Big Best Congrats to iiNet……..

Posted on February 4th, 2010 by Drazen Drazic

Made my day when I heard iiNet won their case against the Film Industry! Here reported by itnews. Awesome. Hoping some common sense will prevail and workable collaborative efforts can happen now. Well done iiNet.

Some of our previous posts on this topic…worth a read:
http://beastorbuddha.com/?s=iinet

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Dumb Security, Internet Filtering, WTF | No Comments »

Internet Censorship – Taking the Power Back (REPOST)

Posted on January 30th, 2010 by Drazen Drazic

This video was put together by Donal and Wade at the recent RSA Conference in San Francisco (April 2009).

Dan Kaminsky, Pete Lindstrom and Marcus Ranum put forward their thoughts on Australia’s plan to censor the Internet. Dan talks about many of the issues that Securus Global’s Matthew Strahan talked about in his interview with ban.this.url. Surprising that these concerns have barely rated a mention here. Marcus certainly adds some interesting analogies and angles to the whole debate.

Related Posts on Internet Filtering. Thanks to Donal and Wade for representing BorB at the Blogger Meetup at the conference.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 4 Comments »

Obama position on Internet Censorship

Posted on January 30th, 2010 by Drazen Drazic

Thanks to Wade for this one (and @Wadeis on Twitter). A bit late on my part, but worth a read.

Obama position on; “…right to a free internet….and unshackled internet” – article from The AGE: White House steps into China-Google row.

I wonder how that marries up to Stephen Conroy’s position and thoughts? Yes, I know he’ll “sell” his “project” as a different beast but is it really? We know the implications. More here: http://beastorbuddha.com/category/internet-filtering/

Can you have shades of grey here and spin to suit the occasion/scenario? Keep the fire burning people.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | No Comments »

“The Great Australian Internet Blackout” Information

Posted on January 25th, 2010 by Drazen Drazic

Run by Electronic Frontiers Australia (EFA), “The Great Australian Internet Blackout” is on.

Some background on this from our perspective can be found here. This is important.

We’ve been against this Government “initiative” from the outset. It is flawed on so many levels, so please, have a read and pass this information onto your colleagues, family and friends, if you haven’t already.

We need critical thinkers to push this information out into the broader community who may not understand the real issues outside of the Government spin on it. We need to wake up our fellow Australians!

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Dumb Security, Internet Filtering, WTF | 1 Comment »

Internet “Filtering” Trial and Report – Flawed

Posted on December 15th, 2009 by Drazen Drazic

Reading through the ISP Filtering Live Report(s) – still wondering what this proves. Is anyone surprised by the findings? I’d have been surprised if it was much different. Now to base a full blown strategy (flawed in concept according to many from the outset) on a test/trial whose scope is ridiculously inadequate to represent real-life implementation. It would laughable if the impacts upon us of this progressing weren’t potentially so serious. Where to start? What hasn’t been said before? Refer here:
http://beastorbuddha.com/category/internet-filtering/

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Bad Stuff, Dumb Security, Internet Filtering, Uncategorized, WTF | 8 Comments »

Australian Computer Society and Internet Filtering

Posted on October 12th, 2009 by Drazen Drazic

Thanks to Peter for the link to this one here:
http://www.itnews.com.au/News/158006,acs-gives-conditional-thumbs-up-to-internet-filtering.aspx

Get the splinters out of your backsides ACS. Did you need to create this piece of work to justify your existence or are you trying to come across as a voice of reason…or do you truly believe you’ve come up with something groundbreaking?

Regardless, you look dumb and as irrelevant as always. A personal opinion. Just my thoughts and as usual, opening myself up to flames. :)

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF, cyber crime | 16 Comments »

AusCERT 2009: Day 1

Posted on May 19th, 2009 by Drazen Drazic

The Twitter phenomenon has finally reached AusCERT in some force with the number of people posting tweets growing as the day progressed. For those of us not in attendance, it was a good way to get some of the latest news, (like the almost instantaneous reports that Senator Conroy was not going to talk about the Internet Censorship plan). As the day went on, the Twitter postings became more and more interesting, wrapping up well into the early morning with people talking about a variety of things including once again, local content and male vs female speaker numbers. Follow the Twitter postings here: http://twitter.com/#search?q=%23auscert

So, did AusCERT 2009 – Day 1 follow Conroy’s lead and be a dud? Click on…..

Read the rest of this entry »

Posted in Internet Filtering, Research, cyber crime, news | 1 Comment »

Australian Government approach and position on IT, Information Economy, Security

Posted on May 9th, 2009 by Drazen Drazic

I admit to being somewhat confused in terms of what our government’s true strategy is in regards to IT, the Information Economy, IT security and related areas. I felt I somewhat understood what the government was trying to do many years ago when NOIE (National Office for the Information Economy) was the “department” covering all of government strategy. It then became AGIMO and from there, it seemed to get a bit lost for me. http://www.noie.gov.au/

In recent times, I have totally lost track of where our single point of reference to links and pointers to all else is (re: our strategy). If someone could guide me to it, that would be great. I am aware of things like Stay Safe Online and http://www.dbcde.gov.au/ but there seems to also be a few legacy sites (still relevant?) or am I just not understanding how everything links together?

More concerning is our government’s seeming lack of long term strategy and planning. Is anything really being “worked” at for any period of time greater than that coinciding with the next election? In addition, where and why have we lost the plot? See section in this related post; What does the digital economy encompass? Where did all the work from the past go? Does each new government just wipe the slate clean…..conveniently forgetting/rubbing out the past (1984 style)?

What are the longer term strategies (of substance)? Where is the “source” of information? What happened to the previous government’s projects and longer term strategy(s)? Are the broader issues being neglected as the government battles with the NBN and Internet censorhip? Does the government have any real idea of what it should be doing or is skirting around the edges of core problems and issues we have? From where I sit, I don’t see it. I just see a bunch of failed and forgotten projects. I am keen to hear others thoughts on this. Set me straight if I am just lost and missing it!

Posted in Dumb Security, Internet Filtering, Risk Management | 8 Comments »

Aussie Press Finally Picks up on Security Implications of Internet Filtering…

Posted on May 4th, 2009 by Drazen Drazic

The Australian Internet filtering/censorship mainstream media releases about this topic have covered everything bar security until now. Finally, the local press has woken up to this issue in Computerworld: Web filters threaten national security. (Cred to Darren Pauli)

The work of nodecity Donal and Wade has now gotten local press interested/involved. But it took OS “experts” (as part of this) before anyone decided this was worth reporting. Smart and quality product…..interesting and well put together to support the cause!

We were there a long time ago but not so smart in our approach thinking the facts spoke for themselves:
http://beastorbuddha.com/2009/01/05/security-implications-for-internet-filtering-censorship/
http://beastorbuddha.com/2008/12/17/matt-talking-about-potential-internet-filtering-problems-on-banthisurl/

Cred to Ban.This.Url. (Though quiet lately). But we’re not “famous” so who would listen? :)

Thanks to Donal and Wade for giving BorB the scoop on this.

Aside: It’s sad to see so many (initially vocal) people and groups drop off this cause as it has dragged on. No longer web 2.0 “flavour of the month”?….you have to ask? Also interesting to see so few question why a trial of ~2000 sites would/could constitute a “true” trial?! Will it be a surprise that it’s successful? I am sure we could whip up a filter for 2000 odd sites in about an hour….but it’s all how you “sell” it. :)

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 1 Comment »

Australian Internet Censorship – Take The Power Back

Posted on April 27th, 2009 by Drazen Drazic

This video was put together by Donal and Wade at the recent RSA Conference in San Francisco (April 2009). For more information and/or to get involved, go to: www.nodecity.com/empower.

Dan Kaminsky, Pete Lindstrom and Marcus Ranum put forward their thoughts on Australia’s plan to censor the Internet. Dan talks about many of the issues that Securus Global’s Matthew Strahan talked about in his interview with ban.this.url. Surprising that these concerns have barely rated a mention here. Marcus certainly adds some interesting analogies and angles to the whole debate.

Related Posts on Internet Filtering. Thanks to Donal and Wade for representing BorB at the Blogger Meetup at the conference.

