ITP Sites:   ITP Site|TechBlog|TechHub in schools|NZ CloudCode|All Tech Events|Software Escrow NZ

ITP Techblog

Brought to you by IT Professionals NZ
« Back to Home

Brislen on Tech

Paul Brislen, Editor. 22 June 2018, 2:29 pm

Place the money in a paper bag and bring it to Pier 34 at midnight

There are pretty simple rules to security but for some reason people don't like to follow them.

The easiest are things like, "Don't reuse passwords" and "make your password hard to guess but easy to remember" and "make sure your anti-virus and firewall protection is kept up to date".

Some of them are so obvious that they don't need spelling out, like "your password shouldn't be your name plus some numbers" and "back up all your files in a safe place".

Others are, apparently, far more subtle and difficult and they include, "if you get slammed with ransomware don't pay the ransom" and "if you do pay the ransom and get your files back, don't trust them ever again because WHO KNOWS what was included in that pack of files you had given to you".

Unfortunately, nobody thought to tell Ken Shirley and the Road Transport Forum because they got hacked, their files were stitched up and hidden from them and they had "no choice" but to pay a ransom to get their data back.

O.M.G as the kids would say.

No, Ken. No.

You may have your files back but you've done two things. First, you've demonstrated to the ratbags that people will pay, so they'll do it again. Second, you've assumed they haven't done something dodgy to your files, and given how poorly the rest of your story has gone, I can't assume you've had a security expert pour over your details looking for nastiness with any degree of confidence. So no, no, no. Bad all round.

Never pay the ransom. You really cannot guarantee you're doing anything other than handing over cash to some ratbag. Don't do it. Ever. Better to lose your data and start anew than to risk having some devious little package included in your data. I suspect something is checking all your emails in and out and harvesting addresses, or looking for those 16-character lists that are so familiar to anyone with a credit card, or worse, it'll be a ticking bomb waiting for an anniversary and hey presto, you're ransomed up again. And we know you'll pay because you paid last time! So cough up.

The two things the RTF did right are tell the CERT NZ crew so they can assist and hopefully record any evidence, and to write a blog post about it to warn others. Because now we know your system is pretty much extremely compromised, there's no way anyone is going to send you an email any time soon. It's just not worth the risk.

Techblog - Road Transport Forum pays ransomware, warns others

Contractor Magazine - Ransomware can cripple your business

NBR - Road Transport Forum paid ransomware hijackers, Shirley admits




Article 13

Boy, what a mess.

On the surface it probably seemed like a great idea. Hey, let's deal to the nastiness of copyright breaches on the internet once and for all. Let's introduce a law that says the telcos and content providers must police all content online and remove it if challenged.

So, every text message, every post, every sound, every image, every video file, every utterance must be scrutinised by … well, someone, and passed yay or nay for copyright breach.

Farewell then free speech. Farewell fair use. Farewell the next meme that takes an image and plays with it for humorous effect.

And farewell to the internet as we know it, because you can't run real time searches that will return anything like a meaningful result if every search needs to be vetted by a human in order to ensure nothing copyrighted is being used unlawfully.

This is a disastrous bill produced by people who don't know what they're doing and who clearly have been heavily influenced by the old world of Hollywood who don't want a bar of this internet thing and want to go back to life as it was before Things Got Out Of Hand.

Plus, it is simply too difficult to enforce. No computer program or algorithm can keep up with the sheer volume of content pumped onto the internet each day, and no room full of humans can keep up either. And having challenged Twitter to respond to defamation in a timely fashion, I can assure you that the policies and procedures and systems that are currently in place will melt like an ice block dropped on a barbecue grill in the face of this level of noise.

And no, this won't just be limited to the EU either. One of the up sides of the internet is how well connected we all are. One of the downsides is how well connected we all are.

All hyperbole aside, this is a very troubling piece of legislation and the ramifications could be far reaching indeed.

BBC - 'Disastrous' copyright bill vote approved

Letter to the EU - Article 13 of the EU Copyright Directive Threatens the Internet

Popular Mechanics - EU toys with blowing up the internet as we know it

The Register - JURI's out, Euro copyright votes in: Whoa, did the EU just 'break the internet'?


Sparking up for a fight

Spark has released its latest customer data and says we've crossed a major watershed in the history of telecommunications in New Zealand.

For the first time, Spark has more customers using fibre or fixed-wireless connections than using copper.

It's a real turning point for the once 100% copper kingpin that used to offer any telco service so long as it was copper and which provided service to everyone (so long as it was a telephone you were after) but not everyone is smiling.

While 34% of Spark's residential base is now on fibre, 16% are on fixed wireless, a service that is delivered without the use of Chorus's network (except presumably for the odd bit of backhaul) and which Spark can price competitively and still make a killing in terms of margin.

For Chorus, this is the worst of both worlds - it has to pay for the fibre build (something it was eager to take on based on massive customer demand) and it isn't migrating the customers to fibre because Spark is aggressively selling fixed wireless to those who don't necessarily want an ultra fast connection.

If you think this is bad, Chorus, wait until the Commerce Commission allows fibre unbundling and then you really are going to squeak out loud.

Spark warned Chorus this would happen. During the early days of the UFB build, Spark repeatedly warned Chorus that if it pushed to keep fibre prices high, and wasn't customer centric (in this case the customer is the ISP that buys the service to sell to retail customers like us) then it would find alternative networks to sell and that fixed wireless over 4G would be the obvious contender.

Chorus poo-poohed the idea because who in their right mind would want fixed wireless when we/they offer so much more.

But ongoing installation woes, problems of customer perception around price and an aggressive sales campaign from Spark have convinced a sizeable chunk of the market and while I certainly wouldn't give up my fibre connection, there are plenty who have told me they just don't need that capacity.

Oh and on top of the unbundling argument, Chorus also faces the push into 5G spectrum that will increase the wireless capacity even more.

It's no wonder that Chorus is agitating for a single network operator in the 5G space (an operator such as, well, Chorus for example). It's the only way it can slow down the rate of development and deployment enough to maintain its fibre customer targets.

Because the alternative - reducing its price and offering ever faster fibre speeds - is apparently unthinkable.

Scoop - New Zealand broadband reaches crucial tipping point

NBR - Spark's fixed-wireless growth could be slowing


You must be logged in in order to post comments. Log In

Web Development by The Logic Studio