While the list of highly confidential client information Ng actually downloaded and viewed is frightening, he only looked at a fraction of what was downloaded which was, in turn, only a fraction of the files he had access to: ‘There are probably more outrageous things still on that server, and there probably other servers that I’ve completely missed. But I’m done for now. This stuff was all a few clicks away at any WINZ kiosk, anywhere in the country. The privacy breach is massive, and the safety of vulnerable children was put at risk.’ Ng was tipped off by someone who had asked WINZ if they would pay for telling them about it. Ng named his source (because it had already been leaked to another reporter) as Ira Bailey, one of the 17 people originally charged in the Urewera case – see Ng’s The Source.

 

This has, of course, been leapt upon by bloggers on the right, calling into question Bailey’s and, in some cases, even Ng’s motives (see David Farrar's Ira Bailey and Keeping Stock's So many questions...). Even the Prime Minister has implied that Ng may have purchased the information from Bailey, without offering any evidence – see: PM criticises Winz security breach finder.

 

This looks to have been a deliberate diversionary tactic according to Andrew Geddis who says the leaking of Bailey’s name could only have come from WINZ:  ‘And it seems pretty clear (at least, to me) that that information got shuttled out to a journalist as quickly as possible as a diversion tactic from the actual substance of the story - that the personal (and in some cases very personal) information of many tens-of-thousands of individuals was left lying around in a place where literally anyone could get to it’ – see: The first messenger that gave notice of Lucullus's coming....

 

So often in politics the high profile casualties are caused by later attempts to cover up or divert attention. Given the Government’s experience with the ACC train wreck you would think they would hesitate before attacking the messengers. Actually leaking private data to divert attention from a massive privacy breach would be madness but, given the track record this year, you couldn’t rule it out.

 

The use of the WINZ’s own public kiosks to access the data is only part of the story say IT experts. The real issue is the entire system’s security.  Daniel Ayers, of forensic investigation company Elementary Solutions, pointed out to the NBR that a CERA server also appeared to be inadvertently left open to the public – see Chris Keall’s MSD failure goes far beyond kiosk security glitch – expert. Independent IT consultant Matthew Poole told Radio New Zealand ‘as far as security breaches go, this is as bad as it gets - akin to leaving the door of a bank open so people can help themselves’ – see: RNZ’s MSD breach 'raises questions' about entire IT network.

 

The kiosks have merely revealed the failure of MSD to take basic security precautions writes Danyl Mclauchlan: ‘If someone gets a temporary contract, or an entry level data-entry job at MSD they’ll still have access to all the private information Keith obtained through the kiosks’ – see: Open government.

 

The system itself is only two years old. Officials were warned of a very similar (or possibly the same) problem by beneficiary advocate Kay Brereton over a year ago, which is alarming as it’s claimed the system was rebuilt and thoroughly tested as a result – see Kate Shuttleworth’s Winz alerted to security breach last year. The department is now having to admit that it failed to respond adequately to that warning: MSD concedes Winz security failure. Dave Armstrong (@malosilima) tweeted: ‘IT company tells you system is faulty. Pay $ and fix system. Blogger tells you - Pay 0$ but fix system. Beneficiary tells you – Ignore’. The twitter hashtag #MSDWTF has been running hot with other commentary on the issue.

 

Most embarrassing politically is the timing, just a few days after the Minister in charge ‘personally guaranteed’ to the nation the security of the proposed national database of children at risk of abuse. Not a good look writes blogger Martyn Bradbury: ‘It's like Paula is busy announcing a new orphanage opening on the front steps while ignoring the fact the building is on fire out back’ – see: If WINZ as unsecured as blogger suggests - how can you trust Bennett's data list? This is clearly a blow for Bennett, who was ‘mortified’ yesterday but, according to Vernon Small: ‘In truth she seemed somewhere between tears and anger during the joint press conference with chief executive Brendan Boyle’ – see: Security flaws spoil Bennett's high point. Perhaps Bennett should actually thank Bailey and Ng for their prompt work – if they had done the story next year and had downloaded the new database on a usb stick she would be an instant goner.

