Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Facebook The Media Australia Crime Security Your Rights Online

Australian Journalist Arrested, Released After Detailing Facebook Flaws 200

CuteSteveJobs writes "Yesterday Australian journalist Ben Grubb was arrested by police at an IT Security Conference after an article Grubb wrote about vulnerabilities in Facebook's privacy controls was published on Fairfax media websites. Grubb was later released, but police have confiscated his iPad. Late last month police tried to force fellow Fairfax journalist Linton Besser into revealing who leaked information about corruption. At the time, Fairfax editor Peter Fray called it an unprecedented attack on the freedom of the press. Australia has no explicit right to free speech and lacks shield laws to protect investigative journalists from having to reveal sources."
This discussion has been archived. No new comments can be posted.

Australian Journalist Arrested, Released After Detailing Facebook Flaws

Comments Filter:
  • by Anonymous Coward on Wednesday May 18, 2011 @01:05AM (#36162758)

    We should invade Australia to help bring democracy to the region?

    • by svindler ( 78075 )

      It will be a tough fight. I see that their queen has fled to a former colony and is now probably negotiating with the head of the Green Gnome tribe to help her regain her throne.

    • by atomicbutterfly ( 1979388 ) on Wednesday May 18, 2011 @01:46AM (#36162940)

      We should invade Australia to help bring democracy to the region?

      Please do. We keep getting screwed by higher prices and region locked on Steam, so if you make us a US territory it'll work out for everyone!

      • by isorox ( 205688 )

        We should invade Australia to help bring democracy to the region?

        Please do. We keep getting screwed by higher prices and region locked on Steam, so if you make us a US territory it'll work out for everyone!

        And this statement is why people don't care about freedom. Lock people up for speaking? Fine. Charge an extra $5 for a computer game? Revolution!

        Same in the U.S. That was a revolution about taxes. The freedom of speech/freedom to bare arms/etc were things to ensure that another revolution could happen in the future, and the reason for such a revolution will be financial.

        • And this statement is why people don't care about freedom. Lock people up for speaking? Fine. Charge an extra $5 for a computer game? Revolution!

          OK, I understand it doesn't come particularly well through the medium of text, but I was actually being tongue-in-cheek. Do you really think I want my country to be invaded by the US? Hell no, and benefits to gaming would be far down the list of supposed "benefits" to becoming yet another US territory.

          In other words, it was a joke.

          • As an anarchist living in a geographic location which some delusionals have labeled "The United Stated of America" (boy, is that name ironic) I would like to point out that the people here have no sense of humor when it comes to politics.

            Well, except for the election of Bush, Jr. That was a joke of global proportion.
      • We should invade Australia to help bring democracy to the region?

        Please do. We keep getting screwed by higher prices and region locked on Steam, so if you make us a US territory it'll work out for everyone!

        Tell you what.

        We'll invade *you* and hang all *your* crap politicians, if *you* will agree beforehand to invade *us* and hang all *our* crap politicians afterwards.

        Deal?

        BTW, I doubt if either of our armed forces would fire a shot. Only toss back a few. :)

        It would give a whole new meaning to "fair-trade" agreements, that's certain!

        Strat

    • Too late, Australia already invaded you to bring biased media to your region.
    • We should invade Australia to help bring corporatocracy to the region?

      Too late guys, they already have plenty of it.

  • Summary of comments (Score:3, Informative)

    by gmhowell ( 26755 ) <gmhowell@gmail.com> on Wednesday May 18, 2011 @01:08AM (#36162768) Homepage Journal

    Australians defending their government against Americans talking about how crazy it is.
    People applying their IANAL interpretation of laws... of other countries.
    A frost pist that is off topic.
    Several jokes about Foster's.
    Retort that 'real IrishmenAustralians don't drink Foster's.
    Jokes about 'Facebook police'.
    Question about Men at Work.
    Defense of vegemite.
    Vegemite vs. marmite discussion.
    Complaints about submission/slashdot in general.

  • The issue... (Score:5, Interesting)

    by exomondo ( 1725132 ) on Wednesday May 18, 2011 @01:08AM (#36162770)
    ...was that he published a photo that the presenter obtained without permission from the private profile of the wife of another security researcher (that the presenter publicly acknowledges that he doesn't like). The vulnerability disclosure does seem to be very very childish and unethical. The re-publishing of the photo does seem to be unethical too, but not illegal, which i assume is why he hasn't been charged with any offence.
  • Why should Sony be the only company to employ dirty tactics like that?

  • by syousef ( 465911 ) on Wednesday May 18, 2011 @01:39AM (#36162890) Journal

    Yep, that's right the police chief equated receiving a "stolen" (copied) photo without permission to receiving a stolen TV. This is one time that "Copyright infringement is not theft" is very appropriate. Apparently our police just don't get it.

    That tells you how rational and well informed our Police are. If it involves IT or computers they're just maroons.

    • i thought that's how cops are supposed to work... arrest first, ask questions later.

      they tried it the other way round, but found that people ran away before they got a chance to ask the really important questions.

    • they're just maroons

      Well, it was in Queensland...

  • by mjwx ( 966435 ) on Wednesday May 18, 2011 @01:41AM (#36162900)
    From the fine article (first sentence, second paragraph)

    He was later released without charge

    So a person was bought in by police for questioning. Which as I understand it is legal in most western nations.

    But it is very important to keep up the uninformed Australia bashing here on /. It must be required penance for having the better beaches and a working economy.

    • Who's bashing Australia?

      You're probably the friendliest country in the world, has no major problems with economy or political stability, haven't done anything to piss off other countries, and your treatment of the native population seems humane compared to how most other countries have treated theirs.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        I think you're referring to New Zealand.

        Australia's treatment of indigenous people is deplorable. (nb: i am an Australian)

        • Australia's treatment of indigenous people is deplorable.

          You wouldn't possibly believe what they do to sheep in NZ. Trust me, you're good. ~

      • by mjwx ( 966435 )

        Who's bashing Australia?

        it's just a bit of sarcastic humour and is quite common in the wide brown land.

        For the most part, I'm just pulling your leg although certain members of /. do have this knee jerk reaction about Australia due to some bad preconceived notions about freedom (mostly over the fact we haven't actually got a dusty document that states we are in fact a free society, apparently you cant be free without one).

        I just wanted to head them off at the pass.

        and your treatment of the native po

        • (mostly over the fact we haven't actually got a dusty document that states we are in fact a free society, apparently you cant be free without one)

          I kind of like the idea of 'the right to all which hasn't had such right retracted' over what appears to be 'you have these explicit rights and we'll stomp on the rest if we please' and then stomping on the explicitly-granted rights, too...

  • by clarkcox3 ( 194009 ) <slashdot@clarkcox.com> on Wednesday May 18, 2011 @01:45AM (#36162930) Homepage
    Couldn't these Australian Journalists use an American as an anonymous proxy of sorts? That is, when you find a good source of information, tell him/her to reveal the information to an American, and then use that person as your source. You can then freely name your source, but that source can't be compelled by the Australian courts to name the original source.

    Every problem can be solved by adding a layer of indirection ... or beer :)
    • Re:Anonymous Proxy (Score:4, Informative)

      by TubeSteak ( 669689 ) on Wednesday May 18, 2011 @03:00AM (#36163264) Journal

      Fucking summary

      And the fact that these subpoenas were even served reminds us that in Australia there are no statutory protections for journalists - no shield laws, as they're known - worthy of the name.

      Or there weren't, until a couple of weeks ago, when the

      Evidence Amendment (Journalists' Privilege) Bill 2011
      -- Evidence Amendment (Journalistsâ(TM) Privilege) Bill 2011

      was finally passed through both houses of the Federal Parliament.
      It provides bluntly that...

      If a journalist has promised an informant not to disclose the informant's identity, neither the journalist nor his or her employer is compellable to answer any question or produce any document that would disclose the identity of the informant...
      -- Evidence Amendment (Journalistsâ(TM) Privilege) Bill 2011

      It's a disgrace that it took until 2011, but the Aussies now have a shield law

  • by Cimexus ( 1355033 ) on Wednesday May 18, 2011 @01:50AM (#36162966)

    I know poking a stick at foreign jurisdictions is a popular past time on Slashdot (and this is sometimes with good reason) but it would be nice if blanket statements weren't thrown around quite so much about the state of laws in other countries. As usual with most things in life, the situations is generally more complex than can be summed up in a sentence or two.

