[Informatics] Census user flow
Mark
mark at vceit.com
Wed Aug 10 12:38:30 AEST 2016
Hi Lucas.
The thing that still baffles me is the *motive* for a DDoS attack on a
census site.
Since the apparent intention was to interrupt data entry rather than
penetrate the system and steal or damage data, what benefit could that have
for the attackers?
No-one has claimed responsibility, so it wouldn't seem to be an exercise
for bragging rights.
Maybe it was a political statement by anonymity activists... who have
decided to remain anonymous.
No ransom seems to have been demanded to stop the attacks.
Odd.
Mark
On 10 August 2016 at 09:23, Garth, Lucas A <garth.lucas.a at edumail.vic.gov.au
> wrote:
> Hi Mark and other fellow Informatics teachers
>
>
>
> Looks like we have a good case study for our U4O2 work
>
>
>
> Not only do you have the “design features” outlined by Mark below, but you
> also have the focus on the physical and software concerns.
>
>
>
> I’ve linked to a quite non-techy article which at least provides some
> outline for the SNAFU that occurred last night for the Census:
>
>
>
> http://www.news.com.au/technology/census-fail-abs-
> spent-nearly-500000-on-load-testing-the-servers/news-story/
> d04709eca6e02d1bbc492a0be9dffa58
>
>
>
> Some thoughts for pondering. Take one or a few of these to your
> Informatics class over the next week.
>
>
>
> - What is the difference between a DDoS and a hack?
>
> - How can you know if the census site was compromised?
>
> - What is the problem/issue if the site WAS compromised?
>
> - If the ABS suggests the hacks were created by the Chinese, how
> could this be found out, and how could these potentially have been
> stopped/mitigated?
>
> - Who in an organisation would carry the responsibility for data
> security? Who would make the big decisions (such as outsourcing the load
> testing procedures)? What type of decisions would need to be made in
> creating a census, from strategic, to tactical to operational?
>
> - Who would have been responsible for pulling the pin by
> bringing down the ABS servers last night?
>
> - Why would the ABS have been tweeting for people to keep
> logging in at 8:30pm when the site was brought down at 7:30pm? Can you see
> how this would reduce public confidence in the ability of the ABS to store
> private and sensitive information.
>
> - What is load testing? (Please provide your information and
> response to the ABS, quick smart)
>
> - Do you think that people should have been required to provide
> their name for the census? If those who did not comply with this directive
> receive a fine, do you believe this is justified?
>
> - What is de-identification? Why do we complete this process
> when working with sensitive data?
>
> - Why does the government need our names, when they can already
> really easily link our passport, drivers licence and taxation information
> to get a very clear picture of our personal circumstances?
>
> - If the ABS were not going to de-identify the data, does this
> breach any privacy legislation? Who would lead a class action against the
> government?
>
>
>
>
>
> Students who are on Twitter can follow the #censusfail hashtag to see all
> of the different ways that the project was not deemed a success by one of
> their key stakeholders.
>
>
>
> Lucas
>
>
>
> PS Mark – there was an issue with the design where people who work from
> home but travel to clients weren’t able to enter their details, because the
> system could not anticipate such a question. With an increasing amount of
> people telecommuting and contracting thanks to the NBN rollout, it’s
> something that should be fixed for next time. If there is a next time.
>
>
>
> *From:* informatics-bounces at edulists.com.au [mailto:informatics-bounces@
> edulists.com.au] *On Behalf Of *Mark
> *Sent:* Tuesday, 9 August 2016 1:55 PM
> *To:* Year 12 VCE Informatics Teachers' Mailing List
> *Subject:* Re: [Informatics] Census user flow
>
>
>
> Hi, data providers.
>
>
>
> Census user experience (UX) time.
>
>
>
> - Upon starting the census, one is given a passcode to let one exit the
> process and resume later. Nice security.
>
>
>
> - It's interesting how in Q11 the countries of birth are chosen and
> ordered. No drop down list. Seven named countries, apparently in order of
> likelihood based on the 2011 census. A textbox for "Other". This might be a
> good Q - ask kids how they would create a form to get this data, and
> justify their decision.
>
>
>
> - Q15 (Language spoken at home) also has a similar structure. Mandarin is
> the second option, after English.
>
>
>
> - The online form introduces logical streamlining of inputs based on
> previous answers. Irrelevant Qs are never asked, or even seen.
>
>
>
> - Q13 is another example of a smart form. The father's country of birth
> (apparently) defaults to the COB of the respondent. If they differ, there's
> a textbox for "Other".
>
>
>
> - Answers flash a green border when a good answer is given. Nice feedback.
>
>
>
> - Each Q has a "More Information" link rather than taking up space
> onscreen with potentially unnecessary verbiage.
>
>
>
> - Q17 uses checkboxes to select ancestry, with 2 textboxes to add "other"
> data. I didn't like this question, since it was vague about how many
> generations one could/should go back. Six generations ago, my ancestors
> were English/Irish. Is that what they want? The help says to "consider the
> ethnic or cultural origins of the person's parents and/or grandparents as a
> guide" but parental COB was already asked for. Odd. Also, "Australia" (the
> COB of me and my parents) appeared as the seventh and last checkbox. Should
> it not have been put first?
>
>
>
> - Q18. Jedi Knight is conspicuously absent as an option for religion.
>
>
>
> - The number of questions per page is interesting. Some scrolling is still
> needed.
>
>
>
> - All screens have a footer navbar with links to
>
> Privacy
>
> Security
> Disclaimer
> Copyright
> Contact us
> Sitemap
>
>
>
> Q21 - "Does Mark ever need someone to help with, or be with them for,
> communication activities? For example: understanding, or being understood
> by, others." I wanted to say "Edulists" but there was not a textbox for
> that.
>
>
>
> Q23 - "Number of births" is not asked if one's sex is male. I wonder which
> pressure group is going to complain about this.
>
>
>
> - The left side of the screen is a map of one's progress through the data
> collection process. It's nice to have context.
>
>
>
> - The exit screen has links to Twitter etc to "Share" that you've done
> your "bit for Australia". Awww. *Nice*.
>
>
>
> - The site was very responsive at about 1:10 pm on the day of the census.
> There was no lag in moving between pages or showing help.
>
>
>
> - The colour scheme was basically green. (Maybe it would have been
> different if I'd claimed to be an eight year old Vietnamese girl with a PhD
> and twelve children.)
>
>
>
> Mark
>
>
>
>
>
> On 9 August 2016 at 13:10, Mark <mark at vceit.com> wrote:
>
> I say, chaps.
>
>
>
> The census experience will be a good opportunity to examine and evaluate
> the site's user flow and user experience. Absolutely spiffing.
>
>
>
> And security... I bet some's already cracked the login code algorithm and
> posted a login generator somewhere online.
>
>
>
> Mark
>
>
>
> --
>
>
>
> Mark Kelly
>
>
>
> mark at vceit.com
>
> http://vceit.com
>
>
>
>
>
> --
>
>
>
> Mark Kelly
>
>
>
> mark at vceit.com
>
> http://vceit.com
>
> IMPORTANT - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Training.
>
>
> _______________________________________________
> http://www.edulists.com.au - FAQ, resources, subscribe, unsubscribe
> VCE Informatics Mailing List kindly supported by
> http://www.vcaa.vic.edu.au/vce/studies/infotech/itapplications3-4.html -
> Victorian Curriculum and Assessment Authority <br>
> http://www.vitta.org.au - VITTA Victorian Information Technology
> Teachers Association Inc <br>
> http://www.swinburne.edu.au/ict/schools - Swinburne University
>
--
Mark Kelly
mark at vceit.com
http://vceit.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.edulists.com.au/pipermail/informatics/attachments/20160810/f80df9e1/attachment-0001.html
More information about the informatics
mailing list