 

So what will happen now? In the good old days there would have been prompt resignations amongst management writes PR blogger Mark Blackham, to the advantage of those taking responsibility. These days ‘Despite the benefits of taking responsibility, personal ego and welfare are far stronger drivers. Which is why I predict that if anyone does finally resign over this mess, it will be much later, and after very much fuss’ – see: #WTFMSD: Taking responsibility.

 

The direct political fallout may be limited to acute embarrassment, unless it emerges that very high level warnings were ignored or the explicit policy of using technology to save money is to blame - see Toby Manhire’s The WINZ data fiasco – a symptom of “driving change for lower cost”? Manhire notes there is plenty of good advice about keeping information secure, although he cautions about the New Zealand Information Security Manual that it is published by ‘the - ahem – Government Communications Security Bureau.’

 

Other recent items of interest include:

 

* Full steam ahead for the asset sales – to court anyway. As many noted during the farcical consultation process over ‘shares-plus’, it was always going to follow that path and now the Government appears to be ready for it: ‘Finance Minister Bill English made it clear the timing of the Crown statement today was intended to flush out likely Maori Council and any other legal action "in the next week’ - see NBR’s Maori Council expects Crown to fight ‘all the way’ on water rights. Maori Council Co-chairperson Eddie Durie appears to be ready to oblige but says the Government’s desire for a judgement is ‘disappointing, as a fair Government should talk to the council about what it is trying to achieve’ – see RNZ’s SOE sale won't include special shares for Maori.

 

* Pita Sharples is ‘disappointed‘ but is sticking with National to ‘make a difference’ – see RNZ’s Court action over Maori water rights 'extremely likely'. The Maori Party may quietly be hoping that any court action by the Maori Council fails. If it succeeds National will likely be facing a fatal delay to a major policy which could only be resolved by legislation – and that would have to be a fatal blow to the coalition with the Maori Party. 

* David Shearer is promising to keep the pressure on John key this week over the GCSB, despite copping much criticism for not being able to front with the video claiming to show John Key discussing Kim Dotcom with GCSB staff: ‘Make sure you have damning evidence in your hand before launching a crusade designed to out your political opponent as an outright liar and shorten their political career’ – see Fran O’Sullivan’s Shearer's 'fail' mark in school for scandal.

 

* Despite some contradictory recent polls (see Danya Levy’s Political polls look rosy from both sides) a lot of commentary has focused on National’s woes in Government and the increasing unity of the opposition: ‘Even when they are not actually co-ordinating their attacks, they appear to be working together’ says Audrey Young in Numbers starting to run against Key. When the going gets tough you sometimes have to contemplate doing things you have previously ruled out says Jane Clifton: ‘A symptom of this is Key’s recent non-committal responses to the old question: would he work with New Zealand First in a future coalition?’ – see: The NZ government’s unpopular policies. Being constantly on the defensive is a big problem says John Hatrtevelt in Slow-bleeding National needs some big hits and Brian Edwards is prepared to put his money where his keyboard is: $5 on Key to step down before the middle of next year thanks.

 

* The opposition is certainly full of helpful suggestions. Mana has joined Labour, the Greens and New Zealand First in the manufacturing inquiry, offering it’s financial transactions tax as a possible solution to bringing down the value of the dollar – see TV3’s Mana joins manufacturing sector inquiry. The inquiry would be easily dismissed as a political stunt except that organisations like the New Zealand Manufacturers and Exporters Association are backing it, with chief executive John Walley saying clearly: ‘There is a crisis. Expect to see more of what we've seen accelerating over the last couple of months’ - see Nicole Pryor’s Manufacturing crisis 'disastrous'. Opposition parties are still having their differences - over adoption reform at the moment – see Felix Marwick’s Labour, Greens apart on adoption reform.

 

* Hone Harawira had a busy day last Friday, getting arrested, charged, released and then heading to Kaikohe to share welfare protestor Sam Kuha’s first meal in thirty days – see APNZ’s From broken window to broken fast. Housing New Zealand’s claims that Glenn Innes tenants are being pressured to protest - see Simon Day and Michael Dalys’ MP Harawira charged over car's location. John Minto, who has himself been arrested at previous Glen Innes protests, disagrees in today’s Herald – see: Communities turfed out - you'd be angry too.

 

* The link between hunger at school and poor learning may be a myth according to Researchers at Auckland University's School of Population – see: Food and learning connection shot down.

 

* It is getting pretty clear that Shane Jones’ future in Labour is on a countdown. He is now being openly attacked by his colleagues – see Claire Trevett’s Curran blasts Jones' remarks. It at least shows Jones ‘still takes a casual interest in New Zealand politics’ says Danyl Mclauchlan in The kraken awakes.

 

* A former Labour MP and chief of staff has some advice for his leader – see: Stuart Nash’s Why Shearer Must Take The Education Portfolio In The Reshuffle.

 

* Auckland power consumers need to look past their wallets when they vote says Matt McCarten in Vector cheques powerful ploy just before the vote.

 

* There is a fear that style will triumph over substance when TVNZ replaces Close Up. That horse may have bolted …. See Joanne Carroll’s TVNZ splash out on makeup, wardrobe.

 

* Finally, Scott Yorke thinks we have to be careful about jumping to hasty conclusions in Another Day In The Life Of The Sensible Blogger.

 

Bryce Edwards

NZPD Editor (bryce.edwards@nzpoliticsdaily.co.nz) 

MSD Security 

Keith Ng (Public Address): MSD's Leaky Servers

Keith Ng (Public Address): The Source

Andrew Geddis (Pundit): The first messenger that gave notice of Lucullus's coming ...

Vernon Small, Danya Levy and Andrea Vance (Stuff): MSD concedes Winz security failure

Danyl Mclauchlan (Dim Post): Just a thought

Danyl Mclauchlan (Dom Post); And another thought

Keeping Stock: So many questions...

David Farrar (Kiwiblog): Ira Bailey

Cameron Slater (Whaleoil): Is it blackmail?

Ele Ludemann (Homepaddock): The truth, the whole truth . . .

Pete George (Your NZ): Ira Bailey versus MSD

Scott Yorke (Imperator Fish): Something Rotten

Claire Trevett (Herald): Urewera raids man exposes security flaws at Winz

Jono Hutchison (TV3): Urewera-17 man discovered WINZ breach

TVNZ: Winz told about security flaw a year ago – campaigner

APNZ: MSD appoints Deloittes to review network security

RNZ: MSD breach 'raises questions' about entire IT network

Kate Shuttleworth (Herald): Winz breach: Key calls for full review

TVNZ: Bennett promises lessons-learned from Winz hacking

Mark Blackham (Political Business): #WTFMSD: Taking responsibility

Vernon Small (Dom Post): Security flaws spoil Bennett's high point

Taranaki Daily News: Editorial: Reassurances over privacy sound hollow

Chris Ford: Work and Income privacy breach - where's the government's secure communications when you need them?

Chris Keall (NBR): MSD failure goes far beyond kiosk security glitch – expert

Toby Manhire (Listener): The WINZ data fiasco – a symptom of “driving change for lower cost”?

Kate Shuttleworth (Herald): Investigation launched into 'embarrassing' Winz breach

Kate Shuttleworth (Herald): Winz alerted to security breach last year

TV3/RadioLive: 'Staggering' security lapse at WINZ

TVNZ: Winz breach a 'huge problem' Key says

Fairfax: WINZ kiosk security flaw exposed

No Right Turn: Muppets

Danyl Mclauchlan (Dim Post): Open government

Martyn Bradbury (Tumeke): If WINZ as unsecured as blogger suggests - how can you trust Bennett's data list?

