OnPoint by Keith Ng

Read Post

OnPoint: H4x0rs and You

213 Responses

First ←Older Page 1 2 3 4 5 9 Newer→ Last

  • Richard Busby,

    "Journalists can’t report on it unless they have some basic understanding of it."

    This is true of more than just IT Security. Journalists can mis-report many subjects - but you're not going to know unless you have some level of understanding yourself in that area.

    Me, I was crying into my porridge watching that TVNZ article. I can't recall whether it was TVNZ or TV3 who described Defcon as an "underground hacking network", but that's laughably wrong. But the general populace won't know otherwise, and so accept it as being the truth.

    Wellington • Since Apr 2008 • 2 posts Report Reply

  • Russell Brown,

    So what's your guess on whether anyone else suggested that dipshit misguided angle on Paul Craig to Heather Du Pleissis-Allan? Or did she come up with it on her own?

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Kumara Republic,

    The BSA needs to come down on this. And hard. Here's how to start.

    The southernmost capital … • Since Nov 2006 • 5446 posts Report Reply

  • Rich of Observationz, in reply to Richard Busby,

    Journalists can mis-report many subjects

    And do, more often than not. My father was a pilot, and he regularly pointed out the glaring errors in any aviation/aerospace stories that made the media. Economics stories are rubbish, science stories are rubbish. Possibly the sport stories are accurate and informed, I wouldn't know.

    Back in Wellington • Since Nov 2006 • 5550 posts Report Reply

  • papango, in reply to Russell Brown,

    My guess is that it was all her own work. I have interacted (I was going to say worked, but that's really the wrong word) with her when she put some OIA requests into the department I work for. She's not the sharpest crayon in the drawer.

    Wellington • Since Jan 2012 • 19 posts Report Reply

  • Keith Ng, in reply to Russell Brown,

    So what's your guess on whether anyone else suggested that dipshit misguided angle on Paul Craig to Heather Du Pleissis-Allan? Or did she come up with it on her own?

    I suspect it's her own.

    Auckland • Since Nov 2006 • 543 posts Report Reply

  • john Drinnan,

    With respect Keith - you might be getting a bit carried away with yourself.
    You got a great scoop - and more power to your sword.
    Handling of story would raise eyebrows with MSM - sighting of confidential files -might not happen in MSM for legal reasons,
    "Don't trust other journos to write a story your way" is probably good advice. Good thing about this blog is it removes blogger suggestion Paul Craig was fed to TVNZ by authorities. HDPA and Patrick Gower are both very solid journalists - and I wouldn't imagine they would use the term shit to describe your work Besides which - congrats - good the story is out.

    Auckland • Since Oct 2010 • 31 posts Report Reply

  • Matthew Poole, in reply to Richard Busby,

    Defcon as an "underground hacking network"

    They're doing a pretty shit job of being "underground", I have to say, given that the alphabet soup of the United States' national security apparatus attend in force.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Peter Green,

    I realise that sufficiently advanced incompetence is indistinguishable from malice, but I'm finding it pretty hard to believe that the story reflects a lack of "basic understanding". At some point you have to wonder if maybe the author is just flat out lying to the public, because they know their job is selling advertising not reporting news.

    Dunedin • Since Nov 2011 • 21 posts Report Reply

  • Lilith __, in reply to john Drinnan,

    Handling of story would raise eyebrows with MSM – sighting of confidential files -might not happen in MSM for legal reasons,

    But surely if Keith hadn't sighted the files, he wouldn't know they were confidential, and if he hadn't copied them, he would've had no proof. There would have been no story. And the MSD security hole would remain wide open.

    Dunedin • Since Jul 2010 • 3895 posts Report Reply

  • David Cormack, in reply to john Drinnan,

    Did John Drinnan miss the point? I thought I was reading a story about how a MSM reporter misrepresented an expert. At no stage John, did Keith attempt to make this about him?

    Suburbia, Wellington • Since Nov 2006 • 218 posts Report Reply

  • izogi, in reply to Rich of Observationz,

    Economics stories are rubbish, science stories are rubbish. Possibly the sport stories are accurate and informed, I wouldn't know.

    Maybe it's old news in this circle but I remember a Radio NZ Mediawatch discussion several years ago, probably re-incarnated in other discussions since then, regarding the modern changes in how journos are often recruited. As in, media outlets in the early days tended to hire people who were experts in a field or two, and then taught them journalism. Today, however, it's more common for someone to do a journalism degree straight out of school, then walk directly into a media job whilst still having very little experience of anything else in the world around them. From those here with media backgrounds, did I understand this correctly, or is there more to it than that?

    Wellington • Since Jan 2007 • 1142 posts Report Reply

  • Keith Ng, in reply to john Drinnan,

    Good thing about this blog is it removes blogger suggestion Paul Craig was fed to TVNZ by authorities. HDPA and Patrick Gower are both very solid journalists - and I wouldn't imagine they would use the term shit to describe your work

    Ahem. "Sanctimonious bore", I believe, were the words Gower used to describe me when I suggested that he got it wrong. I'd argue that "shit" is no more aggressive than that.

    Also: He got it wrong. Really wrong.

    He bought the story he received by anonymous email - that Murray McCully was the victim of systemic hacking by a Russian group out to steal military secrets. It was a ludicrous thing to believe and to report for the reasons I described in my post. And, as it transpired, he was proven to be wrong.

    He reported something which was wrong, and which would not have been plausible to someone with reasonable background knowledge. I think I'm on solid grounds to call that shit reporting.

    I wouldn't go nearly as far with HDPA, but it's still a bit shit. We've been on friendly terms for most of the MSD story, but hey: without fear or favour, right? It's not personal, but she really didn't understand a lot of background and context. Treating Paul Craig as if he was a blackhat, or malicious hacker, or underground, or illegal or illegitimate is completely wrong. He is a professional security expert - they are also called hackers. Failing to distinguishing between the professional, legal hackers and malicious, criminal hackers is a serious failure.

    Also, in my own defence, I'm not getting uppity because I broke a good story this week. I am being as much of a dick about the MSM this week as I have been for the past seven years.

    Auckland • Since Nov 2006 • 543 posts Report Reply

  • Russell Brown, in reply to john Drinnan,

    “Don’t trust other journos to write a story your way” is probably good advice.

    I don’t think Keith is obliged to sit there quietly when a journalist grossly abuses a commentator he has directed them to. HDPA has basically written that story to imply that Paul Craig is a criminal suspect. She simply has no idea what she’s on about.

    Gower fell for a fanciful story and was dismissive of Keith when Keith pointed out how unlikely it was – then corrected himself two months later without acknowledging he’d been told his story was wrong back in February. Keith is perfectly entitled to point this out.

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Russell Brown, in reply to john Drinnan,

    With respect Keith – you might be getting a bit carried away with yourself.

    I think you should take the trouble to understand the story before you start patronising people.

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Sacha,

    Using the term 'hack' to describe what was done is fundamentally misleading - as intended by some. It's hard to separate lack of IT knowledge from pervasive and deliberate spin being fed to journos since Sunday eve.

    Ak • Since May 2008 • 19745 posts Report Reply

  • Keith Ng, in reply to Lilith __,

    But surely if Keith hadn't sighted the files, he wouldn't know they were confidential, and if he hadn't copied them, he would've had no proof. There would have been no story. And the MSD security hole would remain wide open.

    I've been meaning to clarify that point. It's come up elsewhere. It was not possible (or practical) to view the PDFs on the computer. If I didn't spend three days reading invoices, I couldn't have known what was in there. For every damning one containing sensitive information, there were a dozen invoices for milk and sausage rolls.

    It wasn't enough to establish that there were *some* sensitive information somewhere on those servers, I had to establish *what* the nature of that sensitive information was. And there was a broad range of it. That was why I needed to go through so damn many, and that in turn was why I had to download them.

    Auckland • Since Nov 2006 • 543 posts Report Reply

  • mark taslov, in reply to Peter Green,

    At some point you have to wonder if maybe the author is just flat out lying to the public, because they know their job is selling advertising not reporting news.

    Word.

    Te Ika-a-Māui • Since Mar 2008 • 2281 posts Report Reply

  • Sacha,

    Also, Keith wrote:

    unless they keep doing shit like this

    Doing shit is about behaviour, not about product.

    Ak • Since May 2008 • 19745 posts Report Reply

  • Sacha,

    As I said earlier today on the other thread:

    An equivalent of the Science Media Centre might be useful to raise journalists' understanding about IT matters - though, like information security, that also requires ongoing governance buy-in by their editors, publishers and industry.

    This needs a broader response than finger-pointing at individuals can achieve.

    Ak • Since May 2008 • 19745 posts Report Reply

  • mark taslov, in reply to Sacha,

    While more oversight makes perfect sense in principal Sacha, New Zealand is a small place with a lot of hands in others' pockets. Foremost in this picture is Keith's editorial independence.

    Te Ika-a-Māui • Since Mar 2008 • 2281 posts Report Reply

  • Russell Brown, in reply to Sacha,

    This needs a broader response than finger-pointing at individuals can achieve.

    You’re right. Let’s talk to some people who could make this happen.

    Edit: Actually, SMC manager Peter Griffin is an IT journalist himself. Perhaps them extending their area of competence would be the smartest way to achieve this.

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Sacha, in reply to mark taslov,

    Independence doesn't bring knowledge.

    Ak • Since May 2008 • 19745 posts Report Reply

  • Sacha, in reply to Russell Brown,

    Let’s talk to some people who could make this happen.

    Good idea. InternetNZ and the IITP come to mind.

    Ak • Since May 2008 • 19745 posts Report Reply

  • mark taslov, in reply to Sacha,

    Independence doesn’t bring knowledge.

    Knowledge doesn't really come into it. We want unbiased fact based journalism. As has been acknowledged from the outset, there's nothing particularly tekky about this. It's in the Adj.

    Te Ika-a-Māui • Since Mar 2008 • 2281 posts Report Reply

First ←Older Page 1 2 3 4 5 9 Newer→ Last

Post your response…

Please sign in using your Public Address credentials…

Login

You may also create an account or retrieve your password.