[AusNOG] NBN requesting personal information
Giles Pollock
glp71s at gmail.com
Fri Sep 30 13:03:21 AEST 2022
Its NBNCo... With what I've experienced over the last near six years of
dealing with them over a failure in infrastructure planning, I am quite
prepared to expect a future severe data breach from them.
There are whole slabs of design and implementation elements of the NBN both
at wholesaler and RSP levels which leave me deeply concerned about the
privacy elements of things, especially the apparent decision to push all
RSPs to use TR069 autoprovisioning systems for end users. Some in the know
might know of how one little mistake with those particular systems could
turn into a pretty hefty data breach in its own rights...
On Fri, Sep 30, 2022 at 11:37 AM Graham Maltby <graham at maltby.id.au> wrote:
> Hi All,
>
> In light of the current Optus debacle, can anyone explain NBN's constant
> demands for Proof of Occupancy Documentation (POD) in relation to the most
> trivial of request. I accept they want to ensure requests are legitimate
> for creating and modifying LOCIDs, but surely that should be limited to
> addressing details only, with the onus of vetting the end user left to the
> RSP.
>
> What possible reason can they have to demand end user names and contact
> information?
>
> In my mind, they are overstepping their wholesale role and, creating the
> opportunity for another needless future compromise.
>
> Cheers,
> Graham
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> https://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20220930/d6593824/attachment.htm>
More information about the AusNOG
mailing list