Sunday, April 18, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

ACSC comfortable with enforcing JavaScript on site visitors

December 5, 2019
in Internet Security
Most Brazilians believe companies don’t protect their personal data
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Screenshot: Chris Duckett/ZDNet

The Australian Cyber Security Centre (ACSC) has taken the step of blocking access to its website for regular desktop browsers that have JavaScript disabled.

If a user heads to cyber.gov.au today without JavaScript enabled, they will be handed the message, “Sorry, you need to enable JavaScript to visit this website”, and no more.

You might also like

Security crucial as 5G connects more industries, devices

Google releases Chrome 90 with HTTPS by default and security fixes

SolarWinds: US and UK blame Russian intelligence service hackers for major cyberattack

Ironically, as ZDNet tested the site and as shown below, it was found that while the notice was shown to users of text-based browser lynx, the content of the page was still served up to them.

The end result is for the extreme security-minded or resource-constrained users, that they get more functionality browsing the Australian government’s official cyber communications channel from the command line, than a desktop browser without JavaScript.

After reaching out for an explanation of the situation, the ACSC told ZDNet that its use of JavaScipt was consistent with the advice in the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents Mitigation Details document.

“Disallowing javascript [sic], except for whitelisted websites, is ideal though challenging due to the large number of websites that require such functionality for legitimate purposes, and is difficult to implement in a large scale deployment,” the only paragraph mentioning JavaScript in the document states.

It would appear ACSC is not helping the ASD’s ideal.

“The cyber.gov.au website uses JavaScript for legitimate purposes, for features such as the ‘ReportCyber’ interactive application used to report cyber incidents,” the ACSC also said.

Although we did not test it, the take away would seem to be that if you were deep in a concrete bunker data centre that doubled as a mobile phone reception blocker and wanted to report a cyber incident from a server, one would need to spark up a full desktop experience.

In September, ACSC said it receives reports of cybercrime once every 10 minutes.

A month later at Senate Estimates, the ACSC fessed up to the worst kept secret in Australian cybersecurity circles — that it had two speakers dumped from CyberCon in early October.

“I made that decision,” ACSC chief Rachel Noble told Senate Estimates at the time.

“The advice that I made the decision on, was a proposal for Dr Dreyfus and Mr Drake to … have a panel with Edward Snowden that was the first proposal. At that point my judgement was based on, I guess, a reputation of all of those speakers that they are known public advocates for unauthorised disclosure or the leaking of classified information outside of legitimate whistleblowing or lawful whistleblowing schemes.”

Noble added the talks were not “consistent with the objectives of the conference which was actually about cybersecurity and helping Australians raise their awareness and technical knowledge about cybersecurity issues”, and could express views not in line with Australian law, processes, and values.

acsc-javascript-block-lynx.png

It’s not often lynx provides a better browsing experience, but the ACSC has made it so.


Screenshot: Chris Duckett/ZDNet

Related Coverage

ACSC confirms it killed off CyberCon whistleblower talks

Head of the ACSC Rachel Noble says all speakers were ‘known public advocates for unauthorised disclosure’.

Telstra calls for Australia to undergo national cyber stocktake

Telco also wants repeat of 2016 ASX 100 cyber check survey.

Renewed calls for dedicated Australian cyber minister and cyber leadership

Australia’s cybersecurity is too important to struggle along with part-time attention, say submitters to the Cyber Security Strategy 2020. The public no longer trusts the government’s computer skills.

Parliament House hack report reveals poor password practices

It took eight days to flush February’s cyber attackers from Australia’s parliamentary network. A procedure to authenticate staff asking to reset their boss’ passwords only came another week later.

The 10 most important cyberattacks of the decade (TechRepublic)

After a number of devastating breaches and hacks, the sheer size of data lost is no longer the only indicator of severity.

Credit: Zdnet

Previous Post

New Iranian Data Wiper Malware Targeting Energy Sector

Next Post

AWS Announces Five New Machine Learning Services Amazon

Related Posts

Security crucial as 5G connects more industries, devices
Internet Security

Security crucial as 5G connects more industries, devices

April 17, 2021
Google releases Chrome 90 with HTTPS by default and security fixes
Internet Security

Google releases Chrome 90 with HTTPS by default and security fixes

April 17, 2021
SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Internet Security

SolarWinds: US and UK blame Russian intelligence service hackers for major cyberattack

April 17, 2021
Google Project Zero testing 30-day grace period on bug details to boost user patching
Internet Security

Google Project Zero testing 30-day grace period on bug details to boost user patching

April 17, 2021
Cyberattack on UK university knocks out online learning, Teams and Zoom
Internet Security

Cyberattack on UK university knocks out online learning, Teams and Zoom

April 17, 2021
Next Post
AWS Announces Five New Machine Learning Services Amazon

AWS Announces Five New Machine Learning Services Amazon

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

What are the different roles within cybersecurity?
Internet Privacy

What are the different roles within cybersecurity?

April 18, 2021
Machine Learning Technology May Help Decipher Biological Language of Cancer, Parkinson Disease
Machine Learning

Machine Learning Technology May Help Decipher Biological Language of Cancer, Parkinson Disease

April 17, 2021
SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence
Internet Privacy

SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence

April 17, 2021
10 Popular Must-Read Free eBooks on Machine Learning
Machine Learning

10 Popular Must-Read Free eBooks on Machine Learning

April 17, 2021
Security crucial as 5G connects more industries, devices
Internet Security

Security crucial as 5G connects more industries, devices

April 17, 2021
Relay Therapeutics pays $85M for startup with a new AI tech for drug discovery
Machine Learning

Relay Therapeutics pays $85M for startup with a new AI tech for drug discovery

April 17, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • What are the different roles within cybersecurity? April 18, 2021
  • Machine Learning Technology May Help Decipher Biological Language of Cancer, Parkinson Disease April 17, 2021
  • SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence April 17, 2021
  • 10 Popular Must-Read Free eBooks on Machine Learning April 17, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates