Saturday, August 6, 2016

Indian-origin employer fined $516,000 for exploiting 457 visa holders




(photo of Ashok Alexander by Corporate Australia blog)

A computer and mobile phone business in Darwin has been slapped with penalties worth $430,000 for “repeated and callous infringements of the conditions of visa sponsorship and employee rights” in sponsorship of four overseas workers, including an Indian.  The company’s owner Ashok Alexander has been penalised $86,000.


(original illustration by sbs.com.au)

Hallmark Computers International has been found guilty of multiple contraventions of the Migration committed between October 2012 and March 2014. The Federal Court found that the company paid the visa holders less than the guaranteed annual earnings. The workers were made to return a part of their fortnightly earning in cash. The company has also been penalised on account of making the workers work outside their working hours, at times without any pay at all.

The four overseas workers were Anup Bhatia from India, Ruel Conducto Duran, Dennis Baclayanto Escanlar, Roxanne Espiritu De Guzman all from Philippines.

Ashok Alexander, the business owner, tried to deter the complainants from approaching the department of immigration and border protection by verbally intimidating with threats that they would be fired. He told them he would support their applications for permanent residency if they continued to work for him.

The court also remarked that he repeatedly lied to the department investigators and provided them with misleading information and knowingly false records”.

Mr. Alexander admitted that he was being paid back by the workers.

“I agree to return funds as I was paying $45,000 and the staff in question agreed to pay back the difference to match with local staffs. It was a negotiation staff was happy to just come to Australia, two of them unemployed for over 3 months at the time about $150/week. We have paid all other dues, airfares, super etc,” he told SBS Punjabi.

” I would say it was stupid of me to employ 457 and make a separate agreement outside 457 with staff. It was opportunistic in terms of staff and it was unreasonable and excessive & high-handed in terms of the Government handling in the way they wasted all the money I worked for them.“

sbs.com.au 13 Jun 2016

Indian nationals have been hiring slave labour in the form of Indian 457 visa workers for decades, across a wide variety of industries without any real government intervention.

Dos this mean that the government is condoning this type of activity?

Wednesday, August 3, 2016

ABS forced to defend Census website security

 

Insecure encryption raises eyebrows.

The Australian Bureau of Statistics has been forced to answer questions about the security of its online Census website after it was revealed to be using an insecure and deprecated form of encryption to protect the sensitive personal details of the nation’s citizens.

Tests of the strength of encryption used on the main Census website, first highlighted by security consultant and software engineer Ben Dechrai, reveal the website supports the SHA-1 hashing algorithm long considered to be insecure.

SHA is a component of a Secure Sockets Layer (SSL) certificate that is used to prevent the modification of data.

All major web browser operators have said they will stop accepting SHA-1-based signatures by next January. Internet Explorer owner Microsoft recently said it would bring that date forward to September 2016 after research showed real-world ‘collision attacks’ could open the door to digital signature forgeries even before 2017.

The Australian Signals Directorate deprecated SHA-1 from its list of approved cryptographic algorithms in December 2011 after finding the risk of a successful attack on the platform was “higher than acceptable”. The US National Institute of Standards and Technology (NIST) has said SHA-1 should “not be trusted” past January 2014.

Despite this, the ABS is still supporting SHA-1 to ensure those using older versions of web browsers are able to fill out the online form on Census night.

“As the overwhelming majority of browsers and operating systems are SHA-2 compliant, most people completing the Census will be secured using SHA-2,” a spokesperson said.

“However there are some older browsers and operating systems that only support SHA-1. To enable users with these older systems to complete their Census online, the online Census also supports older SHA-1.”

But users will still face the risk of a man-in-the-middle downgrade attack, which uses available backwards compatibility to force a computer to a lower and more vulnerable version of encryption, Dechrai said.

"[It] increases the likelihood of a user's data being intercepted," he said.

The security expert suggested a better approach was either to stick with the current paper forms or introduce a tiered model of online security.

“[They should make] the page where people click to start the Census less secure, so it works on older browsers, [then] do browser detection, and if the browser is too old, prompt them to upgrade, or order the paper form,” he said.

“Only supported browsers show the "Start" button [which loads the submission form from a properly secured server].”

The ABS was also criticised for choosing not to implement perfect forward secrecy, which would protect past communications and sessions from compromise should attackers be able to access long-term secret keys.

The agency argued that perfect forward secrecy would disrupt its other security protections.
“As part of our total platform security for the online Census, we need to be able to detect and respond to any malicious traffic,” the spokesperson said.

“Implementing perfect forward secrecy would reduce the effectiveness of other security layers, and as such may compromise overall security.”

However, Dechrai said that while perfect forward secrecy could disrupt web application firewalls and intrusion detection systems, it was a “solvable problem”.

“Better architecture is a bit more complex, but doable,” he said.

“Given the sensitivity, I would hope the [government] would spend on security and scalability, not scrimp on security and avoid scalability.”

#Censusfail?

The security issues carry even greater weight this year give it's the first time the ABS will keep and use all names and addresses collected under the Census for data linkage purposes.

Public concerns have been growing in the lead up to the August 9 national survey over the potential risks to individual privacy generated by the policy change.

Former ABS chief statistician Bill McLennan called it the “most significant invasion of privacy” ever perpetrated by the ABS. Privacy lobby group Electronic Frontiers Australia labelled it a “serious breach of trust”, and NSW Privacy Commissioner Elizabeth Coombs this week said she was “concerned” about the risks.

