- - - - - - - - - - - - -

Monday, June 13, 2011

Mal server

The Tory's techie stat gnome - the same one who complained so bitterly and for so long, about the 'Hollow Men' leak of sensitive National Party emails and who bored readers of his blog for years with how it was doing his head in (because he couldn't accept it was an inside job) - well isn't it a different tune when it's the Labour Party having all their data exposed. It's such a different tune - it's like jumping from Concert FM to George. It's like we're listening to a different person altogether.

When it happens to the Nats it's some order of high state crime that demands the police swat team bash down the door of everyone connected to Hager, but now with it happening to Labour it's:

A weakness in security? That implies there was some security at all[...]

So it's Labour's own fault - and the data capture is morally neutral - according to Farrar's line because it was just out there. Not because it is in the public interest - he's not going there - just that, the data wasn't adequately secure. Telling us:

Again I should stress that while I have no first hand knowledge of how the information was obtained, I am told that there was no hacking, cracking or illegal access. It was simply available to the world.

But it wasn't 'the world' that wanted to get in and that found a way in. Labour's official response mentions "vulnerability":

On Saturday Labour discovered the possibility of a malicious breach of an online Party contact database. We began an investigation immediately.

On Sunday we isolated a system vulnerability that we believed had been exploited. The system was immediately secured. We fully understand the seriousness of this kind of event, and we have apologised unreservedly. One of the earliest downloads of the database appears to be from an internet address belonging to a National Party Head Office mail server.


A trooper in the Death Star gets access and then - probably within minutes - Slater is fossicking in there too.

Farrar's stance is that it's 'open to the world' and so it's all fair in love and politics. But just as one's house is also 'open to the world' if the front gate doesn't have a lock on it, it doesn't mean that it's OK to open it, take what you can out of the yard and start distributing it about the neighbourhood. 'Open to the world' is not much of a defence when you are a tech-savvy political operative.

Anyway, our cetacean friend is going to perform another malicious drop of privacy breaching data at 2pm, bless him. For his sake it better be genuine public interest material - like the questions raised around the use of parliamentary services to fund party political campaigning - nothing wrong with exposing those sorts of emails. However the scattergun approach he takes hasn't always gone down well with the judiciary and his defences in court were weak. Better luck this time, eh?

4 Comments:

At 13/6/11 3:42 pm, Blogger Rangi said...

"A trooper in the Death Star gets access and then - probably within minutes - Slater is fossicking in there too."

Bahahaha!

Anyway, I think this is going to backfire on the empire, Watergate 2011 it ain't!

 
At 14/6/11 7:08 am, Blogger Michael Bott said...

Ss 249 & 252 of the Crimes Act 1961 might be worth looking at:

249 Accessing computer system for dishonest purpose

(1) Every one is liable to imprisonment for a term not exceeding 7 years
who, directly or indirectly, accesses any computer system and thereby,
dishonestly or by deception, and without claim of right,---

(a) obtains any property, privilege, service, pecuniary advantage,
benefit, or valuable consideration; or

(b) causes loss to any other person.

(2) Every one is liable to imprisonment for a term not exceeding 5 years
who, directly or indirectly, accesses any computer system with intent,
dishonestly or by deception, and without claim of right,---

(a) to obtain any property, privilege, service, pecuniary advantage,
benefit, or valuable consideration; or

(b) to cause loss to any other person.

(3) In this section, deception has the same meaning as in section 240(2).

252 Accessing computer system without authorisation

(1) Every one is liable to imprisonment for a term not exceeding 2 years who intentionally accesses, directly or indirectly, any computer system without authorisation, knowing that he or she is not authorised to access that computer system, or being reckless as to whether or not he or she is authorised to access that computer system.
(2) To avoid doubt, subsection (1) does not apply if a person who is authorised to access a computer system accesses that computer system for a purpose other than the one for which that person was given access.
(3) To avoid doubt, subsection (1) does not apply if access to a computer system is gained by a law enforcement agency—
(a) under the execution of an interception warrant or search warrant; or
(b) under the authority of any Act or rule of the common law.

 
At 14/6/11 7:55 pm, Blogger Tim said...

Cam and his mates say....Aw Shit!! We didn't REALLY intend to sign up to a facist agenda - it was just the situation....or maybe "They MADE us do it".
Thankfully there are still one or two cops on the frontline that can see through the smoke

 
At 15/6/11 7:34 am, Blogger jane said...

This should see the whole of the National ICT team in jail & not allowed to vote hahaha
great comment thanks Micheal

 

Post a Comment

<< Home