Posted in Bad Stuff, Dumb Security, Internet Filtering, Too cool, WTF | 4 Comments »

iiNet has a battle, Conroy off again and the whole scene is a mess.

Posted on March 31st, 2009 by Drazen Drazic

In what reeks of payback (after iiNet pulled out of the Internet censorship trial being run by Conroy), Conroy calls iiNet’s defence in the case brought against the company by the Australian Federation against Copyright Theft as something “that belongs in a Yes Minister episode“. I tell you what Senator, if that is the case, you yourself have been sucked right out of the TV show and into our lives – so you should know!

I’ve discussed this case a number of times here. What irks me most of all is that they’ve gone after the easier target and the rest of the industry is just sitting back and leaving it to iiNet to defend on their own. That decision may haunt the other ISPs after a precedent is set. (If it goes against iiNet). Short-sighted thinking!

Looking forward to seeing what decision is made on the National Broadband Network. Going on recent history, this should be interesting.


Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 3 Comments »

Workarounds, accepted mediocrity and questionable future benefits/improvements….

Posted on March 22nd, 2009 by Drazen Drazic

Setting the scene with recent somewhat provocative posts to generate some thinking, debate and discussion to get some interest before some context and substance in this post. Hopefully. And yes, a heap of emails, tweets, DMs and phone calls received today. (Gees, not bad for a Sunday. Do infosec dudes ever switch off and have a break?). To be honest, while most were supportive, a few were asking me what the hell I was basing my points on, and was I shooting myself in the foot with some vendors now and in the future? (Hey, big assumption that anyone actually reads this stuff I write). For the latter, I probably was/am but as most people know, I am not scared to put my opinion out there for critique, flames, but most importantly, as mentioned, to generate thoughts and discussion. It’s not a glory boy thing and it is what it is and I don’t profess it to be anything it is not. (Refer to top right corner of home page for the disclaimer).

So getting to the point of this (…finally you’re probably thinking). WAFs are an easy target to generate discussion (polarising more than most other technical topics at present), but I’m not just talking about WAFs here. They’re just the example. It could be anything from technology entrenched into our industry, through to strategic thinking and approaches that look at where our industry is, where it should be and most importantly, the steps to make valuable, and most importantly, significant steps to improve IT, business, home and society in general. Read on:

Read the rest of this entry »

Posted in Applications, Bad Stuff, Dumb Security, Firewalls, IDS, IPS, Internet Filtering, Research, Risk Management, Vulnerability Management, Web Application Security, cyber crime | 3 Comments »

Random Things – Busy Few Weeks

Posted on March 20th, 2009 by Drazen Drazic

- Just got back from New Zealand. As always, great to get over there but wish I had more time. NZ has to be the pound for pound world leader in researchers and research. So many good guys there! And there’s also Kiwicon.

- Pat’s kicked off a new site at Risky.Biz. Some really cool stuff now and a heap of new things coming up. Good luck with it all Pat!

- Been following the SPSP/PCI SSC latest here at Mike’s site.

- New jobs posted at Beast Hot Jobs. Still working to get this going. Yeah, I know, wrong time but hopefully we’ll get there. Check it out.

- Internet Filtering/Censorship in Australia: Trying not to post too much on this because I keep hoping it will just die, but everytime I start to think it is going away, it comes back. Example here. Things in NZ are not much better, potentially worse. All really scary stuff.

- I wonder what I could have seen if I plugged my laptop into the cable poking out at Sydney Airport where another parking payment machine should have been. Nah…probably not much.  :)

Posted in Dumb Security, Internet Filtering, PCI, PCI DSS, Risk Management, Too cool, Vulnerability Management, WTF, Web Application Security, news | No Comments »

Internet Blackout N.Z

Posted on February 17th, 2009 by Drazen Drazic

Typical Oz press not bothering to keep up with what is happening in New Zealand. I’m sitting here typing away on “what could be” here in Australia, and NZ is about to hit some of this head-on shortly. In brief from Internet Blackout N.Z:

“Section 92 of the Copyright Amendment Act assumes Guilt Upon Accusation and forces the termination of internet connections and websites without evidence, without a fair trial, and without punishment for any false accusations of copyright infringement. We should speak out against injustices like Guilt Upon Accusation being done in the name of artists and protecting creativity.”

Read the rest here. Join the N.Z Internet Blackout protest to show your support.

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 4 Comments »

Mandatory Internet Filtering Project – Dead or Dying?

Posted on February 16th, 2009 by Drazen Drazic

Just a few days after a few small ISPs were reported as on the bandwagon with the Government’s Internet Filtering project, unsubstantiated rumour (from a mate – not a bad source :) ), is that the Government may be looking at pulling out of this “gracefully”.

One can only hope this is the case at present, but if it’s not for now, lets at least hope that at the time [it is decided to be ditched], the people involved don’t drag this out more than need be, in any form, as a last ditch and desperate attempt to save some face.

Previous posts on Internet Filtering in Australia.

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 4 Comments »

iPrimus supports Internet Filtering in Australia?!

Posted on February 14th, 2009 by Drazen Drazic

Our old mate Darren Pauli from Computerworld pulled off a beautie last week with this article: Content filter pilots debunk critics.

Unless I have missed something recently, the iPrimus CEO has gone on record as supporting Internet Filtering! This goes against the position of every other ISP we have read about to date, (unless I have missed something and please do correct me if I am wrong here).

Now I could sit here and go over old ground (previous posts), but reading the article, it just comes across as if this guy has just heard about this and thought, “hey, sounds okay to me!”.

Is it just me thinking that?

Read on:
Read the rest of this entry »

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 1 Comment »

Latest on the iiNet “Piracy” Lawsuit

Posted on February 12th, 2009 by Drazen Drazic

This is going to be interesting. Update from MIS; iiNet has two-pronged defence in piracy lawsuit.

Previous post putting a few questions out there:
http://beastorbuddha.com/2008/11/21/supporting-iinet-the-test-case/

I stand by these questions/predictions. The potential outcomes of this case could be quite scary.

One wonders if somehow the “Internet Filtering” government initiative could end up being linked to the outcomes of this court case. (Or even before and during). Or am I again thinking weird conspiracy things?

Posted in Bad Stuff, Internet Filtering, cyber crime | 13 Comments »

Security Implications for Internet Filtering (Censorship)

Posted on January 5th, 2009 by Drazen Drazic

Looking at the interest from around the world for Matt’s interview published on Ban.This.Url last month regarding the Australian Government mandatory Internet filtering plan. Not surprisingly, no calls to Securus Global from Senator Conroy’s department to discuss our position. But who are we anyway?

Matt took a different approach to most of the anti-filtering arguments and what should have raised some concerns with the government has been brushed like all other arguments before it. One wonders if Conroy is planning to play this out until he gets the result he wants – ie; trying to outstay the critics. Common sense would say this is a ridiculous position to take (as mentioned over and over here) but who knows what their real plans are. This hasn’t been a transparent exercise from the start. A few of the links worth a look. Heaps more on Google.

Beyond the Fringe
Somebody Think of the Children
The Inquirer
Government Security
Overclockers
Hack in the Box

Latest update here. I wonder if it will continue to be “delayed”? :-)

Posted in Internet Filtering | 6 Comments »

Deep Probes and Cavity Searches are the Key?

Posted on December 23rd, 2008 by Drazen Drazic

Enjoyed this post over at Donal’s site, (as I do all his stuff). Well worth a read…click on:
Ockham’s Razor; Cavity Searches and Internet Filtering.

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | No Comments »

Australian Internet Filtering/Censorship – Worrying…….

Posted on December 23rd, 2008 by Drazen Drazic

Some really concerning updates at News.com and the recent blog post on the Government site. It really is no wonder that there are some very worried and scared people out there. I don’t know what is scarier:

- That Conroy and co. are so determined to make this work even against expert advice.
- That they actually believe they can make it work (slight difference to the last point).
- Who is whispering in their ears? (Still no answers to this though I acknowledge they probably have thousands of questions to answer).
- That the ISPs themselves still seem to have little clue about what the hell is going on even though this is due to start!
- That questions about our freedoms are being brushed aside.
- That they actually believe they will protect the children. Guys, remember Bob Hawke protecting the children?

All Australian Internet Filtering/Censorship posts here.

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | No Comments »

« Previous Entries