Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
1287 posts

Uber Geek
+1 received by user: 319


  Reply # 701330 15-Oct-2012 10:48
Send private message

allan:

And this issue would have been addressed how exactly without this sort of exposure?


Oh gosh I can't possible begin to work out that  problem... might involve the telephone and speaking to someone perhaps ?





DRZ  Smarterer


BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator
Trusted
Geekzone
Subscriber

  Reply # 701331 15-Oct-2012 10:49
Send private message

And after the person on the other side puts the phone down everything goes back to what it was. Inaction.




 
 
 
 


3242 posts

Uber Geek
+1 received by user: 293

Trusted

  Reply # 701332 15-Oct-2012 10:50
Send private message

freitasm: And after the person on the other side puts the phone down everything goes back to what it was. Inaction.


So at that point he could have gone to the press, rather than actually copying data off the kiosks.




Previously known as psycik

NextPVR/OpenHAB: 
Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 
Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex


gzt

8683 posts

Uber Geek
+1 received by user: 1105


  Reply # 701333 15-Oct-2012 10:51
Send private message

Additionally - if the ministry does not have a Chief Information Security Officer (CISO) - they need to get that organised.

It is a reality that security and secure practices need to be driven from and reported to this level. Otherwise reports tend to be blocked by 'practical considerations' and reported issues can be simply ignored or worse laughed at - by people who do not understand the issues.

@Mark. It may be true in part - but as a journalist this person has a public interest defense available and very likely followed something like responsible disclosure. See 4th paragraph of my previous post for more detail. In contrast the circumstances around the Scoop exposure are not so clear cut in this regard.



4025 posts

Uber Geek
+1 received by user: 1076

Trusted

  Reply # 701337 15-Oct-2012 10:57
Send private message

@kiwicon:
I guess we'd be derelict in our civic duty not to offer MSD's CIO (whoever takes the job) a free ticket to Kiwicon #wtfmsd #fatlotofuse


Hahahaha

BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator
Trusted
Geekzone
Subscriber

  Reply # 701346 15-Oct-2012 11:07
Send private message

KiwiNZ:
freitasm: And after the person on the other side puts the phone down everything goes back to what it was. Inaction.


That will not be the case.


That will not be the case in the current situation.

That could be the case in the imagined/suggested alternative situation.





BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator
Trusted
Geekzone
Subscriber

  Reply # 701428 15-Oct-2012 13:01
Send private message

I personally have a "Dilbert" view of some institutions.




BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator
Trusted
Geekzone
Subscriber

  Reply # 701433 15-Oct-2012 13:05
Send private message

I didn't say I based my view on the cartoon. It's the other way around: the cartoon reflects my view.




BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator
Trusted
Geekzone
Subscriber

  Reply # 701436 15-Oct-2012 13:11
Send private message

*sigh*

I didn't say my knowledge came from the press either, did I?

My knowledge of the specific aspects of this case, yes. My opinion on what would have happen if not made public is another matter entirely.

You have your reasons, I have mine.







Amanzi
777 posts

Ultimate Geek
+1 received by user: 43

Trusted
Subscriber

  Reply # 701440 15-Oct-2012 13:12
Send private message

KiwiNZ: My view on what will happen is based on experience and knowledge and not knowledge gained from the press


I think that going public in such a big way was the right thing to do in this case as the level of negligence is staggering. Doing it this way will ensure that not only do the systems get fixed, but the people responsible for exposing all these private records are held accountable.

1287 posts

Uber Geek
+1 received by user: 319


Reply # 701443 15-Oct-2012 13:21
Send private message

Just to satisfy my own curiosity about whether my own ethics/morals are "normal" ...

Thumbs up or down if you think the blogger acted illegally or not.





DRZ  Smarterer


BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator
Trusted
Geekzone
Subscriber

  Reply # 701450 15-Oct-2012 13:28
Send private message

KiwiNZ:
amanzi:
KiwiNZ: My view on what will happen is based on experience and knowledge and not knowledge gained from the press


I think that going public in such a big way was the right thing to do in this case as the level of negligence is staggering. Doing it this way will ensure that not only do the systems get fixed, but the people responsible for exposing all these private records are held accountable.


You are basing this on one side of the story ? which is normal in this type of senario


Amanzi points are:
  • Going public is justified because negligence at this level is not supposed to happen
  • Systems should get fixed
  • People responsible for this happening should be held accountable
Which ones do you agree with or not?





Amanzi
777 posts

Ultimate Geek
+1 received by user: 43

Trusted
Subscriber

  Reply # 701451 15-Oct-2012 13:33
Send private message

KiwiNZ: You are basing this on one side of the story?


I'm basing it on the side of the story that has a member of the public sitting at a kiosk computer in a WINZ office and accessing tons of confidential information. What is the other side of the story?



4025 posts

Uber Geek
+1 received by user: 1076

Trusted

  Reply # 701452 15-Oct-2012 13:37
Send private message


Fully Operational
3267 posts

Uber Geek
+1 received by user: 1063

Trusted
Vocus
Subscriber

  Reply # 701456 15-Oct-2012 13:41
Send private message

KiwiNZ: he should have approached the CEO of MSD and discussed it with him.


Ha! How on earth might one arrange that meeting!?

I'm not saying what he did was ethical, or legal, but from here it seems like the best way to get action.  Remember this is not a business he's targeting, it's a government department.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Red Hat unveils production-ready open source hyperconverged infrastructure
Posted 23-Jun-2017 22:10


Whatever ailed Vodafone broadband … seems to be fixed
Posted 23-Jun-2017 14:10


VMware NSX Meets Stringent Government Security Standards with Common Criteria Certification
Posted 22-Jun-2017 19:05


Brother launches next-generation colour laser printers and all-in- ones for business
Posted 22-Jun-2017 18:56


Intel and IOC announce partnership
Posted 22-Jun-2017 18:50


Samsung Galaxy Tab S3: Best Android tablet
Posted 21-Jun-2017 12:05


Wellington-based company helping secure Microsoft browsers
Posted 20-Jun-2017 20:51


Endace delivers high performance with new 1/10/40 Gbps packet capture card
Posted 20-Jun-2017 20:50


You can now integrate SMX security into Microsoft Office 365, Google and other cloud email platforms
Posted 20-Jun-2017 20:47


Ravensdown launches new decision-making tool HawkEye
Posted 19-Jun-2017 15:38


Spark planning to take on direct management of all consumer stores
Posted 19-Jun-2017 10:03


Qrious acquires Ubiquity
Posted 14-Jun-2017 12:21


Spark New Zealand prepares for 5G with Nokia
Posted 14-Jun-2017 12:16


The future-proof 10.5-inch iPad Pro
Posted 13-Jun-2017 18:16


Mandatory data breach reporting in Australia
Posted 13-Jun-2017 11:30



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.