Posts by Dylan Reeve
Last ←Newer Page 1 2 3 4 5 Older→ First
-
Picking Finney as their speed reader was just insane really. I mean his entire livelihood is dependent on maintaining a good relationship with government - his interest could hardly be more conflicted unless he were actually named in the book.
-
Hard News: Dirty Politics, in reply to Hebe,
In Korea. Or is it Israel?
Yeah, that's bloody weird. In his initial post about the book he definitely said he'd just arrived in Israel. Now it reads Korea.
It seems hard to confuse the two - could it have been some sort of crazy Autocorrect freakout if he was writing on his cellphone?
-
I was particularly impressed by The Paul Henry Show's choice of speed-reading reviewer... A lobbyist. An excellent choice for an impartial review...
-
Hard News: Dirty Politics, in reply to SHG,
Oh yay, theft analogies.
How about if the person makes a duplicate of whatever he finds and leaves the original behind?
Blah blah blah... The point is that the law is worded in such a way that makes it reasonably arguable that accessing content on a computer that's clearly not intended to be access by you could be considered unauthorised access, or 'hacking' in broad terms.
Even without taking everything, or just taking copies (somehow) the act of entering a property even without 'breaking in' would still be burglary... so the taking is not really the issue.
-
Hard News: Dirty Politics, in reply to Mike Kilpatrick,
I’d be much more comfortable if the focus is on the new aspect not the old ‘hacking’ allegation.
Yeah, that's the problem with the story really. Media love a "hacking" story it's a lot easier to fit in a 4-second-tease than "Prime Minister's staff advised and coordinated with blogger to identify and release poorly secured files"
-
Hard News: Dirty Politics, in reply to Mike Kilpatrick,
But they were surely justified in 2011 then? If so, why was that not done then?
Because, I'm guessing, at the time it seemed like a relatively minor story, was in the run up to the election and ultimately Slater was the only target for prosecution if Labour had laid a complaint. One thing that's clear is that Slater loves a fight - he plays the political martyr card very well.
Now with the implication of the Prime Minister's office - well the motivation for dragging the matter before the courts could be quite different for Labour.
-
Hard News: Dirty Politics, in reply to Stephen Judd,
Wow. I don’t know why. I’ve always assumed he’s a hack through and through, given his very close and well known ties to National.
(For the avoidance of doubt, I am a Labour LEC chair and running an electorate campaign).
I'm totally willing to accept that people have honestly held political views that differ from my own. Far more so that Slater, Farrar has been willing to criticise National on matters where he has a clear difference of opinion. That's never seemed to be the case with Slater.
Beyond that I've know Farrar online for way too long, met him on a few occasions and even eaten dinner with him in the IRC/Usenet days long before Kiwiblog. He just seemed pretty straight up.
Also had him as a guest on the Discourse Podcast a couple of times and again, while having different political views to me he's always seemed pretty reasonable. I guess I just kind of want to like him somehow :)
-
Hard News: Dirty Politics, in reply to Mike Kilpatrick,
Is this a not-very-clever way of saying rooting around the web server? Or is there actual allegations that individual computers were hacked into?
Anyone up to that point in the book yet?
I'm going to assume at this stage that it's basically the web-server exploring that Slater himself documented in his videos from June 2011
-
FWIW on the way that "the hackers" got into Whale's stuff... Hard to say. From what I remember of the DDoS - they did draft in a few experts to help - always possible that one of them wasn't necessarily politically aligned and held on to some access details for later. Or alternatively as others suggest that the DDoS itself was a cover for the attack (although that's of limited use as the very nature of the DoS attack renders the target difficult to penetrate as the thing is barely functional).
Once in I suspect there were a number of vectors.
There's always the chance that Slater made it a habit to screenshot his FB conversations (he'd certainly posted screenshots from there in the past).
Also the chance that he reused passwords, or even that passwords were stored in cleartext on the website - for example some "publish by email" plugins require that you provide IMAP/POP3 login credentials - they would be stored in cleartext in database or even standard configuration files.
And there's the possibility of compromised FB API tokens - if he was using one an auto-post application on his blog (he seems to be) then it's possible that there were FB tokens that could have been used in other apps to get data from the connected account.
In general, once someone gets in somewhere, it is a springboard to other attacks - that's generally the pattern with all successful and well known hacks.
-
Hard News: Dirty Politics, in reply to William Leander,
All that is required is that the access was done ‘knowing that he or she is not authorised’.
I think you may be right too. I believe the argument has been made successfully before that even if the content is insecure the clear knowledge that it's not intended to be public makes it unauthorised access.
It's not unlike the fact that leaving your door unlocked doesn't make entering your house and taking your TV any less burglary.