Report on Geelong Consumer Consultation Meeting, 21 June 2005
The meeting was held at the Gordon Institute of TAFE at the East Campus, Boundary Rd, East Geelong, at 5.00 pm in 21 June 2005. ISOC-AU would like to thank Monica Ferrie and Steve Gale for helping organise the venue, and Ben Armstrong for agreeing to present a talk at the meeting. Participants were advised that this consultation process is supported by funding from the Department of Communications, IT and the Arts.
The event was very well attended, and included a number of enthusiastic and knowledgable students studying computing at the College, as well as local business, health and education workers.
Presentation
Guest speaker Ben Armstrong, Naming & Directory Services Manager at Verisign Australia, spoke on Internet security - common pitfalls, the security threats of using the Internet and countermeasures available - covering viruses, trojan horses, spam, phishing, buying online and distributed denial of service attacks.The presentation was most enjoyable and to the point. It raised a number of interesting questions and issues -
- the recent term 'pharming' - diversion of email through sophisticated
DNS cache poisoning.
- what is score-based assessment of spam?
- why do banks ask for email addresses if they do not wish you to
respond to emails because they may be a phishing risk!
- advice to download Ad-Aware from the bank.
- who would you contact? Use established channels with your bank eg send information to abuse@yourbank.
General discussion by participants
- E-security and security issues are coming to the fore, but nothing
is more important than using simple common sense.
- Two essential aspects of the Internet - interoperability and end-to-end
connectivity.
- Internet was built on open standards so that everyone can use it - is
this now closing down due to proprietary standards? Would this destroy the
value of the Internet for users? Open Source groups are very involved in these
matters - see Open Source Industry Australia - http://www.osia.net.au
- Have we got open access to data protocols? ie open data standards are even
more important than open source.
- A member of the health care sector stated that they had built a large network
across a group of states connecting health care agencies on a single
network. Being both businesses and offering health care, security was an
issue, because the network runs on the Internet protocol on an internal
network. Firewalls were not practical, so to maximise the value of the
network they have layers of perimeter and internal defences against viruses etc.
They run video-conferencing, telephony and data across a V-LAN, using MAC-address
level security, but the challenge is to provide internal and external
security with cost effectiveness for 8,000 users.
- A question about trust of services like Ebay? Ebay has a
public rating system for reliability of each seller's past transactions.
- Internet equals convenience, but must be careful online.
- Internet banking, may gain false sense of security, now using it with
caution but it needs more transparency. More security is more
expensive.
- One merchant business on the Internet has been successful, very few
questionable transactions now the bank is used for verification.
In five years trading on the Internet only six fraudulent transactions -
not a substantial number. Merchant software includes a fraud screening
ability, linking IP addresses to countries.
- Every user should be obliged to have their own antivirus protection
to protect themselves and other users - how about ISPs being mandated to
provide that protection? Hotmail providers are offering this approach,
but practical issue are that processing power would be very expensive for
email in a store and forward system. Could check a local set of viruses
centrally and leave the rest to the desktop.
- Would the Internet merge with TV and become a free commodity in the
future? Consensus of discussion was probably not possible.
- Education at TAFE now very dependent on the
Internet - great teaching resources online, email essential,
security is good, access from outside teaching hours very useful.
- One student has a website as an online forum, but needed to obtain
web space from USA due to price - .com.au domain names are more expensive
compared to .com, so preconditions for .au domains, eg registering business
names, cause hidden costs.
- Regarding security of ISPs - how do we know that an ISP is trustworthy -
is an ISP required to have accreditation? Nil accreditation is required
but the investment necessary is an entry barrier. For many years there have been
600 to 700 ISPs in Australia - a reduction was predicted years ago but has not
happened yet. Check user opinions on online forums, there are also ACA guidelines
for the acceptable behaviour of ISPs.
- Garbage on the Internet - where does filtering become censorship?
ABA is responsible for content regulation. ISPs provide filtering
services at a price, filtering does not preclude the need for parental
monitoring of childrens use, content rules allow for defamation suits -
because something is on the Internet it does not escape normal legal process but
prosecution may be difficult due to difficulty of tracking the source.
ISPs could provide tailored services that are user selected. In workplace
things may be different due to legal requirements, eg harrassment, so
need some content management in the workplace, with granularity down to the
individual user.
- From a lecturer at Gordon Institute providing software development
courses: key issue for an educator is Internet for regional
people who do not have access to broadband or xDSL. Dial up users
are at a distinct disadvantage, many e-learning resources need
multi-media. Privatisation of Telstra may increase regional educational
disadvantage - the gap is growing, not getting less, with rollout of
ADSL2. Also businesses without access to broadband are disadvantaged -
can't host their own sites or use e-commerce backends.
- Other comments from participants: without broadband, rural users also
don't have access to VoIP - Telstra is manipulating the market.
- Perhaps not all people in regional areas realise just how
disadvantaged they are, as they don't get to experience what is
actually possible.
- Waiting lists for local exchange upgrades are not very effective, eg
one participant stated that users only 10 km from Ballarat have critical
demand numbers, but Telstra won't upgrade.
- Telstra dominant in Australia but services are still not world-class -
an example from the attendees was
of calls from Germany to Australia that cost only 1.3 cents per minute.
- Home users are getting more security aware with their own computers, but
some out-of-the-box solutions like wireless routers are not secure, particularly
for inexperienced home users.
- In the US there are no excess traffic charges for
wireless so networks are rarely closed off securely, but in Australia
excess traffic is charged or shaped to slower downloads, so access
is usually tighter.
- Spyware - Gator/GAIN - distributed with free games etc, monitors
your browsing habits and sends the data back to the Gator servers -
'marketing research', then does targetted advertising popups. This
program is a registered security risk and should be removed. eg one
user unknowingly had 380 spyware programs on their computer!
- Unsolicited email is illegal in Australia, but in small
print Gator advises that it monitors your browsing habits and
you have to agree to it.
- If you remove the capacity for anonymity, who do you trust?
President ISOC-AU
21 June 2005