Tag: privacy

Announced at 6pm on Friday, NAB have confirmed that the personal details of 13,000 customers have been uploaded, by human error, to not one, but TWO, 3rd party data services. It’s believed the breach has been contained at the data providers and no information has further leaked.

Re-iterated in a video from NAB’s Chief Data Officer, Glenda Crisp, the breach was not a cyber-security issue and resulted in someone mistakenly putting data where they shouldn’t.

The remainder of the video and statement is largely NAB saying they’ve looked into it, they assure you it wont happen again, yadda, yadda. We all know that’s a load of crap and the same join that sent 60,000 emails to a scamming domain squatter are likely to have this repeat.

Regardless, for those affected this time around, NAB have promised to contact each customer individually by either phone, email or mail.

Of course NAB are saying the 6pm Friday release of this information was in line with their internal timelines of dealing with the issue. It obviously wouldn’t have anything at all to do with the fact late Friday news is buried by sport and weekend guff now would it. Dogs.

Source: NAB apologises to customers for data breach | NAB News

On Tuesday the 13th of October, mandatory data retention laws become enforceable in Australia. Australian ISPs will be forced to record all your Internet activity and make it available to law enforcement authorities. Pirate Party Australia has a good dossier of what’s going on. Crikey has a summary of why this is such an infringement on our privacy for so little gain.

If you’re worried about this intrusive mass surveillance being used against you, either directly or indirectly (never underestimate incompetence), using a VPN to cover your tracks on the Internet is pretty straightforward. For a lot of people this will be the first time they’ve ever dabbled in Internet security, but have probably heard of VPNs from the news where nerds say that simply using one will thwart the efforts of the government to record all your online activity. But what is a VPN? What does it to and how do you set one up? And what’s the catch with using a VPN? Continue reading

Josh Taylor, ZDNet:

Prime Minister Tony Abbott has said web browsing history for each and every Australian resident would be required to be retained by telecommunications companies under new data retention legislation expected to be entered into parliament later this year.

So far there’s nothing written down – it’s just Brandis & Abbott shitting on about “Team Australia” and terrorism.

You can’t trust any of the verbal diarrhea coming out of these wankers mouths – but – they’ve said that all “metadata” (what metadata exactly, we don’t know) will be retained by all ISPs for all Australian internet connections, for 2 years.

When pushed on what sort of metadata will be collected, Abbott said, quote: “It’s not what you’re doing on the internet, it’s the sites you’re visiting, it’s not the content, it’s the sites that you’ve been” – read that quote again and dissect it. It’s not what you’re doing on the Internet, but just a list of every website you’ve visited in the past 2 years. That *is* what you’re doing on the Internet.

This is the thought process of our government. Meanwhile, all the opposition can come up with is that this will make Internet access a bit more expensive as ISPs pass this cost on to consumers. Who gives a flying fuck about that when our government is turning into the goddamn Stasi?

This will develop of the next few weeks – the shitstorm has only just begun.

The Guardian:

The company has broken its silence on government surveillance in order to push back against the increasingly widespread use of phone and broadband networks to spy on citizens, and will publish its first Law Enforcement Disclosure Report on Friday . At 40,000 words, it is the most comprehensive survey yet of how governments monitor the conversations and whereabouts of their people.

Vodafone is basically admitting that the government installed links directly into their core networks which gave the governments the ability to grab whatever info they wanted on Vodafone’s customers, without a warrant or even notifying Vodafone. Vodafone didn’t even know what was going on because the staff enlisted to do this work by the government, who may be Vodafone employees, were not allowed to tell Vodafone. I guess they had their suspicions, but now Vodafone is going public with what they know (within the law, I guess?).

It’s not surprising Vodafone is part of the dragnet though – every other telco is too. Telstra are basically a clearing house for ASIO/DSD/Five Eyes. Good on Vodafone for being one of the first (if not the first?) telco to publicly admit to it and go “hey, look, this is what we’ve been doing, we didn’t like it but we had to”. I wonder if there will be any info about Vodafone’s Australian operations in this report?

Patrick Durkin at the AFR:

It was late on a Tuesday in September last year when one of his young client service team handed him the daily transaction report and said, “Boss, you better take a look at this.” Mr Kerr’s team had noticed one of their clients, National Australia Bank associate director Lukas Kamay, was making ­sizeable bets on the Australian dollar, minutes and sometimes seconds before the announcement of significant economic news.

Mr Kerr, the founder and owner of Pepperstone Financial, looked up Mr Kamay’s profile via his gold LinkedIn account and found he was friends with an Australian Bureau of Statistics employee, Christopher Hill, through Monash University in Melbourne.

“That was when it suddenly clicked that this guy was only trading ABS data and had a man on the inside,” Mr Kerr told Fairfax Media on Sunday.

LinkedIn: the one social network where less privacy is probably a good thing for society overall.

The Sydney Morning Herald:

Confidential documents obtained by Fairfax Media reveal the secret technology used to trawl Australians’ telecommunications and internet data for analysis by ASIO, the ASD and law enforcement agencies.

Telstra was forced (or co-operated, we don’t really know) to install software called Gigamon, which is resold by Newgen (a Melbourne company) that sucked up all the calls and emails that went through 10 of Telstra’s exchanges, stored it in a rolling buffer, made available to Australian law enforcement.

I guess we all knew this was happening in some shape or form locally, but we didn’t know the breadth of it until now. How we feel as a community that there are servers somewhere, with our calls and email, is the sort of discussion these leaks are having. Maybe we’re okay with that. Many people aren’t, but many people don’t seem to have a problem with it.

It would be really nice to see the actual documents the SMH received from Edward Snowden/The Guardian in order to concoct this story, just so those of us with the knowledge of these areas can judge for ourselves, rather than Fairfax’s interpretation of it. The article doesn’t mention what happened with encrypted data, what if I don’t use a Telstra service? (e.g: my phone call took place on Optus, does this mean it wasn’t logged?) or what actual metadata and data was captured, how long it was stored for, what it was potentially used for and so on.

I don’t exactly trust most of the reporters who have this information to interpret it properly or fairly, without the colour tinge added when having to seduce people to read their article on a busy news website. At least with the information the journalists have made public, people can form their own opinions, if they so desire to take the time to look at the facts presented to them.