Archive for the ‘Internet’ Category

A solution to scalping?

June 30th, 2015 at 2:00 pm by David Farrar

There’s been outrage over people scalping Super 15 tickets on Trade Me. No practical way to stop this unless you require photo ID with tickets to get into events. Also making tickets non transferable means if you get sick or injured or the like, then your tickets are wasted and your seats go empty.

The basic “problem” is that there is a fixed supply, and high demand. The secondary market allows those who want to pay a premium to get to go, after missing out due to the vagaries of online booking systems.

Now one may say it is unfair that the scalpers make the money, rather than the sports code. This is true. So why not have the sporting code itself auction off some tickets?

Sell half the tickets at a fixed rate (so some fans can get to got for an affordable price), and auction off the remaining half with the top say 4,000 bids getting four tickets each?

Tags: ,

Paris taxi drivers

June 29th, 2015 at 4:00 pm by David Farrar reports:

ANGER against ride-booking app Uber continues to escalate with taxi drivers and even a former cop in Australia taking matters into their own hands.

Taxi drivers set fire to cars and blocked major roads in France overnight as protests exploded into violence against the illegal service.

One private chauffeur was pulled from his van by angry cab drivers who shouted “why did you come to work, you know we’re on strike today,” according to AFP. Meanwhile in Strasbourg taxi drivers posed as customers to lure Uber drivers and assault them.

American rocker Courtney Love was caught up in the demonstrations when a vehicle she was travelling in outside Paris was attacked.

She tweeted that protesters “ambushed” her vehicle and “were holding our driver hostage”.

In the most serious incident in Paris, one private chauffeur, who said he did not work for Uber “or any other app” was dragged from his van when he reached a blockade in the west of Paris.

Angry taxi drivers slashed the tyres of his vehicle, smashed a window and then set it and a chauffeur-driven van on fire.

On at least two occasions in Strasbourg in eastern France last week, taxi drivers posed as customers in order to lure Uber drivers to isolated spots where they were assaulted by cab drivers and their vehicles damaged.
Well that really makes me think that these are the sort of people I want driving me around Paris.
So sad that thugs think violence is the answer to competition. Little better than the mafia or the 1930s gangs of New York.
People choose Uber for probably four main reasons:
  1. Better service – easy to order, find, and pay for
  2. Cheaper
  3. Safer
  4. Better quality drivers

If you don’t want people choosing Uber over your own taxis, then makes taxis better service, safer, better quality and cheaper.


Global Mode lawsuit settled

June 24th, 2015 at 12:00 pm by David Farrar

NBR reports:

The “Global Mode” case has been settled in favour of the big media companies.

A notice posted this morning to the NZX by Sky TV reads, in full: “The legal proceedings against “Global Mode” service providers have been settled. As a result, from 1 September 2015, the “Global Mode” service will not be available to any person for use in New Zealand.”

This is a pity, as it would have been great to have got a court ruling on whether circumventing geo-blocking technology is illegal. It would have had global ramifications.

My take: this is a victory for the old media companies but really only a moral one. Global Mode was unique worldwide in that it covered every CallPlus and Slingshot customer, without them having to do anything but there are still lots of easy ways for people to access geo-blocked sites. …

And perversely, had they lost, at least the big media companies would have had a legal decision confirming what everybody already knows: that in the age of streaming video services, there’s no such thing as an exclusive local license any more – and that the price Sky TV and others pay for local rights should reflect that.

I agree that this is not much of a victory for the broadcasters. It takes around 20 seconds to install a plugin to get around geoblocking, so people will still circumvent. And as Keall says, if they had lost in court, they could negotiate lower fees from rights holders. Now they will still pay inflated fees for theoretically exclusive content, but still have people directly accessing it from overseas sites.

Tags: ,

A 111 app

June 22nd, 2015 at 3:00 pm by David Farrar

The Herald reports:

The Government hopes a new smartphone app for emergency services will save lives and money.

Communications Minister Amy Adams said 70 per cent of calls to 111 were made from cellphones.

But many callers could not provide accurate location information to ambulances, police or firefighters.

This could cause delays as long as 15 minutes as emergency services tracked down the exact location of a crisis.

On average every minute caused an extra $4000 in fire damage to houses, Ms Adams said.

The minister announced today the Government was making a request for proposals to build the new emergency services app.

Seems a great idea. It can send your GPS location automatically. Also a good app may allow you to indicate the urgency of the assistance needed.


Guest Post: Firemen, journalists, and a naked emperor.

June 17th, 2015 at 7:00 am by David Farrar

A guest post by Deanne Jessup:

Here in New Zealand we have just had a survey that tells us journalists are the least trusted, and firemen are the most.  This got me thinking about why, and what if anything should be done about it?

Imagine the world where most fires put themselves out safely every time.  Only we never knew it happened.  Instead, firemen turn up, wave spraying hoses and extinguishers, and hit things with their axe-shaped tools.  Once the fires are out, we celebrate them as heroes, declaring them wonderful and the most trusted of us all.

Now imagine we found out through the internet that firemen are frauds!  Over time we discover it was all a ruse to keep them in work.  Would you still trust them?  What if it then came out that firemen themselves actually lit most of the fires?  Would you still call them when the fires appeared?  What if it was a fire that would not extinguish itself?  What happens then?

As absurd as this tale is, a variation of it has been playing out every day of the last decade.  Journalists have fallen from our graces.  Though obvious, my main moral is not ‘the boy who cried wolf’ though it is certainly relevant to ask what happens if we decide we don’t need the media at all.

In my view, this tale parodies the one from ‘the Emperor’s new clothes’.  We know we can get our news elsewhere; we know about social media, blogs, and live streams.  But like the people of the Emperor’s court who thought they had to pretend, perhaps we are worried what they will do if we point out their nakedness.  So instead the absurd situation persists where we pretend their relevance but trust them the least.

The internet has both caused this situation and is constantly changing the nature of it.  Initially, it revealed the nakedness of the media, now it is becoming the child from the story pointing loudly and shouting “you have no clothes on!”  Technology has radically reshaped the world.  We are moving into a new era.  Media are trying to reinvent, to clothe themselves in the attires of the day.

The current scramble to ‘change’ shows the media think the reason readership and profitability are both low is because they are printing in the wrong place, rather than the reality that they have been caught printing the wrong thing.  There is no road to trust by adopting old practices on new platforms.  Media must take to heart that no amount of blogging, social engagement, and digital media will change that we can now see around them.

They must understand that we can now see the truth, often faster than they report it.  To become trusted again, they must add value and once again report honestly, openly, and without prejudice or bias.  Of course, as they were ‘caught’ naked, a fair question is did they ever?

Tags: ,

PM changes phones for security reasons

June 15th, 2015 at 12:00 pm by David Farrar

The Herald reports:

When most people find their missing phone, it’s followed by a vow not to lose it again.

Prime Minister John Key, on the other hand, quickly bins his.

Mr Key has revealed that he gets rid of his mobile phone every few months for security reasons.

Those precautions are prudent not paranoid, an expert in technology and security says, as phones can be successfully tampered with in only a few moments.

The Prime Minister’s admission follows revelations that other world leaders had their phones accessed, and that US President Barack Obama and others use strict security measures.

While Mr Key’s phone has special security measures on it, he does not assume his conversations are private.

“I kind of work on the principle that I will be [listened to] at some point,” Mr Key said on More FM yesterday.

“If I was having a conversation with my national security advisers … I would never have a mobile phone in the room I’m in … because you can use it as a listening device, whether it is on or not.”

Left behind or not, the phone will be replaced every few months.

“If I left it in a hotel room by mistake, which I have done on a few occasions, I would just throw it out [after getting it back],” Mr Key said.

Barry Brailey, chairman of the NZ Internet Task Force, a non-profit organisation that aims to improve the country’s cyber security, said that was prudent.

“There is commercially available spyware-type stuff for handsets. If you can get physical access to the handset you can probably install that in less than three minutes.”

We know there are people in the country that will hack communications of their political opponents, so this is no surprise. Let alone, any attempts by non NZers.


Speeding up the UFB installs

June 14th, 2015 at 1:00 pm by David Farrar

Amy Adams has announced:

Communications Minister Amy Adams has today released a raft of proposals to help speed up the installation of Ultra-Fast Broadband (UFB).

The discussion document outlines four proposals for change:

  • amending the way in which network operators seek permission to access private property (in situations like shared driveways and apartment buildings)

  • enabling better use of existing utility infrastructure to more efficiently roll out fibre networks

  • providing more certainty to network operators regarding their ability to maintain fibre infrastructure installed on private property

  • establishing an expanded and accessible disputes resolution process to ensure that land access disputes can be resolved quickly and fairly.

They look like useful proposals, which should be implemented.

TUANZ have said:

TUANZ also strongly supports the proposal to investigate a new statutory right of access which would enable fibre companies to utilise existing assets, even when those existing assets traverse private land. “We see this as being key to extending fibre further especially into rural New Zealand as it significantly reduces the cost of build which is a key barrier in improving rural connectivity” said Mr Young.

