Labor cools enthusiasm for Hotmail leaks

Less than three hours after launching a new Hotmail address to expose government waste, the Australian Labor Party has warned public servants to never use their work computers or e-mail addresses to send information to it.

Labor shadow for public accountability and human services, Kelvin Thomson launched the new e-dobbing facility, whistleblowersonhoward@hotmail.com, as a way for conscientious public servants to alert the opposition to government waste.

However, the launch immediately caused IT security vendors and privacy advocates to warn that free, hosted, e-mail services are nowhere near secure enough to handle sensitive information.

Sophos head of technology Paul Ducklin said he was surprised a better e-mail address could not be found and that he would have at least hoped the servers concerned resided in Australia.

Similarly, senior systems engineer at Trend Micro, Adam Biviano is worried about "potential for misconduct" if Australian government information is to be stored on servers outside the country.

He added that access to Hotmail is not secured and a person reading their account "may have their traffic intercepted", Biviano said.

At MessageLabs director of partners Andy Lake said Hotmail was simply not designed for the repository of secrets.

"E-mail in a basic format is always inherently insecure and everybody who uses the Internet is either aware of that, or should be," Lake said.

Senior director of security solutions for Symantec, Tim Hartman said the ultimate concern with such an address is there are no service level agreements (SLAs) between Hotmail and the federal government to ensure information has not been tampered with and has arrived at the address intact.

However, Thomson has defended the Hotmail address, saying he didn't intend it to be used as a destination for direct leaks from public servants' work computers or .gov.au domain e-mail addresses.

"We would never propose anyone send anything from their work computers," Thomson said.

He added all e-mails received would be deleted in a timely manner.

Hotmail's local spokeperson, NineMSN corporate communications manager Kate Bedoe, said Hotmail's security was "world class" for its intended use - personal, Web-based e-mail.

"Hotmail is great for personal use. Whether or not it fits the needs of the Australian Labor Party is a really matter for [the party] to decide. We have advice for all consumers of Hotmail on how to make Hotmail the most secure experience," Bedoe said.

More about: Australian Labor Party, Labor Party, MessageLabs, Ninemsn, Sophos, Symantec, Trend Micro

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/19/avg-anti-virus-free-edition/

AVG Anti-Virus Free Edition

Note: This review covers version 8.5 of the software. This software is now in version 9.0. Antivirus program AVG 8.5 Free offers solid features and ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia