Security concerns and Census Statistical Linkage Keys explained

An in-depth explanation regarding the security surrounding statistical linkage keys, why they’re important and how their security can be compromised…

The security of the Australian 2016 Census has sparked much debate and consternation among privacy advocates and security professionals alike. At the core of these concerns is a move by the Australian Bureau of Statistics (the ABS) to start linking census records to other data. The mechanism proposed for linking records and data is a ‘random looking’ Statistical Linkage Key. We have been told that the linkage key is secure and will be ‘hashed’ to make it irreversible – but what exactly does that mean, and how does it secure your data?

Introducing the Statistical Linkage Key

Statistical Linkage Keys or SLKs have been used frequently by people doing data research, it provides some very basic anonymity, and a sanity check on the data while retaining a way of identifying an individual throughout a study.

The Australian Bureau of Statistics publishes a standard called the SLK581 cluster. It defines a method for turning “Jane Smith 01/01/2007 Female” in to random looking serial number like “MIHAN010120072”. Continue reading

Your broadband router is not as secure as you think it is

Your broadband router is not as secure as you think it is

Patryk Szewczyk, Edith Cowan University and Nikolai Hampton, Edith Cowan University

Between your home network and the internet sits your broadband router. This humble device is often overlooked, yet it is also your first line of defence against hackers, malware and viruses.

It’s easy to assume that the latest firmware for your router will provide protection against cyber threats. However, our new research has found that even the latest broadband router firmware remains dangerously vulnerable to attack.

A simple overview of what makes your router go.
Nikolai Hampton, CC BY

Firmware is the operating system and software that controls all the features of your router, from the blinking lights and configuration options, to advanced network security features. Continue reading

Is someone watching you online? The security risks of the Internet of Things

Is someone watching you online? The security risks of the Internet of Things

Patryk Szewczyk, Edith Cowan University and Nikolai Hampton, Edith Cowan University

The range and number of “things” connected to the internet is truly astounding, including security cameras, ovens, alarm systems, baby monitors and cars. They’re are all going online, so they can be remotely monitored and controlled over the internet.

Internet of Things (IoT) devices typically incorporate sensors, switches and logging capabilities that collect and transmit data across the internet.

Some devices may be used for monitoring, using the internet to provide real-time status updates. Devices like air conditioners or door locks allow you to interact and control them remotely. Continue reading

Analysis – Email list integrity, 96% of organisations handle my email address appropriately

How are businesses and organisations handling your email? I know how they’re handling mine!

For about 10 years I’ve used “burnable email addresses”. These are email addresses that I can use and expire. They are unique to every relationship between me and another organisation, business or blog that I register with. This means I know who’s got my email and if they’ve leaked it. I know if they’ve shared if or if they’re spamming it.

I guess that makes me a living honeypot? But, unlike many automated honeypots that try to trap malicious users, the data from my email servers are based on real-world interactions between myself and others. Continue reading

What is ransomware and how to protect your precious files from it

Zubair Baig, Edith Cowan University and Nikolai Hampton, Edith Cowan University

What would it mean if you lost all of your personal documents, such as your family photos, research or business records? How much would you pay to get them back? There’s a burgeoning form of cybercrime that hinges on the answers to these questions.

You have probably heard of viruses and malware. These dangerous pieces of software can make their way into your computer and wreak havoc. Malware authors are intent on stealing your data and disrupting the proper functioning of your digital devices.

Then there is ransomware. This is crafted by cyber-criminals for extorting data from innocent users, and is rapidly becoming a threat to individuals, small business and corporate users alike.

Unlike malware, ransomware does not steal data. Rather, it holds it captive by encrypting files and then displaying a ransom note on the victim’s screen. Continue reading