One shouldn’t need permission from neighbours to install fibre, any more than to install water or electricity.

Tags: ,

The last 10 years

June 13th, 2015 at 4:00 pm by David Farrar

A fascinating speech on media changes at the Washington Post. An extract:

•  High-speed broadband became pervasive only in 2004, 2005, making possible the communications we take for granted today. It allowed photos to load fast and instant viewing of videos — and it allows mobile connection to the web.
• Google didn’t go public until 2004. Today, there are more than 3 billion searches a day on Google.
• Facebook was founded in 2004. Now it has more than 1.3 billion monthly active users.
• YouTube was founded in 2005. More than 1 billion people now visit YouTube each month.
• Twitter was founded in 2006. A half-billion tweets are sent every day.
• Kindle was introduced in 2007. Three in 10 Americans now read an e-book.
• Apple introduced the iPhone in June, 2007. Today 2 billion people worldwide use smartphones.
• Instagram was founded in 2009.
• Whatsapp was founded in 2009 and last year was sold for $19 billion to Facebook.
• The iPad was introduced in January, 2010.
• Snapchat wasn’t launched until 2011. It’s now valued at $10 billion or more.

Amazing how much has changed in just ten short years.

We have fostered a tight working relationship with our Engineering department, with 47 engineers working with our journalists. Four years ago, we had only four engineers in newsroom. When we move into a new office within a year, all 47 engineers will be embedded in our newsroom, working side by side with our journalists.



Estonia’s e-government

June 11th, 2015 at 1:00 pm by David Farrar

Estonia shows what you can do reports The Register:

In the Autumn of 2014 my wife was posted to Tallinn, Estonia’s capital, for six months. One of the delights of being a technology analyst is you can you work anywhere there is good internet access. Estonia has excellent internet coverage plus 4G available throughout the country (even in rural areas – a matter or government policy). In addition, ‘being ‘local’ means you can explore the digital business scene.

So, armed with my identification documents, I went to a designated e-Resident office, having previously made an appointment online (of course). Although I brought passport-sized photos I was directed to a standard-seeming photo-booth which took my picture. Then I met a courteous Estonian officer who swiftly took my details and bio-identifiers while also linking to my electronic pictures from the photo-booth. I was told I would receive an email in two weeks if my application was not refused.

Thirteen days later the promised email arrived. I returned to the same office to sign for a package that included my e-Resident card and a neat, and super-small USB e-Resident card reader. Nothing in the process could have been simpler or more easily delivered (and from 1 April 2015 it has been possible to achieve the same at selected Estonian embassies.)

With an e-Resident card you can set up a business remotely operating from Estonia. As an e-Resident you can do everything legally required for a business by electronic means from afar, including setting up a company, signing contracts, opening bank accounts, making and receiving payments and paying all taxes.

I like the concept of e-residents.

Today’s Estonian citizen can (though he or she does not have to):

  • Identify themselves, via e-ID, an electronic identity system

  • Vote (iVote, available since 2007)

  • Complete tax returns (and make payments or receive refunds)

  • Obtain and fulfil prescriptions (eHealth)

  • Participate in census completion

  • Review accumulated pension contributions and values

  • Perform banking, including making and receiving payments

  • Pay and interact with utilities (like water, gas and electricity)

  • Interact with the education system (e-Education)

  • Set up businesses

  • Sign contracts

  • And more.

We’re not too far off. We can do most tax stuff online, and the census is online. Banks and utilities are all online. Education is getting there.

For example, digitising the police now enables a police officer in a patrol car to verify a car’s legality and insurance by querying the car registration system. If this shows the owner is a driver who has been convicted of a drink-driving offence within the past two years the police officer can stop and breathalyse that driver. Convicted drunk-drivers know this; unsurprisingly repeat drink-driving re-offences have fallen.

A good way to target.


Broadband prices

June 10th, 2015 at 1:00 pm by David Farrar

Stuff reports:

Consumers are getting a reasonable deal from phone and internet providers but are still paying over the odds for mobile broadband, according to the Commerce Commission.

The competition watchdog said telecommunications companies invested $1.69 billion in the year to June 2014, equalling the record set six years ago, despite a 1 per cent drop in industry revenues to $5.17b. Much of the investment was driven by the roll-out of ultrafast broadband (UFB).

Most of the figures in the annual report are based on a survey that is already one year old.

But they suggest Kiwis are paying broadly the same for phone and broadband plans, when compared to people in other developed countries.

Prices ranged from 22 per cent below average to 23 per cent above average, depending on technology and data caps, the commission found.

Consumers were also paying between a third and two thirds less for mobile phone calls and mobile broadband if they took up one of the $9 to $29 monthly deals offered by Spark, Vodafone and 2degrees.

But the price of larger mobile broadband plans was still high, with a six gigabyte monthly plan costing $90 a month, more than double the average among Organisation for Economic Cooperation and Development states (OECD) .

That seems right to be. Home broadband plans are pretty well priced now. I have an unlimited data plan for a reasonable cost.

But the cost of a big data mobile plan is still over $100 (including phone plan also).

Broadband users chomped through an average of 32 gigabytes of fixed-line broadband data each month, up from 26Gb the previous year. Average speeds rose from 5.3 megabits per second to 7.3Mbps, achieving parity with Australia but still behind the 11Mbps average in the United States and Britain.

The Commissions reports are online here.

Some interesting stats comparing 2014 to 2008:

  • Total telco investment up from $1.2 billion to $1.7 billion a year
  • Fixed broadband connections up from 850,000 to 1,390,000
  • Average speed up from 2.7 Mb/s to 7.3 Mb/s
  • Unbundled phone lines from 3,000 to 131,000
  • Fixed call minutes down from 12 billion to 8.25 billion
  • Mobile minutes up from 3.7 billion to 5.3 billion

Automatic stats data from Xero

June 6th, 2015 at 7:00 am by David Farrar

Stuff reports:

Statistics New Zealand hopes to provide a quicker and more accurate picture of how small businesses are faring as a result of a deal with accounting software firm Xero.

Businesses which use Xero’s cloud software will be able to volunteer to have some details of their business, such as their profit and loss, transmitted automatically to the government department.

Statistics NZ said the trial would test the feasibility of the department automatically collecting financial information electronically and if it was successful it could mean business owners would spend less time in future filling in forms.

If this means I have to spend less time every year filling in those 20 page business surveys, then I’ll be a very happy man.

Tags: ,

RMA changes needed to speed up fibre deploy

June 2nd, 2015 at 4:00 pm by David Farrar

The Herald reports:

Chorus, the regulated telecommunications network operator, has called on the government to enact changes to the Resource Management Act to speed fibre rollout to multi-unit properties and those with shared driveways, which currently takes six times longer than for stand-alone homes.

The median time to complete a fibre installation in a simple property, such as a stand-alone house, representing 80-to-85 percent of builds, was 18 days, chief executive Mark Ratcliffe told a briefing in Wellington today.

More problematic were more complex builds, with multi-dwelling unit installations taking a median 130 calendar days and a property down a shared right-of-way taking 110 days.

Ratcliffe said the major delays caused in the consenting process came from Chorus having to find neighbours to confirm they didn’t object to the build, or from ongoing disputes between neighbours or third parties.

“The best role the government could play is help with the consenting stuff, that’s the one thing the industry can’t sort out on its own,” he said.

“We’ve got a pool of properties where consents have been refused, and the way that those work at the moment, we don’t get back to those for another six months, otherwise there’s just more cost involved.”

I support RMA changes in this area. Neighbours shouldn’t be able to say no to a fibre installation any more than they should be able to stop power or water to a house.

Tags: ,

The future for public transport

May 29th, 2015 at 1:00 pm by David Farrar

Stuff reports:

Don’t get too attached to your steering wheel and brake pedal because self-driving cars could be hitting our roads sooner than you think.

The first privately-owned driverless vehicles could start appearing in New Zealand in as little as two years, once European manufacturers start bringing them to market, Transport Minister Simon Bridges says.

Bridges is in the German city of Leipzig to attend the International Transport Forum’s annual summit, where a lot of the talk has been about the rapid pace of driverless car technology and how it could dramatically reduce the number of vehicles clogging up our roads.

Yep, they may be a great way to reduce congestion.

The International Transport Forum – a global think-tank for transport policy – unveiled the results of a major study into the impact of self-driving cars at its summit on Thursday.

It discovered that a fleet of self-driving shared cars could make 90 per cent of conventional cars in a mid-sized city superfluous.

Researchers used actual transport data from Lisbon, Portugal to model the impact of two types of self-driving cars: those shared simultaneously by several passengers, dubbed TaxiBots, and those that pick-up and drop-off single passengers, known as AutoVots.

It found that a large-scale uptake of TaxiBots, in conjunction with high-capacity public transport, would remove nine out of every ten cars from the road without hindering people’s mobility.

I’d happily get rid of my car, if affordable taxibots were available for the occasional car trip. Most of us only use our cars a fraction of the day.

Sarah Hunter, head of public policy at Google’s technology development facility Google[x], said the world was on the cusp of having cars and planes that required no interaction from humans at all, apart from inputting a destination.

“It can take you from A to B without you ever being involved. In fact, it’s so autonomous, it doesn’t require a steering wheel or brake.”

Such vehicles would dramatically reduce the number of road accidents, which statistics showed were 94 per cent down to human error.

“It’s not the car that brakes, it’s the human that doesn’t brake,” she said.

“[Self-driving cars] never get drunk, they never get tired, they never get distracted by a text message.”

Self-driving cars would also improve the quality of life for many, including the blind and elderly who cannot drive.

The is the future, and it will be in our lifetime.


Auckland Council consents

May 29th, 2015 at 12:00 pm by David Farrar

Richard Harman blogs at Politik:

MPs today heard a revealing account of antiquated systems within the Auckland Council’s Building Control Department.

The Department — which deals with over 17,000 applications for building consents a year – does most of its work on paper.

Sarah Lineham, Sector Manager, Local Government at the Office of the Auditor General told Parliament’s Finance and Expenditure Committee that the Council used approximately $3.5 million of paper in the building consents department because only a few applications were handled online.

That’s a staggering total.

She was being questioned on a report on the Auckland Council’s handling of Building Consents which said that the reliance on paper within the department meant that staff spent 6000 hours a year simply scanning application documents.

That’s three staff who do nothing but scan documents in!

It said staff at one architectural firm estimated that they used two kilometres of A1-size paper a month, much of it for building consent applications.

The Council should make a priority to have an online tool for consent applications. Not just to save millions of dollars of paper, but actually to simplify and speed up the whole process. Ideally consent applications that conform with the unitary plan should be able to be approved with no human review – just like registering a company – all automated.


Another Uber reason

May 25th, 2015 at 3:15 pm by David Farrar

I’be blogged before on how much I’m enjoying Uber – their booking app, the ability to see where the car is, and the automatic payment to your card.

But I’ve now got another reason. On Friday grabbed an Uber and the car smelt a bit of smoke (it was a driver who is also a taxi driver, not a dedicated Uber driver). So when the app asked me for feedback I gave it 3/5 only and commented about the smokey smell.

30 minutes later I had an e-mail from Uber apologising and saying they will talk to the driver, saying that doesn’t meet their standards. Great customer service.

And also impressive is that the next day I got an automated e-mail from them asking me to rate the quality of their response.

Compare that to trying to complain about a taxi driver to their company!


Police will love this app!

May 24th, 2015 at 10:00 am by David Farrar

Stuff reports:

Cannabis users looking for someone to share a joint with have a new app that lets them find like-minded smokers around the world.

The creator of the Who is Happy app, a Brazilian epilepsy sufferer who wants the drug decriminalised, says his software is a kind of “Foursquare for stoners”, comparing it to the app that allows users to rate restaurants and other places they visit.

“The app is the first global platform of its kind allowing cannabis consumers to connect and unite to promote happiness while de-stigmatizing and hopefully decriminalising cannabis use around the world,” Paulo Costa said.

Users who anonymously log their location will see a green cloud appear on the app’s map, covering a 1-km  radius. They can then check to see if others are partaking anywhere nearby, or elsewhere in the world. A greater number of users increases a location’s “happiness” quotient.

I can see this app becoming very popular with undercover police officers – a way for people to tell the Police to come and arrest them!


Just desserts

May 24th, 2015 at 7:00 am by David Farrar

Back in April I blogged that I had little sympathy for Chris Roberts who was arrested after he tweeted onboard a flight:

“Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? :)” his tweet read.

It turns out he did more than tweet about hacking planes – he actually did it – and often.

Stuff reports:

A security researcher hijacked an airplane’s engines after hacking its in-flight entertainment systems, according to the US Federal Bureau of Investigation. 

Chris Roberts, a well-known US security researcher, told FBI agents in February that he’d hacked in-flight entertainment systems on over a dozen flights and on one occasion hijacked an aircraft’s thrust management computer and briefly altered its course. 

“[Roberts] stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI agent Mark Hurleywrote in a warrant application filed in April and obtained by technology publication Wired on Friday. 

The FBI seized Roberts’ computers and questioned him after he was escorted off a United Airlines flight last month, because he’d posted a tweet — apparently in jest — hinting he could tap into the aircraft’s crew alert system and cause passenger oxygen masks to drop. 

According to the document, during interviews in February and March, Roberts said he’d compromised in-flight entertainment systems on 15 to 20 flights between 2011 and 2014. Each time he’d pried open the cover of the electronics box located under passenger seats and would connect his laptop to the system with an ethernet cable. He’d also scan the network for security flaws and monitored communications from the cockpit. 

I have even less sympathy for him now. Taking over a plane by hacking is not a world different from taking it over with a gun.

Details of the warrant emerged as United Airlines launched a new program that will reward researchers with up to one million frequent flyer miles when they report to it new security flaws in its apps, websites and portals but not in-flight systems. 

The program takes a leaf from bug bounties run by Google and Microsoft, which collectively paid millions of dollars last year to researchers.

That’s a good idea. A true security professional would have immediately reported any vulnerability.

Tags: ,

Online voting requirements

May 13th, 2015 at 10:00 am by David Farrar

Louise Upston has announced:

Councils now have the guidance they need to decide if they want to offer online voting at the 2016 local body elections.

The Government has been looking into the feasibility of enabling local authorities to undertake an online voting trial in response to requests from councils, and a set of requirements for councils interested in undertaking a trial has been released today.

“Local authorities must show they can meet these requirements before the Government can give the go-ahead to trial online voting,” Associate Minister of Local Government Louise Upston said. …

The requirements document, which is available at, was prepared in consultation with a range of stakeholders including the Society of Local Government Managers, Local Government New Zealand, election and online voting service providers, and online security experts.

The requirements are extensive. There are 125 specific requirements. Some of them are:

  • Online voting must only be made available as an additional option alongside postal voting.
  • Voters must be able to vote online using their own internet-capable device, and without any need to install additional software.
  • Electors must be able to vote online without being required to pre-register.
  • All electors in an election for which online voting is being used must be provided with an opportunity to sign up to receive confirmation that an online vote has been received and recorded under their name, and must be notified of this opportunity.
  • A valid voter ID and access code, enabling an elector to authenticate him or herself online, must be transmitted to electors by way of at least two separate transactions
  • Where an online voting document has been incorrectly marked, the online voting technology solution must inform the voter of the nature of the error that has been made and give them an opportunity to fix the error before submission of the voting document.
  • The design of the online voting system must guarantee that votes submitted online are, and will remain, anonymous, and that it is not possible to reconstruct a link between the content of the vote and the voter.
  • Online voting systems must be designed, as far as it is practicable, to maximise the opportunities that such systems can provide for persons with disabilities.
  • Decrypting required for the counting of the votes must not be carried out until the voting period has closed.
  • The online voting system must allow the voter to individually verify that his/her vote is recorded-as-intended.
  • The online voting system must allow for an observer or independent auditor to verify that votes are counted as recorded.
  • Online voting systems must comply with New Zealand Government standards and industry best practice for web and applications security, including, at a minimum: the New Zealand Information Security Manual (NZISM), ISO27001, ISO27002 and the OWASP Top 10; and should also meet other web security standards such as the ASD Top 35 mitigations and then SANS Top 25.
  • Territorial authorities must use an approved provider from the public service’s ICT Security and Related Service Panel to undertake all security testing, assessment, and certification and accreditation.
  • The online voting system must be auditable end-to-end.
  • The audit system must be designed and implemented as part of the online voting system. Audit facilities must be present on different levels of the system: logical, technical and application.

A very detailed and thorough list of requirements.


Spark launches a campaign on copper prices

May 11th, 2015 at 3:00 pm by David Farrar

The NZ Herald reports:

Spark has started a new lobbying campaign in an effort to stop the Commerce Commission setting a big wholesale price rise that will raise copper broadband prices for internet providers.

The campaign is lobbying members of the Commerce Commission rather than politicians.

Called it is the second public relations campaign by the company on the issue and is collecting views from the public over a Commerce Commission draft proposal that will mean big price rises for the wholesale charges.

It is a decision for the Commerce Commission, not the Government. I certainly want lower access prices for copper and good to see Spark advocating this. But I also think that the Commerce Commission has to decide based on the law and the evidence as to what the actual cost is.

Tags: , ,

Review websites help make informed choices

May 2nd, 2015 at 7:00 am by David Farrar

The Herald reports:

Websites offering customers the chance to review their dining experience were “parasites” on the food industry, says an angry Auckland restaurant owner who’s come out swinging at Zomato.

“At the end of the day the only way those guys make money is off our hard work,” said Jonny Rudduck, owner of Ponsonby Rd Italian eatery, il buco.

