NetHui South - Registrations Open

Afternoon - We are a Community Supporter of NetHui South and so if you are in the South Island you can now register for the event.
 

Internet NZ Press Release:

The South Island edition of New Zealand’s favourite Internet event is open for registrations now.

NetHui South 2014 will be held at the University of Canterbury on November 21-22 and as with previous NetHuis, it’s expected that tickets will sell out fast.

The national event, held in July, brought together New Zealand’s Internet community to plan and execute the three day event. There were prominent New Zealand speakers, community-led sessions on all kinds of Internet Issues, political discussions and a range of side events.

The South Island edition is promising to be just as exciting.

InternetNZ Chief Executive, Jordan Carter says that the South Island Internet Community was providing just as excellent ideas that came pouring in for the Auckland version for the South Island edition.

"People have obviously got a keen eye for the future of the Internet. We've had a lot of interest in sessions around how New Zealand and Canterbury can best use the Ultra-fast Broadband roll-out, as well as how to improve the Rural Broadband Initiative.

"Though the event won't be focussing solely on Canterbury, obviously that's a major factor and we've got an exciting panel lined up to discuss Innovation and Opportunity in a Connected Canterbury.

NetHui is supported by a number of sponsors and community sponsors, ranging from local providers Enable to Creative Commons Aotearoa and more. The event couldn’t go ahead without them and Jordan says that it’s working alongside people that makes NetHui great.

“We work with New Zealand’s Internet community to arrive at a pre-agreed agenda for NetHui South, and from there we actively encourage people to participate, rather than passively attend," says Mr Carter.

Registration can be done by visiting http://2014-south.nethui.org.nz/2014/10/registrations while a draft programme can be seen at http://2014-south.nethui.org.nz/nethui-programme.

ENDS

For more information, please contact:

David Cormack, Communications Lead
InternetNZ
+64 21 294 5333

 

Pass through of copper pricing

Last week I visited Tom Puller-Strecker at the DominionPost/STUFF offices to introduce myself as the new CEO of TUANZ.  In that meeting he asked a few interesting questions - and one of them was about our position regarding the pass-through by Service Providers of the copper price reduction coming into effect on the 1st December.  You can read my response and the article here: Telcos pour cold water on price cut call

NZ now has a league of broadband heroes - NZWIP

The real heroes of rural broadband have taken a break from bringing the best broadband to rural NZ for long enough to form an organisation and get the ability to speak with a single voice and engage with the 'Wellington' labyrinth, the mysterious beltway triangle linking MBIE, the Commerce Commission and Parliament.

I was at their inaugural meeting and I wish them luck and success, here's the official release:

More than 20 representatives from independent New Zealand wireless broadband providers have met in Wellington and resolved to form an industry group to jointly address issues facing their industry and speak to central government with one voice.

The meeting in Wellington was initially set up to hear presentations from RSM, InternetNZ and TUANZ, and work towards a combined submission to the current review of the Radiocommunications Act, but it soon became obvious that most providers faced similar issues and there was much common ground.

“By mid-morning on the second day, members were able to agree on the aims and principles of the new organisation and elect officers to represent the group,” says newly-elected President Justin Wells of Nelson-based Thepacific.net.

The group will be known as the New Zealand Wireless Internet Providers Association (NZWIP). Full membership will be available to wireless broadband providers with a minimum of 200 end-point wireless customers, and other organisations such as equipment suppliers and sole operators will be able to apply for associate membership.

The group will share resources and also provide statistics on an anonymous basis so that the overall size of this part of the telecommunications industry can be established.

“We expect we will find that this group serves in excess of 80,000 customers throughout New Zealand,” says Mr Wells. “Almost all of us are privately funded companies set up by entrepreneurs who have become expert in bringing decent broadband speeds to remote rural areas where the traditional providers were unable or unwilling to go. Ask any farmer or rural town-dweller who is their broadband provider and you’ll most likely find that it’s a relatively small, local company. Our advantage is that we know our territory, we understand the local geography and we know our customers. It’s a business model that works, even if it’s one that has suffered from missing out on government funded rural broadband initiatives which have made money available only to companies who could provide national coverage. That’s an issue that has been really frustrating for us all, as we’ve had to deal with taxpayer-funded competition.”

Mr Wells said the group was encouraged to see Minister Amy Adams’ pre-election announcement that National would make $100 million of contestable funding available which independent wireless providers would be able to access.

“This is a huge step forward and an acknowledgement that our members have been out there closing the digital divide for over a decade – taking kiwi ingenuity, combining it with technical know-how and making things happen in rural New Zealand.”

I know these guys can make a difference because 10 years ago I got my rural broadband issues in Marlborough solved by the pacific.net, in fact that's what started the whole process that leads me to being here today.

Their timing is right and they will delivered the best bang for the buck possible.

The Herod Clause - What would you give up for free WiFi?

A recent experiment in London showed that some people were prepared to give up their first born children in return for free wifi!, the story is here.

The reality is how many of us actually read the terms and conditions before we click agree on our way to some free surfing?

Here's the story:

A handful of Londoners in some of the capital’s busiest districts unwittingly agreed to give up their eldest child, during an experiment exploring the dangers of public Wi-Fi use.

The experiment, which was backed by European law enforcement agency Europol, involved a group of security researchers setting up a Wi-Fi hotspot in June.

When people connected to the hotspot, the terms and conditions they were asked to sign up to included a “Herod clause” promising free Wi-Fi but only if “the recipient agreed to assign their first born child to us for the duration of eternity”. Six people signed up.

F-Secure, the security firm that sponsored the experiment, has confirmed that it won’t be enforcing the clause.

“We have yet to enforce our rights under the terms and conditions but, as this is an experiment, we will be returning the children to their parents,” wrote the Finnish company in its report.

“Our legal advisor Mark Deem points out that – while terms and conditions are legally binding – it is contrary to public policy to sell children in return for free services, so the clause would not be enforceable in a court of law.”

Ultimately, the research, organised by the Cyber Security Research Institute, sought to highlight public unawareness of serious security issues concomitant with Wi-Fi usage.

The experiment used a mobile hotspot device built for less than £160 by German ethical-hacking company SySS using a Raspberry Pi computer, a battery pack and Wi-Fi aerial, all held together with elastic bands.

I'm pleased they won't be enforcing the clause, but the scary bit comes later in the article:

The experiment used a mobile hotspot device built for less than £160 by German ethical-hacking company SySS using a Raspberry Pi computer, a battery pack and Wi-Fi aerial, all held together with elastic bands.

The device “could have been easily concealed in a woman’s handbag and could be deployed in seconds,” claimed the report. It was first deployed in Cafe Brera in Canada Square, in the heart of Canary Wharf, and later just outside the Queen Elizabeth Centre near the Houses of Parliament.

After the initial Herod clause experiment, the research continued with the terms and conditions removed. In Westminster, 33 devices connected to the hotspot, with researchers startled to find that the popular POP3 email protocol revealed passwords in plain text when used over Wi-Fi.

This vulnerability dates back 13 years to 2001, showing how little effort has been put into fixing a potentially critical issue. If the researchers had been malicious, they could have easily siphoned off critical data like usernames and passwords and logged into people’s accounts.

“The authentication happens in plain text in some old protocols,” F-Secure’s Sean Sullivan told the Guardian. “You could probably snare a lot of people using email… you could do more to refine [an attack] to capture more people’s mail.”

Thats actually very scary, yet the allure of free wifi is really really strong. Here's the useful information from the end of the article:

But more mundane data can also be useful for hackers. Even when they aren’t connected to a hotspot, devices on average reveal the last 19 access points they hooked up to, the study found.

“It‘s a particularly disturbing development as recent research has shown that individuals can be accurately identified by using just the last four access points where they have logged on,” F-Secure’s report read.

Other metadata, such as websites people have visited or their device ID, would also prove useful to criminal or government spies hoping to piece together a fuller picture of targets.

The report concluded that there needs to be much more education around the use of public Wi-Fi, especially hotspots that are of unknown origin. F-Secure is also calling for more transparency from the telecoms industry.

Currently, users are suffering because of “collusion between different branches of the industry”, which has sacrificed security for the sake of usability, the researchers claimed.

“People haven’t had anything to compare it to to wrap their head around,” Sullivan added. “People are thinking of Wi-Fi as a place as opposed to an activity... You don’t do unprotected Wi-Fi at home, why are you doing it in public?”

Sullivan advises users run a Virtual Private Networking (VPN) software product, which will encrypt the data being sent to and from their device.

Turning Wi-Fi off when in public or when around untrusted hotspots can also be helpful wherever and whenever possible. Deleting old and known networks broadcasted by the device can help protect from metadata snoops too.

Good stuff to remember, it got me thinking about this story from a couple of years ago about the feasibility of digital pickpockets using a malicious android app to read NFC credit cards while they are still in your wallet! 

In a talk at the Defcon hacker conference in Las Vegas Friday, Lee demonstrated an Android software tool called NFCProxy that’s capable of both reading and “replaying” data from contactless credit cards–any of the common payment cards with embedded RFID chips that allow payments at retail outlets’ wireless point-of-sale devices like these. undefined

After using a Nexus S phone to read his own contactless Visa card onstage at Defcon, he then used his tool to relay the data a moment later to a point-of-sale device, where it was accepted as a payment. “I’ve just skimmed, abused and spent someone’s credit card within a couple minutes. It’s really simple,” he told the crowd.

That is really scary and we now have our banks and telco's rushing to get into payments before Apple Pay launches here.

But have they got the security sewn up tight?

2014 is shaping up to be the year of big security scares!