- NZNOG - lists.nznog.org

Swain's anti-hacking Bill to Select Committee - Paul Swain
by Ministerial Announcements 21 Nov '00

21 Nov '00

17 November 2000 Swain's anti-hacking Bill to Select Committee - Paul Swain Associate Minister of Justice Paul Swain has welcomed the passage of his 'anti-hacking' bill to the Law and Order Select Committee. This afternoon Parliament voted to send the Supplementary Order Paper to Crimes Amendement Bill (Number 6) to the Law and Order Select Committee for submissions and deliberation. "The overarching purpose of this SOP is to make hacking illegal in New Zealand - I think that is vital for every New Zealander who owns a computer. We need to send a strong message that hacking is not cool, it is not clever, it is a serious crime," Paul Swain said. "If it proceeds, this legislation would make accessing a computer system without authorisation a criminal offence punishable by a maximum of two years imprisonment. "At the moment computer hacking is not an offence in New Zealand. "The process now is for the Law and Order Select Committee to hear submissions on the SOP and make deliberations, this is a vital part of the process. This is the stage when the public get to have their say about the Bill. " For that reason I have ensured that there is a lengthy process for consideration by, and submission to the select committee. I propose asking the select committee to report back by the 30th May, which should give ample time for this process. "I have given an absolute assurance that law abiding citizens who are not involved in criminal activity have nothing to fear from this legislation. People will be looking for proof of that assurance when the select committee reports back," Paul Swain said. --- You are currently subscribed to swain-releases as: all-releases(a)executive.govt.nz To unsubscribe send a blank email to leave-swain-releases-15379N(a)executive.govt.nz --- You are currently subscribed to all-releases as: EpistlesFromTheState(a)Hamish.MacEwan.gen.nz To unsubscribe send a blank email to leave-all-releases-8282Y(a)executive.govt.nz --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

2 1

NZ Broadband mailing list
by Dan Langille 20 Nov '00

20 Nov '00

I send this message was sent to nz.comp last night. I figured more than one list member would be interested: I've just created the New Zealand broadband mailing list. Given that the ADSL mailing list has grown quite a bit, it's time to split the list. adsl(a)unixathome.org will continue to deal with ADSL. broadband(a)unixathome.org will deal with broadband in general and delivery methods such as ISDN, satellite, Saturn cable, chello, IHUG Ultra, etc. Those who wish to subscribe to the new list should send a message to majordomo(a)unixathome.org with "subscribe broadband" in the body of the message. The archives for the new list, once there is something to archive, will go online later this week at http://unixathome.org/broadband/ cheers -- Dan Langille The FreeBSD Diary - http://www.freebsddiary.org/ FreshPorts - http://freshports.org/ --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

1 0

Internet Surveillance
by Joe Abley 15 Nov '00

15 Nov '00

Hi, ISOCNZ have a working group looking at Internet Surveillance, and are attempting to decide on a position from which to make recommendations to the Government. It hasn't been running long. http://listserver.actrix.co.nz/mailman/listinfo/isocnz-iswg There was some noise in the press about police powers with respect to internet surveillance recently (although not much signal). I'm trying to look at the operational impact of legislation in this area. Ignoring the philosophical debate about what is and what isn't appropriate about surveillance in general, or about police powers to gather evidence from ISPs: + suppose the police have sufficient cause to be suspicious about the antics of one of your customers that they obtain a court order which entitles them to "tap their internet traffic". Suppose you decided (or were compelled) to facilitate the "tap". o what is reasonable for them to tap? Incoming (to-customer) e-mail? Outgoing (from-customer) e-mail? A complete packet dump? o If you have customers who don't have static IP addresses, is it feasible to collect data from an individual subscriber without collecting it from a whole bunch of others at the same time? o would you be happy letting someone from the police connect her own equipment to your network in order to gather the evidence the court order entitled them to collect? Would you prefer to do it yourself? o would your company expect to be reimbursed for the time spent facilitating the "tap"? o how easy would it be for you to insert something in your network to capture all packets to/from one of your customers? (scale of 1 [trivial] to 10 [impossible]) o assuming it was possible, how much inconvenience would it cause to other customers to put the tap in place? (scale of 1 [none] to 10 [take them off the air for the duration of the tap]) + suppose all interception of network traffic was prohibited across the board without a court order; i.e. you were compelled to shift your customers' traffic blindfolded, and were absolutely not allowed to look at it. Would this be feasible? How much troubleshooting would be impossible under these kinds of conditions? + do you have a clause in your contract with your customers which permits you to inspect customer traffic for operational (or other) purposes? + are you aware of hooks in your network hardware which are designed to allow customer traffic to be intercepted? Joe --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

16 21

RE: Internet Surveillance
by David Katz 15 Nov '00

15 Nov '00

One just needs to look at the US and the whole fiasco that Carnivore has created to find out that this will be much more difficult than it appears... ;) -----Original Message----- From: Michael Newbery [mailto:Michael.Newbery(a)telstrasaturn.co.nz] Sent: Thursday, November 16, 2000 3:58 PM To: nznog(a)list.waikato.ac.nz Subject: Re: Internet Surveillance At 11:22 AM -0500 6/11/00, Joe Abley wrote: > >I'm trying to look at the operational impact of legislation in >this area. Ignoring the philosophical debate about what is and >what isn't appropriate about surveillance in general, or about >police powers to gather evidence from ISPs: [After not a lot of people responded, Joe attempted to shame us into replying. For the record, I'm too busy (excuse #2)] > > + suppose the police have sufficient cause to be suspicious > about the antics of one of your customers that they obtain > a court order which entitles them to "tap their internet > traffic". Suppose you decided (or were compelled) to > facilitate the "tap". > > o what is reasonable for them to tap? Incoming (to-customer) > e-mail? Outgoing (from-customer) e-mail? A complete packet > dump? Email, probably. A complete packet dump could present problems. I would be unwilling to do anything that would cost us money--without appropriate recompense---or that would impact network performance---in any event. I am unwilling to slow my STM-1024 down to V.24 speeds so I can wiretap. > o would you be happy letting someone from the police connect > her own equipment to your network in order to gather the > evidence the court order entitled them to collect? Would > you prefer to do it yourself? In general, no. I doubt their laptop has a suitable STM-1024 interface. Where possible, yes, under our supervision. > > o would your company expect to be reimbursed for the time > spent facilitating the "tap"? Of course. Actually, I'd expect that my company could and therefor should just write the cost off to civic welfare, but I think that a struggling ISP might not appreciate having to stump up overtime for several people to make the tap work. > > o how easy would it be for you to insert something in your > network to capture all packets to/from one of your customers? > (scale of 1 [trivial] to 10 [impossible]) 1-10. It depends on which customer and where in the network. > + suppose all interception of network traffic was prohibited > across the board without a court order; i.e. you were compelled > to shift your customers' traffic blindfolded, and were absolutely > not allowed to look at it. Would this be feasible? How much > troubleshooting would be impossible under these kinds of > conditions? Depends on how it's worded. In the extreme case, if I can't look at my customers' packets, I (my routers) can't read the address headers and the packets never make it past the first RJ-45! I would consider the wording in the current radio regs for amateurs has the right flavour. In the event that you intercept communications not intended for you, you are required to act as if you had not in fact intercepted the communications. In particular you must not communicate them to a third party. What's the statement? "Hard cases make bad law"? I shudder to think how to draught legislation that accurately and unambiguously sets out the rights and obligations of all parties and also keep up with technology. Let's just promote PGP a lot :-) -- Michael Newbery Technical Specialist Telstra Saturn Tel: +64-4-939 5102 Mobile:02-939 5102 Fax:+64-4-939 5100 --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

2 1

FBI responds to Carnivore criticism will deploy "Childsaver"
by Hamish MacEwan 15 Nov '00

15 Nov '00

WASHINGTON, D.C. (Routers) -- FBI Director Louis Freeh announced today that the Federal Bureau of Investigation takes the criticism of its wiretapping computer sniffer Carnivore "very seriously." In a hastily-called press conference, he acknowledged that the FBI had "underestimated the importance of the Constitution to the citizen-units.' "We are withdrawing Carnivore at this time," he said to an assembled audience of journalists, activists, and visiting death squad officials from South America. "Simply put, we expected citizen-units to simply shrug off our latest surveillance measures. That, and the name. Apparently we insulted the vegetarian and vegan contingent," he joked. Director Freeh announced that while Carnivore was being withdrawn, the FBI would go ahead with deployment of a much more powerful system called "Childsaver." "Childsaver is our next-generation "first mover advantage" product," said Freeh, adopting the FBI's new dotcom-friendly jargon. "Childsaver is a best-of-breed product. It gives us a powerful edge in the surveillance space, and we think our investors will be happy." Childsaver, as Director Freeh explained it, will require suppliers of browsers and mail programs to install the Childsaver plug-in in every program shipped. "Childsaver will allow the legitimate needs of law enforcement by enabling lawful surveillance orders to be carried out swiftly and undetectably." When asked by a reporter if Carnivore had always been intended as a sacrifice move, to be abandoned and replaced by the better-sounding Childsaver, Director Freeh referred all such questions to the Ministry of Truth. Check the source. Hamish. -- We are each of us angels with only one wing, and we can only fly by embracing one another. -Luciano de Crescenzo --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

