From ben at stumbles.id.au Thu Apr 16 16:55:40 2020 From: ben at stumbles.id.au (Ben Sturmfels) Date: Thu, 16 Apr 2020 16:55:40 +1000 Subject: [Linux-aus] Proprietary MyGovID app to be the only way to login to ATO Business Portal In-Reply-To: <80699976-c135-2d13-31fd-ecbfe0e3c837@stumbles.id.au> References: <87eeti8d70.fsf@sturm.com.au> <1585036492.4592.20.camel@fs.saosce.com.au> <1585050939.22583.0@stumbles.id.au> <80699976-c135-2d13-31fd-ecbfe0e3c837@stumbles.id.au> Message-ID: <4a70a88c-dba0-b16a-3efd-dd0a17e86b25@stumbles.id.au> Another update. A representative of ATO called to suggest that as a sole-trader (not a company), I can manage activity statements and superannuation through the ATO linked service on https://my.gov.au. I tried this and after doing the necessary linking security questions, I get essentially the exact same functionality I had via the ATO Business Portal. This isn't an option for companies though, who are forced to use MyGovID so that multiple authorised people can access these features on the ATO Business Portal. The representative told me that there's no plans to move my.gov.au to MyGovID login for the foreseeable future. So that solves my issues for now, but I expect it's only a matter of time before MyGovID gets more widely rolled out. Regards, Ben On 31/3/20 11:39 am, Ben Sturmfels via linux-aus wrote: > Just a quick update - I had a lovely call from a person at ATO > responding to my complaint. A couple of things they mentioned: > > - ATO is the first agency to use MyGovID > > - they have a feedback form on https://www.mygovid.gov.au <- USE IT > > - they have received quite a bit of feedback similar to mine > > - there was some form of hard deadline in place around their previous > authentication set up around 10 years ago - sounded like a contract > expiry but I didn't get specifics - may have been just related to AusKey > > - they really didn't know how the transition was going to go - now they > have learned, surprise surprise, for example a bunch of tax accountants > who don't have smartphones - much respect to those accountants! > > - currently the Digital Identity team is only speaking with people who > are having technical difficulties with the app, not people who want to > participate in the upstream process > > All in all, they were very empathetic about the ethical issues of > requiring Apple or Google accounts and trust in proprietary tech. If you > can spare a few minutes, this is an important time to be heard and they > are certainly listening. > > Regards, > Ben > > On 24/3/20 10:55 pm, Ben Sturmfels via linux-aus wrote: >> >> >> On Tue, Mar 24, 2020 at 18:24, Jack Burton wrote: >> >>> This move then is one which attempts to force Australian tax-paying >>> companies to do business with either Apple or Google... >>> >>> ...ironically, two companies which are famous for *not* paying their >>> fair share of taxes. >>> >>> >>> Take a moment for that to sink in -- in order to pay our taxes, the >>> government now wants us to do business with serial tax-evaders! >>> >> >> Aw, I wish I'd thought of that line! Thanks Jack! >> >> >> In other news, Matt Ceniga pointed me towards mygov-totp-enrol. He wrote: >> >>> MyGovID may be the only "official" way to sign in, but it's not the >>> only option. MyGovID just does TOTP with SHA512, so assuming you have >>> a TOTP app that doesn't just do SHA1 (I use FreeOTP+, but there are >>> plenty of other options), you can use the tool that this clever human >>> wrote, that basically pretends to be the MyGovID app for the purposes >>> of set-up, and gives you a regular QR-code to feed to your TOTP app: >>> https://github.com/abrasive/mygov-totp-enroll >>> >>> We shouldn't need a third-party tool to do something that should >>> already be offered by the MyGov website. I understand that maybe they >>> didn't trust TOTP apps to support SHA512 hashes (I know that when I >>> tried with LastPass Authenticator, it just *ignored* the SHA512 bit >>> and tried to use the key with a SHA1 hash, resulting in the wrong code >>> with no explanation or error), but there are better options than >>> *forcing* people to use an app like this. >> >> As Matt suggests, I still think that it's worth some activism here >> regardless - non-technologists shouldn't be second class citizens and we >> shouldn't have to work around the systems that we collectively pay for. >> >> Regards, >> Ben >> >> >> _______________________________________________ >> linux-aus mailing list >> linux-aus at lists.linux.org.au >> http://lists.linux.org.au/mailman/listinfo/linux-aus >> >> To unsubscribe from this list, send a blank email to >> linux-aus-unsubscribe at lists.linux.org.au > > _______________________________________________ > linux-aus mailing list > linux-aus at lists.linux.org.au > http://lists.linux.org.au/mailman/listinfo/linux-aus > > To unsubscribe from this list, send a blank email to > linux-aus-unsubscribe at lists.linux.org.au > From jack at saosce.com.au Thu Apr 16 17:44:06 2020 From: jack at saosce.com.au (Jack Burton) Date: Thu, 16 Apr 2020 17:14:06 +0930 Subject: [Linux-aus] Proprietary MyGovID app to be the only way to login to ATO Business Portal In-Reply-To: <4a70a88c-dba0-b16a-3efd-dd0a17e86b25@stumbles.id.au> References: <87eeti8d70.fsf@sturm.com.au> <1585036492.4592.20.camel@fs.saosce.com.au> <1585050939.22583.0@stumbles.id.au> <80699976-c135-2d13-31fd-ecbfe0e3c837@stumbles.id.au> <4a70a88c-dba0-b16a-3efd-dd0a17e86b25@stumbles.id.au> Message-ID: <1587023046.27769.318.camel@fs.saosce.com.au> On Thu, 2020-04-16 at 16:55 +1000, Ben Sturmfels via linux-aus wrote: > Another update. A representative of ATO called to suggest that as a > sole-trader (not a company), I can manage activity statements and > superannuation through the ATO linked service on https://my.gov.au. I > tried this and after doing the necessary linking security questions, I > get essentially the exact same functionality I had via the ATO Business > Portal. > > This isn't an option for companies though, who are forced to use MyGovID > so that multiple authorised people can access these features on the ATO > Business Portal. This is quite topical, as that's also the only self-lodgement option when applying for the JobKeeper payment, in order to help keep one's employees on for the next few months of the current crisis -- a process we're told that around 850,000 Australian businesses are about to go through on Monday (applications to be open from 20 Apr). For the time being, the best workaround seems to be simply to lodge via a registered tax agent, then claim the agent's fees as an expense in the next period. Of course the tax agents are probably also being forced to use non-free software, but at least this approach allows us to prevent our own companies from being infected with any non-free software: I like to think of it as paying the tax agent danger money for running software that cannot be audited. Regards, J. From daniel at pocock.com.au Sun Apr 19 21:47:37 2020 From: daniel at pocock.com.au (Daniel Pocock) Date: Sun, 19 Apr 2020 13:47:37 +0200 Subject: [Linux-aus] Operation Anzacathon is go! Message-ID: <872dc01e-8398-024b-2fe0-3de420a9711e@pocock.com.au> With Anzac events cancelled or going online, the RSL recently asked people to make short videos to share So I got on my bike and made a video https://anzacathon.com There is a big emphasis on open data and free software. One major issue that needs help: what would be the preferred discussion channel for an event like this? I'm not a big fan of proprietary platforms like Slack and I don't want to promote that through the site. Regards, Daniel From euan at dekock.net Sun Apr 19 22:15:11 2020 From: euan at dekock.net (Euan de Kock) Date: Sun, 19 Apr 2020 20:15:11 +0800 Subject: [Linux-aus] Operation Anzacathon is go! In-Reply-To: <872dc01e-8398-024b-2fe0-3de420a9711e@pocock.com.au> References: <872dc01e-8398-024b-2fe0-3de420a9711e@pocock.com.au> Message-ID: Maybe consider signal (www.signal.org) as the comms platform. It's secure, has apps on all major platforms, including Linux, and it is open source. Euan. On Sun, 19 Apr 2020, 19:48 Daniel Pocock via linux-aus, < linux-aus at lists.linux.org.au> wrote: > > > With Anzac events cancelled or going online, the RSL recently asked > people to