This is going to be big

Written By: - Date published: 7:43 am, October 15th, 2012 - 230 comments
Categories: benefits, paula bennett, you couldn't make this shit up - Tags:

Keith Ng has uncovered a truly massive breach in MSD’s computer security, and posted about it last night at Public Address.  From Keith’s post:

My jeans were torn, my hoodie was pretty ragged, and I hadn’t shaved for a week. It turned out that bloggers are remarkably good at disguising themselves as unemployed, without even trying.

Last week, I got tipped-off that the parts of the MSD network were completely exposed to the public. You could go into any WINZ office and use their self-service kiosks to access their corporate network.

Do go and read the rest.  It gets a lot worse.

The NBR picked this up first, but it’s now on Stuff and the Herald as well.  You can also join in the ragefun on Twitter using the hashtag #wtfmsd.

If you feel like giving Keith some financial lovin’, you can also donate here.

230 comments on “This is going to be big ”

  1. freedom 1

    What plummets faster than Felix?
    National’s credibility as a Government

    • prism 1.1

      Felix Baumgartner that is!

      • freedom 1.1.1

        yeah fuck, sorry Felix,
        very very sorry for the merest possibiltiy that your good character was slighted by my words

        • felix 1.1.1.1

          lolz no offense taken at all 😀

          • kiwi_prometheus 1.1.1.1.1

            How about…

            “What goes down faster than Queen of Thorns at the annual Auckland Lesbian Ball?”

            “National’s credibility as a Government!”

            • felix 1.1.1.1.1.1

              Jeez k_p, I am QoT. How many times do I have to explain that?

            • Draco T Bastard 1.1.1.1.1.2

              K_P proves that there is life lower than slime.

            • QoT 1.1.1.1.1.3

              Oh god, you’ve called me a lesbian, that’s so terrible. Oh wait, no, there’s nothing wrong with being a lesbian, nor with performing cunninlingus on consenting partners, so … I don’t think that analogy is working out too well for you, k_p.

              • Jokerman

                🙂
                (personally, I prefer the cunning language to the fella’ ratio)
                did I just say that, oh My Lord

                now, you must read the Gospel of Thomas, in fact, there is much been hidden in the apocrypha.
                🙂

    • Dr Terry 1.2

      So here we go already with this week’s stuff up! It never stops, nor do National’s supporters cease to back up such a government (that is, in any meaningful numbers).

  2. higherstandard 2

    Gross incompetence and appalling governance…….. I expect the higher salaries commission to recommend an immediate pay rise to rectify this situation.

  3. Pascal's bookie 3

    And as Danyl highlights here:

    http://dimpost.wordpress.com/2012/10/15/open-government/

    The fact that it was open to the public in the kiosks just explains how it was found out. Everyone at MSD had full access.

  4. toad 4

    Guess WINZ had the GCSB audit their IT security.

  5. higherstandard 5

    Read the CEs bio……. comedy gold.

    http://www.ssc.govt.nz/appt-ce-msd-aug11

    • BLiP 5.1

      .

      Hahahahaha . . .

      . . . Mr Boyle is also the Government Chief Information Officer. He is responsible for developing and implementing the Government’s Information and Communications Technology (ICT) Strategy and for providing strategic advice on ICT matters.

      Brendan Boyle was appointed as the Chief Executive of LINZ in August 2003. In 2006-2007 the Landonline project, which he led, was completed successfully. Landonline provided for all land information and service provision for customers to be undertaken electronically.

      Prior to this role at LINZ, Mr Boyle was Director of the E-Government Unit, in the State Services Commission from 2000, where he was responsible for leading the drive towards an e-government environment for New Zealand . . .

      . . . glorious!

    • tc 5.2

      Hilarious, auckland’s a basket case so good to see he’s continued the good work at MSD, bravo old bean.

  6. Tiger Mountain 6

    This type of system laxity does not look good given Porker Bennetts White Paper that will see more information sharing and prying exacted on select groups of citizens.

    Interesting Ng was able to access the information with minimal key strokes at the kiosk, I used to snort with laughter during 90s action movies when characters accessed secure data bases or stopped nuclear deployments with 3 or 4 taps on the key board, but that is what Keith appears to have managed.

    Go blogger journalism.

    • freedom 6.1

      picturing John Armstrong having conniptions !!!

      all joking aside this is as serious as it gets.
      We know it is serious because the PM used ‘at the end of the day ” before mouthing innaccuracies about old IT gear and outdated systems. They just spent half a gazillion dollars in the last few years getting new gear ffs!

      That and not a single spokesperson was willing to front from MSD

      • David H 6.1.1

        Judging by the interview I saw on Breakfast the fool doesn’t seem to think that any thing is serious and Corin Dann my god he’s a journo?

  7. Hopefully beneficiaries will have a couple of bash free weeks as Bennett deals with this debacle …

    • bbfloyd 7.1

      Then the pogrom will start to find out how many beneficiaries have accessed sensitive info… A 50% cut in pay for a first offense.. full cut for any other episodes discovered…

      Full reinstatement if said bennie threatens to sell info to womens day…

    • Jokerman 7.2

      now, There is that voodoo that you do, you do..

      This is Bigger than ” gettin’ the Bash” !

    • xtasy 7.3

      The Social Security Benefit Categories and Work Capacity Amendment Bill, or whatever it is called, must NOW be withdrawn, stopped and put back into the drawer, until a complete, thorough, comprehensive, all departments, offices and service-centres encompassing investigation on system security, on privacy standards and integrity has been conducted and completed. A proper, independent official investigation, overseen by a long serving High Court judge, staffed with other outsiders (including IT specialists), is necessary now, and a report must be presented to the government, Parliament and the public afterwards.

      NO further welfare changes must be introduced and implemented, until system security is safeguarded.

      Hence Bennett must tomorrow withdraw the bill, or at least put it on hold, until this has been done. The present situation puts all beneficiaries and OTHERS at risk, exposes them to privacy exposure that is unacceptable, could lead to dire consequences, in some cases perhaps self harm and death, and this must be given serious consideration.

      Naturally all plans for the new system to store details about children at risk of abuse, about at risk parents and so forth, must also be put on hold right away.

      I expect the opposition leaders and spokespersons in Parliament to seek nothing less than this tomorrow!

      It would help for the Chief Executive to step down. I demand also that Bennett herself takes responsibility and steps down, as her uncompromising, continued push for changes in welfare, while major system failures are not addressed and sorted out, is inexcusable and irresponsible.

      That is not the conduct of a responsible minister. She also pushed for the introduction of these self service kiosks, to save costs, so that makes her complicit in all this.

  8. tracey 8

    this from a minister who values privacy “depending on the circumstances”… Bas say they notified winz of this when the kiosks first appeared.

    • freedom 8.1

      apparently those reports/complaints were made to MSD a year ago

      • Lanthanide 8.1.1

        On the radio they made it sound like those initial reports were about some other problem that was rectified at the time. Hard to tell.

        I’d err on the side of caution and just assume that anything they raised over a year ago was a separate (although possibly related?) issue.

        • freedom 8.1.1.1

          haven’t heard the radio. I only had the tv at work, I listened carefully to what Jacinda Ardern said when she mentioned the advocacy groups had told her they raised the issue a year ago

          and speaking of work i better go do some before i end up having to go see the MSD myself, something i never ever want to do again

        • Colonial Viper 8.1.1.2

          Its important to realise that this isn’t an IT problem. This is a massive failure of competence and leadership.

          National will try and spin this as a minor technical glitch.

          From what I can see, MSD left virtually every part of their internal networks completely open. Any polytech student who has a 1 year network admin course knows not to do that and how to prevent it.

          • brybry 8.1.1.2.1

            Yes indeed.

            “Key this morning told TVNZ’s Breakfast programme accessing the information wasn’t easy, but he conceded it was a “huge problem”.
            “You had to go looking for it, but if you knew what to do, you could get in there,” he said.”

            This is quite plainly bullshit. Choosing “File->Open” might not be easy for John Key, but it is for almost anyone else.

            Not having your publicly accessible services connected to your corporate network is really CompSec 101. And what were their testers doing?

            • Jim Nald 8.1.1.2.1.1

              Quite remarkable comments coming from a man who likes to feign ignorance by saying he doesn’t know,

              who tends to conveniently suffer from memory loss and is quick to say he can’t recall, and

              who resists reading especially if the report is vital for him to make real decisions crucial for the continuing existence of his government.

              I wonder if he shares similar values and character traits with the puppeteer who parachuted him in to hijack my family’s Party which I used to vote for.

      • Liberal Realist 8.1.2

        Supporting your statement; I was listening to Radio Live w Rodney Hide (filling in for Michael Laws , I on occasion, enjoy listening to bigoted rants of talkback) this morning and a caller came on, stating that they had witnessed this sort of network access first hand (with a colleague, Nelson WINZ I think?) and subsequently reported it – get this, over a year ago!

        Should be interesting/amusing to watch Bennett squirm…

      • Vicky32 8.1.3

        apparently those reports/complaints were made to MSD a year ago

        I heard that on Radio NZ this morning… Kathryn Ryan was interviewing the beneficiary support woman.

  9. Jokerman 9

    Now, This is Bigger than Texas
    (must have been something in the water)

  10. toad 10

    Guess what? MSD’s CEO’s immediate previous job was – wait for it – Government Chief Information Officer.

  11. Jokerman 11

    Dear Paula,
    “Without doubt the greatest injury of all was done by basing morals on myth. For sooner or later, myth is recognised for what it is, and disappears. Then morality loses the foundation on which it has been built”

    Kind Regards,
    Lord Samuel (that’s, First Viscount Samuel to you Minister)

    apparently, Hegel says somewhere that all great events and personalities in world history reappear in one fashion or another. he forgot to add; the first time as tragedy, the second as farce.

    Kind Regards
    Karl Marx

    (now there is some schadenfreude)

  12. tracey 12

    Lanthanide, when alerted to the initial problem the entire security system shld have been analysed… If it was and its happened again…

    • Lanthanide 12.1

      Apparently it was ‘rebuilt’ after the initial security thing.

      Obviously for something like this to end up in production, the process was deeply flawed from start to finish.

  13. King Kong 13

    Good to see you guys finally getting on board the “incompetence of the civil service” bus.

    Lets join together to give those tax payer funded cockroaches what for!

    • It’s only incompetence when the right do it.
      When Whaleoil managed to get into the backend of Labour’s website it was theft and hacking.

      (For the record I think labour and National are as incompetent as each other)

      • felix 13.1.1

        Nah that was slack as too, and Labour got rightfully slapped around by their own supporters for it.

        There was another question there though, which was that no-one believes the Slater child actually did it himself.

      • Vinsin 13.1.2

        It’s quite different from the Whaleoil affair. Whilst Labour’s site was wide open if someone knew how use additional software and had a modicum of knowledge of back end coding, the MSD was open for anyone with a mouse and knew how to click file open. Also the files were editable, meaning they could be copied, changed and deleted.
        And as Felix said, Labour was rightly slapped about for their fuck up.

    • tc 13.2

      try not to confuse decades of solid systems security and knowledge (albeit a tad slow) with NACT’s high profile, highly paid Consultants driven initiatives combined with their slashing of workforce numbers.

    • Draco T Bastard 13.3

      The fact is it was probably done by a private contractor who got the cheapest help available. Sure, the MSD should have overseen the work but who there actually knows what’s what in IT? What this really shows is that the government need a professional IT department.

  14. vto 14

    .
    1. EQC, despite having 80 years to prepare, finds itself without a plan to deal with an earthquake striking a major New Zealand city.

    2. The Prime Minister allows the GSCB to openly spy on New Zealanders despite it being clearly against the law.

    3. The MSD just has complete massive botch up after complete massive botch up.

    You know, in the private sector these organisations would fire the people responsible for these sorts of things or even go right out of business.

    Complete and utter incompetence. Why is this?

    botch up after botch up after botch up.

    • Tiger Mountain 14.1

      Because public service is somewhat accountable compared to the private sector, it is also under immense pressure with sinking lids, funding removed and less people to do the same amount of work creating a highly stressed work force including roaming bands of lame duck over priced consultants.

      One point-how many $Billion was it that SCF received from the long suffereing tax payer? A reasonable sized botch up, 30 plus finance companies down the toilet owing millions to hundreds of greedy (I mean mum and dad) fleeced kiwi investors. A another reasonable size botch up and a bit of jail time too for some. The business is better at stuff argument is slimmer than Rod Petrecevric’s xmas card list vto.

      • vto 14.1.1

        Well, you have a bit of a point, but you have actually confirmed the point I made. In business when massive botch-ups occur businesses go bust, people lose their jobs and people go to jail at times. The same sanctions / accountability rarely seem to apply in the public service. That was my point. Happy to be proved wrong though ….

        • Flying Kiwi 14.1.1.1

          “In business when massive botch-ups occur businesses go bust, people lose their jobs and people go to jail at times.” – yeah, like all those banks that went bust, CFOs who lost their jobs and bankers who went to jail for bringing about the Great Financial Stuff-up?

        • Draco T Bastard 14.1.1.2

          Happy to be proved wrong though ….

          Banks and Brash aren’t in jail, as they should be, for signing false documents.

        • Colonial Viper 14.1.1.3

          In business when massive botch-ups occur businesses go bust, people lose their jobs and people go to jail at times. The same sanctions / accountability rarely seem to apply in the public service.

          The accountability needs to be there at a professional and individual level, yes.

          But, you’re not going to close down or make bankrupt the MSD or the NZ Army or the Fire Service or Starship Hospital because there is a fuck up, are you?

