• A Practical Demonstration of what IPB will allow

    There have been numerous write-ups of the threat that the Draft Investigatory Powers Billposes to our privacy and security.

    The intention of this post is not simply to repeat those, but to provide a practical demonstration of exactly the kind of information that the proposed powers would compel your Internet Service Provider (ISP) to record.

    As well as demonstrating what an ISP would soon be collecting (and how simple it is to extract), we'll look at the issues the IPB presents in the context of the information we've extracted.

    As the IPB isn't exactly explicit about exactly what it allows, especially in terms of techniques, I've made some assumptions (though I believe their fair and reasonable).

    Most of the results were exactly what I expected, but I think describing them explicitly is probably more helpful than not - to that end, I've tried to keep the language as accessible as possible, as those who understand how tech works at the network level are unlikely to find much of surprise here.

  • Aussie Comms Minister Puts Foot In Mouth

    This post was originally published to Freedom4All, you can find a copy of the original here in the archive.

    Australian communications minister – Stephen Conroy – has made a speech pledging to protect Australians from ’spams’ coming through their ‘portals’. 

    You could forgive the man for his obvious lack of technical literacy if it were not for his pet project – The Great Australian Firewall. 

    That’s right, the same man who publicly displayed a great level of ignorance, is behind the project that threatens Free Speech within Australia. His pet project has repeatedly received criticism, especially when the blacklist was leaked and it became apparant they were blocking perfectly legitimate content. 

    Despite his prior failures, the man soldiers on, today giving us such wonderful words as; 

    There’s a staggering number of Australians being in having their computers infected at the moment, up to 20,000 — uh — can regularly be getting infected by these spams or scams, that come through the portal. 

    Oh dear! We also wonder quite how the Minister plans to stop these ’spams or scams’ or any other malware for that matter. Would he, by any chance, be proposing that the GAF should also process every inbound e-mail? If so, the privacy implications grow ever greater! 

    You can watch the video here

     

  • David Cameron: Idiot, Dangerous or just a lover of soundbites?

    We've heard Theresa May parroting the same lines for months, but in the wake of the Charlie Hebdo massacre, David Cameron has joined the choir of people calling for new surveillance powers.

    Mr Cameron has stated that if the Conservatives are re-elected, he will ensure that there is no form of communication that cannot be intercepted by the government.

    So, one of the question we'll be examining in this post, is - Is David Cameron

    1. An idiot who doesn't understand the technology he's talking about
    2. Demonstrating that pre-election promises are inevitably broken
    3. Planning on introducing a draconian surveillance state
    4. Being mis-informed by other parties
    5. Simply creating sound-bites to raise the chances of re-election

    Most of the coverage thus far has focused on option 3 - which seems fair given that it's the inevitable result of actually attempting to do what he is claiming.

    We'll also be taking a look at why Option 3 could, and should not happen

  • Republished: A basic guide to the Internet for the Simple Minded

    Originally published on Benscomputer.no-ip.org 26 Nov 2009

    There's been something of a furore amongst the PC Brigade about a picture of Michelle Obama that appeared in Google's Image search result. As ever the BBC have launched a debate in the Have Your Say section. Unfortunately for the rest of us, this debate does very little other than highlighting how ill informed a large section of the Internet using populace are.


    So lets dispell a few of the most common misunderstandings that are displayed in the vast array of comments;

  • Republished: How Safe are Webcam Sites?

    This content was originally published to benscomputer.no-ip.org in December 2008

    There are a variety of websites available online which allow users to stream live footage of themselves, either to a specific person or indiscriminantly. The dangers of using these sites depends largely on the user.

    There is a danger of users attracting unwanted attention, or of finding their webcam session more widely distributed than they expected. Users should be aware of this risk before accessing one of these sites, but it is expected that most would be mature enough to accept this risk.

    One of the benefits of using an online meeting place, is that should a user be plagued by unwated attention they can easily report the issue to a moderator or simply stop using the site. However, this is reliant on users not disclosing personal details to people they do not know. There is very little benefit in leaving a site if you have given the person your home address.

  • South Africa plans Internet Filter

    This post was originally published on Freedom4All, you can find a copy of the original here.

    The South African Government has recently been making a lot of noise about pornography on the Internet. The end result being that the Government is planning to pass an act – Internet and Cell Phone Pornography Bill – forcing Internet Service Providers (ISP’s) to filter pornography both on the Internet and on mobile phones. 

    Most of the hardware required is probably already in place, as the Film and Publication Act bans pornography featuring children. However the South African Government is planning to expand this functionality by using the definition of pornography used in the Sexual Offences Act. 

  • The Importance of Provider Redundancy

    Icon made by Smashicons from flaticon

    Back in the days before cloud computing, it used to be accepted (if somewhat resented) by management types that having redundant systems in place was important if you cared - even a little - about uptime.

    In today's industry, those same management types generally understand that it's still important to have multi-region availability, with instances running in completely distinct provider regions, so that an outage in one area doesn't impact your ability to do business.

    What doesn't seem to be quite so widely understood, or accepted, though is the importance of ensuring that systems have redundancy across providers. It's not just management types who are making this mistake either, we've all encountered techies who are seemingly blind to the risk and view it as an un-necessary additional cost/hassle.

    Rather than typing "the provider" throughout this post, I'm going to pick on AWS, but the argument applies to all Cloud providers.

  • The Storm Ate my Broadband

    Like many in the country, the storm has left me feeling somewhat isolated - that is to say my broadband is down. Don't get me wrong, I'm just glad the power is (mostly) back, and I'm far better off than some who've had their lives affected.

    The simple fact, though, is that I have things I need to do, and not having a broadband connection really gets in the way of that.

    Living where I do, there's precisely one place in the house that gets a 3G signal, unfortunately that place isn't particularly conducive to sitting comfortably. Whilst the Wifi hotspot functionality on my phone helps, the range isn't great enough to let me sit somewhere that I might be able to concentrate.

    So, somewhat convoluted workaround needed;

  • Thousands of bloggers silenced

    This post was originally published to Freedom4All, you can find a copy of the original here in the archive.

    The Internet is usually synonymous to Free Speech, but each and every one of it’s users (and publishers) are dependant on a myriad of organisations and companies. A failure, or abuse, at any one point can have severe implications for free speech. 

    Such is the case with Blogetry.com, a site that hosted many thousands of personal and business blogs. Not long ago, the site was taken completely offline following “a notice of a critical nature from law enforcement officials”. The site had been home to over 70,000 blogs, but went dark as the company hosting the site – BurstNet – was informed that terrorist related materials had been found on the server. This allegedly included an Al-Qaeda “hit list”, bomb making instructions, messages from Bin Laden and links to other sites containing extreme material. 

    As a result, the site was “terminated without any notification or explanation“. So in effect, inappropriate content on a few blogs was responsible for the sudden removal of around 70,000 innocent blogs. 

  • US shows refusal to respect European Privacy Requirements

    This post was originally posted on Freedom4All, the original can be seen here.