Labor cools enthusiasm for Hotmail leaks
- 29 July, 2005 12:07
- Comments
Less than three hours after launching a new Hotmail address to expose government waste, the Australian Labor Party has warned public servants to never use their work computers or e-mail addresses to send information to it.
Labor shadow for public accountability and human services, Kelvin Thomson launched the new e-dobbing facility, whistleblowersonhoward@hotmail.com, as a way for conscientious public servants to alert the opposition to government waste.
However, the launch immediately caused IT security vendors and privacy advocates to warn that free, hosted, e-mail services are nowhere near secure enough to handle sensitive information.
Sophos head of technology Paul Ducklin said he was surprised a better e-mail address could not be found and that he would have at least hoped the servers concerned resided in Australia.
Similarly, senior systems engineer at Trend Micro, Adam Biviano is worried about "potential for misconduct" if Australian government information is to be stored on servers outside the country.
He added that access to Hotmail is not secured and a person reading their account "may have their traffic intercepted", Biviano said.
At MessageLabs director of partners Andy Lake said Hotmail was simply not designed for the repository of secrets.
"E-mail in a basic format is always inherently insecure and everybody who uses the Internet is either aware of that, or should be," Lake said.
Senior director of security solutions for Symantec, Tim Hartman said the ultimate concern with such an address is there are no service level agreements (SLAs) between Hotmail and the federal government to ensure information has not been tampered with and has arrived at the address intact.
However, Thomson has defended the Hotmail address, saying he didn't intend it to be used as a destination for direct leaks from public servants' work computers or .gov.au domain e-mail addresses.
"We would never propose anyone send anything from their work computers," Thomson said.
He added all e-mails received would be deleted in a timely manner.
Hotmail's local spokeperson, NineMSN corporate communications manager Kate Bedoe, said Hotmail's security was "world class" for its intended use - personal, Web-based e-mail.
"Hotmail is great for personal use. Whether or not it fits the needs of the Australian Labor Party is a really matter for [the party] to decide. We have advice for all consumers of Hotmail on how to make Hotmail the most secure experience," Bedoe said.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
BYOD security: How to protect your business on the move
-
Face Time - Interview with John Brennan and Robert DiStefano
-
Face Time - Interview with John Brennan and Robert DiStefano
-
IT service management going social
-
PC users admit to pirating software - $US63 billion worth of it
-
Top Reasons to Implement an SOA Governance Strategy: A List for IT Executives
Service-oriented architecture (SOA) has moved beyond hype to widespread acceptance as an IT strategy for delivering business value. SOA promotes the notion of modularity, providing overwhelming flexibility and superior economics for addressing business demands. However, undertaking the transformation to SOA is not without its challenges. If left unchecked, your inventory of SOA assets will become unmanageable; the reuse of services will diminish in favor of custom development; or even worse, modifications will be made to your existing services that break other business processes. The purpose of SOA governance is to help you ensure that this does not happen. This paper outlines the most compelling reasons for you to establish SOA governance within your organization. -
Enterprise Buyers Guide for Cloud Storage
Customer interest in public cloud storage is increasing, driven by the promise of affordable, elastic storage for archiving, backup/recovery, and disaster purposes. To understand the types of offerings available and to assist buyers with purchasing decisions Computerworld has prepared a public cloud storage buyers guide. -
Providing effective endpoint management at the lowest total cost
Endpoints, otherwise known as servers, workstations, laptops, mobile devices, and virtually any other network-connected device, are critical components that enable business to be transacted. Properly implemented, endpoint management ensures continuous compliance with IT policies, regardless of where the machines are located and what type of network they are connected to.
-
Poems New and Selected PPR Original
-
Microsoft PowerPoint Version 2002 Step By Step Courseware
-
Software Safety and Reliability
-
Objects, Data Structures and Abstraction Using C++ WileyPlus Standalone Registration Card
-
Web Applications
-
Knowledge Structures for Communications in Human-computer Systems
-
Service-oriented Modeling
-
Enhancing CAD Drawings with Photoshop (Includes Cd-rom, and a Foreword By George Omura)
-
Spectral Logic and Its Applications for the Design of Digital Devices
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment