Census 2016

BLOODSTAINED_DEVILS · August 10, 2016, 9:15am

Confused. The 7 o’clock news still saying there was 4 DOS attacks.

Long bow suggestion it could have been China, retaliating for Matt Hortons doping comments.

Blummers32 · August 10, 2016, 10:24am

How often is a website hacked and then down for 24 hours?

Blitz has been down for two days max and that’s with Riolio trying to fix it remotely.

At worst case, I would have thought they would be able to shift the data based on a backup earlier in the day and bring the website back up and get people to re-enter their data.

One positive…
It’ll end any chance of a federal election being electronically anytime soon.

Soulnet · August 10, 2016, 2:24pm

24 hours down isn’t long, depending on the severity and ongoing efforts.

simmo41 · August 10, 2016, 10:28pm

Confused. The 7 o'clock news still saying there was 4 DOS attacks.

If the 7 o'clock news told me that the world had ended, I'd go outside to check for myself

Darth_Taj · August 10, 2016, 10:33pm

Labor blaming the government for failing to comply to this when it was their idea in the first place. What a mess, bring out the papers already.

HowManyGoal · August 11, 2016, 2:01am

How often is a website hacked and then down for 24 hours?
Blitz has been down for two days max and that’s with Riolio trying to fix it remotely.

At worst case, I would have thought they would be able to shift the data based on a backup earlier in the day and bring the website back up and get people to re-enter their data.

One positive…
It’ll end any chance of a federal election being electronically anytime soon.

It’s back up, just the NBN speed means no one has noticed yet.

G-Unit · August 11, 2016, 3:13am

Did mine a week before census night, no problems.

barry_day · August 11, 2016, 3:45am

Bryn Pitman
16 hrs · · Science & Tech · Thoughts
So the CensusFail, what actually happened?

The ABS was originally planning to host the servers inhouse but later changed their minds and paid IBM to host the servers, instantly a measure of privacy and security was lost.
The servers that were used ran on AIX, generally considered a now antiquated system in the IT industry.

On Census night, the provider of the bandwidth link (Vocus) was flooded and could not keep up with the traffic to the site.
People had been experiencing problems with the site loading but this was when it got really difficult.

An alternative provider was then switched to (Telstra) who could handle the large amount of traffic coming to the website.
At this point people were still experiencing problems and infact, they only grew.
This was due to the servers themselves being unable to cope with the traffic, it had been experienced a bit before but with even more traffic able to come through, the servers were completely overwhelmed.

Politicians and the ABS have variously said that there was an attempted hack, that there was an attack or that there was a DDoS (denial of service - excessive traffic designed to prevent people accessing a server).
Unfortunately these spokespeople have generally misunderstood what they are talking about.
There does not appear to have been any attempted hack to gain access to the Census data as yet.

Major industry companies who have the ability to see where traffic comes from and goes to inside Australian networks have stated that they cannot see any evidence of a DDoS attack occurring at the time.

Network engineers have also analysed and determined that should there have been a DDoS attack, the Census servers were relatively unprepared.
No DDoS protection was in place and there was no limitation of foreign connections to the servers.
As the only people who can lodge Census data must be resident in Australia at the time, this was an obvious failing on the part of network support for the Census.

At this point it appears that there was no attack on the Census servers and any intimation that there was is ill informed or outright lying.
The ABS reduced the security and privacy of the collected data by outsourcing the servers.
CensusFail occurred due to mismanagement and incompetence by the ABS.
The government is now tying up the Australian Signals Directorate on a wild goose chase to find an imaginary attack.

On a final note, if this was the result of a DDoS attack, protection can be arranged in a matter of hours, not days.
To keep the servers unavailable is a frank admission that the problem lies with the servers and supporting network, not because of any threat of DDoS

barry_day · August 11, 2016, 6:44am

They brought back up today and …

Tezza_the_King · August 11, 2016, 7:06am

i wonder which heads should roll when senior bureaucrats, government ministers, and indeed the prime minster get up and say emphatically this was a DDOS attack

Darth_Taj · August 11, 2016, 8:40am

Waiting for them to announce that they are sending out paper censuses to fill in.

Shelton10 · August 11, 2016, 9:20am

I just did mine. Too many damn questions.

Bomberjay07 · August 11, 2016, 10:25am

Religion: Cult of Hird (non-denominational)

ivan · August 12, 2016, 1:32am

“There was some anomalous traffic on the night that appeared to be anomalous,” Mr Turnbull said. “Actually it was quite innocent, it turned out, but that caused the ABS to take the site down. So the site was not crashed by denial of service but there was what you could describe as a confluence of events which caused the ABS to make that decision.”

