Andrew Breese

Musings of a professional geek

Tag Archives: privacy

Privacy Amendment Bill for Data Breech Notification has passed.

The Privacy Amendment Bill for Data Breech Notification has passed.

Implements recommendations of the Parliamentary Joint Committee on Intelligence and Security’s Advisory report on the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 and the Australian Law Reform Commission’s report For Your Information: Australian Privacy Law and Practice by amending the Privacy Act 1988 to require agencies, organisations and certain other entities to provide notice to the Australian Information Commissioner and affected individuals of an eligible data breach.

What does it mean? Well practically it means that companies and organisations (including the government) who suffer a breech of information must notify the government, and therefore may as well tell the public too, in a certain time-frame. And that failing to do so suffers penalties. It encourages data security, privacy, literacy for cyber threats, and might also change the ways companies think about technical security and privacy more broadly.

Is it perfect? No. Is it better than hoping it does not happen, or trusting that companies might do the right thing anyway? Hell yes. Huzzah!

Advertisements

VPN Viable for Privacy? Yup

I had a bit of a rant about SOPA recently, and thankfully some really influential websites and folks did too. That little bit of political silliness is crawling to a halt (I’m still waiting for the real death announcement), and hopefully the people involved stop and think, consider, ask, and then learn before they have another go. I’m all for solutions that help, but it is better to change behaviour, business models, commercial agreements, etc to resolve the issue than legislate. Particularly when that legislation has far more negative effects that positive.

As part of the rant I looked at VPNs to enable online privacy. I’d read that it is an effective way to work around regionalisation, neutralised changes like SOPA would bring, and generally pritect your online identify more – and it needed a good test.

It worked. It’s nice.

The service I purchased gave me a stable and health VPN connection (speeds up to 955kb/s) which made all the auto-detect functions I visited see me as a user from Sweden. Australia to Sweden is a long darn way, and the internet was none the wiser.

  • Visiting Google initially came up in a different language.
  • Tracking IPs found only the VPN end-point.
  • Bittorrent connections (for legal epubs by the way) were seeing the VPN IP.

An interesting trick I found too was using the Firewall rules in Windows 7 to ensure that your browser only worked while on the VPN. I did this by:

  • ensuing that my home network was set as a private zone,
  • configure the VPN connection as a public zone,
  • setting up a new Firewall rule for Firefox (my browser of choice) so that it was not allowed to access the internet on the private zone,
  • then setup a firewall rule for Firefox which allowed it to access the internet on the Public zone.

This has the effect of killing Firefox’s browsing unless the VPN was active.

But why you ask?

Well if you happen to be doing something suss (say bit torrenting), and you want to make sure that the application doing that suspect activity can only be traced to your VPN IP (in Sweden), then setting up the app (uTorrent et al) instead of Firefox in the example above will do just that. All BT connections will appear to be to Sweden.

Happy hacking folks, may your internet stay private.

%d bloggers like this: