Technology

The Department of Immigration and Border Protection (DIBP) has succeeded in having a member of the public remove a post from her Facebook wall that a spokesperson has said targeted a staff member within the department.

On Friday, in a series of Tweets from the Department of Immigration and Border Protection’s official Twitter account, the department asked Vanessa Powell, a teacher and a volunteer on community radio, to remove a Facebook post that “contains an offensive remark directed at a staff member” from a man named George Georgiadis — via redwolf.newsvine.com

There is no case, none, to limit debate about the performance of national leaders. The more powerful people are, the more important the presumption must be that less powerful people should be able to say exactly what they think of them.

That’s the Tony Abbott of 2012, addressing his friends at the Institute for Public Affairs. What a difference a couple of years makes.

New guidelines from the department of prime minister and cabinet threaten employees with discipline if they are critical or highly critical of the department, the minister or the prime minister on Facebook, Twitter, YouTube, Pinterest, Flickr, blogs, or anywhere much else.

Note that the policy applies to posts in a personal capacity — even those made anonymously — and that public servants are urged to dob in any colleagues they might recognise.

If an employee becomes aware of another employee who is engaging in conduct that may breach this policy, the edict explains, there is an expectation that the employee will report the conduct to the ­department.

Tim Wilson, then head of the IPA, was in the audience for Abbott’s freedom wars speech. Surely our self-proclaimed freedom commissioner will denounce measures muzzling public servants?

Not so much, no.

There is nothing inconsistent with free speech and having codes of conduct or policies as a condition of employment that require professional, respectful behaviour in their role and the public domain, Wilson told the Daily Telegraph.

Elsewhere, Wilson explicitly rejects the charge that he cares only about the rights of the most powerful. Free speech is for everyone, he says. But his support for the restrictions on employees illustrates that, by everyone, he means something more like everyone I know — via redwolf.newsvine.com

The Australian Federal Police (AFP), the Australian Securities Investment Commission (ASIC), and one unnamed agency have indicated to the government that they would likely seek to keep using powers in the Telecommunications Act to force ISPs to block websites.

In April 2013, following a bungle by ASIC that resulted in accidentally blocking customer access to 250,000 websites for at least two ISPs — when the agency was just seeking to block websites associated with investment fraud — it was revealed that three Commonwealth government agencies had been using Section 313 of the Telecommunications Act to compel ISPs to block customer access to websites on their behalf.

Following public backlash, and amid cries of censorship and criticism over the lack of transparency over the power, the then-Labor government promised to review the power, and improve the oversight and transparency of the process.

At the time, despite the controversy, it seems that internally, agencies had indicated to the government that they intended to continue using the power. A briefing document from a meeting convened by the Department of Communications in May 2013, and published online yesterday under Freedom of Information revealed that the three agencies the department had discovered to be using section 313 to block websites indicated their intention to use Section 313(3) in a similar way in the future.

The heavily redacted briefing document showed that the AFP had used the power 21 times between June 2011 and February 2013 to request ISPs to block websites listed on the Interpol worst of child abuse websites, and would continue to do so in the future.

The document also stated that the AFP may have also used the power to combat some spam and phishing sites. AFP deputy commissioner Michael Phelan said last year that this is not an efficient method of dealing with malware sites.

ASIC was also listed as intending to use the power again — via redwolf.newsvine.com

Riot police in Turkey have fired tear gas, rubber bullets and used water cannons on demonstrators in Istanbul and Ankara protesting against government plans to impose curbs on the internet.

Rights groups say the proposals, which were approved by parliament last week, amount to censorship and will increase government control of the internet.

Up to 2,000 protesters chanted government resign and all united against fascism at Istanbul’s Taksim Square, some of them hurling fireworks and stones at police.

Everywhere Taksim, everywhere resistance, they shouted, using the slogan of last June’s anti-government protests that first erupted in the square.

The demonstration was organised in protest at plans to impose curbs on the internet and over the graft scandal rocking the government.

It broke up after the police action without any immediate reports of injuries or arrests — via redwolf.newsvine.com

A teenager in Australia who thought he was doing a good deed by reporting a security vulnerability in a government website was reported to the police.

Joshua Rogers, a 16-year-old in the state of Victoria, found a basic security hole that allowed him to access a database containing sensitive information for about 600,000 public transport users who made purchases through the Metlink web site run by the Transport Department. It was the primary site for information about train, tram and bus timetables. The database contained the full names, addresses, home and mobile phone numbers, email addresses, dates of birth, and a nine-digit extract of credit card numbers used at the site, according to The Age newspaper in Melbourne.

Rogers says he contacted the site after Christmas to report the vulnerability but never got a response. After waiting two weeks, he contacted the newspaper to report the problem. When The Age called the Transportation Department for comment, it reported Rogers to the police.

It’s truly disappointing that a government agency has developed a website which has these sorts of flaws, Phil Kernick, of cyber security consultancy CQR, told the paper. So if this kid found it, he was probably not the first one. Someone else was probably able to find it too, which means that this information may already be out there.

The paper doesn’t say how Rogers accessed the database, but says he used a common vulnerability that exists in many web sites. It’s likely he used a SQL injection vulnerability, one of the most common ways to breach web sites and gain access to backend databases — via redwolf.newsvine.com