          The analogy is inappropriate. You fix the problem and move on.

    • Red Rosa 14.2

      Starting to look like a Black Caps batting collapse. Add a few SI items

      Parata and the ChCh schools fiasco

      The ECan continuing takeover, against advice

      The Pike River scuttle

      for starters – a full NZ list, just for the last couple of months, would be a shocker.

    • Draco T Bastard 14.3

      Complete and utter incompetence. Why is this?

      For the last 30 years we’ve been cutting government. Now we get to reap what we sowed.

    • Liberal Realist 14.4

      “Complete and utter incompetence. Why is this?”

      Tories without a clue. The problem started at the top and has progressively spread throughout the public service sector.

  15. tracey 15

    The hallmark of leadership is how you take responsibility for the failure of those you lead. As for incompetence of the cs, are we sure it wasnt a system built by consultants or contractors?

  16. The kiosk was connected to the main msd data base,which is a no,no,so those
    highflyers need their arse’s kicked out of office.
    Is any private information private anymore,in any govt dept ? probably not.
    What’s going to happen next with this happless,hopeless keyness,lot.

    • vto 16.1

      “Is any private information private anymore,in any govt dept ? probably not.”

      ha ha, you have to be fricking joking. Anyone who trusts an organisation (public and private) over anything is a fool. The world is simply too large and everyone is too far removed to feel accountable over anything today imo. It’s all fucked.

      • Draco T Bastard 16.1.1

        The world is simply too large and everyone is too far removed to feel accountable over anything today imo. It’s all fucked.

        Yep, there’s too many cut outs so that those who should be held responsible aren’t.

  17. Enough is Enough 17

    Bennet will be gone by the end of the week.

    Key will want to reassert the authority which has all but gone as a result of his governments complete failure to fuction this year.

    He will sack her as a pathetic show of being the boss.

    • Tom 17.1

      Dream on ..

      • Colonial Viper 17.1.1

        Ah Tom, you’ve not thought through the strategic implications for the National Party of Bennett’s Ministry having massively blundered under her watch.

        I personally hope you are right and that Bennett limps on like a wounded predator in her portfolio until Christmas.

        • McFlock 17.1.1.1

          I tend to agree with Tom – for Key to demand accountability from his ministers would be a precedent that he would well fear as being a petard that should hoist him equally well. 

    • David H 17.2

      Then he should also sack Parata Joyce Brownlee they have all been as incompetent just haven’t had the massive security breaches yet.
      But to not have set the profiles with no access to sensitive areas was dumb. No not dumb, this was incompetence on a grand scale. Any one that’s been near a network knows you have to set the shares to secure drives that you don’t want seen. Why were the kiosks even on the same network? this has to be the biggest question.

      Well key wanted to get the Dot Com scandal off the front pages. There you go John. Be careful of what you wish for…

      • Jokerman 17.2.1

        🙂 (of course I am laughing, off and on, all day today) as I prepare to serve at the meal for a small sub-section of those of our People that this mis-direction of a minister chooses to malign

    • Vicky32 17.3

      Bennet will be gone by the end of the week.

      I wish I thought you were right!

  18. prism 18

    We know how seriously Poorer Benefit regards ‘her’ beneficiaries privacy by the way she was happy to reveal individuals’ private information to the media because she was annoyed at suggestions of bad decisions. So Princess Poorer is quite prepared to demean the people using her government portfolio. So now there is a hole in the information security – this just follows the trend.

    NZ citizens are getting less and more inefficient services from our elected government. They are bad managers of the country with a bad attitude and Princess Poorer reigns over the most vulnerable. Further government is no longer ready to deal with people directly and making this more difficult or impossible and replacing the personal by pushing bennies into the far distance having to use machines . This may be difficult for the ordinary beneficiary, or the beneficiary may find he or she is talking to some faceless person who is just a voice over the phone, sometimes after a long wait to a call centre that may not supply correct or full information. See what has happened to Housing NZ tenants!

    Princess Poorer was once a beneficiary, John Key was once a beneficiary, and indeed many in Parliament have received benefits in their families as a result of need while they were young. All Parliamentarians too, receive advantage from the NZ government as ordinary citizens apart from their salaries. Let’s spread this advantage further. I think that other beneficiaries should be given opportunities for free education and trips overseas. Perhaps there could be a weekly draw for this as in Lotto. Though when a couple of keen hip hop music devotees got $26,000 to go overseas and study what was being done with this art resource overseas this was frowned on by Helen Clark. Perhaps it has resulted in opportunities from that information for the young in Christchurch. Anyone know what were the downstream effects?

  19. tracey 19

    Vto

    Like the former ceo of brierlys who got 4m to fuck off after he plunged the shares. To 25c. Now he gets to chair companies and crown entities. I bet he feels punished.

    • vto 19.1

      I aint defending that at all. It is the system that allows that to happen (a system designed and monitored by the public service I note).

      Tell me, did anyone ever take a proper fall for the Cave Creek disaster? (no pun intended)

      • Pascal's bookie 19.1.1

        From memory, I think the Minister eventuallt resigned after it was determined that there were ‘systemic’ problems.

      • Stephen 19.1.2

        Yes, Denis Marshall was the Minister of Conservation and he resigned. Of course that was back in 1995 when quaint notions like ministerial accountability were still held to be important.

  20. ianmac 20

    Chief Executive, Ministry of Social Development Brendan Boyle will be paid tens of thousands as a bonus for detecting computer leaks and for managing the recovery. Meanwhile a lowly ranked IT person will be sacked for incompetence. That is the way the system works. (Wonder if downsizing State Services has a connection?)

  21. BM 21

    How is this Nationals fault and it wouldn’t be Labours fault either if they were in government.

    All I see is incompetence on behalf of the programmers that set up the system.
    If it was set up by a private firm, sack their arses and hire some one competent
    if it was done in house sack their arses and hire some one competent.

    Great another BS media side show that’s going to drag on for weeks.

    • Flying Kiwi 21.1

      “How is this Nationals fault and it wouldn’t be Labours fault either if they were in government.”

      Fair question. Had it happened under a Labour Government it would be responsible.

      The relevant questions are:

      1. Is it less likely to have happened under a Labour Government, and
      2. Is there likely to be any difference in the responses to its happening under a Labour or a National Government?

      I suggest the answer to 1 is, yes, it is less likely to have happened under a Labour Government because under Labour the system is more likely to have been implimented by in-house employees with a stake in getting it done right and a seamless hierarchy of responsibility to the top. Under National it is more likely to have been done on the cheap by outsiders with no incentives to build a robust system and very responsibilites once they’ve been paid.

      I suggest the answer to 2 is, as under Labour it was done in-house those responsible right up to the Minister would have to carry the can. Under National the can will be kicked from department to contractor and back ad infinitum and the Minister will be able to hide behind ‘operational matters’ excuses and contractual confidentiality.

