Daily Bulletin

The Conversation

  • Written by David Glance, Director of UWA Centre for Software Practice, University of Western Australia

Blame and recriminations were flying around today at the Senate committee’s inquiry into the ABS’s attempt at a “digital first”, online Australian census. Appearing before the committee, ABS still held IBM responsible for the outage that resulted in the online census being unavailable for 40 hours. Although IBM apologised to the Australian public for the outage and offering to pay the federal government for costs incurred in the cleanup, it still insisted that the blame lay with Nextgen and Vocus, the network providers on the project. NextGen in turn countered that IBM was offered protection for DDoS which IBM had declined.

Perhaps the most sensible commentary came from Alastair MacGibbon, cyber security advisor to the Prime Minster. Ultimately, he lay the blame with IBM who was contracted to provide a service, which on the day, it didn’t deliver. He added however that the ABS should have done more due diligence and actually ensured that IBM had done what it said it had.

The testimony did not result in clarifying exactly what happened on the day. The submissions to the inquiry had already detailed the time-line of the 4 DDoS attacks during the day. There was a dispute about the magnitude of the 4th attack which IBM claimed was of “significant size and had the effect of causing the site to become unresponsive and unavailable to the public”. Vocus disputed this in its submission claiming the attack peaked at about 0.5 Gbps which is the size of the majority of DDoS attacks commonly seen but significantly below the peak sizes of 500 Gbps or even 1,000 Gbps reportedly seen recently.

Vocus maintained that it was IBM’s decision to reboot their router that caused the website to be unavailable. IBM admitted in its statement to the committee that it had never tested physically switching the router off and then on again to see if it came back up with its configuration properly loaded. In the event, it didn’t. IBM had relied solely on “simulations” of the router to test the configuration.

Vocus has disputed IBM’s claim that the traffic originating from Singapore was also the sole source of DDoS traffic. Basically neither Vocus, nor Nextgen though very much of IBM’s “Island Australia” plan, a plan that IBM only told Nextgen about 6 days before the census went live. IBM had signed off on the testing of Nextgen’s implementation of Island Australia but it eventually turned out that the testing was inadequate.

For the ABS’s part, Chief Statistician David Kalisch admitted that the ABS had not communicated effectively with the public. This was an understatement. In fact, the entire anxiety and public reaction to the census was largely a factor of the poor communication about the data retention proposals of names and addresses plus the expectation that everyone needed to complete the census on a particular night.

The Canadian online census, held as an example of how to run operations online, actually crashed when Canadians rushed to complete the census online. However, it was brought back up and the public took it in its stride. It is entirely possible that handled differently, the public relations disaster that has been the entire ABS could have been avoided.

What seems clear from the submissions and the commentary presented to the committee is that the ABS decided to use IBM because of a long association with the company and not through an open tender process for the online census project. The site itself was also able to cope with the load of users accessing the site and it didn’t crash on the night through normal use.

What wasn’t discussed was how the ABS plans to use identifying information like name, sex and date of birth to link the census data to other data sets. Although Kalisch had at one point implied that the semi-anonymous statistical linkage key was going to be used, in the submission to the senate inquiry, the ABS denied this was the case and claimed that a totally anonymous cryptographic key was going to be used instead. No further details were requested at the committee meeting today.

The development, deployment and testing of the online census should have been subject to an independent review arranged by an agency unrelated to the ABS. If that had been done, it is highly likely that the inadequate preparation for the inevitable DDoS would have been highlighted. The ABS stated that it had learned lessons from the mistakes of this census and that it would be better prepared for the next one. The Australian public will need to be convinced.

Authors: David Glance, Director of UWA Centre for Software Practice, University of Western Australia

Read more http://theconversation.com/senate-committee-on-abs-censusfail-still-points-to-basic-failures-on-ibms-part-67672

Writers Wanted

It's bee season. To avoid getting stung, just stay calm and don't swat


The Conversation


Ray Hadley's interview with Scott Morrison

RAY HADLEY: Prime Minister, good morning.    PRIME MINISTER: G’day Ray.   HADLEY: I was just referring to this story from the Courier Mail, which you’ve probably caught up with today about t...

Ray Hadley & Scott Morrison - avatar Ray Hadley & Scott Morrison

Prime Minister's Remarks to Joint Party Room

PRIME MINISTER: Well, it is great to be back in the party room, the joint party room. It’s great to have everybody back here. It’s great to officially welcome Garth who joins us. Welcome, Garth...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Ben Fordham, 2GB

BEN FORDHAM: Scott Morrison, good morning to you.    PRIME MINISTER: Good morning, Ben. How are you?    FORDHAM: Good. How many days have you got to go?   PRIME MINISTER: I've got another we...

Scott Morrison - avatar Scott Morrison

Business News

Features You Need in an Automated Employee Recognition Platform

Employee recognition platforms have been successfully implemented as a technique to study employee performance. It is a useful tool to reinforce particular behaviours, practices, or activities i...

News Co Media - avatar News Co Media

What Should You Check Before Ordering Promotional Mugs?

Promotional products like mugs are a great marketing tool because they are reusable and necessary. Moreover, mugs also come in handy while promoting a brand’s logo. They give better brand visibi...

News Co - avatar News Co

Tips to find the best plastic manufacturing supplier for your needs

Plastics are very much an important part of all of our lives, but they’re particularly valuable to a wide variety of industries that rely on their production for their operations. The industries, ...

News Co - avatar News Co

News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion