OnPoint: MSD's Leaky Servers
629 Responses
First ←Older Page 1 … 22 23 24 25 26 Newer→ Last
-
Toby Manhire delivers a great column about how we deserve digitally literate leaders.
As the push for e-government gathers pace, a basic literacy in the "e" part is a reasonable demand. And literacy is the right word. For people born after the internet, fluency is second-nature.
For many of the more mature people who account for most of our leaders in business, in the public sector and in politics, however, you need to learn this stuff.
The worry is that without that basic vocabulary, without the right questions being asked, the right priorities set, you engender the sort of slipshod culture that, say, fails to act on repeated warnings about a gaping security hole.
And he continues that a moral compass is important too.
And that can only be exacerbated by a different sort of culture of disregard - for individuals' privacy. After the Social Development Minister released two beneficiaries' confidential details in 2009, there was no contrition - indeed, it was "a bit of a lesson about what happens when you put your story out there".
When the Human Rights Commission concluded she had breached the pair's privacy, still no apology - and she refused to rule out doing a similar thing again.
Put it this way: Ng and his source, Ira Bailey, have promised not to reveal any private details from the Ministry of Social Development files. The minister hasn't.
-
Matthew Poole, in reply to
The first comment could’ve been written by Paula’s office.
Facts first (and I know facts are an unnecessary burden on a journo) but Ira Bailey was the person who accessed the data – not Keith Ng. Second; fact Ira has IT credentials. Oh and third incovenient fact, Ira is a recognised leftist and activist.
And, yes, I know that's what I deserve for reading the comments.
-
Richard Aston, in reply to
The Australian equivalent would be walking into a Centrelink office and casually looking up the names of children in state care and what medications they are prescribed, or who was under investigation for welfare fraud
Brings up a good point. Many years ago (10) I worked for IBM as a kiosk specialist, I initiated those very useful check-in kiosks at Air NZ for one and had many other kiosk projects. The Australian CentreLink kiosk system was well know back then as robust a secure, ok maybe the user interface left something to be desired but the back-end system was solid.
Fully locking down a kiosk is not rocket science and especially not these days.
Trying to lock down WIN95 ( yes that far back) was a nightmare only solved by alternative OSs .WINZ cleary didn't get any serous outside help on this project , nor did they check what their Aussy counterparts had done. In my experience then getting kiosk systems fully locked down, bullet proofed and properly monitored was not a trivial task and costs money. I remember too many clients thinking a kiosk should cost not much more than a PC - hey its just a PC right - when it fact they are 3-4 times the cost.
Cut costs = increased risks -
Matthew Poole, in reply to
Trying to lock down WIN95 ( yes that far back) was a nightmare only solved by alternative OSs .
Whereas these days Win7 is actually pretty robust. Win95 wasn’t even a proper multi-user OS, which was a huge part of the problems you would’ve faced.
As Paul Craig demonstrates real security for kiosks is pretty much impossible, which is why they should never be connected to the corporate network. In WINZ’s case, though, they were really just offering internet access to allow people to view job listings and print off CVs. That can be easily accomplished with Windows and a decent firewall to restrict the sites that can be accessed. Oh, and not connecting them into the corporate LAN, of course. If the only machines on that side of the firewall are other kiosks the risks are limited to people installing key-loggers to try and pick up logins for Google Docs. -
Sacha, in reply to
logins for Google Docs
and others have said access to that service is blocked anyway. Part of the reason they need USB access for people's CVs I guess.. #doh
-
Matthew Poole, in reply to
Indeed. Which then requires allowing people to access their USB drives. Dumb, dumber, dumbest. Letting people access cloud storage means USB storage can be completely disabled, improving security significantly.
-
Sacha, in reply to
But clouds is scary and new.
-
Sacha, in reply to
WINZ cleary didn't get any serous outside help on this project
Review afterwards is sure no substitute for expertise earlier.
-
Russell Clarke, in reply to
Neither, thanks for asking. I'm not debating the assumptions that need to be made about past events, nor the remedies that need to be undertaken. I'm saying that nobody really knows what happened, and everyone's banging on like they do know.
-
Matthew Poole, in reply to
everyone’s banging on like they do know
As one of the "everyone" you're talking about, I hope I haven't posited that I "do know" what happened. I know what could have happened based on what I know did happen and other things I know generally, but I've tried not to imply that my proposition is anything other than a worst-case scenario.
