Have a Conversation

The Texas Orato

Oops they did it again: The 2007 Australian study of remnant data contained on 2nd hand hard disks

The 2007 study used a biased selection process where the primary focus was the purchase of high-speed SCSI drives and drive packs, in addition 2.5 inch laptop drives were targeted. Conventional IDE based hard drives were also examined in the study. A total of 84 drives were examined this year, 23 yielded data that represented significant and in some cases profound exposure if data. Encouragingly more hard disks were erased in this study than in previous studies. However, there is still a significant gap in erasure procedures in organisations, which is particularly concerning given that the drives were from large corporations

Issues common to Australian critical infrastructure providers scada networks discovered through computer and network vulnerability analysis

This paper reports on generic issues discovered as a result of conducting computer and network vulnerability assessments (CNVA) on Australian critical infrastructure providers. Generic issues discovered included policy, governance, IT specific such as segregation, patching and updating. Physical security was also lacking in some cases. Another issue was that previous security audits had failed to identify any of these issues. Of major concern is that despite education and awareness programs, and a body of knowledge referring to these issues, they are still occurring. It may be necessary for the federal government to force organisations to undergo computer and network vulnerability assessment from recognised experts on a regular basis

Growth is Failing the Poor: The Unbalanced Distribution of the Benefits and Costs of Global Economic Growth

During 1990-2001, only 0.6 per cent of additional global income per capita contributed to reducing poverty below the $1-a-day line, down from 2.2 per cent during 1981-1990, and barely half the poor’s share of global income. Coupled with the constraints on global growth associated with climate change, and the disproportionately adverse net impact of climate change on the poor, this casts serious doubt on the dominant view that global growth should be the primary means of poverty reduction. Rather than growth, policies and the global economic system should focus directly on achieving social and environmental objectives.Economic growth, income distribution, world inequality, poverty, environment, climate change

A Survey Of IPv6 Address Usage In The Public Domain Name System

The IPv6 protocol has been slowly increasing in use on the Internet. The main reason for the development of the protocol is that the address space provided by IPv4 is nearing exhaustion. The pool of addresses provided by IPv6 is 296 times larger than IPv4, and should be sufficient to provide an address for every device for the foreseeable future. Another potential advantage of this significantly large address space is the use of randomly assigned addresses as a security barrier as part of a defence in depth strategy. This research examined the addresses allocated by those implementing IPv6 to determine what method or pattern of allocation was being used by adopters of the protocol. This examination was done through the use of DNS queries of the AAAA IPv6 host record using public DNS servers. It was observed that 55.84% of IPv6 addresses were in the range of 0 to (232 − 1). For those addresses with unique interface identifier (IID) portions, a nearly equal number of sequential and random IIDs were observed. Hong Kong and Germany were found to have the greatest number of IPv6 addresses. These results suggest that adopters are allocating most addresses sequentially, meaning that no security advantage is being obtained. It is unclear as to whether this is through design or the following of accepted practice. Future research will continue to survey the IPv6 address space to determine whether the patterns observed here remain constant

A Threat to Cyber Resilience : A Malware Rebirthing Botnet

This paper presents a threat to cyber resilience in the form of a conceptual model of a malware rebirthing botnet which can be used in a variety of scenarios. It can be used to collect existing malware and rebirth it with new functionality and signatures that will avoid detection by AV software and hinder analysis. The botnet can then use the customized malware to target an organization with an orchestrated attack from the member machines in the botnet for a variety of malicious purposes, including information warfare applications. Alternatively, it can also be used to inject known malware signatures into otherwise non malicious code and traffic to overloading the sensors and processing systems employed by intrusion detection and prevention systems to create a denial of confidence of the sensors and detection systems. This could be used as a force multiplier in asymmetric warfare applications to create confusion and distraction whilst attacks are made on other defensive fronts

LIARS - Laptop Inspector and Recovery System

Of the many notebook computers which are stolen, a large number are subsequently recovered. However, if the device is password protected, and the serial number has been removed, then it is difficult for police or other authorities to trace the legitimate owner. The squad dedicated to computer related crime do not have sufficient resources to conduct a thorough forensic examination of every laptop in order to determine its rightful owner. This project aims to produce a tool which can be used by virtually any police officer, or other person, which does not alter the hard drive in any fashion. This tool will be used to identify the original owner of a laptop with a view to having it returned to them. This paper outlines the various phases of the project and the testing methods that will be used to validate the tool

The optimisation of nitrogen content for micropropagation of eucalyptus marginata

The use of eucalypts for plantation timber and pulp is becoming increasingly important, as are eucalypts that are resistant to disease and insect herbivory. Where clones with desirable traits have been selected, it is important that these genotypes are preserved. Micropropagation of some eucalypts, and Eucalyptus marginata in particular, can be difficult possibly due to the currently used basal medium of Murashige and Skoog (M&S)(I 962). By examining the nitrogen utilisation and the effects of medium pH of this species, it may be possible to improve general micropropagation protocol. Six clones of the species E. marginata were obtained as shoot cultures. The pH of M&S medium was successfully buffered using 2-(Nmorpholino) ethanesulfonic acid (MES) for both shoot multiplication and root induction. This did not result in any growth increase. Increased growth was achieved when shoots were grown on buffered medium that contained less nitrogen than M&S (20 mM and 40 mM) and the nitrogen was supplied solely as nitrate. Shoots grown on buffered (I 0 mM MES) root induction medium produced more roots than those grown on unbuffered medium. Root induction medium containing nitrate as the sole source produced more roots than did media with ammonium and nitrates or solely ammonium. These results suggest that E. marginata prefers nitrate to ammonium as a nitrogen source, and that the current level of total nitrogen may be too high. The pH of culture medium for both shoot multiplication and root induction remained constant with nitrate as the sole nitrogen source but fell significantly when ammonium was the sole source. This occurred even when MES was supplied at I 0 mM. Increasing the level of MES to 20 mM in the medium resulted in less shoot growth. When different clones were subjected to the same treatments, significant differences in shoot growth and percentage of rooting between clones were observed, highlighting the genetic variability within the species