“Without us they are nothing and in my view, they’re parasites …”

That view point says more about the owner, than it does about review sites.

Review sites allow customers to have a voice. That is a good thing. Owners can respond to the comments.

I’ll never not go somewhere just because of one bad review. But I will look for patterns – multiple bad reviews. I also look for if the bad review seems to be a one off or a systematic issue.

I use Trip Advisor constantly to choose hotels and restaurants when travelling. The average ratings get it right around 95% of the time. Without such review sites, it would be almost random luck where you go.

Yes it can be frustrating to have an unfair bad review. But the answer to bad data, is more (good) data. Not to try and ban data. Encourage all your happy patrons to review you also.

Tags: ,

Copyright and the Internet

May 1st, 2015 at 4:19 pm by David Farrar

A very useful paper by Susan Chalmers on the issues around Copyright and the Internet. It covers:

  • temporary copy rights
  • text and data mining
  • APIs
  • Geoblocking
  • User-Generated Content

The Government is due to soon commence a review of the Copyright Act. I hope it will be a first principles review that will look at whether the law should focus on use rather than copying.


The sharing economy

April 26th, 2015 at 10:00 am by David Farrar

The Herald reported:

By PricewaterhouseCoopers’ projection, the biggest sectors of the “sharing economy” – including transportation and travel companies like Uber, Zipcar and Airbnb – could be pulling in as much as $335 billion in global revenue by 2025.

That’s a massive number (PwC puts it today at about $15 billion), and it reflects, according to a market analysis the company published this week, some fundamental shifts in consumer behaviour. “Access is the new ownership,” and such.

I’m already a big fan of Uber. Yet to use Airbnb, but intend to the next time I want to find a place to stay in the Wairarapa.

PwC does point out one trend in the report that’s a little more revelatory: We’re witnessing the rise of companies predicated on trust among strangers at the same time as general trust in society is actually falling. Only 29 per cent of consumers PwC surveyed said they trust people more today than they did in the past. And 62 per cent said they trust brands less today.

Yes, but while you may not trust individual people, you trust the wisdom of the masses.

Many years ago I used to decide which movies to go to on the basis of if the Listener film reviewer hated them, they were likely to be very enjoyable. I didn’t trust their reviews as we had different tastes.

But the reviews of 100 or so professional reviewers (accumulated on Rotten Tomatoes) I do tend to trust, like I may trust the ratings from 100,000 people on IMDB.

Here is PwC’s smart answer: “If trust in individuals and institutions is waning or at best holding steady, faith in the aggregate is growing.”

In other words, I don’t trust you, Random Guy Giving Me a Ride Home, but I do trust the 4.9-star average rating of all the people who’ve been in your car before. Maybe I don’t have all that much trust in one woman renting her home on Airbnb, but I do trust the aggregated input of the 24 people who’ve given her high marks.


No tag for this post.


April 24th, 2015 at 12:00 pm by David Farrar

The Economist reports:

A number of companies have bold ambitions to use satellites, drones and balloons to bring the internet to the unconnected

EVER since the early 1990s, when it moved out of universities and was embraced by the general public, the internet has grown relentlessly. Only 2% of the world’s population was online in 1997. By 2014 the proportion had risen to 39%, or about 3 billion people (see chart below). But that still leaves another 4 billion who live an internet-free existence.

Most of the bereft are in the developing world, where only 32% of people are online, compared with 78% in rich countries. And those numbers disguise plenty of local variation. Just 19% of people in Africa were internet users in 2014. Like most infrastructure, the internet is easiest to provide in cities. People scattered in the countryside—even those in rich countries—must often do without.

Yet that may be about to change. Four technology companies are pursuing ambitious plans that could, eventually, provide reasonably fast, high-quality connections to almost everyone on Earth. Google dreams of doing so with a globe-circling flock of helium balloons. Facebook’s plan requires a fleet of solar-powered robotic aircraft, known as drones. And two firms—SpaceX, a rocket company, and OneWeb, a startup based in Florida—aim to use swarms of cheap, low-flying satellites. By providing an easy route to the internet at large, local telecoms firms should be able to provide high-speed, third- or fourth-generation mobile-phone coverage to areas far away from the big cities.

Sounds great. And there would be rural parts of NZ that would love that also.

The article is very interesting about the challenges of latency and coverage and some of the ideas out there.

An extra benefit is you could beam uncensored Internet into countries that supress it like North Korea.


No sympathy

April 24th, 2015 at 10:00 am by David Farrar

USA Today reports:

A computer security researcher on his way to give a talk about computer security vulnerabilities at a major conference was told he couldn’t fly on United Airlines Saturday, due to comments he’d made on Twitter.

