Friday, May 28, 2010

Fatally Flawed


I'm writing to blow the whistle on yet another Rudd Government stuff up... one that will make Insulation and the BER look like case studies in good management. I have to qualify this by saying that I'm not directly involved, so what I am about to say is second or even third hand, in that I had a conversation yesterday (in an unrelated setting) with an individual (call him “Paul”) who is directly involved. Therefore, what I pass on to you is my understanding of what he told me but be assured Paul does exist, and the conversation did take place.

I'm sorry if that's too distant from the source, and there is always a possibility I have misinterpreted something Paul said. I also apologise for the length of this, but to get the problem across, a little explanation in necessary.

The Rudd Government here in Australia is stubbornly persistent in its plans to proceed with the National Broadband Network, at an estimated total cost of somewhere between $35 and $42 billion.

Now I'm at the front of the queue when it comes to wanting faster broadband, but unfortunately, the NBN is fatally flawed. Of most concern is the lack of security in data transmission.

To put it in simple terms, the NBN is designed like a daisy chain, or an old-fashioned telephone party line. Houses are grouped together in rows. Each row of houses is linked, house to house, so that to get to me, the data passes through equipment in my next door neighbour's home, and to get to my other neighbour, data passes through my home.

At each home, there is a little box on the wall that receives the signal, decodes it, extracts what it needs for me, then sends it on its way to the next house. The NBN people will tell you that data coming down the line to my house is secure. They're right. Unfortunately, though, data going back up line is not.

Let's say I am the CEO of a big mining company. A foreign agent looking to gather evidence in, say, some bribery allegation, moves in a few houses down the street. All he has to do is tinker with his box on his wall, and now he's seeing all of my outward internet traffic... He can read any email I send, he can see what websites I visit, and he can listen to my side of any internet phone call I make.

Or perhaps the foreign espionage example is extreme. Let's say I'm just an ordinary person. A few doors up a low life with a little technical expertise has tinkered as well. He now has access to any data I transmit... passwords, bank account log-in details, email, anything I send. In other words, he now has the keys to my life, and I have no way of knowing he's there.

It's sort of like me going into my study, locking the door and having an intimate conversation with my lover. Unfortunately, my wife might as well be sitting in a chair next to me because all she has to do to listen in is pick up the phone in the bedroom. (Not that I have a lover, but you get the point.)

No high tech wire taps. No need to access exchanges or cables in the street, or even to plant a listening device in my house. The NBN has done all the hard work, so now a spy, or a criminal, or a government, or anyone who wants to keep tabs on what an NBN subscriber is doing, just has to access one of those little boxes in the same daisy chain.

To complicate matters, the Government has shortlisted Huawei Technologies to supply core components for the network. Huawei is a company with links to China's People’s Liberation Army, and some believe it is a front for China's intelligence services.

The government has been warned about this fatal flaw, but has chosen to ignore it. For this government, in everything it does, it seems that it's more important to stick to policy no matter how bad that policy is, than it is to do something right. Maybe Senator Conroy doesn't understand the technology, or maybe he's too arrogant to admit the error. I'd hate to think he's exposing Australians to this level of risk deliberately.

The bottom line... $40 billion+ is about to be squandered on building an already obsolete network that places national, corporate and personal security at huge risk.

No comments: