Kia ora koutou, welcome to another issues team roundup blog in which we highlight a selection of the access, use and security stories that have caught our eye recently.
The IANA transition has happened
First up, a teaser story for Internet governance. On 1 October 2016, the US Government terminated its contract for the IANA function (Internet Assigned Numbers Authority), letting ICANN, and its new accountability and governance frameworks become the main governance framework for Internet names and numbers. Jordan, our chief executive has been pretty heavily involved in some of the accountability work that has led up to this rather historic transition. He has posted a blog to help explain what it's all about and why it's an important moment in the history of the Internet. You can check it out here: Transition: done!
Australia wants to ban de-anonymisation of data
The Australian Attorney-General has announced that the Government is planning to amend the Privacy Act to make de-anonymisation of datatsets a crime. There's been plenty of pointing and laughing at the Australian Government on this one. It seems to come out of the fallout from the cluster-fudge that was the 2016 Australian Census. And as much as a I want to hate all over this idea, honestly, I'm a bit torn.
The case against is pretty strong. Research is important, both security and academic researchers often play around with anonymous data-sets. Here in Aōtearoa, StatsNZ has a whole data-set platform for social sector researchers to access and use anonymised data from across government departments. These systems need to be secure, and the methods used for anonymisation should be robust. People should be able to test them with a view to suggesting improvements and ultimately increasing anonymisation tech. This could end up being overly broad and cover researchers seeking to improve TOR, encryption mechanisms, stifling really important research.
However, keeping anonymous data that way, and avoiding the re-identification of individuals is an important privacy protection. It also seems unfair to place all the expectations and obligations on organisations who are opening up data-sets to be able to predict what technologies and tools will be available in the near future to undo their efforts to keep data anonymous.
We'll be watching to see what the actual product of this proposal in Australia is and whether the exceptions for researchers are any good and how broad the crime can be interpreted. Watch this space I guess?
- The Register: Australia wants law to ban de-anonymisation of anonymous data
- Attorney-General's Office press release
Ransomware and making sure your backups actually work
Our security story this week is a sobering tale about making sure you have backups and know that they work. These days, with all the ransomware (or "cyber-ransoms" as they inexplicably get called) floating around, it's a fair bet you, or someone you know will need to do a full disk backup on a computer to be able to actually use it in the future.
But, sometimes the backup process just doesn't work quite how you thought it would. For Marin Medical, they found that their backup process left something to be desired. They got hit by ransomware, even though they paid the ransom, the malware kicked in during their routine back up. The result was 5000 patient records from a 15 day period were lost from their systems.
That is seriously bad luck but that definitely makes me think about something an information security friend of mine says - if you haven't practiced using your backups, then you don't really have any. Perhaps it's time we all update our backups and then do a practice restore?
- UPDATE: 5,000 Marin Medical Practices Concepts patient records lost during recovery from ransomware attack
Homebrew powerwall sitting at 20kWh
And from our that's just awesome file we have the battery to join them all, and in the nighttime light them all, thanks to Tesla? Tesla, yep them of the awesome car that every geek wants, came out with a battery to run your home off. They called it the 'powerwall.' You charge it up from solar during the day, and then you can draw off it at night. Ironically, the issue is the same with the wall as it is with the car. It costs a lot of money, and it's not quite large enough - they have a 7kWh, and discontinued their 10kWh earlier this year.
I guess that's why this guy decided to make the same thing from torch batteries...lots of them. And his version weighs in at a whopping 20kWh. Now THAT is a house hack.
Well that's us so have a great week and hopefully we'll see you at NetHui in Nelson, South Auckland, and Rotorua.