Tech Jobs & IT Jobs at ITJobs.com.au

Clear all

Location Subsector

Salary (may include benefits)

Work Type Search Last Clear all

Latest News

Fletcher to lead Opposition's cybersafety group

The Federal Opposition is set to develop an alternative to the government's cybersafety policy, today announcing the formation of a taskforce of backbenchers to spearhead the issue, led by Paul Fletcher MP. Announced by Federal Opposition leader Tony Abbott in Melbourne this morning, the taskforce, dubbed the Online Safety Working Group, will seek to "assist parents, carers and teachers to better protect children and young people from the risks associated with the internet and social media". Abbott used the announcement to take a swipe at the government's existing cybersafety policy, which includes the controversial <a href="http://www.zdnet.com.au/conroy-launches-136k-cyber-safety-button-339307805.htm">Cybersafety Help Button</a> and a mandatory internet filter. "The coalition does not seek to repeat Labor's ham-fisted attempt to put a filter on the internet or to hinder the dynamic nature of the online environment, but we do want to assist and equip parents and teachers in their work of protecting our children and preparing them for adulthood," Abbott said in a statement. "This is about protecting cyberprivacy. It's not about trying to enforce cybercensorship." This fiery statement follows <a href="http://www.zdnet.com.au/turnbull-to-hold-anti-filter-forum-339305019.htm">statements made last year</a> by Shadow Communications Minister Malcolm Turnbull, in which he said that he wants to see the filter "dead, buried and cremated". The group will work closely with Turnbull's office, as well as with the office of Shadow Education Minister Christopher Pyne. The working group will also include Senator Gary Humphries, Alex Hawke MP, Natasha Griggs MP, Wyatt Roy MP, Patrick Secker MP, Senator Stephen Parry, Senator Bridget McKenzie and Luke Simpkins MP. According to the opposition leader's statement, the working group will hold roundtables and community forums over the coming months, before a report is handed down by midyear. more

'Small fish' evade us: Trend Micro

In a world where law enforcement is governed across different jurisdictions, criminals are exploiting the borderless properties of the internet to conduct online crimes and get away without even being challenged, according to Trend Micro senior architect of anti-spam and URL filtering Jonathan Oliver. <div class="aligncenter"><img alt="" title="" src="http://cdn.cbsi.com.au/story_media/339330521/jurismydiction_1.jpg" width="628" height="412" /> Botnets can reside in multiple different jurisdictions, separate to the command-and-control centres and the hacker's home country. (Credit: Trend Micro) </div> Oliver said that law-enforcement agencies are limited by what they can do in response to cybercrime, and often have to let the small fish go in order to make the best use of their resources. "They use the laws that they've got at hand to try and collect the evidence and prosecute the worst offenders. I think they're overwhelmed by a lot of small cases, and don't have the bandwidth, so they just don't even attempt," he said. "A small phishing scam? They're just not going to chase it up. They know that it's far too difficult, and nothing will be achieved." But medium-sized crimes are also being overlooked; they are becoming too difficult to pursue, as criminals realise that they can exploit the fact that law enforcement must respect geographical boundaries. "Cybercriminals make sure that they jump jurisdiction a few times. For example, the command-control servers in one jurisdiction have their botnets in another jurisdiction, and commit a crime in the third. This makes it very difficult to actually put together a case and prosecute them. And so, in the vast majority of cases, nobody bothers. It's not worth the effort. This enables them to continually do this high-volume constant criminal activity." Even if law-enforcement agencies do attempt to crack down on these sorts of crimes, Oliver said that they are often highly complex, and beyond the scope of understanding for those involved. "You try and explain the crime and the sequence of events and the judges and the prosecutors just don't have the training. It's a large task bringing everyone up to speed. That's a significant problem for the Australian Federal Police. When they want to prosecute and try these cases, judges, juries and prosecutors may not understand. That introduces another legal hurdle." Oliver said that Australia needs more cooperation and treaties with other countries to ensure that criminals can be effectively prosecuted, but that progress is falling behind. While he applauded the fact that the issue has been brought up and discussed at previous Commonwealth Heads of Government Meetings, he said that we definitely need change. "That's the type of initiative that we need to see, and then grow from there." more

Tomic's personal information spilled

Australian tennis player Bernard Tomic could easily <a href="http://www.zdnet.com.au/identity-theft-its-easy-339324393.htm">fall victim to identity theft</a> after a number of photographs of his licence were published, some of which clearly include his personal details. I wouldn't be surprised if someone else turned up hooning in new BMW under his name. more

Twitter to censor tweets by country

Twitter has refined its technology so that it can censor messages on a country-by-country basis. The additional flexibility is likely to raise fears that the micro-blogging company's commitment to free speech may be weakening. This comes as it expands into new countries in an attempt to broaden its audience and make more money. But Twitter sees the censorship tool as a way to ensure that individual tweets remain available to as many people as possible, while it navigates a maze of different laws around the world. Before, when Twitter erased a tweet, it disappeared throughout the world. Now, a tweet containing content breaking a law in one country can be taken down there, and still be seen elsewhere. "As we continue to grow internationally, we will enter countries that have different ideas about the contours of freedom of expression," Twitter said in a blog post. "Some differ so much from our ideas that we will not be able to exist there. Others are similar, but, for historical or cultural reasons, restrict certain types of content, such as France or Germany, which ban pro-Nazi content," Twitter said. China, notably, blocks Twitter, a situation that Twitter co-founder Jack Dorsey described recently as "unfortunate and disappointing". more

What happens on your server at night?

commentary Prevention is better than a cure, and all that, but what about when an attack isn't preventable? What do organisations do to ensure that they know who hit them? Judging by how long it takes to get answers, I'd say they don't do enough. <div style="width:300px" class="alignright"><img alt="" title="" src="http://cdn.cbsi.com.au/story_media/339330509/gears_1.jpg" width="500" height="389" /> (motion gears -team force image by <a href="http://www.flickr.com/photos/17258892@N05/2588347668/" target="_blank">ralphbijker</a>, <a href="http://creativecommons.org/licenses/by/2.0/deed.en" target="_blank">CC BY 2.0</a>) </div> It's become almost generally accepted that in the aftermath of an attack, an organisation is going to take a while to recover. You may even sympathise with them. There's a whole heap of issues to address, such as working with their hosting provider, checking what patches they actually had and searching for any evidence that the hackers left behind, all while trying to bring their server back online from back-ups, and ensuring that it's no longer vulnerable. I think that how an organisation responds in the aftermath of an attack is the real test of its security. It weeds out those who understand their network, and those who simply put up "security installed here" signs - the digital equivalent of dummy security cameras. If organisations are really on top of their security, why is it that most take so long to complete their investigations, or never find out how they were attacked? Is it a lack of technology that prevents expedient answers? I don't think so. We live in pretty interesting times, when consumers can back up to cloud services like Dropbox, or use their mobile phones to check in on their home computer. Despite this, forensic analysts are consistently appalled by large organisations that fail to enable even the most basic logging measures. Is it too difficult to ensure that these logs are turned on and periodically backed up somewhere safe? Something as simple as that would give organisations a better chance to catch some digital evidence of a hackers' rampage. But instead of tracking unauthorised system access, organisations are left to find out about their hacked infrastructure from the hackers themselves, who post their spoils on sites like Pastebin. I'm talking about hackers like Evil - an unemployed truck driver who taught himself how to hack, defaced the University of Sydney's website, <a href="http://www.zdnet.com.au/sydney-uni-exposes-student-info-339308712.htm">signed off with his hacker alias</a>, spent six weeks <a href="http://www.zdnet.com.au/govt-outlines-extent-of-evil-hack-339319400.htm">undetected on Platform Networks' systems</a> and <a href="http://www.zdnet.com.au/distributeit-claims-evil-behind-hack-339319324.htm">broke into Distribute.IT</a>. This was the same hacker who apparently didn't have the skills to work in the IT industry. Evil wasn't covert about what he was doing. He was like a burglar that kicked in the front door, ransacked the place, joined the family at the table for breakfast and then set the house on fire as he left. By the time the fire brigade had arrived, everyone else was wondering how he was never noticed. And yet, despite Evil's reckless behaviour, several organisations failed to clue in that something was amiss until they were well and truly burnt. What about the governor-general's website recently? In two separate incidents, one a few days ago and one as far back as April, hackers found a way to break into the site and <a href="http://www.zdnet.com.au/hackers-leave-calling-card-on-ggs-site-339330309.htm">upload their calling cards</a>. We're only fortunate that the two hackers who broke in decided not to do anything more malicious. How about Stratfor? Logs leaked by the hackers show them <a href="http://www.zdnet.com.au/why-we-all-lost-in-the-stratfor-hack-339328821.htm">laughing at Stratfor</a> as they read their emails and ridiculed their initial inability to recognise that anything was wrong. The current emphasis on perimeter security continues to be important in securing a network, but, given even just the negative reputation and embarrassment that these organisations have faced, I think it highlights a fairly clear case for the need to understand activity on their own systems. Slip-ups are expected at times, but, with proper monitoring, companies should be telling their customers that they knew exactly where the problem was and took action immediately - rather than giving the impression that they have no idea how they were compromised, and that any investigation could take months. more

Introducing Evi: Siri's new worst enemy

Another smart-looking competitor to Siri's voice throne has exploded onto iOS and Android this week. It's called Evi, and today we're looking at whether it has the goods to take down the reigning Apple champ. Developed by an English company called True Knowledge, Evi is a fast, great-looking artificial intelligence app that wanders through multiple search engines, answer pages and user-generated content databases to find what you're looking for. In my opinion, Evi is much better looking than Apple's Siri, with its black-and-white question-and-answer bubbles and its all-seeing-eye lurking at the top of the window, but does it have the goods to best Siri at her own game? In short - not exactly, but Evi isn't to blame. In our tests, we tried several times to look for answers as well as place results - something Siri still can't do in Australia - and nine times out of 10, Evi told us she couldn't connect to her servers due to capacity problems and encouraged us to try again in a minute. On one such occasion, we tried 10 times to get an answer before we gave up. On the questions we did get an answer on, however, such as "where can I get pizza", the app pulled in the 20 closest results from Yelp. Never mind that I asked her four times for it, it still came up. So perhaps the failings of Evi aren't actually her fault at all; the crime lies with True Knowledge, which released the product thinking that its Nuance-powered back-end could handle the load. The good news is that the folks at True Knowledge are on to the issue and are working on a fix. Give it a few versions and Evi will be running rings around Siri with ease. Watch the video to see Evi in action. more

Search

Jobs by sector

Jobs by location