I went on the Project (amongst others) to talk about the poor old ABS and the census website failure. I experience mixed emotions watching their non-apology press conference today. On the one hand, big IT projects are hard they go wrong and I can well imagine the hell that is the lives of the engineers involved over the last and coming few days. However, I was nothing but amused at the rather ham-fisted arse-covering by the minister Michael McCormack and the Australian Statistician David Kalisch. Firstly, they blamed denial of service (DoS) attacks and an “abundance of caution” by themselves for the site being unavailable. At the same time, they admitted that DoS attacks were expected and they had a plan. It was really a “confluence of factors” that took the site down. These included:

• A router hardware failure
• A failure in the geolocation system used for blocking foreign IPs during a DDoS (is this the same as above?)
• A “false positive” by which I can only guess they meant an intrusion alarm was triggered, probably as the site was failing under the load
• A big DDoS attack that came at 7:30 as Australians were finishing dinner.

None of these are a one-in-a-million events. This isn’t an unfortunate series of coincidences, just an admission that the site was poorly architected and had several single points of failure. One router failing should not bring down the site. You build in redundancy. The geolocation should have had a backup, or choose a more reliable service. A faulty intrusion detection system is nobody’s fault but your own.

Finally, the 7:30 DoS attack has been greeted with much skepticism. The digital attack map didn’t report anything and by the ABS’ own admission they load tested up to about a million censuses an hour. I would have expected several times that in the after-dinner rush, slanted towards the early end.

No doubt time will tell but I will offer a sincere apology if this was really the work of the PLA cyber-warfare unit, avenging the honour of Sun Yang.

Here’s the Project clip.

I’m 6 months into a PhD in astrophysics at Swinburne University. I’m having a great time. I intend to write about it a bit so I have created a separate blog for people that care about distant galaxies and machine learning. Take a look at coljac.space.

I did a spot on ABC radio (Queensland) this morning about profile photo theft. Have a listen below. Check out the story of Carl Nilsson-Polias whose photo is one of the top Google image search results for “profile photo”. He finds himself turning up everywhere!

(MP3 file)

I did another spot on The Project talking about the DarkNet and online drug marketplaces. Despite the lead-in being about a poor guy who died from using drugs bought online, The Project did a balanced piece and actually asked me whether online drug marketplaces could be safer. They continue to do good work.

I did another spot on the Project tonight on Google making users’ search histories available for download. Did the usual privacy-is-a-concern bit, but I do think this is a good move by Google. It is a positive development if people are aware just how much information they are putting out there.

I gave some quotes to the Project yesterday about hate speech on Youtube. As an online civil libertarian I’m always very, very skeptical of any attempts at the censorship of the internet, but it doesn’t necessarily follow that I would have a go at Youtube for censoring jihadi videos. In this case, I was talking about the impracticality of policing all the content that is uploaded to Youtube, but I did say it’s their right as a business to decide where to set the balance between neutral platform provider and curators of content. When government wants to step in and set the rules, there I take issue (sometimes after having a chuckle); but I’m not about to tell any business, even Google, that they must be forced to pay for the bandwidth and storage space for ISIL. (I actually think they should, within reason; but I respect their decision.)

One of the many dilemmas for any operator of a site with user-generated content (or any site with users, really) is that the more policing you do – removing ads, spam, copyright infringements – the more responsibility you are forced to take for everything else, whether it slips through the net or was simply not dreamed up when the terms of service were written. This is a real headache for Google’s search business. Since they have demonstrated that they can and do take links down in certain circumstances, it’s getting harder and harder for them to make the case to law enforcement and courts in dozens of countries around the world that PageRank is king and not to be interfered with on a case-by-case basis. I can only imagine that there are lots of resources, human and lines of code, policing the search results in dozens of jurisdictions around the world already. Many would argue that the power to remove content from a site or index implies endorsement of content that remains – a sort of Google theodicy.

As always, my conclusion is this: free communication on the internet brings with it benefits so enormous that it’s changed every aspect of our lives. We can’t keep those benefits and at the same time stop horrible people using it to say evil things. The price of admission for the internet we enjoy and take for granted is that sometimes these things are going to happen.

I’ve had another appearances on The Project recently, talking about scammers who use news events to lure people in. I do like talking about scams, but there’s often very little practical advice you can give someone.

I was on the Project earlier in the week talking about Dallas Buyers’ Club “crackdown” on Australian torrenters. Check it out below.