David Farrar (Kiwiblog): Ng reveals massive MSD privacy breach

 

Mighty River

Adam Bennett (Herald): Govt ready for fight over water

RNZ: Court action over Maori water rights 'extremely likely'

RNZ: Maori consultation over SOE plan 'waste of time'

Peter Wilson (Newswire): Bring it on, Govt tells Maori

Adam Bennett (Herald): Govt pushes ahead with Mighty River sale

Brook Sabin (TV3): Government going to court over asset sales

TVNZ: Government rejects 'shares plus' plan

David Farrar (Kiwiblog): No “shares plus”

Morgan Godfery (Maui Street): The three mystic apes

RNZ: SOE sale won't include special shares for Maori

John Hartevelt (Stuff); No 'shares plus' scheme in asset sales

TV3: Government goes ahead with share sale

 

Dotcom

Herald: Editorial: Stooping low painful lesson for Shearer

RNZ: Parliament scrutiny for Key over Dotcom spying

RNZ: PM to correct answer about Kim Dotcom

Peter Wilson (Newswire): 'We will test Key', says Shearer

RNZ: Shearer still confident

Matthew Backhouse (Herald): PM: Shearer should 'put up or shut up' over Dotcom

Richard Long (Dom Post): Dotcom saga lacks sex and romance

David Fisher (Herald): GCSB link to Labour leader's adviser

Fran O’Sullivan (Herald): Shearer's 'fail' mark in school for scandal

Waikato Times: Editorial - Dotcom case lives on

Andrew Geddis (Pundit): Is it illegal to talk about coffee at the GCSB?

Cameron Slater (Whaleoil): Labour’s little legal problem, ctd

Keeping Stock: More on the link to Labour

Pete George (Your NZ): Repeat of Labour’s dirty politics

Scott Yorke (Imperator Fish): Another Day In The Life Of The Sensible Blogger

Kieran Campbell (Herald): GCSB denies taping PM's address

TVNZ: New probe in Kim Dotcom spying saga

Herald: Shearer refuses to confirm where GCSB leak came from

Andrea Vance (Stuff): Key calls Labour's bluff over GCSB tape

No Right Turn: Leaked

Stephen Oliver (Waikato Times): Skullduggery in high places fodder for feisty gossip

Anthony Robins (The Standard): Shearer, Key, credibility

David Fisher (Herald): Dotcom plea: Leak the truth

 

Govt performance

Audrey Young (Herald): Numbers starting to run against Key

Jane Clifton (Listener): The NZ government’s unpopular policies

Brian Edwards: $5 on Key to step down before the middle of next year thanks.

John Hartevelt (Dom Post): Slow-bleeding National needs some big hits

 

Opinion Polls

Duncan Garner (TV3): Poll: 52 pct say Key too relaxed about job

Duncan Garner (TV3): Poll: National-Labour gap closing

Andrea Vance (Stuff): Kiwis ditch Banks, divided over Dotcom

Newswire: Kim Dotcom more popular than John Banks – poll

Danya Levy (Stuff): Political polls look rosy from both sides

Felix Marwick (Newstalk): Political polls telling different stories

Robert Winter (idle Thoughts): Polls

 

Jobs Crisis

TVNZ: Warning as Government continues to question crisis

Chris Trotter (Press): Time for more radical state intervention

Audrey Young (Herald): Parties join forces to probe 'jobs crisis'

TVNZ: Opposition to report in New Year on jobs 'crisis'

RNZ: Opposition parties call for inquiry into 'jobs crisis'

Nicole Pryor (Stuff): Parties join forces against 'crisis'

Nicole Pryor (Stuff): Manufacturing crisis 'disastrous'

TV3: Mana joins manufacturing sector inquiry 

Martyn Bradbury (Tumeke): EPMU Job crisis unveils Brand Opposition

Standard: Historic joint party Inquiry: Crisis in Manufacturing

No Right Turn: An alternative

Ross Henderson (Taranaki Daily News): Crisis, what jobs crisis?

Sean Plunket (Dom Post): Political stunts won't solve unemployment

Dom Post: Editorial: Lower wages not the answer

 

Quantitative Easing

Chris Trotter (Bowalley Road): Parker's Stance on QE Bodes Ill for Labour-Green Coalition

Listener: Editorial: Don’t panic!

Chris Ford: Printing money can work but not in isolation

 

Glen Innes housing and Hone Harawira arrest

John Minto (Herald): Communities turfed out - you'd be angry too

Simon Day and Michael Daly (Stuff): MP Harawira charged over car's location

APNZ: From broken window to broken fast

TV3: Protest scene 'ugly, over-the-top' – Hone Harawira

RNZ: Glen Innes state houses destined for Far North

Morgan Godfery (Maui Street): In praise of Hone Harawira

David Farrar (Kiwiblog): The MP who thinks he is above the law

 

Child Welfare and Child Poverty

TVNZ: Q+A: Transcript of Paula Bennett Interview

TVNZ: Q+A: Transcript of MPs debate on White Paper

TVNZ: Q A: Transcript of the Panel discussing vulnerable children

Tapu Misa (Herald): Child abuse plan shows a lack of vision

Joanne Carroll (Herald): Kids are no longer safe at home

Ian Steward and Simon Day (Stuff): Food and learning connection shot down

Simon Collins (Herald): Economist's maths aim to forecast which children will be abused

John Roughan (Herald): Wrong question in child study

Gordon Brown (Taranaki Daily News): Redefining child poverty

Anthony Robins (Standard): Poverty Watch 7 

RNZ: Ministry for Children "wishy-washy" – Bennett

 

Adoption reform

Kevin Hague (Frogblog): Modernisation of adoption law

Waikato Times: Editorial - Adoption changes likely

Felix Marwick (Newstalk): Labour, Greens apart on adoption reform

Claire Trevett (Herald): MP seeks big adoption changes

TVNZ: Bill to reform adoption law unveiled

TVNZ: Q+A: Transcript of Kevin Hague interview

TVNZ: Q+A: Transcript of the Panel discussing adoption

Danya Levy (Stuff): Bill to allow gay adoption launched

David Farrar (Kiwiblog): Adoption law reform

No Right Turn: A worthy bill

 

Labour

Claire Trevett (Herald): Curran blasts Jones' remarks

Danyl Mclauchlan (Dim Post): The kraken awakes

Hamish Fletcher (Herald): Copyright bill a 'Green agenda'

The Standard: Time for Labour to end the Jones ego show

Gordon Campbell (Stuff): With friends like Shane Jones...

Willie Jackson (Auckland Now): It's John Tamihere's time again

Stuart Nash (Recess Monkey): Why Shearer Must Take The Education Portfolio In The Reshuffle.

 

CEO Pay

John Hartevelt and Vernon Small (Stuff): Goff attacks ministry pay rise

Esther Goh (Idealog): Time to rethink ‘astronomical’ public salaries

The Standard: A sincere question about CE pay

 

Other

Whena Owen (TV3): Campbell Live - Pike River Mine families feeling abandoned by Prime Minster

Peter de Graaf (Northern Advocate): Hunger strike ends with big breakfast

Chloe Johnson (Herald): Act takes hard look at itself

Susie Nordqvist (TV3): Huawei deal highlights conflicting interests

Toby Manhire (Herald): John and Dave: text pals with so much in common

Diana Wichel (Listener): Mark Sainsbury: Leaving his mark

Robert Winter (Idle Thoughts of an Idle Fellow): Labour and TPP

Joshua Drummond (Waikato Times): Fighting for the right to brand poisonous products

Vernon Small (Stuff): Mike Tyson declined New Zealand visa again

Matt McCarten (Herald): Vector cheques powerful ploy just before the vote

Newswire: Bus plan 'discriminates' against poor – MP

Joanne Carroll (Herald): TVNZ splash out on makeup, wardrobe

Andrea Vance (Stuff): Spies' lot not a happy one, survey finds

Anthony Hubbard (Stuff): Delay in police-raid inquiry 'an outrage'

Hamish Rutherford (Stuff): Same figures, different power point

Rachel Stewart (Taranaki Daily News): Destruction of railways a national disgrace

Rodney Hide (Herald): One must endure misery before sneering at plenty

Toby Manhire (Listener): The Young Nats’ Ball – a taste of glamour

Dave Armstrong (Dom Post): We should do more to guard our heritage

Kurt Bayer (Herald): Big Bird's election act upsets Kiwi creator

Stuff: Today in politics: Tuesday, October 16

Stuff: Today in politics: Monday, October 15

Stuff: Today in politics: Saturday, October 13