Australian News


Shocking government plan to access citizens’ bank statements, health data and phone records revealed by bombshell leaked letter

29th April 2018

Ministers are planning to make it easier for the government to spy on its own citizens, a leaked document has revealed.

As it stands, the Australian Federal Police and Australian Security Intelligence Organisation need a warrant from The Attorney-General to access Australians’ emails, bank records and text messages.

But ministers are reportedly planning to amend the Intelligence Services Act of 2001 to allow Home Affairs Minister Peter Dutton and Defence Minister Marise Payne to give the orders without the country’s top lawyer knowing.

The intelligence – which could include financial transactions, health data and phone records – would be collected by a government spy agency called the Australian Signals Directorate.

The plan was revealed by a leaked letter from Home Affairs Secretary Mike Pezzullo to Defence Secretary Greg Moriarty.

The top secret letter, written in February and seen by The Sunday Telegraph, details a plan to ‘hack into critical infrastructure’ to ‘proactively disrupt and covertly remove’ cyber-enabled criminals including child exploitation and terror networks.

In March, the plan was outlined in a ministerial submission signed by Mike Burgess, the chief of the Australian Signals Directorate.

It states: ‘The Department of Home Affairs advises that it is briefing the Minister for Home Affairs to write to you (Ms Payne) seeking your support for a further tranche of legislative reform to enable ASD to better support a range of Home Affairs priorities.’

But a proposal to change the law has not yet been made

A spokesman for the Defence Minister Ms Payne said: ‘There has been no request to the Minister for Defence to allow ASD to counter or disrupt cyber-­enabled criminals onshore.’

‘It would give the most powerful cyber spies the power to turn on their own citizens,’ the source said.

 

 

 

source/read more: https://www.msn.com/en-au/news/australia/they-could-turn-on-us-shocking-government-plan-to-access-citizens-bank-statements-health-data-and-phone-records-revealed-by-bombshell-leaked-letter/ar-AAwtlpM?ocid=spartandhp

Family violence ‘perpetrators’ to be fitted with tracking devices, regardless of conviction

4th Feb 2018

The worst of Tasmania’s family violence perpetrators will soon be fitted with tracking devices, regardless of whether they have been convicted of a crime.

New laws mean Tasmania Police can apply to courts to force offenders to wear ankle bracelets that monitor their movements around the clock, as a condition of a Family Violence Order.

Victims can also volunteer to be monitored, in a bid to increase their safety in public spaces.

“This can act as a deterrent but also if an offence is committed they can provide evidence,” Inspector Robert Blackwood said.

Spain and Portugal are trialling a similar idea and New South Wales recently started putting the trackers on some perpetrators who have exiting Family Violence Orders against them, as they leave jail.

But Tasmania is taking it further.

In an Australian-first, police can now apply to a magistrate to have a tracker put on people who have never been convicted of an offence – an allegation or a history of violence (even without a successful prosecution) could be enough to see some people tracked.

“It’s certainly the more serious family violence perpetrators that we’d be making application to,” Inspector Blackwood said=

“They’re going to need to have a history of family violence, they may be charged with a family violence offence as well,” Inspector Blackwood said.

It means that police can proactively monitor known offenders and act to intervene when they get too close to their victims rather than scramble to respond once a protection or restraint order has been breached.

Previously they could only act after they were notified of a breach, which in some cases meant the victim had again been assaulted by their abuser.

Unlike the NSW initiative, victims can also opt to carry a GPS device so police can monitor where their abuser is in relation to them and warn them if they get too close.

“They’re not actually fitted with a device permanently, they just carry a device and what that allows us to do is monitor where the victim is in proximity to where the family violence perpetrator is,” Inspector Blackwood said.

“An example is the victim is within a shopping centre and the offender, aware or unaware that the victim is at that location, is approaching that shopping centre.

“We could then notify the victim that the perpetrator is within a certain proximity of them and activate that safety plan that’s already been established and also arrange a police response.”

Surprise support

Victims will not be able to monitor their abuser themselves.

“The victim does not have access to any information about the location of the perpetrator, they just carry a device, so the monitoring centre becomes aware when they are in proximity of each other and we can take action,” Inspector Blackwood said.

 

 

 

source/read more:http://mobile.abc.net.au/news/2018-02-04/tas-family-violence-perpetrators-to-be-get-tracking-devices/9394340

Sydney University students to be taught to obtain ‘enthusiastic yes’ before sex

30th jan 2018

New students at Sydney University will be taught to obtain an “enthusiastic yes” before they engage in sexual activity such as kissing or touching on campus or it’s “sexual assault’’.

A mandatory online module has been introduced at the university, requiring students to achieve a 100 per cent score in order to pass the course, The Daily Telegraph reports today.

Complete with gendered stick figures arranged in a variety of positions, the Consent Matters: Boundaries, Respect and Positive Intervention module outlines the basics of sexual consent as well as factors that can impact on a student’s ability to gain consent, such as drug or ­alcohol use.

