Posts by izogi
Last ←Newer Page 1 2 3 4 5 Older→ First
-
Hard News: Fact and fantasy, in reply to Richard Grevers,
But even that is a falsehood.
It's all marketing, though. I have to admit that having the Prime Minister of the country publicly compare New Zealand with a globally respected Americanised fast food chain was a stroke of genius in countering criticism of the 100% pure claim. Problem solved!
-
Hard News: Fact and fantasy, in reply to Paul Campbell,
I was amazed by Key's "it's just marketing" comment - the implication was that because it's marketing it doesn't actually have to be true
I don't mind the 'just marketing' concept so much (except for how clumsily it's being said), because 100% pure was obviously only ever meant to be a brand, and marketing of this kind nearly always uses some kind of artistic licence. What annoys me is the arrogance of trying to tell us that it's traitorous to not drop what we're doing, ignore things we seriously care about, and patriotically follow the national company line as loyal employees of the New Zealand International Tourism Corporation.
Sit down and shut up indeed. Any branding campaign like this should have been more than prepared for eventual criticism from overseas, and that might involve just being prepared to stomach it and wrap up if it's already been a good run. When claiming "100% pure" with a clear implication of what people are expected to think, it should hardly be a surprise of the angle that criticism would take.
-
Speaker: Pipes: Understanding Hackers, in reply to Richard Aston,
He didn't get paid, the bank got the "message" and paid him fast, he deactivated the "bomb"
It might be effective but it's not very professional. I can't imagine it'd make others want to hire someone in future if word got around.
-
He rings them up and tells them and the next thing the AFP is knocking on his door. He wasn’t asking for money he just told them. It was still taken as him being a bad hacker.
I hadn't head of this one but it sounds like this guy and Ira both phoned, and probably the message (and Ira's message) was just whispered around until the original report was completely out of context. I don't know exactly what Ira said, but at the time MSD acted, I'd expect they were acting on a report that "some guy hacked our system and he's blackmailing us for details", totally different from "someone's noticed a way to get info they shouldn't have, and wants to know if there's an incentive scheme as part of telling us".
There's no way to be safe when reporting something like this when powerful people's reputations, future job prospects and budgets hang on discrediting or suppressing what you have to say, but wouldn't there at least be a partial benefit in using writing to communicate this sort of stuff so there's an open written record of how you informed them? I'd think really carefully before reporting a breach just because of the crap that could follow if the wrong people are on the other end, but I don't think I'd ever want to report it in a way where my words were out of my control as soon as I'd hung up the phone.
-
Hard News: Crossing the line into idle bigotry, in reply to Kumara Republic,
The heart of the matter is, there seems to be just as many people who want Paul Henry back on the box as those who want Australia to keep him.
The Australian satarists would certainly be disappointed. These guys make fun of Paul Henry in some way nearly every week. (Link from 4.37 in.)
-
though America does believe that Barack Obama is still “the change we need”
In that light, does anyone have any word on how much of America believes that a massive re-design of the electoral system is the change they need, to take it away from a mechanism where two massive mega-parties entrench themselves, keeping everyone else out, so that people have a two-way choice between "bad" and "even worse than bad"? Does it even register on people's mental spectrums as a problem, and if so is there any realistic chance that it could ever happen in today's or a future political environment short of a bloody revolution?
I've just googled "US electoral system change", but anecdotally it seems the US idea of an "overhaul" is to get the existing system actually working as designed instead of considering if the design itself continues to be a good idea.
Anyway, it's none of my business to tell people how to run their politics, but I find it interesting to watch from outside. I just think that if I lived under such a regime, I'd have a dreadful time trying to convince myself to even bother with it. I feel very spoiled with the NZ electoral environment.
-
OnPoint: #WTFMSD: "Damning", in reply to Matthew Poole,
The requirements of the Public Records Act 2005 make it certain that there will be long-term backups available, and network logs take up so little space when compressed that trying to keep them out is just not worth the effort.
In practice, do all departments keep all network log files as if they're records under the Public Records Act? They probably should for certain kinds of information able to be logged, but short of being prompted to think about it, I could imagine a situation where IT staff aren't thinking in terms of the Public Records Act while Records staff don't realise the information even exists, and are more focused on the obvious information used by the department is treated as records.
-
From MSD behind that NBR link and on Scoop: "Investigations have determined that there is no evidence that the Kiosk breach went beyond that of Keith Ng and his associate Ira Bailey."
Am I correct in assuming that this statement only addresses the specific breach by Keith and Ira, and not the potential for earlier undiscovered breaches by the same technique, or other data that was available but not accessed by either of them?
Without MSD categorically stating otherwise I'd totally believe there's no reliable auditing of potential security breaches given how the rest of the thing was set up, hence a "lack of evidence", but there have been plenty of scattered forum posts here and elsewhere from people claiming they saw it ages ago but steered clear of reporting it. It still seems very plausible to me that others may have accessed and made their own bulk copies of everything available on the network with malicious intent and we'd be none-the-wiser.
-
OnPoint: H4x0rs and You, in reply to Lucy Bailey,
Surely there are some white hats at MSD, or MOJ it now seems, who would've blown the whistle. I've written some more about this here:
Yeah, nice post. Is the whistleblower's legislation meant to legally oblige or require employees to use it for reporting things, or is it more intended to provide clearer legal processes for people who choose to report things when they're faced with retaliatory action from employers? Knowing some of the social situations that occur in many workplaces, I don't think I'd often blame someone for just choosing to give up, shut up and get on with all their main current ever-behind-schedule workload, compared with risking years of their and their families lives falling apart with possible legal action and fighting for their rights and facing the unknown, just because they have incompetent managers at a workplace where they'll only spend a few years of their lives. Maybe it's something in a New Zealand culture of disliking confrontation, but I think it'd be common for many people who weren't gelling with management to simply quit and find a better job, or at best wait it out for the economy to get better. The employee turnover stats in MSD's IT sections could be interesting.
It's great to have whistleblower protection, but to me it still seems that providing and clarifying legal rights of someone who reports an extraordinary situation is no substitute for employing appropriately responsible people and systems to ensure that situation never occurs in the first place.
-
OnPoint: H4x0rs and You, in reply to john Drinnan,
Hi John.
Big issue with hiring experts is that they would cost and cost is even more of an issue now than it ever was.
I wish I could remember who was being interviewed at the time I was listening, except that I think it was someone who'd been in the business for many decades. I think his claim wasn't so much that media outlets specifically went after people in other professions and paid high wages, but that there was really no such thing as a journalism degree. (I'm not certain if this is true.) A consequence was that people were more likely to train on the job, that new journalists had frequently trained in something else before they became journalists (instead of being trained in "journalism"), and that it was probably at least as likely that new journalists would have a previous life experience or two as it was that they'd be fresh out of school.... Or something like that. Obviously I'm only trying to remember second-hand information, but it sounds as if it's not a given.