      • BM 21.1.1

        I disagree, from my experience in working for the public service no body gave a shit and the wastage was immense.
        You basically have to kill someone to get fired.
        On the other hand if a private firm fucks up a job, they get black listed, no more government work, bit more of an incentive to get it right .

        • Colonial Viper 21.1.1.1

          On the other hand if a private firm fucks up a job, they get black listed, no more government work, bit more of an incentive to get it right .

          How’d your theory go for the private contractors who put the kiosks together for the MSD?

          Oh it didn’t, what a surprise.

          • BM 21.1.1.1.1

            Who do you think is paying for this fuckup to be fixed?
            Not the government that’s for sure.
            The company either fixes the issue if it’s fixable at their cost otherwise they’re out the door.

            • Draco T Bastard 21.1.1.1.1.1

              The company either fixes the issue if it’s fixable at their cost otherwise they’re out the door.

              So they just walk away from it and the government coughs up the costs of fixing it. That particular company might even get wound up and then the owners will create another one doing exactly the same things.

            • Kotahi Tāne Huna 21.1.1.1.1.2

              How many people have had their privacy jeopardised or breached? The company’s going to compensate them all, is it? Deep pockets they must have.

              • BM

                No ones information has been spread around, apart from this guy Ng who else has seen anything
                What I do find disturbing though, is that the person that tipped him off never thought of letting the MSD know about it but instead past the information onto a blogger so he could write a story to try and embarrass the government.

                Was it another Labour party supporter within the MSD spreading confidential information in an attempt to make National look bad?, wouldn’t surprise me.

                [lprent: Tell me, if you are a WINZ ‘client’ living in a climate of fear caused by Paula Bennett’s actions targeting critics drawing a benefit, or threatened by cuts to benefits when WINZ staff notice you – then why would you want to help such an organisation?

                Haven’t you read comments around here about peoples experiences dealing with WINZ these days. They have zero interest in dealing with them for any reason. The reason for that comes partly and directly from Paula Bennett targeting active opponents of National’s stupid welfare policies. An attitude that carries through into their approach to trying to get people off benefits by starving them rather than helping find them work.

                But in answer to your last point. If I see a file open on a public system then I have a look inside it because I presume that it was put there for me to look at. Most people are the same. It doesn’t require any special skills. I’m sure even our IT illiterate PM could do it almost as well as any kid who has been using a computer since shortly after birth. ]

                • Colonial Viper

                  No ones information has been spread around, apart from this guy Ng who else has seen anything

                  Hey mate did you get access to the MSD’s systems too, in order to check that no one else had accessed the information?

                  LOL!

                • Kotahi Tāne Huna

                  “No ones information has been spread around,” Says who? Forgive me if I don’t take your word for it.

                  No doubt the lawyers will make much of the uncertainty, the extra stress of not knowing…

                  Deep deeeeeepppp pockets.

                  P.S.: a random grab-bag of “collectors” were in the files last year. Someone tipped Ng off. Wanna lay odds on the whole lot having been downloaded by someone?

                  • Jackal

                    I think we should asume the entire database has been copied multiple times.

                    This could potentially have been undertaken by pedophiles looking to find their victims whereabouts to continue the abuse… It could have been used by gangs to find out the addresses of people.

                    The potential harm such a gross breach of privacy may have caused should not be underestimated, but unfortunately it’s unlikely we’ll ever find out the true extent of the damage caused.

                    • Definitely, if they wanted the info they’ve got it.

                    • Jim Nald

                      Oh oh oh oo ooo, I feel a ‘John Key moment’ descending on my mind … too late, rats, here goes …..

                      if those pedophiles and gangs already have got the information, they should come forward and “prove it”.

                    • “if those pedophiles and gangs already have got the information, they should come forward and “prove it”

                      That’s how the burden of proof works, if someone says something, a tape of me saying something for example, exists then it is up to them to justify that claim.

                    • It’ll happen TC.
                      In all of these cases it took a PM from another party too get the info released.
                      (i.e. If Sparkles aint the PM he can’t order them not too anymore)

                    • Well, if not Shearer looks like a fucking moron.

                      Edit: more than already does I mean

                    • McFlock

                      It’s not how information security works, though. If you can’t guarantee its confidentiality to an acceptable level, then it needs to be regarded as  compromised.  
                              

                    • True McFlock, It’s a case of “Healthy Paranoia”

                    • “Edit: more than already does I mean”

                      What idyllic picture are you judging that on TC?
                      Key has been lying about everything for 30 years straight and you’ve just started callin him on it.

                      Name your Ideal Leader TC.

                • Vinsin

                  “Was it another Labour party supporter within the MSD spreading confidential information in an attempt to make National look bad?, wouldn’t surprise me.”

                  BM

                  That comment is almost as retarded as the security flaw. How could you logically even think that, someone in MSD wants to undermine their department to make National look bad, because… oh right, Labour gives them a huge payout, but then wouldn’t further investigation find the individual or parties involved. Seems like a huge political risk to take, in fact i would suggest it would border on treason to knowingly let sensitive information out on purpose. Wouldn’t that essentially destroy the Labour party for the sake of some mud slinging?

                • prism

                  BM
                  You’re a funny one. The fact that there is something like this to report by a blogger is the example of why it is important for bloggers to reveal such things publicly. Otherwise its put some masking tape on it and carry on. The government get embarrassed? I understand that special big elephant guns are required to bag them and this government and most, combine the cunning and watchfulness of a meercat with the hide of an elephant. Either way nothing ordinary gets them.

            • insider 21.1.1.1.1.3

              Not sure how a company providing the kiosks could be blamed for unrestricted access to MSD corporate servers. It would be the MSD IT people who control access and protocols around getting access, as well as the comms links.

              My uneducated guess is that the kiosks are only supposed to give access to public online info but were connected as internal MSD computers – because they are in MSD premises – so sitting at one is like sitting at a company workstation.

              • BM

                Makes sense, the question is how did Ng know that, who gave him that information?

                • Colonial Viper

                  Ah yes, must be time to Kill the Messenger. A very predictable CT led tactic.

                  Why don’t we wait until we get some Ministerial and Excecutive responsibility first, boys?

                  • Draco T Bastard

                    Ah yes, must be time to Kill the Messenger. A very predictable CT led tactic.

                    Exactly what I was thinking.

                • insider

                  He was told by someone who had probably had a play on it earlier. It’s a public computer so nothing sinister.

              • Lanthanide

                I’d pin the blame equally 50/50 on the external contractor and the MSD IT department, unless it can be shown that one group instructed the other on how it should be done in which case it would then be 100% the fault of whichever had been instructed (most likely the contractor instructing MSD IT).

                Either group should have caught this, in the design or rollout and testing of the units, which both groups should have been involved in.

                • Colonial Viper

                  Either group should have caught this, in the design or rollout and testing of the units, which both groups should have been involved in.

                  Its a wonder that a tonne of ordinary internal users at MSD didn’t notice this.

                  • brybry

                    A kiosk is just a vanilla OS install (Windows in this case) that has had a lot of the functionality tied down, or disabled. The “File/Open” issue is a well known one, so whoever did the kiosk build is a retard.

                    The fact that it was also connected to their internal network is huge no-no and just plain unforgivable. The reason that decision was made needs to be looked at. ($$ would be my guess)

                    • BM

                      So in your personal opinion, do you think it’s a one off? or could it be much more widespread.

                    • brybry

                      Not sure why I can’t reply to your post BM. (So I’ve replied to mine!)

                      I assume that all of these kiosks will be the same build, so they were most likely all capable of the same access.

                      This really is basic basic stuff, it’s pretty frightening that it happened at all, and is also why I would think that it has got to be a one-off. It won’t be a widespread issue in my opinion.

                    • Vinsin

                      The site won’t let me reply to the one underneath.
                      Maybe this link will help answer your question.
                      http://computerworld.co.nz/news.nsf/news/winz-kiosk-security-issues-may-extend-to-other-agencies-expert

                      [lprent: There is a limit on comment thread depth of 10 indents. Otherwise the comment get more and more vertical. You can tell when you have hit it – no reply link ]

                    • Lanthanide

                      @lprent: actually it might be better if it showed the reply link, but simply made it reply to the parent post instead. Would certainly be easier for those really long threads where it can take a bit of scrolling to get to the right post to reply to.

      • insider 21.1.2

        So it would be like the Government Shared Network?

  22. tracey 22

    Bm, you havent noticed a pattern of privacy breaches under this government? Acc, ird, winz… Do you give bennet credit for allegedly clamping down on welfare or do you praise the civili servants for it? You cant have it both ways

  23. Key on tv earlier ‘minimising the maximus’ its ok, not a prob.

  24. Colonial Viper 24

    Have donated Keith Ng a few dollars. Come on peeps lets see if we can’t get the man over $3K for this story.

  25. tracey 25

    I wonder if the details of his blind trust were made public he would be so blase

  26. Lanthanide 26

    Looks like Shearer’s/Labour’s poor handling of the supposed GCSB-Key tapes will be smothered by this story. Lucky break.

  27. Memo from Crosby Textor

    To John Key

    Continuing disclosures concerning Kim Dotcom

    The situation is now grave. The good will that we have been able to manufacture for you concerning your personality is being undermined by your contiuous failure to know what is happening. The perception of your competence level is now in grave danger of matching your actual competence. And you have misunderstood plausible deniability. You are only meant to tell lies when it cannot be shown that you knew you were lying.

    The situation is grave and so we are now recommending the nuclear option. This may obliterate one of your strongest performers and her career but these are drastic times.

    The proposal is that you manufacture a crisis. This Government is renowned for privacy breaches so we recommend that the breach involves the MSD. And it has to be really simple to do, along the lines of walking in off the streets with a USB drive and downloading thousands of potentially significant items of information. And to make it worse the breach ought to have been pointed out previously but not acted on. And it has to undermine Minister Bennett and take down her flagship data matching project which was recently announced.

    The only benefit is that Dotcom will no longer be the lead story on the news. Until the next disclosure …

  28. Kotahi Tāne Huna 28

    The MSD and the Privacy Commissioner have known about this problem for a considerable amount of time.

    ‘Work and Income has zero tolerance for staff who breach the privacy of clients. Our Integrity Unit regularly conducts random checks of our systems, to detect such breaches.”

    The Privacy Commissioner has been informed and each client whose privacy has been breached is being contacted individually.

    That was last November. The article makes no mention of the time period over which the offending occurred.

    Amazing that some seem more concerned about Keith Ng’s behaviour than the ministry’s, and yes, of course this is a management issue, and of course the Minister has to take responsibility for it. As for Mr. Ng, he was authorised to access the data – it was a public server and people were encouraged to use it.

    • insider 28.1

      Looks like a completely different issue – the one you link to is staff using their computers for illegal acts. Ng’s work involves public terminals accessing back office systems.

      • Kotahi Tāne Huna 28.1.1

        Nope – the lax security in the network is obvious. Ng’s investigation demonstrates that once in, it’s access all areas. The article demonstrates it isn’t the first time this has caused problems.

    • mike 28.2

      Work and Income has zero tolerance for staff who breach the privacy of clients.

      Damn straight, only the boss is allowed to do that.

  29. captain hook 29

    gonna be big allright.
    the biggest cockup by infantilised adults new zealand has ever seen.
    this lot cant get anything right.
    must of been distracted by facebook or sumfing.

  30. Dr Terry 30

    For all the BIG issues that have been occurring for weeks and months, how is it that we get a poll result such as that delivered by TV 3 yesterday? Will the Standard comment on this, for there is a good deal I would like to day.

    • “For the great majority of mankind are satisfied with appearances, as though they were realities, and are often more influenced by the things that seem than by those that are.”
      Niccolo Machiavelli (1469-1527): Discourses, 1513-1517

  31. muzza 31

    Frankly I find it hard to believe this was an “open hole”

    The solutioning behind the work, which would of course have been carried out by an external vendor, but most likely QA’d internally, not to mentioned security assessed, as government departments must do.

    This is an oversight too stupid to have been missed by accident.

    • marty mars 31.1

      hey muzza, if not that then what? deliberate?

    • Vinsin 31.2

      Apparently the system was built and tested by KPMG regularly. Up until today they had never seen a hole. Stupidity, lack of inclination, lack of budget are a few other options I can imagine, the reality is National couldn’t give a fuck about beneficiaries.
      Why spend money protecting people you absolutely hate?

  32. vto 32

    All I can say is that technology is over-rated.

    For example, eftpos is slower than cash. And nowehere near as aesthetically pleasing. Eftpos is such a stupid idea.

    • muzza 32.1

      Eftpos is such a stupid idea.

      But an important idea in the roadmap to a cashless society!

    • Lanthanide 32.2

      Depends on the amount of cash. If you’re talking $200+ in $20’s, eftpos could easily be faster.

    • Colonial Viper 32.3

      Increases dependency on electronic transaction systems and provides highly traceable transaction activity located to time and place.

      • Jokerman 32.3.1

        my thoughts exactly. all CONSUMPTION habits are recorded and analysed
        ( I withdraw my small income in cash, and meet my commitments, in cash, generally, unless I forget)

        • Jackal 32.3.1.1

          +1 So do I. I also remove all savings and investments from New Zealand while National is in power. Better to be safe than sorry.

          • Jokerman 32.3.1.1.1

            Amen Brother / Sister
            (I tried to comment on your site but technology / luddite difficulties (we all have our Achilles heel, personally, for me it was flow charts in the eighties; now for most people it is super-cession, this is just an old desktop that sat in the corner until I came along)
            🙂

    • Gosman 32.4

      Not really. If you wish to purchase something over a certain amount of money then Eftpos is likely faster and more efficient for you.

    • Draco T Bastard 32.5

      For example, eftpos is slower than cash.

      Try not to use cash any more as it’s a PITA. I actually find cash slower and then I actually have to carry the stuff around and make sure I have enough etc etc.

      And nowehere near as aesthetically pleasing.

      Fuck the aesthetics.

      Eftpos is such a stupid idea.

      Nope, it’s absolutely brilliant. It’s only downside is that it’s run by the private sector.

      • Gosman 32.5.1

        Your problem with it being run by the Private sector is what exactly?

        BTW Kiwibank could set up a rival Eftpos system just as the ANZ bank did.

        • Colonial Viper 32.5.1.1

          Duplicate systems are costly and unnecessary. Just nationalise it and have it run as a utility for the public good. Businesses will love the lower costs.

          • Gosman 32.5.1.1.1

            You assume the costs will be lower which is definitely not a given. Business seems happy with the status quo but I suspect you think you know better than those silly business people.

            • felix 32.5.1.1.1.1

              Is it being run for profit? If so it can be run for less.

              • Draco T Bastard

                EFT-POS in NZ is owned by the four Australian banks so it can be assumed that they’re making a profit.

                @Gosman

                Business seems happy with the status quo but I suspect you think you know better than those silly business people.

                Businesses don’t have a choice.

                • Colonial Viper

                  Gossie demonstrates how out of touch with SMEs he is. SMEs fucking hate the EFTPOS fees, the bullshit costs to upgrade EFTPOS terminals, the incessant predatory ticket clipping which goes on.

                  Basically, Gossie has no concept.

        • TheContrarian 32.5.1.2

          Yeah I am kinda confused by why being run by the private sector is a downside.

          • McFlock 32.5.1.2.1

            big surprise, dat.

            • TheContrarian 32.5.1.2.1.1

              Amusing as always

                • Sure. You can assume all types of things.

                  Setting aside there is no guarantee of cheaper prices (because you know, no government has ever run anything to make a profit from it) what’s wrong with providing a service for profit? Those business who use eftpos, say coffee shops, also pay for food and coffee. Shit, that should all be nationalised to because it would be cheaper than paying those greedy coffee producers to funnel their money overseas.

                  • felix

                    If food and coffee were monopolies I’d go along with that.

                  • McFlock

                    Depends.
                         
                    Is the barista the sole or near sole supplier of a piece of infrastructure that is essential for modern society? There’s the reason your coffee analogy is intensely stupid.

                    Have you seen what happens in a supermarket when the EFTPOS goes down?

                    • “Have you seen what happens in a supermarket when the EFTPOS goes down?”

                      Because under the watchful eye of government EFTPOS will never go down!

                    • McFlock

                      wow, you overdosed on the stupid pills tonight, didn’t you.
                             
                      Show me in this thread where anyone has said that perfect operation is a benefit of state ownership. I merely pointed out that EFTPOS going down tends to block customer ability to purchase goods much more significantly than a barista taking a break shortens my options for a morning coffee. 

                    • Great, so we both agree that neither in private or public owner can guarantee that EFTPOS service won’t go down. We are making progress, sorta.

                      So then your gripe must be about profit, as my example about the cafe pointed out, the business owner has other outgoings which profit others too. Are you going to complain about that too?

                    • McFlock

                      are those other outgoings being paid to near-monopolistic suppliers of goods or services essential to the operation of a modern society?
                         
                      No, raw sugar and milk thermometers don’t meet that criteria? Oh. well I guess not. Maybe you should learn to read. 

                    • “are those other outgoings being paid to near-monopolistic suppliers of goods or services essential to the operation of a modern society?”

                      Since we have already established that the government is no guarantee these “services essential to the operation of a modern society” will run anymore efficiently than they already do then this is a mere red herring.

                      So your problem is the money is going to something you don’t support despite it providing a service that the public seem to be fairly happy with, as well as the business that use them.

                      edit: Anyways, lets take this up in the morning. I have an early networking breakfast to attend…which sounds more boring than it is.

                    • McFlock

                      Fucking slide there with extra lube. 
                           
                      1: no guarantee of never failing != comparative efficiency
                      2:  failure rate is not the only measure of economic efficiency. Extra money being sucked out by profit-seeking also counts.
                      3: use of a near-monopolistic service that is essential to modern life no more equals “people seem to be happy with it” than drinking from the only polluted water source in the area signifies that the water is safe.
                       
                      Slippery cont. 

                    • If ever meet you in real life, McFlock, I am going to insert an oily penis into your ear.

                      You fucking Tory.

                      [lprent: Where was the point of that comment? McF managed to make several points with extra abuse. Yours just read like a stupid threat.

                      And I suggest that you be curtail giving a “humourous” response. This is a warning that you may yet achieve your ambition to self-matyrdom. ]

                    • felix

                      “Since we have already established that the government is no guarantee these “services essential to the operation of a modern society” will run anymore efficiently than they already do then this is a mere red herring.”

                      No, its the entire argument you’ve been working so hard to ignore. It’s about removing the drag of profit from monopolistic essential services and nothing to do with any of the strawmen you’ve failed to erect.

                    • McFlock

                      cheers, cottonbud…

                    • See you tomorrow, sweet-pea

                • Jokerman

                  Lord, Contrarian, you, like myself, appear to let your self down at times; yet often so witty?

        • Draco T Bastard 32.5.1.3

          Your problem with it being run by the Private sector is what exactly?

          1.) The dead weight loss of profit
          2.) The fact that unaccountable private businesses have such information about me and everyone else
          3.) The transfer of money is an essential public service and, as such, should be done by the government.

          BTW Kiwibank could set up a rival Eftpos system just as the ANZ bank did.

          Why increase the expense?

          • TheContrarian 32.5.1.3.1

            “1.) The dead weight loss of profit”

            Profit is not always ‘dead weight’. It is only dead weight if shuffled off into a tax haven. If it is spent and invested it becomes active in the economy.

            “2.) The fact that unaccountable private businesses have such information about me and everyone else”

            Like your WINZ details? Or like the credit card numbers Labour accidentally left unsecured? Or some ACC details which rolled a top minister?

            “3.) The transfer of money is an essential public service and, as such, should be done by the government.”

            The payment between the organization I work for and myself is an arrangement between myself and them. I have a legal as well as social contract between them. The government does not come into it expect to tax my tax (which I am happy to pay). When I buy something from a private company, that is a transaction between myself and them using a means of monetary transfer which has been agreed upon by both parties. The government does not have any need to be a party to this.

            • Colonial Viper 32.5.1.3.1.1

              Profit is not always ‘dead weight’. It is only dead weight if shuffled off into a tax haven. If it is spent and invested it becomes active in the economy.

              BULLSHIT

              Investments in overseas bonds and derivatives does nothing for the “economy” that real people live in. (although it might help Wall St investment bankers).

              The best way to make sure that money stays in the community which generated the profits is to pay more workers in those communities more.

              • “The best way to make sure that money stays in the community which generated the profits is to pay more workers in those communities more.”

                So profit is not always dead weight. Glad we agree.

                (p.s. I never said “overseas bonds and derivatives”. I meant spent in the local economy, invested into infrastructure, new technologies and start-ups. i.e in useful, productive sectors.)

                • Draco T Bastard

                  Paying workers isn’t profit and you know that. It’s payment to cover their living expenses.

            • Draco T Bastard 32.5.1.3.1.2

              1.) Profit is always a dead weight loss.
              2.) WINZ is democratically accountable.
              3.) So you’d be fine with accepting IOUs from every Tom, Dick and Harry?

              The government does not come into it…

              Incorrect. The government essentially makes the money used in society worth something.

              When I buy something from a private company, that is a transaction between myself and them using a means of monetary transfer which has been agreed upon by both parties.

              A transaction that, most likely, can only come about due to the existence of government.

              The government does not have any need to be a party to this.

              Wrong again. Without the government setting and enforcing rules for the transaction there’s no way you’d be able to trust that the transaction was worthwhile – not in a society larger than about 200 hundred anyway.

              But that’s not the point. If the government owned and ran EFT-POS they’d come into the transaction no more than the banks do now. The only difference is that the government wouldn’t clip the ticket and so you’d get to keep more of the money from the transaction.

    • Dv 32.6

      Here is a challenge for you VTO
      Pay power account, telephone, trade me purchase to someone in wairoa, amazon book purchase in cash in 20 min with no extra cost like petrol.

      • Gosman 32.6.1

        Good point. It is possible if VTO can wire the cash via something like Western Union. However that is simply another form of electronic transfer albeit a more primative version.

      • felix 32.6.2

        Dv you can just do all of that on line. Why would you bother driving to all those places to use their eftpos machines? And what if the person in Wairoa doesn’t have one?

        • Vinsin 32.6.2.1

          What’s this “on line” you speak of? Is there a line somewhere I don’t know about?

          • Gosman 32.6.2.1.1

            So Eftpos is somehow not useful yet the Visa and Mastercard payment systems , (which are owned by those dreaded foreign companies), via the internet is fine??? Go figure.

            • felix 32.6.2.1.1.1

              Sorry Gosman, I didn’t realise “EFT” stood for “Every Fucking Thing”.

              Can you remind me again what the “POS” stands for?

              • Gosman

                You seem to be making an assumption that a payment via Eftpos is fundamentally different to making a payment online. I’m letting you know that they are not really. In many countries they use Creditcard systems to replicate what we have here with Eftpos.

                Interesting that people think Eftpos is a monopoly, or near monopoly, and thus should be nationalised. There are two main players in the POS industry in NZ. This is similar to how many main players are in the operating system market. Do people want to see Microsoft nationalised as well?

                • felix

                  “You seem to be making an assumption that a payment via Eftpos is fundamentally different to making a payment online.”

                  Not an assumption. There’s very a clear distinction between a POS transaction and an online one. The clue is in the name.

                  “I’m letting you know that they are not really.”

                  But you’re a moron. Not only have you failed to note the context of the discussion, you’ve also missed all of the detail. The answer you pretend to seek has already been spelled out for you several hours earlier.

                  • Gosman

                    The context of this discussion was that VTO stated technology was overated. VTO then went on to use Eftpos as an example and stated cash was much better.

                    In that context pointing out that Eftpos transactions and Internet transactions are pretty much the same is valid. It would be completely idiotic for VTO to state Eftpos is not good but internet transactions are fine.

                    • felix

                      vto compared cash vs electronic at the shop counter. That’s what “POS” means you fucking dunce.

                    • Gosman

                      Whether it is POS or not is irrelevant when it comes to the underlying technology. Both POS and Internet payments utilise similar infrastructure. To try and argue that one is fine while the other is a waste of time is a stupid argument.

                    • Colonial Viper

                      Except for the fact that:
                      – EFTPOS came out many years ahead of internet purchasing,
                      – EFTPOS cannot be performed in a card absent transaction
                      – EFTPOS does not require the use of a credit card style product whereas internet transactions do
                      – EFTPOS cannot be used by internet businesses to transact sales.

                    • felix

                      “Whether it is POS or not is irrelevant when it comes to the underlying technology”

                      No, because that was the comparison. Cash at point of sale vs eft at point of sale.

                      It’s not my fault you didn’t understand it, but there’s nothing new about that.

        • Dv 32.6.2.2

          Felix my point exactly.
          VTO said Eftpos is such a stupid idea.

  33. AsleepWhileWalking 33

    ALL WINZ FILES SHOULD BE CONSIDERED COMPROMISED.

    http://publicaddress.net/system/cafe/onpoint-msds-leaky-servers/?p=272452#post272452

    All of them, including secure files such as mine. I expect a sizeable offer in the mail and an apology by phone within the week.

  34. CERA could also be compromised now ,what a shame, gerry wont be happy.

  35. weka 35

    Following links from twitter…
     
    La Maison du Che’z, About 6 hours ago
     

    This is pretty gobsmacking and must be a NEW thing.
    I worked for WINZ (frontline in various roles) for 24 years, finishing in 2010. All these details that you have been able to access are amazing, considering we, as staff, were NEVER able to access any of them. Even our Service Managers couldnt get into them.

    It was so ’locked down” that we couldnt even access Internet unless we personally had been granted electronic licence. (so no Trade Me, Facebook, Twitter etc)

    We did have our own internal “Intranet” and access to our own client’s benefit records, but I am appalled that the public has been able to access stuff, even we as staff, could never get to, or would even attempt to get to.

    Thank you for exposing this anomaly in their system, but would appreciate it being reported that it is reported that it is not WINZ information that you have been able to see, it is other organisations within MSD.


    http://publicaddress.net/system/cafe/onpoint-msds-leaky-servers/?p=272298#post272298


  36. Tom 36

    La Maison du Che’z: “Thank you for exposing this anomaly in their system, but would appreciate it being reported that it is reported that it is not WINZ information that you have been able to see, it is other organisations within MSD.”

    Ah yes, but which ones ?

  37. Vinsin 37

    Funnily enough I had to drop some forms off at the WINZ today, i walked in and found a security guard next to the kiosk, which was turned off and covered up with blank sheets of A4.

    Nothing to see here, pay no attention to the man behind the curtain.

  38. gobsmacked 38

    Question to the Minister of Social Development in Parliament tomorrow:

    “Does the Minister stand by her statement on Radio Live at 5.15 pm on Monday: “It ain’t gonna happen twice“?

    Just ask the DIRECT question. Can you guys please do this, for once?

    Follow up as necessary: “When she said “It ain’t gonna happen twice”, was that a promise, or just empty words?”

    “If it ain’t gonna happen twice, will she resign if it does?”

