474 posts • joined Monday 10th March 2008 16:59 GMT
I'll believe they're serious
.. when BT/Phorm Directors (and others who do the same) are in jail.
Re: ISC: "We're on the case!"
And the same bunch that did nothing about BT/Phorm.
Harmful... harmful to whom?
Harm principle & John Stuart Mill;
"the only purpose for which power can be rightfully exercised over any member of a civilized community, against his will, is to prevent harm to others. His own good, either physical or moral, is not sufficient warrant. He cannot rightfully be compelled to do or forbear because it will be better for him to do so, because it will make him happier, because, in the opinion of others, to do so would be wise, or even right... The only part of the conduct of anyone, for which he is amenable to society, is that which concerns others. In the part which merely concerns himself, his independence is, of right, absolute. Over himself, over his own body and mind, the individual is sovereign" -
I don't want my lawful communications censored in any way whatsoever.
Violence? Like Teenage Mutant Ninja Turtles, or Pokemon? Or war & crime reporting on BBC Newsround?
Nudity? Like the Sun? Or the National Gallery? Or sexual health sites?
It is absolutely ludicrous to suggest anyone can make these distinctions effectively... it has to be a question of parental responsibility.
I choose what is suitable for my children to view, not a fascist Government.
Re: This is all entirely legal ?
This is not just location data (which in itself if bad enough)...
The information includes; "gender, age, postcode, --> websites visited <---, time of day text is sent [and] location of customer when call is made”.
This is all entirely legal ?
No its not.
Not without consent of both parties to the communications, per The Regulation of Investigatory Powers (Monetary Penalty Notices and Consents for Interceptions) Regulations 2011... which (in the light of the Phorm affair) supposedly made it unambiguously illegal to intercept and disclose the content of communications without explicit consent from BOTH parties.
It it *not* legal.
Re: More info here
Its not hard at all, once you're aware.
The problem is the flaw is enabled by default and most people are unaware.
More info here
WPAD: The Internet Explorer Security Flaw that Threatens all UK Microsoft Users
No it wasn't.
It wasn't fixed.
And furthermore, the WPAD security flaw has now been enabled by default.
See explanation here;
WPAD: The Internet Explorer Security Flaw that Threatens all UK Microsoft Users
WPAD exposes every Windows PC in the UK to the risk of browser hijack by the Brazilian owner of the wpad.co.uk domain.
That security flaw is now enabled by *default*.
Its a yawning, gaping,chasm of a security flaw and it is now enabled by default for most Windows PC users in the UK.
Outlawing IPv4 devices, CGNAT, NAT, VPNs, proxies, and MAC cloning...?
Meanwhile, necessitating mandatory registration of all IP enabled devices and associated DHCP IP address assignments... including all portable devices brought into the country, IP entabled tellies, cars, fridges, CCTV, etc etc.
That should keep the Home Office tied up for years...
"Various European data protection commissioners have taken action against Google"
But not the UK's ICO.
I don't believe the ICO have fined Google a penny, ever...?
On the other hand, senior staff have accepted jobs from ICO. The two aren't linked, obviously.
Re: Serious WPAD flaw in IE?
Its very nasty indeed...
WPAD is now enabled by default in IE... meaning most users of Windows/IE in the UK - both domestic and commercial - are vulnerable to MITM exploitation by default.
Its an acute problem for home networks.
A contact in Microsoft tells me they are aware of the issue, but so far, they aren't doing anything to fix it.
The man who refused to prosecute BT/Phorm
His tenure has been a disgrace to justice and human rights.
I am glad he's going. Its a shame he didn't resign earlier.
"a new consultation"
What, yet another public consultation? Just like the last two that got thoroughly torn to shreds?
In that case I guess just I'll cut/paste my response to the last two Home Office consultations on the same topic, and call that a 'new response' to their 'new consultation'.
Yes they do...
"Websites are blocked by category. The Houses of Parliament, which share an IT department, are responsible for determining which categories of website should be blocked as posing a technical or legal risk to our network. As is standard practice, if websites are brought to an organisation’s attention which merit consideration under its policies and criteria, there is the facility to bring these to the attention of the filtering service provider for review and categorisation as appropriate. "
Yes. Your MP's communications are being monitored/censored too.
Microsoft: Worried about web privacy?
Microsoft aren't worried about your privacy.
They enabled WPAD by default in IE, allowing your Windows machine to be compromised on a whim.
If you have 'Windows Proxy Autodetection' enabled (which it now is, by default, in Windows/IE) your choice of password is perhaps the least of your worries.
Because the Brazilian operating wpad.co.uk has your proxy config by the short and curlies.
Re: Suppose two terrorists wanted to talk to each other...
"everyone except the politicians"
I think you'll find they are being thoroughly spied on too. See;
... unless it is 'almost always' backed by enforcement.
In the UK, there is no enforcement, ipso facto the law & the soothing words of WP29 don't protect you.
Freedom of speech
... with a price list? :(
Browsing history stored for law enforcement purposes... is meant to be held securely and only used for law enforcement purposes (EC Data Retention Regs).
Not abused for advertising by telco marketing clowns.
Divulging some or all of the content of a communication to a third party, without consent from *both* parties, is a crime in the UK (RIPA, Copyright Theft, PECR, ECHR Article 8 &c).
It is automated industrial espionage/personal surveillance.
Interesting Concurrent Parallels with the Bulger Case
Guardian; Google, Facebook and Twitter ordered to delete photos of James Bulger killers
... and I would add HTTPSEverywhere, BetterPrivacy, and Flagfox to that list... as essential addons.
