[AusNOG] census issues tonight

Robert Hudson hudrob at gmail.com
Wed Aug 10 11:43:31 EST 2016 

What a complete crock of shit.

On 10 August 2016 at 11:34, Daniel <satellite at internode.on.net> wrote:

> The relevant minister (Michael McCormack) has released a statement blaming
> DDoS in combination with a router hardware failure:
>
>
>
>
>
> “There was a large scale denial of service attempt to the census website
> and online form. A denial of service is an attempt to block people from
> accessing a website. Following, and because of this, there was a hardware
> failure,” he said.
>

A "large scale denial of service attempt" is an attack.  One doesn't launch
a "large scale denial of service attempt" in an attempt to say a pleasant
"Hello there!" or for any other friendly reason.


> “A router became overloaded. After this, what is known as a false positive
> occurred. This is essentially a false alarm in some of the system
> monitoring information. As a result the ABS employed a cautious strategy
> which was to shut down the online census form to ensure the integrity of
> the data already submitted was protected.
>

This part almost makes sense.  I guess *something* he said had to.


> “I will be clear from the outset, this was not an attack. Nor was it a
> hack but rather, it was an attempt to frustrate the collection of bureau of
> statistics census data. ABS census security was not compromised. I repeat,
> not compromised and no data was lost.”
>

This *was* an attack.  Pure and simple.  A DDoS (which is how we generally
describe a "large scale denial of service attempt") is, by its very nature,
an attack.

Unless the perpetrators have been identified and have released their
agenda, how can we possibly know their motives?  How do they know that
security was not compromised, and no data was lost?  Surely the inability
for the ABS to collect a large proportion of the one-night snapshot of data
on the Australian population on that one night, should be considered to be
a significant loss of data for the ABS (OK, it isn't a data breach, but
that's not what he's saying here).  How do we know that the DDoS wasn't a
curtain to conceal other activities?

Once again, we have people with no clue making absolute claims that they
simply cannot back up.  And the media is swallowing this just as meekly as
they swallowed the claims before the whole system came crashing down.

>
>
>
>
> http://www.theaustralian.com.au/national-affairs/census-
> 2016-website-crashes-under-weight-of-demand/news-story/
> 1febee892e1ab043c0e7682c7a3485a4
>
>
>
> (paywalled)
>

Just as unavailable to me as the Census site last night... :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160810/74395e3e/attachment-0001.html>

More information about the AusNOG mailing list