    (I know, you don’t read blogs, and you can come up with a much more long-winded question yourselves, and let Bennett off the hook, as you’ve been doing for 4 years … or you could try something else? Please?).

  39. captain hook 39

    I have been busy all day.
    Has Bennet resigned yet?

  40. Tombstone 40

    Heard Bennett on the radio when driving home work claiming that she was extremely concerned about how easily private information could be accessed and that it was extremely concerning – kind of ironic considering she was the minister who was more than happy to ride rough shod over the rights of two beneficiaries who spoke out against policy changes that directly effected them when there was no reason to do so other than to silence them and use her position to bully people into keeping quiet. Words can’t even begin to describe how much that woman disgusts me.

    • Kez 40.1

      Do you mean the 2 idiots who went public with only half the story being told? They “earned” more than I did working a 40 hr week.
      You want disgusting, look at the liar-bore from bench. Nuff said.

      • Tombstone 40.1.1

        So double standards are all fine and well depending on the situation? You can’t have it both ways. It’s either right or wrong to divulge or make otherwise private information public. Surely?

      • Draco T Bastard 40.1.2

        They “earned” more than I did working a 40 hr week.

        And did you have all the same expenses? I suspect that you didn’t and didn’t even consider that the amount that they were getting wasn’t enough to cover their expenses whereas you did get enough.

  41. So how much money did they waist on these Kiosks?

    Obviously another qualified contractor
    (That’s sarcasm by the way)

  42. xtasy 42

    PRIVACY LEAK or Information GAP?

    Ha, what a joke! Who cares about any innocent, public person having a double check through a “self service kiosk” at good ol WINZ on what goes on inside the department and Ministry?

    Is it not just fair that information is “shared”?

    Paula was happy “sharing” information about some of her “difficult” clients herself. Lest we forget:

    http://www.stuff.co.nz/national/politics/2740483/Privacy-Commissioner-confirms-investigation-into-Paula-Bennett

    http://brianedwardsmedia.co.nz/2009/07/why-paula-bennett-is-not-fit-to-be-a-minister/

    These are just two links to what went on during 2009! I am sure there are heaps more.

    And yes, maybe your attempts to keep hidden the “designated doctor training” that was managed and done through your cherished “work focused” Principal Health Advisor Dr David Bratt, and the previous senior advisor for health matters at MSD, Dr David Rankin (now with ACC, as I believe) from 2008 on, thus “compromising” the “independence” of such doctors “examining” and “assessing” client’s health, can now no longer be maintained either?

    Open the whole can of worms, please, Keith Ng and others. More people know what I am on about. Come forward, share with us, what you found through WINZ service points, on their systems and servers, please, we want to get square with dear Paula Bandit Benefit now, for good, thanks!

    Time to say good bye Paula!

  43. Reagan Cline 43

    Paula must be trying to get people off welfare.

  44. Pascal's bookie 44

    Keith Ng just tweeted that the name of the person who put him on to the breach has been leaked to the media:

    https://twitter.com/keith_ng/status/257732420785303552

    Full post on it here:

    http://publicaddress.net/onpoint/the-source/

    The leaker would appear to be MSD.

    • toad 44.1

      No doubt with the personal approval of Bennett herself, given her track record.

      Question time in Parliament tomorrow won’t be much fun for either Key (GCSB illegal spying) or Bennett (WINZ privacy breaches)

    • Jim Nald 44.2

      Ira should be given a knighthood. Public support for people who have high standards.
      Keith should be recognised with New Years honours.

      • gobsmacked 44.2.1

        I’m bloody furious about this. It’s our version of the Pentagon papers, when the government machinery turned its guns on the truth-tellers, in so many nasty ways.

        I’m furious about Bennett and Key and their spin machine, and I’m almost as furious with the fucking fuckwits who think Labour should be more like them. That’s really working out great, isn’t it?

        Let’s hear some fire in Parliament tomorrow. Let’s hear some principle and conviction and some anger. No more fucking appeasement.

        • PlanetOrphan 44.2.1.1

          Well Said M8!
          Ignore the non sensicle comebacks and hammer them on everything.
          Exorbitant remuneration + incompetent leadership/portfolio management = Our Current Government.
          Where’s the Money John! Those shares are gonna take years to sell.

        • xtasy 44.2.1.2

          gobsmacked: “I’m furious about Bennett and Key and their spin machine, and I’m almost as furious with the fucking fuckwits who think Labour should be more like them. That’s really working out great, isn’t it?”

          I am as furious as you, totally!

          But forget much “real” fire in Parliament. We will get the usual: Tit for tat political game playing, some challenging questions rather for gaining political points, than for genuine wish to achieve a change of the whole system (which we need urgently). They (Labour, Greens and NZ First) will of course hammer Bennett on the WINZ privacy gap, Key on GCSB and Dotcom saga, and others for their cock-ups and lies, but they do this only to discredit the government enough, to work on getting more votes next time. Then they may take over as an alternative government, and most likely they will soon forget all the questions they asked, the matters they raise, apart from what they see convenient to achieve under their watch.

          They will keep systems in place, be ministers or supporting MPs, run the show by working with all the departments, agencies and so, which are powers within the state making their own laws (they give government to pass), and not all that much will change.

          International obligations and ties will force them to work with the US government, with the Mainland Chinese government, with the EU and others, they will hang onto FTAs, let trade continue as it is, maybe put a few more checks and balances in, and soon enough the public will moan about them.

          Realise, please, these parties have low memberships, unions have low memberships, they are without solid basis, they only get votes by pandering to enough voters to get voted in, but they are non-committal supporters, who swiftly change their preferences.

          Hence parties of any direction have become just “opportunistic operators” having their systems, that are intent on getting as much of their agenda and policies into law, as may be allowed by public sentiment, which again is largely influenced by a manipulative, commercialised media, which is there to cater for businesses selling advertising, which are their bread and butter, and which are other forces with their agendas.

          So nothing will change much in the musical chairs of modern politics.

          I am resigned and see no solution, but to start new movements and parties like the “Pirate Parties” in Europe. But they are now failing, because they also struggle to develop a cohesive direction and policies.

          A radical change is needed, and people must be involved face to face, be made MEMBERS and be taken serious, not just used as opportune votes to win an election.

          So Bennett and Key know all this, they are part of the system and part of the problem. They will manipulate the public and media, keep their jobs, and all will be forgotten within days, the MSM happily assisting in keeping things as they are (also ensuring their own survival).

          People only have power if they have guts, are not complacent and take action. That is NOT happening. Mouseclics will NOT change anything, it is also just like a reaction to “appeals to votes” for perceived alternatives, that will only be moderate “alternatives” for a short while.

  45. Red Rosa 45

    Full of privacy assurances, just last week

    http://tvnz.co.nz/politics-news/bennett-promises-lessons-winz-hacking-5133143/video?vid=5133228

    This week, not so good.

    Assumed office, November 2008. Presumably responsible for policy since then. All her own work.