October 14, 2021
The Home Affairs Ministers, Karen Andrews, today released the Government’s Ransonware Action Plan.
It has been heralded as a new plan to protect Australia against ransomware. Actually that is the title of the media release Read the rest of this entry »
October 6, 2021
Consideration of statutory demands is relatively infrequent by the appellate division of any Supreme Court in Australia. So it is notable when the Victorian Court of Appeal, in Sceam Constructions Pty Ltd v Clyne [2021] VSCA 270, reviewed the operation of section 459G of the Corporations Act, the meaning of fair notice and what is meant by the Graywinter principle, which, apparently, is no longer a favoured term.
The Clynes engaged Sceam Construction Pty Ltd (‘Sceam’) to carry out renovation works at their home under the terms of a standard form ‘Simple Works Contract’. The Clynes served a statutory demand under the Corporations Act 2001 (Cth) on Sceam for $109,514.23. The debt is described as an Read the rest of this entry »
September 20, 2021
The National Institute of Standards and Technology (“NIST”) has released its report for Machine Learning for Access Control Policy Verification. It is a very technical document but useful for those interested in machine learning.
A machine learning classification algorithm is particularly efficient for system model verification because it does not require comprehensive or complex test cases or oracle, which are needed for traditional model verification methods. Read the rest of this entry »
September 17, 2021
In Psyche’s Our evolved intuitions about privacy aren’t made for this era the authors posit the theory that our evolved intuitions about privacy are out of sync with the modern era. That does explain the significant tension and our mutually contradictory revulsion but also embrace of runaway technology which excel in surveilling our purchases, work, finances and much of our life. An intriguing quote is that ‘we have palaeolithic emotions; medieval institutions; and god-like technology’.
It is well Read the rest of this entry »
September 16, 2021
A confluence of reports highlights the dismal state of security preparedness in Australia in particular and throughout the developed world generally.
It governance calculates that in August there were 84 cyber attacks which results in 60,865,828 records being breached. Of that number T Mobile suffered a hack which affected 53 million records.
Yesterday the Australian Cyber Security Centre (ACSC) released its Annual threat report for 2020 – 2021 which reports that over 67,500 cyber crime reports were made in the last 12 months. And the ACSC acknowledges that the figure could, and probably is, higher. Probably Read the rest of this entry »
September 12, 2021
The High Court in Fairfax Media Publications Pty Ltd v Voller; Nationwide News Pty Limited v Voller; Australian News Channel Pty Ltd v Voller [2021] HCA 27 with a 5:2 majority rejected an appeal by media outlets against a ruling that they were liable for comments to their articles on a Facebook page.
The appellants each maintain a public Facebook page on terms of use agreed with Facebook which:
The use of the Facebook pages usually involves:
Facebook Page administrator
the posting of comments by third parties
The trial judge found the appellants were publishers.
Their Honours, as did all judges in this decision, undertook a very comprehensive review Read the rest of this entry »
September 7, 2021
The adjective “Orwellian” is both overused and misused. It is often tagged onto a complaint which does not describe a situation, idea, or societal condition that George Orwell identified as being destructive to the welfare of a free and open society. It is commonly used by someone to label an argument or, often government, proposal which he or she finds disagreeable. Unfortunately the South Australian Governments use of an app to geo locate and have facial recognition is for those in quarantine is Orwellian. And how this trial became reality demonstrates the dismal state of policy development and exclusion of any input from the community.
It is relevant to note that South Australia has no Privacy Act. There is no regulator to deal with privacy breaches, of which this app has the potential for many. It is a dismal failure of public policy and panic over prudence. That there has been no outcry from the polity within Australia is a poor reflection on the state of debate here. The Civil Society’s response has been inconsistent but largely ineffectual. The New South Wales Council for Civil Liberties has criticised it on the basis that safeguards are not in place (SA facial recognition app trial should not go ahead without safeguards). It is a weak response that accepts that “..it was possible for facial verification to be conducted safely and appropriately, with the right safeguards.” Really! There is more than a few well regarded privacy and other experts who wouldn’t even accept that proposition. It is a weak and unimpressive Read the rest of this entry »
August 30, 2021
On 17 September 2019 the Sun published a story about the murder suicide of Ben Stokes mother’s ex husband 31 years previously in New Zealand. The story is no longer available on line. The murder was of his mother’s two children. This tragic event occurred before Ben Stokes, a prominent English cricketer, was born. At the time Ben Stokes reacted furiously to the story describing it as disgusting and immoral. The Guardian ran a detailed piece with Ben Stokes attacks ‘despicable’ Sun story about family tragedy. The next month Ben Stokes and his mother, Deborah, issued proceeding in the UK Court of Chancery. The Particulars of Claim was served on 22 January 2020 with the Defence filed on 16 April 2020.
The nub of the defence was that, first, the story about the murders were covered by the New Zealand media and, secondly, the Sun obtained an on the record interview with the family and had approached Ben Stokes for comment.
At the time, and subsequently, there was a lively debate about whether the report was one of free expression and/or a legitimate story to report versus privacy. On 18 September 2019 the independent came out in support of the Sun. At the time the Conversation in Ben Stokes v The Sun: gross intrusion or simple reportage? How media privacy law works highlighted some of the issues, such whether a privacy claim can be brought when the information is in the public domain, and whether a claim can be made by a person when it relates to inter related parties.
There was no trial on the merits. The Sun and Stokes settled on favourable terms to Stokes. The Stokes’ solicitors released a statement confirming Read the rest of this entry »
August 12, 2021
Poly Network a finance platform based in China which specialises in cryptocurrency transfers on the Binance, Ethereum and Polygon blockchain = has lost $600 million worth of crypto currency to a data breach. The hacker exploited a vulnerability in the _executeCrossChainTx function between contract calls and was able to pass in data to modify the keeper of the EthCrossChainData contrac. That let the intruder to declare themselves as the owner of any funds processed through the platform. Clever. It also shows that coding errors can be fatal and part of cyber security should be to take steps to test and review coding.
Using repeated calls to the attacked contract, the hacker was able to exfiltrate funds from the Poly Network and then transfer them Read the rest of this entry »
Zoom has reached a $85 million settlement arising out of a lawsuit, IN RE: ZOOM VIDEO COMMUNICATIONS, INC. PRIVACY LITIGATION (5:20-cv-02155), which claimed its violated its clients’ privacy rights by sharing personal data with Facebook, Google and Linked In. The claim also alleged that Zoom’s security practices were unsatisfactory as they let hackers zoom meetings. That practice has become so notorious that it has a term, zoom bombing. There has been extensive coverage with reports it itnews, abc, BBC. The Reuters coverage provides Read the rest of this entry »