Menu lock

Richard Farmer’s chunky bits

May 21, 2012

5 comments

Nothing Craig said mattered. If you want the proof then read this morning’s Sydney Morning Herald. The evidence is clear.

As the federal MP Craig Thomson gives his long-awaited explanation to Parliament today, he faces a demand to correct false evidence he gave during a Fair Work Australia investigation.

Lawyers for Fairfax Media, the publisher of the Herald, claim Mr Thomson misled FWA about a defamation action he dropped against the company last year.

In 2009 Mr Thomson sued Fairfax over articles alleging that Mr Thomson had used Health Services Union money on prostitutes and cash withdrawals.

When those allegations were investigated by FWA, Mr Thomson indicated to FWA he had settled the defamation case by accepting a settlement offer from Fairfax as ”winning would not have been great publicity either”.

He also told the workplace regulator that Fairfax had settled because he had been able to prove he wasn’t at the brothels on the dates his credit cards were used and that Fairfax had hired a handwriting expert who concluded Mr Thomson’s signature had been forged.

”The statements … made by you to FWA were false,” the publisher said in a legal letter to Mr Thomson.

”Fairfax is extremely concerned that you have deliberately misled FWA in relation to the statements made by you … and the circumstances leading to the settlement of the proceedings brought by you.”

Mr Thomson told FWA that due to confidentiality provisions he had signed with Fairfax he was unable to provide FWA with more details as to what ”influenced” Fairfax to settle the proceedings.

Mr Thomson has been notified that Fairfax consents to the lifting of any confidentiality restrictions regarding the defamation settlement to allow Mr Thomson to set the record straight.

In the face of that example I don’t care about the rights and wrongs of conspiracy theories. That which has been exposed by the SMH is enough to pass a judgment.

But sometimes a politician tells the truth. Irish Communications Minister Pat Rabbitte put aside his prepared speech when he addressed a group of 25 businessmen in the offices of Ernst and Young in Dublin on 11 April.

On the condition that his remarks not be repeated outside Mr Rabbitte proceeded to tell his luncheon guests how things actually were rather than how politicians pretended they were. But captains of industry are no more able to resist gossipping than the rest of us, hence this page one splash in yesterday’s Sunday Independent.

The Minister assures us that he flatly denies “making any of the comments as suggested.” Which leaves a fair amount of wriggle room especially as none of the 25 will want to admit in public that they cannot keep a secret.

Catching up with Dick. My boyhood hero certainly showed the way. This morning’s product review:

And the 1946 prediction:

Some news and views noted along the way.

Asia-Pacific

Feb 17, 2012

5 comments

In the world’s largest democracy, corruption has long been part of the system of governance. However, transformative new technologies are playing an exciting and powerful role in citizen engagement, good governance and in the mobilisation of the masses for social action.

Since the beginnings of the Indian independence movement, technology has been a central element to citizen engagement. According to Nishant Shah, from the Centre of Internet and Society, print and cinema reflected the views of citizens and informed them of the visions and changes that the country was going through. Today, India has one of the largest young and connected populations in the world.

Fifty per cent of the population is under the age of 25 and there are about 880 million mobile phone subscribers. New technologies are shifting the way that citizens interact with government and mobilise around issues they care about.

Based in a cramped office in New Delhi, the group Gram Vaani community media are developing tools to make governments more accountable. This group of young people with impressive resumes and big dreams form part of the new generation of Indian social entrepreneurs calling for change.

One of their most revolutionary products is a citizen news telephone hotline. The initiative is having a huge impact with recorded reports of government officials being fined for corruption, school teachers being paid overdue salaries and medical resources being sent to remote areas to fight malaria outbreaks. It allows callers to report incidents or problems from their regions, which are then transcribed and made available through a website for the media, government and general public.

This technology is particularly effective in remote areas, where Gram Vaani partners with local NGOs who empower local communities to use the tool. The service, which is expanding across the Indian state of Jharkhand, clocked 40,000 calls during the first month. Roshan Nair, from Gram Vaani, said: “NGOs have taken up the entire responsibility of informing local residents about our hotline, verifying information, and training new users. We have supported them, but they continue to do good work at great personal risk.”  The technology is also currently deployed in Afghanistan with plans to expand to Pakistan and Iraq.