    From the summary:

    "Australia has no explicit right to free speech and lacks shield laws to protect investigative journalists from having to reveal sources."

    Though this isn't an inaccurate statement at a high level, it's not quite true...

    Australia has no ~constitutional~ right to free speech, in that its Constitution does not contain a Bill of Rights like the American one. This is not unusual - most Westminster democracies have no such thing and generally have rights conferred by common law (case law) and/or statutory rights. And at least two jurisdictions DO have "explicit rights" to freedom of expression in Australia - the ACT and Victoria, which both have (statutory) 'Bills of Rights'.

    Incidentally there have been proposals to introduce a constitutional Bill of Rights in the past. They have not been successful. There are as many arguments against an entrenched and absolute statement of rights, as there are for one - there are pros and cons in each case.

    And as for shield laws - again, the jurisdiction matters. One state, NSW, does indeed have a shield law. The others don't, although I believe WA and a couple of others are working on one at the moment. However, as of March this year, a Federal shield law also passed both houses of the Federal Parliament in March this year and is currently awaiting Royal Assent.

    So basically, Australia has some shield laws that may or may not apply depending on the case. In a NSW or Federal court, or a case regarding the NSW or Federal Police or a NSW or Federal law, yes, there are shield laws that apply. Otherwise, no, not at this point in time.

    • speech is still far from free, and press freedom is somewhat less than what befits the standard of democracy that Australia claims to be.

      now, the USA has similar problems (worse problems?), but "other people are doing it" does not really cut it as an argument.

      • Oh, I full agree with you. I was just making the point that things aren't usually black and white in law and blanket statements often aren't very accurate.

        Australia is by no means a leader on these issues. Freedom of speech (as distinct from freedom of ~political expression~, which is somewhat protected here), has never been considered a particularly important issue here, and as a result legal protection of it is patchy, at best. Certainly not as good as in many (perhaps even most) other western countries.

        F

    • Get this, not only does the Australian federal government not have a law against murder, but it would be unconstitutional for Australia to pass a law against murder, even murder across state borders using long range artillery unless it first signed an multilateral anti-murder treaty with at least one other national government. Turns out that the Australian constitution fails to prohibit dismemberment of puppies or using Melbourne as a nuclear weapons testing site. Wow, what a crazy place.
    • Incidentally there have been proposals to introduce a constitutional Bill of Rights in the past. They have not been successful. There are as many arguments against an entrenched and absolute statement of rights, as there are for one - there are pros and cons in each case.

      Funny thing is, the founders of the U.S. Constitution wrestled with this very idea as well. It was debate over this very thing that led to the Bill of Rights being the first 10 amendments as opposed to a part of the constitution itself.

      The 10th amendment or something similar is probably the key to any codified objections. In your case, perhaps the equivalent to the 10th amendment can read something like "any rights not explicitly expressed are granted based on common law."

  • by LongearedBat ( 1665481 ) on Wednesday May 18, 2011 @02:02AM (#36163034)

    ...again! Because if you don't read/hear/see any problems, then they can be safely ignored. <massive sarcasm>

    When will governments/law enforcement around the world accept that reponsible leaking of information is in everyones best interests (except the corrupt)?
    (I guess the answer to that is: When governments/law enforcement cease to be corrupt.)

    But I guess I'm preaching to the converted.

  • by CuteSteveJobs ( 1343851 ) on Wednesday May 18, 2011 @02:32AM (#36163180)
    "We've all seen it happen on TV a zillion times. But when a police officer recited to me those well-rehearsed words – 'you have the right to remain silent ' – I felt sick in the stomach."

    http://www.brisbanetimes.com.au/technology/technology-news/grubbs-story-privacy-news-and-the-strong-arm-of-the-law-20110518-1esn9.html [brisbanetimes.com.au]

    The Policeman who confiscated Grubb's iPad was Detective Superintendent Errol Coultis. "When I questioned under what legislation they had the right to seize my iPad, Coultis told me I was under arrest in relation to receiving unlawfully obtained property." Head of the Queensland police fraud squad, Brian Hay said accessing a photo without permission was the same as stealing a TV.

    Amusingly the "Queensland Police Media Service" are into twitter damage control: "Police can legally seize material which may be evidence of a crime. It will be returned as soon as we can do so."

    Grubb said "I was told that forensics officers were going to make a complete copy of the information on my iPad, whether it related to this matter or not."

    An absolutely disgraceful peformance by the Queensland Police involved.
    • An absolutely disgraceful peformance by the Queensland Police involved.

      He was released without charge once everything became clear wasn't he? They are actually a lot better than some of them were twenty years ago. The formerly frequent fabricated trifecta of obscene language, resisting arrest and assaulting an (untouched) officer and the subsequent time in hospital and jail is unheard of now.
      Those that gave false information to the Police that a crime had been committed are far more deserving of your disg

      • > Police that investigated and decided no charges should be laid.

        ... but imaged his iPad anyway?

        • The unusual only thing here is your surprise. We probably need a lot more articles like this one to make people aware of this because this is the sort of thing Police forces, Customs etc have been doing everywhere for almost as long as personal or business computers have existed and then going for fishing expeditions to find evidence of any crime they can find on the devices. See also the confiscation of telephones on slim pretexts.
    • Re: (Score:3, Interesting)

      by sirkumi ( 1752188 )
      Here's a transcript of the interview he had with police:

      http://www.smh.com.au/technology/technology-news/journalists-facebook-arrest-transcript-of-police-interview-20110518-1esrr.html [smh.com.au]

      It is abundantly clear that, while everything was going ok for a while, Ben's fatal flaw was being "helpful" to the police and offering information to them. The interview was voluntary, and they even told him he could walk out at any time. The minute he mentioned that he had taken notes of the converstaion with the security

  • The expert, Christian Heinrich.... {showed} how he had been able to gain access to the Facebook photos of the wife of a rival security expert, without a username or password.

    Sounds like a breach of the Queensland's Criminal Code Act 1899 Section 408E parts 1 and 2 to me.

    but he went through it personally with me straight afterwards.

    Probably using Grubb's iPad I would imagine, hence the seizure.

    When I questioned under what legislation they had the right to seize my iPad, Coultis told me I was under arrest in relation to receiving unlawfully obtained property.

    I'm assuming under Queensland's Criminal Code Act 1899 Section 433.
    Assuming Grubb let Christian Heinrich use his iPad for the act he's most likely in trouble, even if it was intellectual property. I'm not fully aware of the precedence regarding the definition of 'property' for the purposes of Section 433 and whether intellectual property is also co

    • I would show you where the weakspots are in your (home's | business' | network's | Facebook profile's) security systems that any malcontent may exploit, if only for the fact that it was made illegal to do so... In short: Good luck, you clearly need it.

      If you outlaw exploits, only outlaws will have exploits.

      • by SJ2000 ( 1128057 )
        Like anywhere else in the world, you'd still need permission from the owner of the system to do that for it to be completely legal.
        • Except in the USA; Where the government can authorize itself to exploit your system, further, if we think it's already been exploited -- Like say, when it's thought to be part of a Bot-Net. Oh, but that's OK; They're only executing arbitrary code on end user's machines without prior consent... so you're statement isn't exactly true, well, you see, it depends on who you are employed by.

          Victimized computers that have not been disinfected using anti-virus software updates will continue to attempt to contact the Coreflood botnet servers. When this happens, we will respond by issuing a temporary stop command to the virus

          So -- The FBI can use the bot-net controls [fbi.gov], but if I, a security researcher, did that same very thing for the exact same

          • by SJ2000 ( 1128057 )

            Like anywhere else in the world, you'd still need permission from the owner of the system to do that for it to be completely legal.

            There is a difference between water-tight consent and exploiting the interpretation of the law, hence the qualifier I used. As someone who is part of the Australian Information Security Association (AISA) he agreed to "...maintain the confidential nature of all sensitive and proprietary documentation and information that I encounter." it seems apparent he disregarded this during his demonstration, at the very least this is an violation of a Code of Ethics he agreed to. I know of no reputable IT Security pro

    • by SJ2000 ( 1128057 )
      Having read this transcript [smh.com.au] it appears the iPad was not used to do the act, Grubb should have never answered Queensland Polices' questions without having legal representation.

      EC: Ok. We're governed by the police powers and responsibilities act. And we have a power to seize property that we believe may contain evidence of a commission of an offence. Ok?
      BG: OK. Now I work and my iPad is my working device. I'm a journalist. I have rights to keep my sources close. What legislative, what legislation are you prepared to take my iPad away from me under and do I have to give you the password?
      EC: OK. The legislation is the police powers and responsibilities act. And if you wish we can tell you the exact section or sub-section but we have a power generally under the police powers and responsibilities act to seize evidence that we believe, we reasonably believe contains evidence of a commission of an offence. And we reasonably believe that on your iPad is recorded evidence of a commission of an offence and therefore we are going to seize your iPad to examine forensically.

      According to Grubb he only has notes on his iPad and a copy of the picture, frankly I don't see how they need to seize his entire device just to obtain his notes, the device may have been used to collect evidence of the offence but seizing the entire device is overkill.

      EC: I haven't had a chance to tell you this [to JS] but his law firm which is Johnson Winter and Slattery has asked that we don't conduct an examination until 24 hours at a minimum because they want to fully consider the matter before...
      ...
      EC: I understand we don't have to wait for their permission or anything like that but I thought given the consideration and how helpful everyone had been in relation to this matter that we can wait at least 24 hours before... as per their request

      Hopefully someone will see that the seizure of the whole device is

      • by SJ2000 ( 1128057 )
        I think the problem lies in the standard-operating-procedure of obtaining and logging digital evidence. It has to be done using a strict legal framework which unfortunately involves low level digital forensic analysis. It would seem SOP regarding digital evidence needs to be more robust and flexible, you shouldn't need to have to image the entire device to ensure the integrity of that one bit of evidence especially when it was just notes taken down on the device.
  • Must be nice, being able to legally steal peoples' iPads (and presumably other devices, like laptops) for no apparent reason.

  • by Toy G ( 533867 ) <toygNO@SPAMlibero.it> on Wednesday May 18, 2011 @05:55AM (#36163928) Homepage Journal

    (Note that I'm not blaming the victim here, just pointing out a fact people tend to forget)

    This is why you never, ever talk to the police without a lawyer. A good lawyer would have asserted his client's full rights out of the bat, suggested him what to say and how to say it, and probably threatened to sue for harassment if they wanted to confiscate the iPad. At that point most policemen would have given up as "not worth the hassle".

    Instead, they just saw a boy playing with toys, and made him frame himself. He completely missed the big picture here; when asked if he thought a crime had been committed, he basically said "it's for the hacker to define that" -- "crimes" are defined by criminals now? It's for the *police* to decide, and they did indeed decide, probably because they saw the boy being somehow ambivalent about it ("when in doubt, charge" is a common police attitude in many parts of the world). Again, a good lawyer would have stopped him from saying anything -- you don't debate the fine points of the law while under official questioning, because it doesn't matter and it can only hurt your case. Let the lawyers debate it for you, they'll do it better than you ever could.

    "Anything you say can be used against you" is not really understood by the common folk until they have this sort of experience. It should be taught in school.

  • He gained access to photos from a womans Facebook account, and published them on the Internet. This woman then made a complaint to the police, which they followed up. No charges have been filed.

    Nothing to see here people. This isn't a big conspiracy. Facebook themselves didn't send the goon squad. Simply the police following up a complaint by another citizen.

  • If you are a journalist there is no excuse not to be using a blackberry with encryption enabled. By using an unsecured ipad he has compromised the security and safety of all his contacts. there are acceptable android encryption programs but they are not secure against a rootkit and they do require that you know what you are doing.
  • Okay if you RTFA you'll see that what he did wrong wasn't exposing a security flaw. He TOOK ADVANTAGE of the security flaw to access a photo that was supposed to be inaccessible to him. The owner of that photo complained that he had illegally obtained that photo, which he admitted to doing in his published article.

    Since we like analogies on /. here is one. He learned that ABC Bank had a weak three tumbler lock on their side door. So one night he picked the lock, walked in, and took a photo of himsel

"Confound these ancestors.... They've stolen our best ideas!" - Ben Jonson

Working...