Riolio · August 12, 2016, 1:38am

If we’ve got until September why the hell did they push everyone to the site on one night.

ivan · August 12, 2016, 1:40am

Bryn Pitman 16 hrs · · Science & Tech · Thoughts So the CensusFail, what actually happened?

The ABS was originally planning to host the servers inhouse but later changed their minds and paid IBM to host the servers, instantly a measure of privacy and security was lost.
The servers that were used ran on AIX, generally considered a now antiquated system in the IT industry.

On Census night, the provider of the bandwidth link (Vocus) was flooded and could not keep up with the traffic to the site.
People had been experiencing problems with the site loading but this was when it got really difficult.

An alternative provider was then switched to (Telstra) who could handle the large amount of traffic coming to the website.
At this point people were still experiencing problems and infact, they only grew.
This was due to the servers themselves being unable to cope with the traffic, it had been experienced a bit before but with even more traffic able to come through, the servers were completely overwhelmed.

Politicians and the ABS have variously said that there was an attempted hack, that there was an attack or that there was a DDoS (denial of service - excessive traffic designed to prevent people accessing a server).
Unfortunately these spokespeople have generally misunderstood what they are talking about.
There does not appear to have been any attempted hack to gain access to the Census data as yet.

Major industry companies who have the ability to see where traffic comes from and goes to inside Australian networks have stated that they cannot see any evidence of a DDoS attack occurring at the time.

Network engineers have also analysed and determined that should there have been a DDoS attack, the Census servers were relatively unprepared.
No DDoS protection was in place and there was no limitation of foreign connections to the servers.
As the only people who can lodge Census data must be resident in Australia at the time, this was an obvious failing on the part of network support for the Census.

At this point it appears that there was no attack on the Census servers and any intimation that there was is ill informed or outright lying.
The ABS reduced the security and privacy of the collected data by outsourcing the servers.
CensusFail occurred due to mismanagement and incompetence by the ABS.
The government is now tying up the Australian Signals Directorate on a wild goose chase to find an imaginary attack.

On a final note, if this was the result of a DDoS attack, protection can be arranged in a matter of hours, not days.
To keep the servers unavailable is a frank admission that the problem lies with the servers and supporting network, not because of any threat of DDoS

Linky

saladin · August 12, 2016, 2:41am

Now they want everyone to use smartphones instead of Pc’s because there’s an issue with the service again.

Ffs. Send me the form you stupid gits or gtfo.

Reboot · August 12, 2016, 2:46am

IceTemple · August 12, 2016, 3:13am

They still got their money and will get more next time.

barry_day · August 12, 2016, 3:36am

Bryn Pitman 16 hrs · · Science & Tech · Thoughts So the CensusFail, what actually happened?

The ABS was originally planning to host the servers inhouse but later changed their minds and paid IBM to host the servers, instantly a measure of privacy and security was lost.
The servers that were used ran on AIX, generally considered a now antiquated system in the IT industry.

On Census night, the provider of the bandwidth link (Vocus) was flooded and could not keep up with the traffic to the site.
People had been experiencing problems with the site loading but this was when it got really difficult.

An alternative provider was then switched to (Telstra) who could handle the large amount of traffic coming to the website.
At this point people were still experiencing problems and infact, they only grew.
This was due to the servers themselves being unable to cope with the traffic, it had been experienced a bit before but with even more traffic able to come through, the servers were completely overwhelmed.

Politicians and the ABS have variously said that there was an attempted hack, that there was an attack or that there was a DDoS (denial of service - excessive traffic designed to prevent people accessing a server).
Unfortunately these spokespeople have generally misunderstood what they are talking about.
There does not appear to have been any attempted hack to gain access to the Census data as yet.

Major industry companies who have the ability to see where traffic comes from and goes to inside Australian networks have stated that they cannot see any evidence of a DDoS attack occurring at the time.

Network engineers have also analysed and determined that should there have been a DDoS attack, the Census servers were relatively unprepared.
No DDoS protection was in place and there was no limitation of foreign connections to the servers.
As the only people who can lodge Census data must be resident in Australia at the time, this was an obvious failing on the part of network support for the Census.

At this point it appears that there was no attack on the Census servers and any intimation that there was is ill informed or outright lying.
The ABS reduced the security and privacy of the collected data by outsourcing the servers.
CensusFail occurred due to mismanagement and incompetence by the ABS.
The government is now tying up the Australian Signals Directorate on a wild goose chase to find an imaginary attack.

On a final note, if this was the result of a DDoS attack, protection can be arranged in a matter of hours, not days.
To keep the servers unavailable is a frank admission that the problem lies with the servers and supporting network, not because of any threat of DDoS

Linky

Just a facebook tech blog.

https://www.facebook.com/feed/topics/scitech?story_id=S%3A_I796329166%3A10155112543494167