[AusNOG] NBN requesting personal information
Matt Perkins
matt at spectrum.com.au
Fri Sep 30 14:04:34 AEST 2022
Thousand's of NBN connections only a handful of times been asked for a
Proof of occupancy. As far as NBNco goes i dont thing they are a major
threat as far as a privacy / data breech goes. Letter box theft will get
you the same sort of info. There are way worse out there let me tell
you. Some of the people i deal with especially some that work for the
big outsource IT firms are totally incompetent in my humble opinion.
Fixated on box ticking some list of best practice that they have
plagiarised form a google search that does not correctly fit their
clients business leaving them with nothing more then a sense of security.
Over the last 10 years in Australia there has been shift toward a type
of IT Mafia where C and B levels have been afraid to hire anyone
perceived to be smarted then themselves with a tending toward hire
people they know and can trust not to steal their job. They live in a
delusional world with their sense of security and boxes checked, happy
in the notion that if something happens they can bring out the team
meeting minutes and declare but we checked all the boxes. We hired most
expensive management firm out their It must be [spin the wheel of blame]
fault.
Until we bring back thinkers and innovators in our industry we will be
doomed to repeat problems like the Optus one over and over.
Matt
On 30/9/2022 1:24 pm, Nathan Brookfield wrote:
> I do these daily Graham and I can say apart from the business name or
> there website to verify, I’ve NEVER been asked for end users details
> by NBN nor would I provide them, absolutely never for a Proof of
> Occupancy and that’s over hundreds of them.
>
> *Nathan Brookfield *
> General Manager
>
> *p*: 1300 592 330 | *m*: 0412 266 008 | *w*: https://Iperium.com.au
>
>
> Level 7, 82 Elizabeth Street, Sydney NSW 2000 <x-apple-data-detectors://4>
>
> *Your Connectivity Team*
>
>
>
>
>
>
> DISCLAIMER: This document is intended solely for the named addressee.
> This electronic communication, which includes any files or attachments
> thereto, contains proprietary or confidential information and may be
> privileged and otherwise protected under copyright or other applicable
> intellectual property laws. The use, disclosure, copying or
> distribution of any of the information contained in this document, by
> any person other than the addressee, is strictly prohibited. If you
> received this document in error, please contact the sender immediately
> and delete all the material from any computer. Confidentiality and
> legal privilege are not waived or lost by reason of mistaken delivery
> to you. Any views or opinions presented are solely those of the author
> and do not necessarily represent those of Iperium.
>
> WARNING: Computer viruses can be transmitted via email. The recipient
> should check this email and any attachments for the presence of
> viruses. Iperium accepts no liability for any damage caused by any
> virus transmitted by this email.
>
>
> On 30 Sep 2022, at 11:04, Giles Pollock <glp71s at gmail.com> wrote:
>
>
> Its NBNCo... With what I've experienced over the last near six years
> of dealing with them over a failure in infrastructure planning, I am
> quite prepared to expect a future severe data breach from them.
>
> There are whole slabs of design and implementation elements of the NBN
> both at wholesaler and RSP levels which leave me deeply concerned
> about the privacy elements of things, especially the apparent decision
> to push all RSPs to use TR069 autoprovisioning systems for end users.
> Some in the know might know of how one little mistake with those
> particular systems could turn into a pretty hefty data breach in its
> own rights...
>
> On Fri, Sep 30, 2022 at 11:37 AM Graham Maltby <graham at maltby.id.au>
> wrote:
>
> Hi All,
>
> In light of the current Optus debacle, can anyone explain NBN's
> constant demands for Proof of Occupancy Documentation (POD) in
> relation to the most trivial of request. I accept they want to
> ensure requests are legitimate for creating and modifying LOCIDs,
> but surely that should be limited to addressing details only, with
> the onus of vetting the end user left to the RSP.
>
> What possible reason can they have to demand end user names and
> contact information?
>
> In my mind, they are overstepping their wholesale role and,
> creating the opportunity for another needless future compromise.
>
> Cheers,
> Graham
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> https://lists.ausnog.net/mailman/listinfo/ausnog
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> https://lists.ausnog.net/mailman/listinfo/ausnog
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> https://lists.ausnog.net/mailman/listinfo/ausnog
--
/* Matt Perkins
Direct 02 8916 8101 Spectrum Networks Ptd. Ltd.
Office 1300 133 299matt at spectrum.com.au
ABN 66 090 112 913 Level 6, 350 George Street Sydney 2000
*/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20220930/56d6edbb/attachment.htm>
More information about the AusNOG
mailing list