Feeds

Journo was arrested, says Qld cop

'Our bad', says stupid police media tweet

  • alert
  • submit to reddit

Using blade systems to cut costs and sharpen efficiencies

Queensland Police have told a press conference in Queensland that they did indeed arrest tech journalist Ben Grubb in their investigation of a Facebook vulnerability demonstrated at Australia’s AusCERT conference on Sunday.

The arrest has outraged both the IT community and Australian media.

The police media unit had originally said that the Fairfax writer had not been arrested, but had been questioned, and his iPad had been retained. This was later corrected in a brief and insensitive Tweet in which the media unit said “Our bad @bengrubb was arrested for questioning briefly Our tweet last night was based on information provided at the time Apologies” (sic).

Speaking to the press conference, Detective Superintendent Brian Hay said the mixed message arose from the gap between the media unit and the investigation team. He also noted that recent changes to Queensland law draw a distinction between someone being arrested “for questioning” and someone who’s arrested under suspicion of a crime.

He confirmed that the police are investigating the Facebook URL vulnerability demonstrated by Christian Heinrich on Sunday, in which the security researcher demonstrated gaining access to privacy-protected Facebook photographs of a rival researcher’s wife.

The investigation was, Hay said, in response to a specific complaint about the presentation. “The complaint was in respect of the hacking incident that saw the private picture being obtained,” he said.

He declined to comment on whether or not police have spoken to Heinrich, saying that the information was too specific to the current investigation. Heinrich has since left the conference and Queensland.

Detective superintendent Hay said Gribb’s arrest “was for the purpose of the investigation – there is no charge pending,” adding that “the interview had commenced with no arrest taking place.”

Since the police’s powers when someone is arrested for questioning include a power to “secure property” relevant to an investigation, El Reg assumes that the arrest occurred so as to invoke those powers and take possession of Grubb’s iPad.

“If police feel someone’s in possession of a product or a piece of evidence that’s material to the investigation, we can … take possession of that,” he said.

Hay also gave a backhander to what he regards as a laissez faire attitude in the security industry, saying that various “black hat” conferences still regard breaking into systems as something of a game, in which “crimes may have been committed”. ®

Correction: A reader has alerted El Reg to a small correction. The Heinrich presentation was at the BSidesAU conference, which runs extra security sessions alongside AusCERT. ®

Boost IT visibility and business value

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.