My first reaction was this seemed over the top.

United made the decision not to allow Roberts to fly on United “because he had made public statements about having manipulated airfare equipment and aircraft systems,” said Rahsaan Johnson, United Airlines spokesman.

“That’s something we just can’t have,” he said.

So what did he say?

Roberts’ troubles began Wednesday when he flew from Denver, where his company is based, to Syracuse, N.Y.

Once onboard, he pondered on Twitter whether he would be able to hack into the flight’s onboard computer settings.

“Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? :)” his tweet read.

EICAS refers to the plane’s onboard communication system, the “engine-indicating and crew-alerting system.”

He tweeted about interfering with the plane’s systems, while on board the plane. That’s just stupidity, and he gets little sympathy.

EFF, which has taken on his case, said Saturday that United’s refusal to allow him to fly “is both disappointing and confusing. As a member of the security research community, his job is to identify vulnerabilities in networks so that they can be fixed,” EFF’s Andrew Crocker said on the organization’s website.

Yes, but you don’t do that by publicly tweeting about them while on a plane.


The geo-blocking lawsuit may be a good thing?

April 22nd, 2015 at 12:00 pm by David Farrar

The Herald reports:

For two years, before Netflix’s New Zealand launch and Sky’s Neon streaming offering, a clutch of internet service providers, including Slingshot and Orcon, have provided Global Mode – technology allowing customers to watch programmes on overseas video streaming sites, sometimes months before they are shown by New Zealand broadcasters.

In contrast to tech-savvy youngsters’ use of torrenting sites and other shady methods to “unblock” trending programmes in the United States or Britain, Global Mode came with at least a veneer of legitimacy. While the tool is offered free, viewers still must subscribe to the overseas screening site – such as US Netflix or BBC iPlayer – satisfying customers with scruples that the content creator isn’t losing out. Nor does it require technical smarts: there’s no software to download or configurations to change.

I don’t use Global Mode, but I do use Hola to allow me to subscribe to Netflix in the US, so that I am paying someone for the content I am watching.

Now, broadcasting behemoths TVNZ, MediaWorks and Sky have joined forces with Spark (which both supplies broadband and on-demand product Lightbox) in a bid to squash the upstart. On April 2, they sent “cease and desist” legal letters to BNS and its customers giving them until Wednesday to close the service down. Some smaller internet providers folded; BNS and Call Plus (owner of Slingshot and Orcon) stared them down. Court papers are due to be served and, to no one’s surprise, Hollywood studios are joining the action.

I an understand that the broadcasters are not happy that they pay global content providers for an exclusive licence for NZ, and they find out it isn’t that exclusive.

Big Media say the technology breaches exclusive rights licensing agreements between overseas content-holders and local broadcasters. They claim this breaches copyright law; that the streaming rights of offshore providers such as Netflix US, Hulu, Amazon Prime and BBC iPlayer do not extend to New Zealand.

It is far from clear it does break copyright law. The argument is that people who use global mode are just doing the equivalent of parallel importing – something the NZ Parliament has specifically legislated to be legal.

Slingshot chief executive Taryn Hamilton says internet viewing options make the broadcasting rights model of selling the same product multiple times in different territories “completely out-of-date. The music industry were kicking and screaming about this a decade ago; they wised-up and changed their business model and now there’s a thriving economy for music.

“The broadcasters need to go back to the rights-holders and say exclusive geographic content is a failed model.”

I agree.

And this is where the lawsuit may be useful. If the broadcasters lose the lawsuit, then it will have global reverberations. It will be a clear court ruling that someone with rights to one country can’t stop people dealing with people with right’s in another country. Just like Whitcoulls can’t stop you buying off Amazon.

If the broadcasters lose, then they can go back to the rights-holders and say our rights are no longer exclusive. You have no legal capacity to make them exclusive, so all we’re going to do is pay you for non-exclusive rights. And this could set off a global change in breaking down the idea of being able to make rights exclusive by country in an Internet connected world.

So the broadcasters may win, even if they lose.

What if the broadcasters win?

Probably not much. The ISPs who use global mode will stop offering it, but most of their customers will then either use individual services such as Hola, or VPNs, or just simply go from paying for content to torrenting it. The one thing they won’t do is say “Oh I’m going to wait four months to see my favourite TV show, once an exclusive holder in NZ decides I can see it”.

So I think a loss for the broadcasters will be even better for them than a win.

A win for the broadcasters will be bad for the ISPs, but not affect end users much.