493 posts • joined Monday 10th March 2008 16:59 GMT
Would also be interested to know...
if Google have attempted to estimate how many Tbytes of data were pilfered by NSA/GCHQ without any legal authorisation at all.
"Fuck these guys" is apparently the proposed solution... Personally, I would opt for encryption.
These statistics are meaningless.
Vodafone: use Bluecoat to covertly tap UK telecoms and divert to California USA for analysis & replay attacks.
BT: used Phorm to covertly intercept, copy, and analyse the content of UK telecoms.
Nothing wrong with that in principle
There *is*. And there is something wrong with that in law.
TalkTalk are non entitled to divulge the content of a lawful private/confidential communication (a url) to a third party without explicit consent from sender & recipient (or a warrant for surveillance). (UK RIPA).
TalkTalk are not entitled to retain the content of a communication or anything revealing the content of a communication (EC Data Retention directive).
TalkTalk are not entitled to commercially exploit the content of communication without a licence from the author (UK CDPA).
TalkTalk are not entitled to interfere with the operation of a computer without consent from the operator (UK CMA).
Looking for confirmation of US/UK economic espionage?
The clue is in the name. The .br bit stands for Brazil.
Does that help?
GCHQ are doing their job
When did it become GCHQ job to spy on *law abiding* citizens unencrypted, let alone encrypted, private/confidential communications?
Or rather, 'adversaries', to use the new colloquialism?
These revelations, or rather the fact of the corrupt co-operation between IT industry leaders and these fascists, will do huge damage to public trust in IT people & products.
Don't think we've forgotten.
Both Livingston and Patterson oversaw the covert trials of Phorm in 2006, 2007, and 2008.
Re: Rah Rah Rah
As a personal identifier, the MAC address of your phone is more globally unique than your name.
Ian Livingston & BT
The people who imposed Phorm mass surveillance on their subscribers, and the web sites that served them.
I don't trust either of them.
Re: I like how they state .....
Already been done;
It would appears MP's communications are being filtered and monitored by an unnamed 'third party', thought to be Bluecoat in California, with URLs being categorised, analysed, and censored (even if legal).
Sadly. the pres (including the Register) won't report it.
DNT is a mirage
We need to outlaw the unauthorized creation of personal profile databases/communications databases... or in the alternative.... face the unpleasant truth that evil people will create these databases regardless of any signal sent by a web browser if they think they can get away with it.
Why is regulation a bad thing?
Versus the alternative; unaccountable ISPs imposing opaque censorship restrictions on wholly lawful communications.
Re: Civil servants can't be trusted to stay in their remit and will always try to widen their remit.
"It is grossly disproportionate to the crime it allegedly counters"
Approximately the same number of people are killed in the UK after falling out of trees.
On average 5x as many people die every year in UK police custody (~30) as die from acts of terrorism (6).
Meanwhile, 100,000 people die from the effects of smoking every year. Around 2,000 die in road traffic accidents. And 800 from murder. To offer a few popular preventable terminal scenarios.
Trust is the big issue.
When you collapse trust in Governments, law, and telecommunications... the consequences that follow are frightening but inevitable.
Re: Ian Livingston, the man responsible for Phorm
Bite me :)
Ian Livingston, the man responsible for Phorm
Not to mention
The EC intervention over BT covert deployment of Phorm mass surveillance.
I'll believe they're serious
.. when BT/Phorm Directors (and others who do the same) are in jail.
Re: ISC: "We're on the case!"
And the same bunch that did nothing about BT/Phorm.
Harmful... harmful to whom?
Harm principle & John Stuart Mill;
"the only purpose for which power can be rightfully exercised over any member of a civilized community, against his will, is to prevent harm to others. His own good, either physical or moral, is not sufficient warrant. He cannot rightfully be compelled to do or forbear because it will be better for him to do so, because it will make him happier, because, in the opinion of others, to do so would be wise, or even right... The only part of the conduct of anyone, for which he is amenable to society, is that which concerns others. In the part which merely concerns himself, his independence is, of right, absolute. Over himself, over his own body and mind, the individual is sovereign" -
I don't want my lawful communications censored in any way whatsoever.
Violence? Like Teenage Mutant Ninja Turtles, or Pokemon? Or war & crime reporting on BBC Newsround?
Nudity? Like the Sun? Or the National Gallery? Or sexual health sites?
It is absolutely ludicrous to suggest anyone can make these distinctions effectively... it has to be a question of parental responsibility.
I choose what is suitable for my children to view, not a fascist Government.
Re: This is all entirely legal ?
This is not just location data (which in itself if bad enough)...
The information includes; "gender, age, postcode, --> websites visited <---, time of day text is sent [and] location of customer when call is made”.
This is all entirely legal ?
No its not.
Not without consent of both parties to the communications, per The Regulation of Investigatory Powers (Monetary Penalty Notices and Consents for Interceptions) Regulations 2011... which (in the light of the Phorm affair) supposedly made it unambiguously illegal to intercept and disclose the content of communications without explicit consent from BOTH parties.
It it *not* legal.
Re: More info here
Its not hard at all, once you're aware.
The problem is the flaw is enabled by default and most people are unaware.
More info here
WPAD: The Internet Explorer Security Flaw that Threatens all UK Microsoft Users
No it wasn't.
It wasn't fixed.
And furthermore, the WPAD security flaw has now been enabled by default.
See explanation here;
WPAD: The Internet Explorer Security Flaw that Threatens all UK Microsoft Users
WPAD exposes every Windows PC in the UK to the risk of browser hijack by the Brazilian owner of the wpad.co.uk domain.
That security flaw is now enabled by *default*.
Its a yawning, gaping,chasm of a security flaw and it is now enabled by default for most Windows PC users in the UK.
Outlawing IPv4 devices, CGNAT, NAT, VPNs, proxies, and MAC cloning...?
Meanwhile, necessitating mandatory registration of all IP enabled devices and associated DHCP IP address assignments... including all portable devices brought into the country, IP entabled tellies, cars, fridges, CCTV, etc etc.
That should keep the Home Office tied up for years...
"Various European data protection commissioners have taken action against Google"
But not the UK's ICO.
I don't believe the ICO have fined Google a penny, ever...?
On the other hand, senior staff have accepted jobs from ICO. The two aren't linked, obviously.
Re: Serious WPAD flaw in IE?
Its very nasty indeed...
WPAD is now enabled by default in IE... meaning most users of Windows/IE in the UK - both domestic and commercial - are vulnerable to MITM exploitation by default.
Its an acute problem for home networks.
A contact in Microsoft tells me they are aware of the issue, but so far, they aren't doing anything to fix it.
The man who refused to prosecute BT/Phorm
His tenure has been a disgrace to justice and human rights.
I am glad he's going. Its a shame he didn't resign earlier.
"a new consultation"
What, yet another public consultation? Just like the last two that got thoroughly torn to shreds?
In that case I guess just I'll cut/paste my response to the last two Home Office consultations on the same topic, and call that a 'new response' to their 'new consultation'.
Yes they do...
"Websites are blocked by category. The Houses of Parliament, which share an IT department, are responsible for determining which categories of website should be blocked as posing a technical or legal risk to our network. As is standard practice, if websites are brought to an organisation’s attention which merit consideration under its policies and criteria, there is the facility to bring these to the attention of the filtering service provider for review and categorisation as appropriate. "
Yes. Your MP's communications are being monitored/censored too.
Microsoft: Worried about web privacy?
Microsoft aren't worried about your privacy.
They enabled WPAD by default in IE, allowing your Windows machine to be compromised on a whim.
If you have 'Windows Proxy Autodetection' enabled (which it now is, by default, in Windows/IE) your choice of password is perhaps the least of your worries.
Because the Brazilian operating wpad.co.uk has your proxy config by the short and curlies.
Re: Suppose two terrorists wanted to talk to each other...
"everyone except the politicians"
I think you'll find they are being thoroughly spied on too. See;
... unless it is 'almost always' backed by enforcement.
In the UK, there is no enforcement, ipso facto the law & the soothing words of WP29 don't protect you.
Freedom of speech
... with a price list? :(
Browsing history stored for law enforcement purposes... is meant to be held securely and only used for law enforcement purposes (EC Data Retention Regs).
Not abused for advertising by telco marketing clowns.
Divulging some or all of the content of a communication to a third party, without consent from *both* parties, is a crime in the UK (RIPA, Copyright Theft, PECR, ECHR Article 8 &c).
It is automated industrial espionage/personal surveillance.
Interesting Concurrent Parallels with the Bulger Case
Guardian; Google, Facebook and Twitter ordered to delete photos of James Bulger killers
... and I would add HTTPSEverywhere, BetterPrivacy, and Flagfox to that list... as essential addons.
Also RefControl if you're clued up. And (nb; touting my own wares) Dephormation and SecretAgent.
Re: Ha, ha!
He should have read the small print; "Up to £3.5bn. Actual amount received may vary".
"coordinated repressive action"
Would I be correct in assuming that coordination is unlikely to include the generally inactive & uncoordinated muppets at the UK's ICO?
Carrier level blocking
...is a very very bad thing, because it is so easily and readily abused by crooked ISPs and corrupt Governments.
If you want to filter content, do it on your own equipment in your own home.
Otherwise agree completely; it is a question of parental responsibility.
"web companies naturally don't want to pay"
There is no 'funding gap', that's just a complete fabrication.
Web companies pay their own telcos for connectivity. No one gets a free ride.
If French ISPs claim they are not getting enough money for carrying web traffic, they are free to renegotiate interconnect fees and peering agreements with the source of the traffic.
They don't, because they haven't got a jambe to stand on.
Only in the ISP industry is excess demand considered a problem. In any other industry on earth it would be called an 'opportunity', and priced accordingly.
(ps, see this; https://www.dephormation.org.uk/?page=47).
Apart from the obvious privacy/security/integrity concerns about encrypted (or for that matter unencrypted) traffic being passed through a third party proxy...
... it establishes Nokia as a huge honeypot of passwords, banking, and commercial data that is acutely vulnerable.
Glad I'm not responsible for their network security.
- On the matter of shooting down Amazon delivery drones with shotguns
- Review Bring Your Own Disks: The Synology DS214 network storage box
- OHM MY GOD! Move over graphene, here comes '100% PERFECT' stanene
- IT MELTDOWN ruins Cyber Monday for RBS, Natwest customers
- Google's new cloud CRUSHES Amazon in RAM battle