But the course, which is also offered at Charles Darwin University and ANU, has not ­impressed students and experts, who claim the exercise is “stupid” and would not adequately address problems with sexual harassment

According to Sydney University’s website, the course was developed in a collaboration between British and Australian academics and involves interactive activities and scenarios that highlight the importance of consent when participating in “kissing and touching”.

“This means that everyone is entirely comfortable with the situation and freely able to agree, give permission or say ‘yes’ to participating in a sexual activity (this includes kissing and touching),” the website says.

“If someone is not able to offer an enthusiastic ‘yes’ to questions about sexual activity you do not have consent.”

 

soiurce/read more: https://www.theaustralian.com.au/higher-education/sydney-university-students-to-be-taught-to-obtain-enthusiastic-yes-before-sex/news-story/6e1aec72df2e1ed2273778c0b136b017

Experts sound alarm as biometric data from driver’s licences added to government database

 

15th Jan 2017

Your face is becoming the latest weapon in the world of digital surveillance, and the humble driver’s licence looms as a game-changer in tracking individuals through both the real and virtual world.

Experts warn your biometric data may already be vulnerable to misuse by criminals and terrorists, as the proliferation of mobile cameras combined with social media and ubiquitous CCTV feeds mean we’re caught on screen more than ever before.

Driver’s licences will be added to the Commonwealth Government’s already vast biometric databases after it struck an agreement with the states and territories, handing authorities access to an unprecedented level of information about citizens.

A system known as “the interoperability Hub” is already in place in Australia, allowing agencies to take an image from CCTV and other media and run it against a national database of passport pictures of Australian citizens — a process known as “The Capability”.

But soon driver’s licences will be added to the system, allowing both government and private entities to access your photo, age and address.

It is a $21 million system being sold as a way to tackle terrorism and make commercial services more secure.

But experts warn people now risk losing control of their biometric identity entirely as commercial interests, governments and organised crime gangs all move to capture more personal metadata for their own gain.

Driver’s licences change the biometric gamw

Technology and legal expert Professor Katina Michael said about 50 per cent of the population already had some kind of visual biometric stored in a nationally-accessible database, but the inclusion of drivers licenses would see the proportion of Australians scooped up in the net swell to about 80 per cent.

She said one of the biggest risks of the collection of biometric data was not deliberate misuse by the AFP, ASIO or another government agency, but rather vulnerabilities in the way biometrics work.

“It’s not like a one-on-one match, where you put (in) an individual’s face and say: ‘they’re a suspect’,” Professor Michael said.

“But rather what you get returned is a number of possibilities … you might get back 15, or 20, or 30, or 50 matches.

So you might have 50 innocent people being suspects, rather than the person that you’re trying to catch.

Professor Michael said this meant that while over time a person’s name might be cleared, their data could remain in a database linked to a criminal investigation.

“And then I’m thinking, what happens to their level of innocence as time goes on, because they accidentally look like a minority group?” she said.

She said real criminals and terrorists would opt out of the system, choosing not to have passports and driver’s licenses in a bid to escape the net.

“Of course, if you’ve done nothing wrong, the old adage says you’re fine. But increasingly, we don’t know if we’re fine,” she said.

The rise of ‘uberveillance’

Professor Michael said modern surveillance methods employed by law enforcement were not just limited to CCTV — they now incorporated vast amounts of metadata and social media, leading to a concept known as “uberveillance” in which people were constantly monitored.

“What we have now are digital footprints that we all leave behind,” she said.

“Phone call records, internet searches, credit cards and even the data on your electronic train or bus ticket can be used to track your movements and activity.

“It brings together all these various touchpoints, telecommunications records, travel data via tokens, facial recognition on federal databases, your tax file number … that’s accessible depending on the level of crime and social media.

“You’ve got this very rich almost cradle-to-grave kind of data set that’s following you.”

Photo Even transport cards like the NSW Opal card can reveal your personal data.

Organised criminals want your identity

Stephen Wilson runs Lockstep Consulting, a Sydney-based firm which researches and tracks trends in biometrics in the corporate and government spheres, and advises clients on best-practice.

He said at the moment very secure biometric systems took quite a long time to process images accurately.

Problems arose when consumer convenience, such as being able to unlock a phone or access a bank account with a quick face or fingerprint scan, trumped security.

“No police force, no public service, no business is ever perfect, there is always going to be corrupt people,” Mr Wilson said.

“The more exposure we have to electronic databases, the more exposure we have to biometric matching, it’s only a matter of time before these bad actors succumb to temptation or they succumb to corruption and they wind up using these systems inappropriately.”

Your biometric twin is out there

Photo New technology can more easily track people’s faces in crowds.

Mr Wilson said biometrics were creeping into consumer services like bank accounts and online betting facilities, with customers asked to send a picture of their licence and a “selfie” that will be run through an identity matching service.

“The real risk is that bad actors will take people’s photos, ask for a match, and get back a series of matches of people that are kind of like your biometric twin,” he said.

“We’ve all got doppelgangers, we’ve all got people in public that look just like us.

“If you’re trying to perpetrate a crime, if you’re organised crime, and you’re trying for example to produce a fake driver’s licence, it’s absolute gold for you to be able to come up with a list of photos that look like ‘Steve Wilson’.”

Technology companies like Apple and Samsung have championed the use of biometrics such as fingerprints, and this has taken a step further with facial recognition becoming more common thanks to the release of the iPhone X.

Photo Apple’s iPhone X has championed facial recognition technology.

However Mr Wilson said a key difference was that information stayed on the phone, while banking and other commercial interests trying to use your biometrics to confirm your identity could be storing it on a server anywhere.

“Do you really want your photo, which is a pretty precious resource, sent off to a company perhaps on the other side of the world just so you can get a quick bank account or quick betting service set up?” he asked

What will happen next?

An annual industry survey conducted by the Biometrics Institute, known as the Industry Trend Tracker, has nominated facial recognition as the biometric trend most likely to increase over the next few years.

Respondents believed privacy and data protection concerns were the biggest constraint on the market, followed by poor knowledge of decision makers, misinformation about biometrics and opposition from privacy advocates.

The Australian law reform commission says biometric systems increasingly are being used or contemplated by organisations, including in methadone programs, taxi booking services, ATMs and online banking, and access to buildings

Dr Michael said governments needed to be very cautious about how they applied this rich new source of data in the future.

She said governments were building these agreements between themselves and corporations in a bid to stamp out fraud, but that goal was not always achieved and the potential for mistakes was vast.

“What we have is this matching against datasets, trying to find the needle in the haystack,” she said.

“Often what happens is we don’t find the needle.”

A statement from the Department of Home Affairs said the Australian Government was exploring making the Face Verification Service available to the private sector, but nothing had started at this point.

It said arrangements for private sector access would be informed by an independent privacy impact assessment and those using it would need to demonstrate their lawful basis to do so under the privacy act and where they had gained consent to use a person’s image.

Security Breach Sees Secrets Stolen From International, $1.1 Trillion Joint Strike Fighter Project

12th oct 2017

A mystery hacker codenamed after a larrikin Australian soap opera character has been revealed as stealing sensitive, high-level information about a $1.1 trillion defence project created by an alliance including Australia, the U.S, UK and Canada.

The data about Australia’s warplanes and navy ships was stolen from an Adelaide Defence subcontractor which had one I.T. specialist and used extremely easy passwords.

Given the name “ATP ALF” — in reference to a +30 year character from the long-running Australian beachside TV program, “Home and Away” — the hacker had managed to sit inside the system of the contractor for months before detection in November 2016, and stole information about programs such as the $17 billion F-35 Joint Strike Fighter project, the C-130 Hercules transport plane and the $4 billion P-8 Poseidon maritime surveillance aircraft project.

A state actor has not been ruled out and it has been reported that a hacking tool, known as the Chinese Chopper, was used. The stolen data was not classified military information, but it was described as “commercially sensitive”.

The hack was discovered by a major Defence contractor.

A hacker a government agency has named ‘Alf’ (after the Home and Away character) has stolen sensitive Defence info https://t.co/awUKATLwgV
— Bevan Shields (@BevanShields) October 11, 2017

Intelligence agency, the Australian Signals Directorate (ASD) revealed details of the hack, through the technology news website ZDNet, on Wednesday, after it was flagged on Tuesday by the minister for cyber security, Dan Tehan.

According to Mitchell Clarke, an ASD incident response manager, the stolen documents for a Navy ship could let a viewer, “zoom in down to the captain’s chair and see that it’s, you know, one metre away from nav chair”.

The subcontractor was revealed as using software that hadn’t been updated for 12 months as well as username-password combinations, “admin-admin” and “guest-guest”.

The many months between where the hacker was left to his own devices was referred to ‘Alf’s Mystery Happy Fun Time’.

Not an SME – a defence supply chain. Vendors are threat vectors. https://t.co/lxCk9WqDe7
— Tim Watts MP (@TimWattsMP) October 11, 2017

Defence industry minister Christopher Pyne told the ABC on Thursday he does not know who the hacker is and indicated he would not tell if he knew, “It could be a state actor, a non-state actor. It could somebody working for another company”. He described the contractor as a small enterprise and rejected any implication that the Turnbull Government was to blame for the hack.

 

 

source/read more : http://www.huffingtonpost.com.au/2017/10/11/adelaide-security-breach-sees-secrets-stolen-from-international-1-1-trillion-joint-strike-fighter-project_a_23240582/?utm_hp_ref=au-homepage