Also RefControl if you're clued up. And (nb; touting my own wares) Dephormation and SecretAgent.
Re: Ha, ha!
He should have read the small print; "Up to £3.5bn. Actual amount received may vary".
"coordinated repressive action"
Would I be correct in assuming that coordination is unlikely to include the generally inactive & uncoordinated muppets at the UK's ICO?
Carrier level blocking
...is a very very bad thing, because it is so easily and readily abused by crooked ISPs and corrupt Governments.
If you want to filter content, do it on your own equipment in your own home.
Otherwise agree completely; it is a question of parental responsibility.
"web companies naturally don't want to pay"
There is no 'funding gap', that's just a complete fabrication.
Web companies pay their own telcos for connectivity. No one gets a free ride.
If French ISPs claim they are not getting enough money for carrying web traffic, they are free to renegotiate interconnect fees and peering agreements with the source of the traffic.
They don't, because they haven't got a jambe to stand on.
Only in the ISP industry is excess demand considered a problem. In any other industry on earth it would be called an 'opportunity', and priced accordingly.
(ps, see this; https://www.dephormation.org.uk/?page=47).
Apart from the obvious privacy/security/integrity concerns about encrypted (or for that matter unencrypted) traffic being passed through a third party proxy...
... it establishes Nokia as a huge honeypot of passwords, banking, and commercial data that is acutely vulnerable.
Glad I'm not responsible for their network security.
"No individual fraud"
Even taking that dubious claim at face value, drawing ghost salaries/benefits in someone else's name would probably affect the victims credit history/tax bill...?
Re: 3UK, the IWF and filtering
My understanding is - you can't.
Your communications are being monitored/filtered by a Bluecoat Proxy SG appliance. This relays the URLs you visit to California for analysis and a replay attack...
This process is completely illegal (unlawful interception, copyright theft, fraud, computer misuse to offer a few examples). Particularly so if it is done without your explicit consent, and without the consent of the web site that you are communicating with.
Re: Plusnet are owned by BT?
"Different prices, different call centers, different staff. BT have, quite sensibly, been completely hands off the plusnet business since they bought it."
Codswallop. Most of the Plustnet Plc directors are ex-BT Retail...
John Petter - Managing Director, BT Consumer
Matthew James Davies - ex BT Payment Services Limited
Simon Curry - ex BT Business Direct Limited
Andy Wilson - previously Director of Revenue and Margin Assurance at BT Retail
The company is 100% owned by BT.
An extraordinary co-incidence
"Farr began by masterminding a strategy to mine private information"
Farr's' 'Interception Modernisation Programme' scam^h^h^h plan co-incided with the covert 'stealth trial' of 121Media/Phorm mass surveillance technology technology... and for which no one faced justice.
If police want to monitor a particular suspect's communications, they already have that power. They do not require, and cannot be trusted with, the power to engage in mass surveillance.
"The message has to be this: if you care about your privacy,
do not use BT, Virgin or Talk-Talk as your internet provider." - Ross Anderson
It should be obvious by now; BT simply don't care about your privacy *at all*.
'presumably be left in the dark on that too'
Supposedly, if the insane CCDP plan were to go ahead, all encrypted traffic will be decrypted by black boxes supplied by GCHQ.
That means GCHQ would have access to the content of *all* UK interactions with Facebook.
Or none at all. Depending on who you believe.
Apparently, CPS London consider it is not in the public interest to prosecute BT/Phorm directors for exactly the same offences committed against thousands of BT customers and the web sites that serve them.
That would be the same DfE
....that splurged the personal details of people responding to a consultation on Parental Internet Controls for the world+dog to see?
Resulting in nothing more than a mild ticking off from the lazy incompetents at the ICO Data Protection Racket.
Note; that's how seriously DfE + ICO take protection of personal information....
"ICO: Education ministry BROKE the Data Protection Act"
Posted in Government, 19th October 2012 06:29 GMT
So - on those terms - how is the UK's ICO independent of the Department of Justice?
"helping enterprises overseas and nations to sort out their cyber-security"
Continent isolated by fog?
BT/Phorm. Vodafone/Bluecoat. TalkTalk/Huawei. Newscorp/Phone Hacking...
As if the UK is any position to offer advice to any other country about 'sorting out' cyber-security.
Our security services have failed over and over again to tackle cyber crime.
You'd hope so.
Sadly, standard ICO procedure with public sector organisations is to fine them huge amounts of taxpayer's money, and maintain the principle of civil service impunity.
"the evidence currently available to Ofcom does not provide a reasonable basis for Ofcom to reach any conclusion that News Corporation acted in a way that was inappropriate in relation to phone hacking, concealment, or corruption by employees of NGN or News International".
It was perfectly reasonable for News Corp to engage in phone hacking, concealment, and corruption? Or is it merely the fault of a rogue employee?
Phorm's whole raison d'être was to gather and exploit commercial intelligence... and do so on a national scale... using spying technology supplied by Russian developers (OCSLab).
That *is* spying. That is *espionage*.
Have you read this?
EC Missed the Point
The law addresses the symptom not the cause of privacy concerns.
Its not cookies that should have been outlawed, its the practice of compiling marketing databases of personal information without consent.
To repeat an analogy; its like banning 'bad' biros to stop cheque fraud, rather than banning cheque fraud.
@AC 11 September 2012 7:44GMT
"Hardly 'open our arms' - no kit gets near vital infrastructure without having been approved by GCHQ security teams examining the kit first for potential exploits."