Concerned citizens have taken to Twitter in increasing numbers under the #censusfail hashtag to rail against the changes to Census data collection and implore the ABS to reverse its decision, with many promising to boycott this year’s survey.

“Several experts with great knowledge on this topic have expressed concerns. Why won't the ABS listen?,” Queensland University of Technology criminologist Dr Cassandra Cross said.

“I want to emphasise how saddened I am, as a researcher and someone concerned about the public good, to feel compelled to protest census,” philosopher and author Dr Leslie Cannold said.

The ABS has said it is not concerned about a civil disobedience campaign and is persevering with its change in policy.

IBRS security advisor James Turner said he was "horrified" by the "naivety" of the ABS' response to public concerns.

"ABS executives had to know that privacy would be a huge issue raised around this change of protocol," Turner said.

"I think most people are looking at the ABS responses as "we think this is cool, so we're doing it and we don't care about your privacy".

"[It] doesn't seem to understand that it gets one shot at this. If there is a breach, then the horse has well and truly bolted. It won't even matter if they promise not to do it again, because the data has already gone."

Source supplied.

Another breach or risk of exposure of privacy.

Can you really trust the corrupt government?

Monday, August 1, 2016

Dodgy Government Deals - Foreign-owned land register will not be made public despite transparency pledge

Once again (the people in) the Australian government showing its true colours with regards to how dodgy the deals really are, despite telling the herd population that it will be more transparent.

In Australia you cannot own land, literally.

Despite this is the land of this continent 'owned' by overseas corporations, from the unlawful actions of the Australian government?

Are these the actions of people who are in 'honour' representing the will of the people of Australia, the people who apparently voted them in? 

Remember the catch phrase "Nothing to hide, nothing to fear"?

A Nanny State, where secret 'Money for Mates' deal rule.

See article from 30 Mar 2016 from abc.net.au of the headline:

Foreign-owned land register will not be made public despite transparency pledge

A new register of agricultural land will not be made public despite the Government's promise to provide more transparency over foreign investment in Australian farms.

Key points:

  • Register requires all foreign owners of Australian farmland to be registered with ATO
  • Organisation would be breaking tax laws if it published the entire register, ATO says
  • Labour's Joel Fitzgibbon accused the Government of breaking election promise
The long-awaited register was established by the Coalition last year to allay concerns within the Australian community that the Government should have more oversight and information in relation to foreign ownership.

It requires all foreign owners of Australian farmland to be registered with the Australian Tax Office (ATO), and any new interests to be registered within 30 days of purchase.

The National Farmers' Federation (NFF) had expected the information in the register to be publicly available but the ABC can reveal the ATO will only release summaries occasionally, with its first report to the Government due in July.

Last September, Nationals leader Barnaby Joyce told the Parliament the register would be like a map of all properties "to see who owns what."

A spokesperson for the ATO said the organisation would be breaking tax laws if it published the entire register.

"Due to confidentiality provisions in the tax act, the ATO is unable to comment on any individual's or entity's tax affairs," the spokesperson told the ABC.

"This includes providing any detailed breakdown of interest in agricultural land, where a taxpayer may be identified, or their information made public."

New South Wales Liberal senator Bill Heffernan said he was lobbying the Federal Treasurer to make the register public.
"This is an over-my-dead-body issue. We're entitled to know who in God's name is through the fence," he said.

"And if the proposition from the tax office is that we're not entitled to know who our neighbour is, then as far as I'm concerned, the Government's going to have to change it.

"And the good news is that I've spoken to the Government and I'm putting forward the case and I think it's being sympathetically heard."

The NFF lobbied strongly for tougher scrutiny of foreign ownership and previously warned the Government it did not want to see "aggregation" in the register's design.

"We know that there is business sensitivity around commercial investment so we wouldn't want to compromise any of that, but the whole point of the register was to inform the debate," NFF chief executive Tony Mahar told the ABC.

"If there's aggregated data and it's in a form that shows us what is happening, in regard to this issue, and allows a much more informed debate, then we'll be happy.

"But if it's aggregated data that actually doesn't inform the debate and doesn't allow an understanding of what's happening, then we'd have some concerns."

This is not what the Government promised: Opposition

Labor's shadow agriculture minister Joel Fitzgibbon accused the Government of breaking an election promise.

"The whole idea of the register, first promised by Labor, was to ensure that all Australians, wherever they are, with the click of a mouse, could find out who is investing in what where," he said.

"This is not what the Government promised."

Mr Fitzgibbon said Labor would make the register public, if elected.

"Where there is a will there is a way," he said.

"If the Government is determined the public should have information about who is investing in what [and] where, I've no doubt that's a thing that's capable of being done."

The Deputy Prime Minister led the push for a register of foreign owned farmland and successfully lobbied the Abbott government to reduce the threshold for Foreign Investment Review Board (FIRB) scrutiny of private sector foreign purchases of agricultural land from $252 million to a cumulative total of $15 million.

A spokesperson for Mr Joyce said the design of the register was "absolutely consistent" with the Coalition's promise prior to the 2013 election.

"[The July report] will be summarising the data trends in terms of overall level of foreign ownership of Australian agricultural land, and the main source countries," the spokesperson said.