade for representing BorB at the Blogger Meetup at the conference.

Comments (2)
Posted in: Bad Stuff, Dumb Security, Internet Filtering, Too cool, WTF


iiNet has a battle, Conroy off again and the whole scene is a mess.
March 31, 2009

In what reeks of payback (after iiNet pulled out of the Internet censorship trial being run by Conroy), Conroy calls iiNet’s defence in the case brought against the company by the Australian Federation against Copyright Theft as something “that belongs in a Yes Minister episode“. I tell you what Senator, if that is the case, you yourself have been sucked right out of the TV show and into our lives – so you should know!

I’ve discussed this case a number of times here. What irks me most of all is that they’ve gone after the easier target and the rest of the industry is just sitting back and leaving it to iiNet to defend on their own. That decision may haunt the other ISPs after a precedent is set. (If it goes against iiNet). Short-sighted thinking!

Looking forward to seeing what decision is made on the National Broadband Network. Going on recent history, this should be interesting.


Comments (3)
Posted in: Bad Stuff, Dumb Security, Internet Filtering, WTF


Workarounds, accepted mediocrity and questionable future benefits/improvements….
March 22, 2009

Setting the scene with recent somewhat provocative posts to generate some thinking, debate and discussion to get some interest before some context and substance in this post. Hopefully. And yes, a heap of emails, tweets, DMs and phone calls received today. (Gees, not bad for a Sunday. Do infosec dudes ever switch off and have a break?). To be honest, while most were supportive, a few were asking me what the hell I was basing my points on, and was I shooting myself in the foot with some vendors now and in the future? (Hey, big assumption that anyone actually reads this stuff I write). For the latter, I probably was/am but as most people know, I am not scared to put my opinion out there for critique, flames, but most importantly, as mentioned, to generate thoughts and discussion. It’s not a glory boy thing and it is what it is and I don’t profess it to be anything it is not. (Refer to top right corner of home page for the disclaimer).

So getting to the point of this (…finally you’re probably thinking). WAFs are an easy target to generate discussion (polarising more than most other technical topics at present), but I’m not just talking about WAFs here. They’re just the example. It could be anything from technology entrenched into our industry, through to strategic thinking and approaches that look at where our industry is, where it should be and most importantly, the steps to make valuable, and most importantly, significant steps to improve IT, business, home and society in general. Read on:

(more…)

Comments (3)
Posted in: Applications, Bad Stuff, Dumb Security, Firewalls, IDS, IPS, Internet Filtering, Research, Risk Management, Vulnerability Management, Web Application Security, cyber crime


Random Things – Busy Few Weeks
March 20, 2009

- Just got back from New Zealand. As always, great to get over there but wish I had more time. NZ has to be the pound for pound world leader in researchers and research. So many good guys there! And there’s also Kiwicon.

- Pat’s kicked off a new site at Risky.Biz. Some really cool stuff now and a heap of new things coming up. Good luck with it all Pat!

- Been following the SPSP/PCI SSC latest here at Mike’s site.

- New jobs posted at Beast Hot Jobs. Still working to get this going. Yeah, I know, wrong time but hopefully we’ll get there. Check it out.

- Internet Filtering/Censorship in Australia: Trying not to post too much on this because I keep hoping it will just die, but everytime I start to think it is going away, it comes back. Example here. Things in NZ are not much better, potentially worse. All really scary stuff.

- I wonder what I could have seen if I plugged my laptop into the cable poking out at Sydney Airport where another parking payment machine should have been. Nah…probably not much.  :)

Comments (0)
Posted in: Dumb Security, Internet Filtering, PCI, PCI DSS, Risk Management, Too cool, Vulnerability Management, WTF, Web Application Security, news


Internet Blackout N.Z
February 17, 2009

Typical Oz press not bothering to keep up with what is happening in New Zealand. I’m sitting here typing away on “what could be” here in Australia, and NZ is about to hit some of this head-on shortly. In brief from Internet Blackout N.Z:

“Section 92 of the Copyright Amendment Act assumes Guilt Upon Accusation and forces the termination of internet connections and websites without evidence, without a fair trial, and without punishment for any false accusations of copyright infringement. We should speak out against injustices like Guilt Upon Accusation being done in the name of artists and protecting creativity.”

Read the rest here. Join the N.Z Internet Blackout protest to show your support.

Comments (4)
Posted in: Bad Stuff, Dumb Security, Internet Filtering, WTF


Mandatory Internet Filtering Project – Dead or Dying?
February 16, 2009

Just a few days after a few small ISPs were reported as on the bandwagon with the Government’s Internet Filtering project, unsubstantiated rumour (from a mate – not a bad source :) ), is that the Government may be looking at pulling out of this “gracefully”.

One can only hope this is the case at present, but if it’s not for now, lets at least hope that at the time [it is decided to be ditched], the people involved don’t drag this out more than need be, in any form, as a last ditch and desperate attempt to save some face.

Previous posts on Internet Filtering in Australia.

Comments (4)
Posted in: Bad Stuff, Dumb Security, Internet Filtering, WTF


iPrimus supports Internet Filtering in Australia?!
February 14, 2009

Our old mate Darren Pauli from Computerworld pulled off a beautie last week with this article: Content filter pilots debunk critics.

Unless I have missed something recently, the iPrimus CEO has gone on record as supporting Internet Filtering! This goes against the position of every other ISP we have read about to date, (unless I have missed something and please do correct me if I am wrong here).

Now I could sit here and go over old ground (previous posts), but reading the article, it just comes across as if this guy has just heard about this and thought, “hey, sounds okay to me!”.

Is it just me thinking that?

Read on:
(more…)

Comments (0)
Posted in: Bad Stuff, Dumb Security, Internet Filtering, WTF


Latest on the iiNet "Piracy" Lawsuit
February 12, 2009

This is going to be interesting. Update from MIS; iiNet has two-pronged defence in piracy lawsuit.

Previous post putting a few questions out there:
http://beastorbuddha.com/2008/11/21/supporting-iinet-the-test-case/

I stand by these questions/predictions. The potential outcomes of this case could be quite scary.

One wonders if somehow the “Internet Filtering” government initiative could end up being linked to the outcomes of this court case. (Or even before and during). Or am I again thinking weird conspiracy things?

Comments (12)
Posted in: Bad Stuff, Internet Filtering, cyber crime


« Newer PostsOlder Posts »