During my most recent visit in January, 74-year-old anti-corruption campaigner Anna Hazare and the India Against Corruption (IAC) movement dominated the media. The movement has been fighting for the introduction of the Lokpal Bill, which would create an independent ombudsman with the power to investigate corruption allegations from citizens. The movement launched a successful social media campaign, which built an image of Hazare as the 21st century Gandhi.

Social networking websites such as Facebook and Twitter were used as organising tools for protests and when Hazare was arrested, his team released YouTube videos of him in jail to rally supporters. Their campaign was incredibly successful, mobilising thousands to support passing of the legislation.

According to a 2011 report released by Facebook, Anna Hazare and the Lokpal Bill were the most mentioned topics in Indian status updates, a sign that Indians are increasingly using the internet to share and debate political events.

Online movements such as the IAC are spreading through Indian urban areas with online campaigns on issues of violence, the environment and the protection of women are gaining momentum and political leverage. Increasing tension from the government around internet censorship and with more organisations and citizens harnessing the power of the internet and mobile phones for social action creates a very interesting space to watch in 2012.

Another powerful  governance project Ipaidabribe.com is the world’s largest crowd-sourced database on corruption, with more than 18,000 acts of corruption registered. Developed by NGO Janaagraha, the website aims to tackle corruption by allowing citizens to log corrupt acts that are then used to lobby for better governance systems, law enforcement and regulation. A reporting tool on the website allows the public to view detailed analytics on where bribes are made, to which government department and their total costs to the public.

The Transport Department of Karnataka was frequently reported for bribes on the website, which led to the Public Transport Commissioner inviting Janaagraha to identify procedures that would help foster transparency and accountability in their bureaucratic processes. The Karnataka state government has since agreed to put posters promoting the website in all government offices. The technology is currently deployed in Kenya with Janaagraha stating that they are in talks with 15 countries.

India is booming; changing at a rate the country has never seen before. Despite the increasing use of technology by organisations and social movements, India still has a huge challenge in bridging the digital divide. Despite the powerful examples provided, social action and citizen engagement movements largely remain concentrated in urban, metropolitan settings, and often only engage the middle class. According to Mr Shah, from the Centre of Internet and Society, “there are innovations which are allowing people with cell phones in rural and remote India to be better connected, but there is no substantial data that actually proves that it fosters citizen engagement”.

As organisations such as Gram Vaani and Janaagraha begin to build more tools to foster citizen engagement and hold governments accountable, it is going to be incredibly fascinating to not only observe their future impact, but also see how technologies will be developed and spread to rural areas.

*Gautam Raju is a co-founder and creative director of OurSay Australia. He travelled to India in January as part of an OurSay research trip.

Companies

Feb 2, 2012

5 comments

Won’t someone think of the footballers?

The end of sports and sport broadcasting is nigh. Or rather, Justice Rares in the Federal Court yesterday cut a large chunk out of the value of sports broadcasting rights in new media by ruling that Optus is allowed to offer its TV Now Service. TV Now lets Optus customers use all kinds of devices (tablets, smartphones, computers) to record broadcast television in “the cloud” (i.e. Optus servers) and play it back any time within 30 days. The privileged Apple-owning classes can even watch the recording nearly live — only two minutes after the broadcast starts.

Much gnashing of teeth has ensued, with the News Limited-owned Australian claiming the decision “puts at risk the ability of every sport to sell their new media broadcast rights”, the AFL and the (also News Ltd part-owned) NRL expressing their disappointment (and intention to appeal) and Telstra claiming the decision will “destroy enormous value”.

It’s easy to understand why the sports bodies are upset: if you can get your AFL on your Optus phone (or any other telecom provider that decides to offer a similar service), new media rights aren’t nearly as valuable. But disaster for Telstra? Yes, in the very short term it’s not ideal: it agreed to pay over $150 million for exclusive new media rights in AFL matches. But in the longer term, it could avoid paying for exclusive rights — and do something such as TV Now itself. I guess competing on services and technology isn’t quite as attractive to Telstra as using its insider status, sheer size and ability to pay for exclusivity.

Sometimes it feels like, unlike their early-adopting customers, the broadcasters and their various commercial partners never met a new technology they didn’t hate (let’s not forget that online access to television shows has been a long time coming in Australia too). The TV Now case is just one of a long string of similar fights. We’ve had the Ice TV case about ownership of electronic program guides, in order to control the functions of digital video recorders in the home. We’ve also had The Panel case (about re-use of clips from television in a comedy show) and Telstra verses the Premier Media Group (about re-use of sporting clips in sports highlights packages).

The quest, in all these cases, is for total control over broadcasts, so that maximum dollar can be extracted via licensing and advertising.

This quest crashes up against two cold, hard facts: that access to sports broadcasts is practically a right in Australia, and that people — including politicians — are pretty accustomed to recording television to watch later. The right to sport is enshrined in anti-siphoning laws; people’s right to record is recognised in an exception in the Copyright Act in 2006.

I’m sure we can expect more litigation (an appeal has already been flagged) and lobbying. But we’d better hope the courts and the government can resist the pressure, because the risk of unintended consequences is high.

You see, there are two key legal issues involved. The first is fundamental: when a customer clicks the “record” button on their iPad, is the copy made on the Optus server made by the customer, or by Optus (and similarly, when they later click “play”, is it the customer, or Optus, that is responsible for the streaming of the show to their device)? It was a relief to see Justice Rares decide — like US and Singaporean courts before him — that it’s the customers, and not Optus, who make the copies and play the recordings back later. Any other holding on this fundamental question in copyright would have put at risk the large and growing industries in cloud computing as well as a host of other activities and services in the digital environment.

The second legal issue is whether, if the customers are doing the recording and playing, their actions fall within the detailed drafting of the home recording exception in s111 of the act. Certainly government could confine the home recording exception; so could a court through a narrower reading than that of Justice Rares. This would, of course, mean overcoming the natural hesitation of politicians and judges to curtail Australians’ rights to sport and television, ruling against the cloud in home recording, and slamming down a service that Optus offers that people clearly want.

And you have to ask whether saving one of many revenue streams for live sports is worth the cost to consumers, and to the ability of companies such as Optus to offer innovative (and clearly appreciated) new services to its customers. No government should jump lightly into protecting this one revenue stream given all the various revenue streams open to the AFL and NRL, and all the other government rules that impact on revenues — like anti-siphoning rules, or the various rules that protect the exclusivity of big events such as the Olympics or the Rugby World Cup. This copyright rule is only a very small part of a very big picture when it comes to money in sport.

One more irony in all this is worth noting. In 2006, Australia flirted with introducing a general fair use exception into copyright law. Copyright owners opposed such a move, and instead more specific and purportedly narrow exceptions were introduced instead, like the home recording exception. But a fair use defence would have required the court to consider the impact of any exception on the copyright owner’s market. And so I wonder whether, if we had fair use, Optus would have got away with playback on a two-minute delay, which undermines any market for exclusive rights to live broadcast of sports online?

Food for thought as the Australian Law Reform Commission takes on a new inquiry into copyright exceptions in 2012.

Media

Jul 13, 2011

5 comments

A lot of mobile customers are bewildered by the events going on in the world press at the moment with all this talk of phone hacking. Many of my friends have asked me what they can do to protect their phones and what the whole thing is about. The truth is, there is no actual phone hacking involved and it is also wrong to call what went on hacking.

What’s really being discussed is illicit access to voicemail messages.

I’m going to explain a bit about what exactly is behind this, how it works and what you can do to protect yourself from people wanting to access your voicemails.

There are several possible methods to gain access to someone’s voicemail illicitly. In the UK at least, given the original police inquiry into the News of the World scandal, mobile network operators improved their security mechanisms to increase protection of users.

The good thing is, you can test out these mechanisms yourself as you can see below — if your operator hasn’t taken steps to close down the basic loopholes, ring them and tell them!

Default PINs

A lot of the problems that arose in the voicemail scandal arose from the use of well-known default PINs for voicemail access. In fact, you as a customer may never have used a PIN for accessing your voicemail. That is because on most mobile phones, the network recognises that it is your phone calling in and makes life more convenient for you.

So you would never even think that someone could access your voicemail by just dialling a number and entering a well-known default PIN. These PINs can be found across the web — they naturally needed to be publicised to customers so they knew how to get remote access if they wanted.

As you’re probably thinking right now, this is a really poor security measure. Although the use of default PINs appears to have been brought to a halt in the UK, if you live in another country, it might be worth checking to see whether this practice is still being used by your mobile operator.

As late as March 2011, voicemails of politicians in the Netherlands were exposed by the use of a default PIN.

Remote Access to Voicemail

Operators often provide an external number through which you can call to access your voicemail remotely. This was one of the mechanisms allegedly used by the News of the World phone hackers to get access to people’s voicemails without their knowledge.

If you’d never set up a PIN, the attackers would get in via well publicised default PINs. If they came up against someone who was using their own PIN, they would then use social engineering techniques to trick the operator into resetting the PIN to the default.

Homework: If you haven’t ever used it before, find out what the remote access number is to your voicemail. What happens? You should be asked for a PIN code. If you don’t already use a PIN, use the web to see if you can find the default voicemail your provider has advertised in the past. If you enter the default, what happens? Now try entering a wrong PIN. Do you get an SMS on your mobile telling you about it? Be careful not to block yourself out of your account, another security measure will be to block access if there are three wrong attempts.

Calling your own phone

Another not-so-well-known method of accessing voicemail is to actually call your own mobile number.

Claims about the voicemail -hacking scandal say that one journalist would call up a celebrity to engage the phone while another would then go into the voicemail using this method. This seems pretty likely as a lot of celebrities’ phones are looked after by personal assistants, not the celebrity themselves so it could look fairly legitimate to call up the PA.

More homework: Call your own mobile phone number. While you’re listening to the bit where it asks you to leave a message, press the * (star) key. You should then be brought to your own voicemail menu! The system should ask you to enter a PIN. Follow the same process as above and see what happens.

Notifications

One of the security measures that have been introduced is to notify the customer more often by SMS when something goes on that they should know about. Remember that if a third-party was accessing your voicemails remotely, you as a customer wouldn’t normally get to know that anyone had been there. In some cases, the attackers deleted the voicemails.

The type of notifications you could get could tell you that there has been a remote access to your voicemail, that there was an invalid PIN code attempt or that your voicemail PIN has been changed — all useful bits of information.

This is something that has been borrowed from the banking industry. It is a simple, effective early warning mechanism that something could be wrong. Because it shouldn’t happen very often, you shouldn’t be plagued by messages, equally you are the best person to know if it is dodgy activity or not.

However, always be careful with any message you receive. The best thing to do if you are unsure is to ring the customer helpline of your operator who’ll be able to tell you whether the message is genuine.

Newer methods of hacking voicemails

Sadly, there are always people who want to find out what others are up to, illegally. The methods for doing this are continually evolving.

Some of the newer methods involve faking a phone’s displayed number so it can trick access to voicemail. This technique has been used in the US and recently in the Netherlands to get access to the voicemails of politicians.

To block this attack, you need to set up a PIN to access your voicemail. By doing this you prevent automatic access to your voicemail (as if you were ringing from your own mobile).

Summary

You now know how it works and you’ve been able to check whether you’re properly protected and set up your own PIN. The customer service websites of operators should also be able to give you some good advice on PIN security and their voicemail service.

Remember that with all the publicity around the issue, it’s not only the operators who are reacting to the revelations; there will be bad people out there who are only now starting to exploit illicit voicemail access. Don’t let yourself be a victim.

What happens next?

Well, customer use of voicemail technology has evolved a lot, even in the past five years with the result that habits are changing. That is why I am asking the network operators to look at the use of remote voicemail access in general, with the proposal that they should consider shutting remote access down entirely.

*David Rogers is a mobile phone security expert and the owner of Copper Horse Solutions Ltd, a software and security company. This article originally appeared in the Sophos blog Naked Security.

Links

Jun 2, 2011

5 comments

Links

Mar 17, 2011

5 comments

Links

Jul 30, 2010

5 comments

Links

Jul 29, 2010

5 comments

Links

Jul 28, 2010

5 comments

Links

May 24, 2010

5 comments