OnPoint: The Source
217 Responses
First ←Older Page 1 2 3 4 5 6 … 9 Newer→ Last
-
Richard Aston, in reply to
Ben Masters -your intellect is sort of on the level of a paua – cling on to the same old same old and never question anything-
Thank you Islander you made my day , great image , much better than IQ of a fence post.
-
If Ira Bailey were to be charged, it would stand to reason Paula Bennett can be charged. Afterall she was happy and allowed to leak private confidential information from MSD to the media.What would Ben Masters defend here eh?
As an aside, rather liking the fence post IQ Richard :) -
I don't believe that Ben Masters is a troll. Like most who appear to have opted for subjection to authority over citizenship, he probably genuinely frets over why charges of lèse majesté weren't brought against Shearer last week, or why Nicky Hager wasn't taken out and shot over his maligning of 'Sir' Don Brash.
-
Ok, the same old left wing /right wing bull shit going on here, mostly from the left, given the normal dialogue at PA
Calls for the Minister's head from the usual suspectsYes it is a disgrace for a Government Dept to leak information, no argument there and just as bad some people claim to have known this for some time but didn't think to alert anybody or if they did were ignored ( I would like some proof on this given all phone calls are recorded
My only question just how likely is it that anyone in employment goes to a WINZ office and then sticks a device into a computer?
Quite frankly it beggers belief!
The only person to come out of this with any credit is Keith and I am more than happy to help finance his defense if he is charged
-
barnaclebarnes, in reply to
To be fair, their remit runs more to “stop antagonistic powers shutting down our power grid from afar” than “manage every government department’s IT security”. An organization the size of MSD should really have permanent IT security staff. But, hey, that’s probably one of those unimportant “backroom” jobs taking limited resources away from frontline staff.
You're right of course but I could see that setting up a clearing house for security reports and bounties could be part of their remit. If people knew that they could go to one place and report incidents and they would be taken seriously/investigated by professionals then this could go a long way to stopping this kind of media circus. It would mean that there has to be a change in thinking where reporting, fixing and publishing bugs/security issues is seen as a good thing (much like it is in open source). I'm not sure how much of a stomach the government has for that kind of thing though.
-
MSD didn’t know what to do with his request, and it got slowly bumped up the food-chain. .... MSD called Ira back two days later. They told Ira that they don’t pay for vulnerability reports.
I wonder if as it migrated up the food chain the message got reworded from "do we have a security vulnerability programme or ability to pay for reports?" to "some dude is trying to blackmail us for cash about some 'security' thing. We're not falling for that shit, right?".
-
nzlemming, in reply to
If you're going there to do your CV, very likely, as you'll want a copy to take away with you. However, as others have said, it's not a matter of how easy it was to do, it's that it could be done at all that is the issue.
And you wouldn't have to stick a USB key in the port to find out stuff. I'm wondering if there might be a few private investigators and claim tracers cursing Keith for shutting down a primo source.
-
Kia Kaha Keith & Ira, sorry, (disgusted) to see the MSD and msm take the path that denigrates you rather than focus on the fact these systems aren't locked down and safe as they should be
this is a serious issue with lessons to be learnt, mistakes to be corrected and some accountability to be taken - not suggesting a witch hunt... as its simply not the norm for those who take responsibility to do so any more (for shame) but however this situation came about must be found and rectified so we don't have more of the same - preferably within the govt depts (so the knowledge and understanding is kept in house - ie learn from your mistakes) not outsourced
-
Lucy Bailey, in reply to
Erm, everyone used to stick their usb sticks into the kiosks as this is what WINZ staff said to do - bring your cv on a stick and work on it there as they had disabled access to sites like google docs and you weren't able to download it from your email or anything. As wait times at WINZ are ridiculously long, people were often just messing about on the kiosks while they waited.
-
Sofie Bribiesca, in reply to
My only question just how likely is it that anyone in employment goes to a WINZ office and then sticks a device into a computer?Quite frankly it beggers belief!
You obviously missed this Herald article
Plus I know people who have used the kiosk who were bored waiting up to 2 hours for their appointments because they have f all staff on the ground now. Of course they put their stick in to retrieve job vacancies. load cvs etc. Go in sometime ,open your eyes.Ah, snap Lucy
-
Ben Austin, in reply to
Seems pretty standard operating procedure to plug a USB drive into a computer if you are there to upload a file.