make short videos to share > > So I got on my bike and made a video > > https://anzacathon.com > > There is a big emphasis on open data and free software. > > One major issue that needs help: what would be the preferred discussion > channel for an event like this? I'm not a big fan of proprietary > platforms like Slack and I don't want to promote that through the site. > > Regards, > > Daniel > _______________________________________________ > linux-aus mailing list > linux-aus at lists.linux.org.au > http://lists.linux.org.au/mailman/listinfo/linux-aus > > To unsubscribe from this list, send a blank email to > linux-aus-unsubscribe at lists.linux.org.au > -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel at pocock.com.au Mon Apr 20 20:14:19 2020 From: daniel at pocock.com.au (Daniel Pocock) Date: Mon, 20 Apr 2020 12:14:19 +0200 Subject: [Linux-aus] Operation Anzacathon is go! In-Reply-To: References: <872dc01e-8398-024b-2fe0-3de420a9711e@pocock.com.au> Message-ID: <806d465e-b351-63e7-baa1-d4f3768d2546@pocock.com.au> On 19/04/2020 14:15, Euan de Kock wrote: > Maybe consider signal (www.signal.org )? as the > comms platform. It's secure, has apps on all major platforms, including > Linux, and it is open source. Secure is a relative term. Signal still knows some things about the users as they need to have central servers. Jami[1] is slightly better as a true distributed protocol. Nonetheless, those are telephone/conferencing solutions. What I was thinking about as an alternative to Slack is a more social experience. Some communities are now experimenting with Mastadon[2], for example. Are there any Mastodon instances or similar services that have become popular with the community in Australia, whether hosted in Australia or not? I thought about starting an instance myself but I concluded that it would be hard to host something like that under the Anzacathon.com site and ensure that all content posted by users is respectful. I'd rather keep a minimum of content on Anzacathon.com and link to other grass roots communities and tools. Regards, Daniel 1. https://jami.net/ 2. https://github.com/tootsuite/mastodon From president at linux.org.au Sun Apr 26 14:08:34 2020 From: president at linux.org.au (President, Linux Australia) Date: Sun, 26 Apr 2020 14:08:34 +1000 Subject: [Linux-aus] Call for an Open and Honest COVID Tracking App Message-ID: <1b501470-264b-291b-be5e-ed4af197beca@linux.org.au> Dear All, Today Linux Australia joined over 50 academic and industry experts in calling on the Government of Australia to be open and transparent in regards to it's new COVID-19 contact tracing app. Publishing the source code and allowing independant technical experts to review, test and scruitinse the code allows for the adoption of best privacy practices for those who will be using the app. The open letter is linked below: https://docs.google.com/document/d/1T-CVzfKDTZOK7DYUyHNR4RsoN4uuKcQux8UvYU9u6AE/edit?usp=sharing If you have any questions please do not hesitate contact me at president at linux.org.au Thanks and stay safe and well, Sae Ra -- Sae Ra Germaine President Linux Australia president at linux.org.au http://linux.org.au Linux Australia Inc GPO Box 4788 Sydney NSW 2001 Australia ABN 56 987 117 479 From russell at coker.com.au Sun Apr 26 16:01:34 2020 From: russell at coker.com.au (Russell Coker) Date: Sun, 26 Apr 2020 16:01:34 +1000 Subject: [Linux-aus] PCs in Perth Message-ID: <4232680.uUWHNVuhmH@liv> I know someone who has a son who wants to study computer science. He needs another PC (he has one for school work but needs one to play with and not worry too much about breaking it). Does anyone have 1 or 2 old AMD64 systems they don't need that they could leave on their porch for collection? Don't need anything particularly special, even a Core 2 class system would be great. 4G of RAM would be handy. He might use Windows initially but I'll try to get him into Linux. They also need keyboard, mouse, and a monitor (even 1280*1024 would be fine). Any bits you can give away for them to add to the PC or whatever would be good too. Thanks. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/