Last ←Newer Page 1 2 3 4 5 Older→ First

• OnPoint: #WTFMSD: "Damning", in reply to Matthew Poole, 19:41 Nov 2, 2012

  I wouldn't consider them to be public records, but my observation was more that it's generally easier to have a single backup retention policy for the entire organisational network than to split things up based on information servers vs management servers. The logs are very likely to be backed up as part of the backup of the server on which they reside, based on whatever the internal backup policies are, and then held for the necessary period to comply with the PRA.

  Yeah, nah.

  While I agree that it's trivial and prudent to backup your network and systems logs (in fact, it's more work to ensure they're deleted, if that's how you roll) and stuff, records management is something else again. I agree that most organisations won't class logfiles as public records at this time (bet there's some review of that situation going on in Welly right now), but that doesn't mean they fall under the purview of the PRA. Network backup has nothing to do with records management. It's more likely that the online records are backed up with the system data, rather than the reason for the backup of the system data. Hairsplitting? Not if your wife's a records manager for a government agency ;-)

  On the Archives site, edit - link they have a guide to the PRA which says :

  What is a record?

  * The Public Records Act defines 'records' as any information that is compiled, recorded or stored in any format. Electronic records (email, etc.) should be treated according to content not format, and should be managed in a recordkeeping system;
  * 'Public records' are defined as records that are created or received by a public office in the conduct of its affairs. (N.B. this does not mean records that are available for public inspection, but rather records created in the course of a public office's normal business practice.)
  * Local government records are defined as records that are created or received by a local authority in the conduct of its affairs. 'Protected records' are the classes of local government records declared to be protected by the Chief Archivist, as outlined in the Local Government Schedule.

  That might __seem to cover network logs but is not generally construed to do so and I don't think I've ever seen a retention and disposal schedule that mentions them, but I'll ask Mrs Lemming when she gets back from walking the dog.

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: #WTFMSD: "Damning", in reply to Martin Lindberg, 14:39 Nov 2, 2012

  Never attribute to cost/benefit analysis that which is adequately explained by stupidity.

  Word.

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: #WTFMSD: "Damning", in reply to Keith Ng, 13:32 Nov 2, 2012

  Boyle talked about not finding any "download patterns" - i.e. People leeching large volumes of data, like I did.

  Did they identify your downloads? And from that, which files you accessed? If not, then they know precisely nothing about what anyone else may or may not have done.

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: #WTFMSD: "Damning", 12:54 Nov 2, 2012

  The original description of the problem sounds exactly like being able to map network drives and seeing the names of all the computers on the network. And you can map network resources through the printer dialogue (let me know if I'm wrong about this).

  I think your take is correct.

  Did the Terms of Reference get published? Because Ira and Keith didn't "breach" anything. They walked in through an open door. The "breach" was in the design. As I/S says, Deloittes are making this stuff up, because they can't know about any breaches if no logging exists.

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: MSD's Leaky Servers, 00:57 Oct 18, 2012

  Maybe she could have a go on X-Factor NZ...

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: MSD's Leaky Servers, in reply to webweaver, 22:21 Oct 17, 2012

  Sorry, that blogger has never been bright enough to understand satire, let alone perpetrate it.

  I can (almost) accept contrary opinions as long as the facts are kept straight but no:

  It's also been revealed that Ira Bailey (from the Uruwera 17) bribed the Ministry. In what world do people use bribery rather than just doing the right thing?

  Wut?

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: MSD's Leaky Servers, in reply to duke, 10:42 Oct 17, 2012

  hem. Been on cable since 2000 (Lucky living-in-Saturn-TelstraClear zone bastard)

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: The Source, in reply to Hebe, 19:19 Oct 16, 2012

  Fuck that shit.

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: MSD's Leaky Servers, in reply to Rich of Observationz, 18:57 Oct 16, 2012

  I was the IT Manager (hell, I was pretty much the department!) at a small entity that used to be in #2 The Terrace, a few floors away from the DPMC. We didn't have Tempest machines, but they did and were very proud of them, until I sent them a link to a report about monitoring the pulses in the *cables* to decode data processing. ;-)

  Waikanae • Since Nov 2006 • 2937 posts Report

• OnPoint: The Source, in reply to BenWilson, 18:03 Oct 16, 2012

  oooooooh, a palpable it.

  Waikanae • Since Nov 2006 • 2937 posts Report

Last ←Newer Page 1 … 148 149 150 151 152 … 294 Older→ First