It's also pretty normal to reward people who identify and notify you of security breaches.
In any event I don't see that Ira has done anything wrong and unless actual evidence arrives I will happily donate to his or Keith's legal defence fund.
In any event, this story, especially if it results in a criminal prosecution of Ira or Keith will make us the laughing stock of those who read the tech journals internationally. No one else will give a damm
-
Imagine the havoc that Ira could have wrought in the MSD computers if he was so inclined. MSD should match and double what Keith has earned to reward him for his restraint. Scapegoating him is shameful.
-
My only (rather sad) observation is that it retrospect it should have been obvious that Paula Bennett wouldn't have hesitated a nano-second before releasing the name of Mr. Ng's informant.
She is an authoritarian bully who preens when punishing and seeks revenge when crossed. She is truly one of the most vile people I think I have ever had the displeasure of seeing in action.
-
I am not suggesting that Ira has done anything wrong, he has not
Just wondering why he was there and why someone who is a system administrator would need the WINZ computer to do his CV updates
And when he found the problem, while he might have told someone right then he was quite within his rights to do what he did do ( in my opinion)
Just a pity he was outed, love to also know where that came from? -
Keith wrote :
Like, seriously – what kind of dick did you think I was?
They must have been confusing you with MSM reporters ...
-
Lucy Stewart, in reply to
You’re right of course but I could see that setting up a clearing house for security reports and bounties could be part of their remit. If people knew that they could go to one place and report incidents and they would be taken seriously/investigated by professionals then this could go a long way to stopping this kind of media circus. It would mean that there has to be a change in thinking where reporting, fixing and publishing bugs/security issues is seen as a good thing (much like it is in open source).
No arguments from me on that front - but as you say, the cost would probably stop it in its tracks. Much easier to outsource than commit to regular expenses. I could see a place for an independent pen-testing group, too, targeting departments at random - but, again, cost.
-
Craig Ranapia, in reply to
I am not suggesting that Ira has done anything wrong, he has not
And even if he had, I wish some people who really should know better (or have access to legal advisors who do) weren’t throwing around terms like “blackmail” and “extortion” with such gay abandon.
Call me an old fashioned girl, if you must, but I still believe words mean things, and some charges should be tested in a court of law not a trial by media.
-
Sacha, in reply to
Yet we're happy to pay the costs of reduced confidence and trust, both here and abroad. Reputation means a lot for a trading nation and when we entrust our details to public systems.
-
So...
Were those kiosks actually useful ? Not having been in a WINZ branch for a long time. -
Lucy Bailey, in reply to
Good for wasting time on as you waited but not for looking for jobs - there aren't any.
-
Lucy Bailey, in reply to
Who outed Ira to the MSM? Well, I'd put money on it being the MSD regardless of what Paula Bennett says seeing as there were only about four other people knew of his involvement. But hey, what's one more privacy breach for the MSD?
-
andin, in reply to
Ok, the same old left wing /right wing bull shit going on here, mostly from the left, given the normal dialogue at PA
So not right or wrong?
Putting things in a frame of reference you understand?
Think your limits are showing. -
Sofie Bribiesca, in reply to
Not having been in a WINZ branch for a long time.
For my friend who lives rurally on alternative power and does not use computers, they have been the bain of her life. Not only is it hard now to navigate them, WINZ no longer accept her hours for seasonal work being phoned in (bearing in mind she lives at least 40 mins away at SH1 speed to the WINZ office) but they demanded that she do her CV there and get her daughter who knows how to use a computer to come in with her and help. Her daughter works and lives ohh, 2 hrs from her in the opposite direction along the SH1.
Then to be told she must increase her seasonal work. Who would have thought a little old season should get in the way..... Arghhhhh! -
Jimmy Southgate, in reply to
Who outed Ira to the MSM?
That's one of the more interesting questions at the moment, knowing who is trying to spin might help to pinpoint where those people are worried blame might fall.
-
Sacha, in reply to
Who outed Ira to the MSM? Well, I'd put money on it being the MSD regardless of what Paula Bennett says
The Fairfax story says this, for what it's worth - but note that the Minister's office is not the same as MSD:
Bennett said she did not believe the leak came from her office. Prime Minister John Key also ruled out involvement from his staff.
Bennett said Bailey's involvement was not her main issue.
Interesting that *reputation* is how we decide who's telling the truth about this as well.
Post your response…
This topic is closed.