[Informatics] Census user flow
Garth, Lucas A
garth.lucas.a at edumail.vic.gov.au
Thu Aug 11 08:21:39 AEST 2016
Surely you jest Mark – what I was getting at was Australians just doing their civic duty to log in – just after dinner when one traditionally does the census after a hard day’s yakka.
5 million people logging in from different IP addresses in the same hour would have a similar look and feel to a DDoS attack, particularly when quite a few of them would be using VPNs.
LG
From: informatics-bounces at edulists.com.au [mailto:informatics-bounces at edulists.com.au] On Behalf Of Mark
Sent: Wednesday, 10 August 2016 4:13 PM
To: Year 12 VCE Informatics Teachers' Mailing List
Subject: Re: [Informatics] Census user flow
Golly.
Who could get 5+ million Australians to do anything at the same time, short of dressing like Santa on 25 December, or drinking during the Melbourne Cup ?
5 million is more than 25% of citizens, let alone households.
And the proportion of those households who would be tech-savvy enough to join a DDoS attack would be minuscule.
The only thing I could think of that would cause that proportion of Aussies to mount a coordinated and technologically-sophisticated attack is either
- a ban on Vegemite, or
- the closure of Kickass Torrents, that would interrupt their downloading next season's 'Game of Thrones'
Mark
On 10 August 2016 at 14:13, Garth, Lucas A <garth.lucas.a at edumail.vic.gov.au<mailto:garth.lucas.a at edumail.vic.gov.au>> wrote:
As mentioned on twitter a few times, it seems like #censusfail was a coordinated DDoS involving 5+ million households all over Australia.
Who could have predicted that?!
From: informatics-bounces at edulists.com.au<mailto:informatics-bounces at edulists.com.au> [mailto:informatics-bounces at edulists.com.au<mailto:informatics-bounces at edulists.com.au>] On Behalf Of Vella, James
Sent: Wednesday, 10 August 2016 2:00 PM
To: Year 12 VCE Informatics Teachers' Mailing List
Subject: Re: [Informatics] Census user flow
Smells a bit of “most people won’t know where to look so we’ll tell them it’s a DDoS”.
Also could it be that so many Aussie’s use VPN’s that it appeared to be a DDoS? #conspiracy
[http://mackillopwerribee.com.au/wp-content/uploads/2016/04/email_sig_logo.png]
James Vella
Digital Technologies Learning Area Leader eLearning Leader
MacKillop College
Russell Street Werribee VIC 3030
T: +61387345200<tel:%2B61387345200>
F: +61387345261<tel:%2B61387345261>
webpage<http://www.mackillop.vic.edu.au/> | map<https://www.google.com.au/maps/place/MacKillop+Catholic+Regional+College/@-37.898495,144.667368,14z/data=!4m2!3m1!1s0x0:0x86ef7579bb65ae76?hl=en>
Please consider the environment before printing.
________________________________
From: informatics-bounces at edulists.com.au<mailto:informatics-bounces at edulists.com.au> [mailto:informatics-bounces at edulists.com.au] On Behalf Of Robert Hind
Sent: Wednesday, 10 August 2016 1:45 PM
To: 'Year 12 VCE Informatics Teachers' Mailing List' <informatics at edulists.com.au<mailto:informatics at edulists.com.au>>
Subject: Re: [Informatics] Census user flow
And I noted somewhere that the site digitalattackmap.com<http://digitalattackmap.com> recorded no DDoS in Australia
[cid:image001.jpg at 01D1F3A9.8B6AA620]
Robert Hind
Ex Traralgon and Ashwood
Retired
________________________________
From: informatics-bounces at edulists.com.au<mailto:informatics-bounces at edulists.com.au> [mailto:informatics-bounces at edulists.com.au] On Behalf Of Mark
Sent: Wednesday, 10 August 2016 12:39 PM
To: Year 12 VCE Informatics Teachers' Mailing List
Subject: Re: [Informatics] Census user flow
Hi Lucas.
The thing that still baffles me is the motive for a DDoS attack on a census site.
Since the apparent intention was to interrupt data entry rather than penetrate the system and steal or damage data, what benefit could that have for the attackers?
No-one has claimed responsibility, so it wouldn't seem to be an exercise for bragging rights.
Maybe it was a political statement by anonymity activists... who have decided to remain anonymous.
No ransom seems to have been demanded to stop the attacks.
Odd.
Mark
On 10 August 2016 at 09:23, Garth, Lucas A <garth.lucas.a at edumail.vic.gov.au<mailto:garth.lucas.a at edumail.vic.gov.au>> wrote:
Hi Mark and other fellow Informatics teachers
Looks like we have a good case study for our U4O2 work
Not only do you have the “design features” outlined by Mark below, but you also have the focus on the physical and software concerns.
I’ve linked to a quite non-techy article which at least provides some outline for the SNAFU that occurred last night for the Census:
http://www.news.com.au/technology/census-fail-abs-spent-nearly-500000-on-load-testing-the-servers/news-story/d04709eca6e02d1bbc492a0be9dffa58
Some thoughts for pondering. Take one or a few of these to your Informatics class over the next week.
- What is the difference between a DDoS and a hack?
- How can you know if the census site was compromised?
- What is the problem/issue if the site WAS compromised?
- If the ABS suggests the hacks were created by the Chinese, how could this be found out, and how could these potentially have been stopped/mitigated?
- Who in an organisation would carry the responsibility for data security? Who would make the big decisions (such as outsourcing the load testing procedures)? What type of decisions would need to be made in creating a census, from strategic, to tactical to operational?
- Who would have been responsible for pulling the pin by bringing down the ABS servers last night?
- Why would the ABS have been tweeting for people to keep logging in at 8:30pm when the site was brought down at 7:30pm? Can you see how this would reduce public confidence in the ability of the ABS to store private and sensitive information.
- What is load testing? (Please provide your information and response to the ABS, quick smart)
- Do you think that people should have been required to provide their name for the census? If those who did not comply with this directive receive a fine, do you believe this is justified?
- What is de-identification? Why do we complete this process when working with sensitive data?
- Why does the government need our names, when they can already really easily link our passport, drivers licence and taxation information to get a very clear picture of our personal circumstances?
- If the ABS were not going to de-identify the data, does this breach any privacy legislation? Who would lead a class action against the government?
Students who are on Twitter can follow the #censusfail hashtag to see all of the different ways that the project was not deemed a success by one of their key stakeholders.
Lucas
PS Mark – there was an issue with the design where people who work from home but travel to clients weren’t able to enter their details, because the system could not anticipate such a question. With an increasing amount of people telecommuting and contracting thanks to the NBN rollout, it’s something that should be fixed for next time. If there is a next time.
From: informatics-bounces at edulists.com.au<mailto:informatics-bounces at edulists.com.au> [mailto:informatics-bounces at edulists.com.au<mailto:informatics-bounces at edulists.com.au>] On Behalf Of Mark
Sent: Tuesday, 9 August 2016 1:55 PM
To: Year 12 VCE Informatics Teachers' Mailing List
Subject: Re: [Informatics] Census user flow
Hi, data providers.
Census user experience (UX) time.
- Upon starting the census, one is given a passcode to let one exit the process and resume later. Nice security.
- It's interesting how in Q11 the countries of birth are chosen and ordered. No drop down list. Seven named countries, apparently in order of likelihood based on the 2011 census. A textbox for "Other". This might be a good Q - ask kids how they would create a form to get this data, and justify their decision.
- Q15 (Language spoken at home) also has a similar structure. Mandarin is the second option, after English.
- The online form introduces logical streamlining of inputs based on previous answers. Irrelevant Qs are never asked, or even seen.
- Q13 is another example of a smart form. The father's country of birth (apparently) defaults to the COB of the respondent. If they differ, there's a textbox for "Other".
- Answers flash a green border when a good answer is given. Nice feedback.
- Each Q has a "More Information" link rather than taking up space onscreen with potentially unnecessary verbiage.
- Q17 uses checkboxes to select ancestry, with 2 textboxes to add "other" data. I didn't like this question, since it was vague about how many generations one could/should go back. Six generations ago, my ancestors were English/Irish. Is that what they want? The help says to "consider the ethnic or cultural origins of the person's parents and/or grandparents as a guide" but parental COB was already asked for. Odd. Also, "Australia" (the COB of me and my parents) appeared as the seventh and last checkbox. Should it not have been put first?
- Q18. Jedi Knight is conspicuously absent as an option for religion.
- The number of questions per page is interesting. Some scrolling is still needed.
- All screens have a footer navbar with links to
Privacy
Security
Disclaimer
Copyright
Contact us
Sitemap
Q21 - "Does Mark ever need someone to help with, or be with them for, communication activities? For example: understanding, or being understood by, others." I wanted to say "Edulists" but there was not a textbox for that.
Q23 - "Number of births" is not asked if one's sex is male. I wonder which pressure group is going to complain about this.
- The left side of the screen is a map of one's progress through the data collection process. It's nice to have context.
- The exit screen has links to Twitter etc to "Share" that you've done your "bit for Australia". Awww. Nice.
- The site was very responsive at about 1:10 pm on the day of the census. There was no lag in moving between pages or showing help.
- The colour scheme was basically green. (Maybe it would have been different if I'd claimed to be an eight year old Vietnamese girl with a PhD and twelve children.)
Mark
On 9 August 2016 at 13:10, Mark <mark at vceit.com<mailto:mark at vceit.com>> wrote:
I say, chaps.
The census experience will be a good opportunity to examine and evaluate the site's user flow and user experience. Absolutely spiffing.
And security... I bet some's already cracked the login code algorithm and posted a login generator somewhere online.
Mark
--
Mark Kelly
mark at vceit.com<mailto:mark at vceit.com>
http://vceit.com
--
Mark Kelly
mark at vceit.com<mailto:mark at vceit.com>
http://vceit.com
IMPORTANT - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Training.
_______________________________________________
http://www.edulists.com.au - FAQ, resources, subscribe, unsubscribe
VCE Informatics Mailing List kindly supported by
http://www.vcaa.vic.edu.au/vce/studies/infotech/itapplications3-4.html - Victorian Curriculum and Assessment Authority <br>
http://www.vitta.org.au - VITTA Victorian Information Technology Teachers Association Inc <br>
http://www.swinburne.edu.au/ict/schools - Swinburne University
--
Mark Kelly
mark at vceit.com<mailto:mark at vceit.com>
http://vceit.com
________________________________
No virus found in this message.
Checked by AVG - www.avg.com<http://www.avg.com>
Version: 2016.0.7690 / Virus Database: 4627/12757 - Release Date: 08/06/16
CONFIDENTIALITY NOTICE
This e-mail contains confidential information intended only for the use of the name addressee. It may also be subject to professional privilege. If you are not the named recipient any disclosure, copying, forwarding or using any part of this e-mail or its attachments is prohibited. If you have received this e-mail in error, please notify us by telephone on 0387345200. MacKillop College does not warrant that this e-mail or any attachments are error or virus free and recommends that all attachments be checked for viruses and other defects. Similarly, MacKillop College does not warrant that this e-mail has been free of interception by a third party and may store the content sent to us, if we believe that we have a legal requirement to do so.
IMPORTANT - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Training.
_______________________________________________
http://www.edulists.com.au - FAQ, resources, subscribe, unsubscribe
VCE Informatics Mailing List kindly supported by
http://www.vcaa.vic.edu.au/vce/studies/infotech/itapplications3-4.html - Victorian Curriculum and Assessment Authority <br>
http://www.vitta.org.au - VITTA Victorian Information Technology Teachers Association Inc <br>
http://www.swinburne.edu.au/ict/schools - Swinburne University
--
Mark Kelly
mark at vceit.com<mailto:mark at vceit.com>
http://vceit.com
IMPORTANT - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Training.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.edulists.com.au/pipermail/informatics/attachments/20160810/c0c79455/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 56310 bytes
Desc: image001.jpg
Url : http://www.edulists.com.au/pipermail/informatics/attachments/20160810/c0c79455/image001-0001.jpg
More information about the informatics
mailing list