Wednesday, 18 May 2011

What happened to Ben Grubb and Christian Heinrich at Auscert 2011?

There is lots of buzz about Ben Grubb getting 'arrested' at Auscert yesterday:

I've been arrested by Queensland Police for a story I wrote today. They've also seized my iPad. #AusCERT

So what actually happened?

On Sunday, before the start of Auscert, Security B-Sides was held at Royal Pines resort. The B-Sides were a series of short presentations that weren't part of Auscert, were independently run and were free to attend. Only about 20 people attended these.

Christian Heinrich @cmlh gave a presentation entitled "For God Your Soul... For Me Your Flesh". In the presentation Christian disclosed some vulnerabilities affecting Myspace, Flickr and Facebook. In the case of the Flickr and Facebook vulnerability, Christian was able to demonstrate the accessing of private images. Christian deliberately chose to compromise photos belong to Chris Gatford's wife... photos of Chris. One of the photos Christian accessed had Chris's child in it and Christian had obscured the child. Chritian and Chris aren't on good terms... Christian explained this, he also said that he'd told Chris that he was going to target his account. A number of people (including myself) tweeted the presentation.
As a 'test subject' @cmlh gained access to photos belonging to @ChrisGatford on Flickr and Facebook #bsidesau #auscert

My recollection is that Ben Grubb, a journalist for didn't attend the presentation by Christian, but arrived after it was finished. After the presentations were finished for the day Ben interviewed Christian for an article that would be published on on Tuesday.

That article now has no image associated with it, but when it was initially published it contained the image that Christian had obtained from Chris Gatford wife's Facebook account, the child was obscured in this photo also.

Christian Heinrich left Auscert around lunch time on Tuesday.

Late in the afternoon of Tuesday, after the conference sessions had finished, Queensland Police approached Ben Grubb. I didn't see it. I don't know what was said. I don't know if Ben was arrested, detained, or questioned or for how long.

After Ben sent out the tweet saying he had been arrested the #auscert hashtag went crazy with lots of questions being asked about Ben. As I was still at the auscert conference venue I wandered down to the media room to find out what had happened. Ben wasn't aware of the concerns or the questions on Twitter as his phone, that he'd previously tweeted from, was flat and his iPad had been taken by Queensland Police. Ben was visibly shaken and clearly under the impression that he had been arrested (if only temporarily) and released; he didn't talk about what he had discussed with Queensland Police. From my judgement of Ben and others demeanour it didn't seem that Queensland Police just had some friendly questions for him.

I imagine there is more to happen in this story when police catch up with Christian Heinrich.

Was what Christian did ethical? In my mind, no.
Was it legal? Probably not.
Did QPS intimidate Ben Grubb? It would seem so to me.
Should Ben Grubb have a case to answer to police? To me, it seems like QPS are shooting the messenger.
Can police just sieze someones iPad like that? They seem to think so.

Recent Geocaching Logs

Stuff I"ve read lately