1 0

Seminar by Dr Christophe (Sprint)
by Tony McGregor 13 Nov '00

13 Nov '00

The following seminar is being hosted by the Waikato University network research group (WAND). NZNOG visitors are welcome, let me know if you plan to attend so we can lay in supplies. Tony ---- Experiences Monitoring Backbone IP Networks Conducted by Dr Christophe Diot IP research Group, Sprint We present our experiences with monitoring traffic on the Sprint IP backbone network using the passive monitoring DAG OC-3/OC-12 card developed at the University of Waikato. We currently have 11 monitoring systems installed at one location, however managing a monitoring system of this scale is a challenging task since each link monitored can generate up to 100 GB of data each day. We discuss techniques for transferring the data to the lab, storing the data, and efficiently processing. Finally we present results that demonstrate the capabilities of our system and provide information which is useful in developing future measurement systems. Christophe Diot received a Ph.D. degree in Computer Science from INP Grenoble in 1991. From 1993 to 1998, he was a research scientist at INRIA Sophia Antipolis, working on new Internet architecture and protocols. Diot moved to Sprint Advanced Technology Laboratory in October 1998 to take the lead of the IP research group. His current interest is in deployable multicast (SSM) and Internet resource control. Diot is also member of IEEE and ACM, member of the COST 264 action, and serves as an editor for ACM/IEEE Transactions on Networking. Presented on Thursday 16 Nov 2000 at 4:00pm School Meeting Room, GG-12 ---- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

1 0

RE: Internet Surveillance
by Tony Wicks 12 Nov '00

12 Nov '00

yes, prepaid - http://www.mysurf.net.nz btw, users on mysurf ( which has just ben launched ) are address translated and blocked from accessing Asia Online Mail servers or news servers. They only have web-based mail. if you have any problems with anti-social activities from mysurf pre-paid users please email helpdesk(a)nz.asiaonline.net -----Original Message----- From: owner-nznog(a)list.waikato.ac.nz [mailto:owner-nznog(a)list.waikato.ac.nz]On Behalf Of Joe Abley Sent: Monday, 13 November 2000 9:01 a.m. To: Shane Cole Cc: nznog(a)list.waikato.ac.nz Subject: Re: Internet Surveillance On Mon, Nov 13, 2000 at 08:53:43AM +1300, Shane Cole wrote: > Just one thing, what are they going to do about people using prepaid ^^^^^^^ > internet on prepaid cellular to do there naughtyness... Prepaid? --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

7 10

RE: Internet Surveillance
by Sid Jones 12 Nov '00

12 Nov '00

At 21:53 12/11/2000 +0000, Jeremy Clyma wrote: >BTW isn't it time for a NZNOG pissu^H^H^H meeting again soon? Wellington or Auckland? -- Sid --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

4 3

FW: Internet Surveillance
by Tony Wicks 12 Nov '00

12 Nov '00

Actually, what I meant is that if there proves to be a significant number of complaints then Asia Online / Vodaphone management will need to take another look at the policy ( not me ! ). -----Original Message----- From: Joe Abley [mailto:jabley(a)automagic.org] Sent: Monday, 13 November 2000 10:13 a.m. To: Jeremy Clyma Cc: Tony Wicks Subject: Re: Internet Surveillance On Sun, Nov 12, 2000 at 08:41:09PM +0000, Jeremy Clyma wrote: > No, its not only a problem if you run an open relay.... > > Certain individuals provide lists of badly secured smtp servers which I > can just see a prepaid spammer for hire, abusing to their hearts content. Ah, but as Tony pointed out, you can always complain to the asia online helpdesk. "I'm sorry, we have no idea who that user is, so I guess they might well do it again. Yes, that does suck. Goodbye, thanks for calling." :) --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

1 0

Further to Australian Domain Name allocation policies and CER
by Frank March 09 Nov '00

09 Nov '00

An obvious follow up question winged my way within minutes of my post on acquisition of a domain name in the .com.au space: how does one acquire an ABN? Basically you need to fill in a form (AFAIK online registration is not possible, roll on e-Govt :-). Buckets of forms are held by TradeNZ and the contact is David Robertson, (04) 496 6414. I am informed that the forms may raise some questions as they are intended for Australians (for example, the form asks for Australian addresses but apparently NZ addresses will do just as well). The Manufacturers' Association and the Export Institute of NZ also have copies of the forms. Further information may be found at the MFAT Australian Division pages at http://www.mft.govt.nz/foreign/regions/australia.html Good hunting. Frank March Specialist Advisor, IT Policy Group Ministry of Economic Development, PO Box 1473, Wellington, NZ Ph: (+64 4) 474 2908; Fax: (+64 4) 471 2658 --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

1 0