-
Russell Clarke, in reply to
No, Matthew, I don't believe you have. In the general discussion (not just here) the ifs and could haves seem to be getting buried, and that's probably needlessly scaring the crap out of a lot of vulnerable people right now who think their information has been viewed/edited/sold.
-
Sacha, in reply to
I guess the point is that no one can say unfettered access has *not* happened, so in terms of assessing risk and deciding how much to do, the balance moves away from a minor fixup.
The speed of the govt's response once they knew publicity was coming suggests they understand the political gravity, but it will be interesting to see what they actually do to restore public trust. Downplaying the risk will no doubt be part of it.
-
Lilith __, in reply to
the ifs and could haves seem to be getting buried, and that’s probably needlessly scaring the crap out of a lot of vulnerable people right now who think their information has been viewed/edited/sold.
Well, the trouble is, anywhere between no-one and zillions of people could have accessed the loose data. Nobody knows. And AFAIK there's no way to find out. So, it is scary. That vulnerable people are scared is not the fault of anyone here, it's the fault of the MSD for leaving the confidential documents lying around.
-
Matthew Poole, in reply to
And AFAIK there’s no way to find out
There are ways, though only the what to an extent, and very, very little who. Daniel Ayers, who specialises in computer forensics and has been asked in the media about this, has said that he considers my "nuke it from orbit" (love that phrase) approach isn't necessary. As the guy who set up the part of Deloitte that will be doing the investigation he's got some authority.
He says, and he's right, that the kiosks will contain at least some evidence if they've been used to jump off into the network. What he hasn't said is that there are 700 kiosks, every one of which would need to be examined in a process that can take weeks for a single machine, and that some of them may have been replaced in the intervening two years which would have rendered any possible evidence unreachable.As Sacha says, it's a balancing act. Extensive forensic examination of 700 machines will be expensive, though if all the kiosks are the originals and the examination comes back clear it'll have been cheaper than breaking out the ICBMs. If, however, it finds evidence of misdeeds, the ICBMs come back into play and their cost will be on the back of that examination.
-
Rich of Observationz, in reply to
Assumes that the "clients" have a machine somewhere with internet access to copy their CV from/to USB in the first place.
I've seen machines where the state gets cleared down after every user. That would seem more sensible.
-
Sacha, in reply to
Assumes that the "clients" have a machine somewhere with internet access to copy their CV from/to USB in the first place.
True. I can imagine libraries and other (rare) free public access venues doing the reverse and enabling cloud access but disabling USB ports.
-
merc,
Extensive forensic examination of 700 machines will be expensive...
Love John Kiosk.
-
Sacha, in reply to
John Kiosk
that has potential
-
I imagine the next move will be to withdraw from having kiosks altogether, while pointing at Keith Ng, saying "This is why we can't have nice things!"
Then drag on the 'investigation' for as long as possible, and when attention has moved on, possibly to an election, and no leaked information springs into the public eye, assume all was well and move on.
-
Russell Clarke, in reply to
I'm picking there will be pressure to be seen to be actually Doing Something. I'm just hoping they do the right thing. Oh, who am I kidding?
-
Matthew Poole, in reply to
I’m picking there will be pressure to be seen to be actually Doing Something.
The best bit is that the specific recommendations from Deloitte will probably be withheld on the grounds that their release would jeopardise the security of the MSD network going forward. Be seen to be Doing Something? HAH!
-
Russell Clarke, in reply to
Sad but true. I still expect, nay demand (!) at least a few nice motherhood statements from a senior civil servant so we're all assured that they care about this issue for reasons other than that it's making them look bad.
-
I’ve seen machines where the state gets cleared down after every user. That would seem more sensible.
I understand this is what apple does with its guest account - gets wiped at logout. Ideal for a kiosk type situation.
-
Lucy Stewart, in reply to
You haven’t met any IT security people? Their default first question about any new thing is “no, you can’t”.
Married to one. That's their default first *answer*.
-
Ian Dalziel, in reply to
swept away...
Wait, am I channelling Paula Bennett?
Not just her, but Gerry "Scorched Earth" Brownlee and Hekia "Pariah" Parata as well - that's quite some torrent we now have gouging the country...
Post your response…
This topic is closed.