70 posts • joined 6 Jul 2009
Re: Merchant account
They can surely avoid the tedium of having to acquire forged or stolen identity documents by just hijacking someone elses' account.
But I think you will find that banks in many parts of the World really are very lax about the identity proof.
Risking serious damage to the company's reputation in its core business just to make a few bucks on a sideline.
Re: The rest of the story
I expect banks will sign up in droves.
Many are keen to address the worries that lots of their customers have about online security. $100k a year isn't even small change for them, and you can imagine the hype they will use with it to reinforce their "your security is our priority" message.
It doesn't really matter whether .trust sites are more secure or not, only that the bank customers believe that they are.
"The mission of the Support organization is to delight partners and customers"
They sell computer security software, not floral displays, for Gawd's sake. It is like a flushing lavatory, I am never "delighted" by it now matter how well it works, just annoyed when it doesn't.
Slurp has a specific meaning in Perl; to read the entire contents of a file in a single operation into one scalar variable. As the first release of Perl was in 1987 perhaps the 1993 OED definition was already out of date.
BBA Financial Crime Alerts Service
Is this what people who don't work in marketing call an "electronic mailing list"?
Re: NSA couldn't possibly have spliced the undersea cables ...
Many difficult things become a lot easier with an $11 billion annual budget.
Re: It never usually goes to the SMEs...
Probably wouldn't achieve much even if spent wisely. 4.9 million SMEs. 82p each.
Re: DARPA has a budget problem: How to spend it fast enough
And when they are not using it, which is the other 99.9% of the time, they will be further bogged down with yet another piece of heavy kit.
About time too
There are just so many organisations out there with bullshit in their T&Cs about how keeping customer data secure is a top priority, and they are using SHA 1 certificates and no forward secrecy.
The real test
But how effective is it with people who deliberately, and skillfully, change their appearance to confuse it?
Otherwise it is really just a nice toy, useful for targetted ads and making immigration ministers feel good about themselves, but hardly secure.
In many cases the problem is that the group which chooses to take the risks that eventually leads to the failure is not the same one that suffers the consequences. Hence the downside of failure for them is disproportionately small.
I bet those NASA managers wouldn't have been so relaxed about the reliability of the Shuttle if they were the ones who were going to fly on it.
Given the need for probity here, it would be prudent to exclude any company which has been punished for fraud or dishonesty within the last five years from having any part in the management or oversight of the scheme.
After all if their internal oversight processes are that bad then they shouldn't be allowed anywhere near this.
So which banks does that leave?
Amongst the new root certificates added is one from this CA. If I can't even pronounce it then should I trust it?
CN = CA 沃通根证书
If you don't want your personal naked photos on the Internet, DON'T UPLOAD THEM!
Still if you are rich and famous at least you can count on a well-resourced investigation by US authorities.
Re: Misleading title....
It hasn't cost tax payers anything, except a few thousand pounds in pointless civil servant effort. The money was in the government coffers. It is still in the government coffers.
Re: Cocking up
They have to do something to show they care. Short of actually punishing anyone, or making the MoJ compensate the victims, which they don't have the powers to do.
Maybe they should be able to block any honours for MoJ senior civil servants for the next couple of years. Much more effective.
Doncha just love it
when one government department fines another. Provides work for civil servants in both departments. Sir Humphrey would be delighted.
The Monetary Penalty Notice pdf says "The data controller has sufficient financial resources to pay a monetary penalty up to the maximum without it causing undue financial hardship".
What is "financial hardship" for a government ministry? Not enough in the tin for rich tea biscuits with the coffee at meetings?
Re: Tears roll down my cheeks
"Although for 250 million squid, an entire department might find itself collecting P45s"
Since any sackings would be handled with the Government's customary efficiency, those P45 recipients would doubtless reap colossal rewards by suing for unfair dismissal.
Re: Ah.. a scandel in the finest traditions.
Doesn't "innocent until proven guilty" apply? Some commentators here seem to assume that charged = guilty.
Re: Paul Crawford No sympathy.
Why are they "so-called 'civil liberties' groups" and not just civil liberties groups?
What is a real civil liberty group?
Just curious on your take on this.
MIT boffins moot tsunami-proof floating nuke power plants
Nuclear powered ships move around severe weather. I can't see floating nuclear power stations doing that without having to unplug the electricity cable to the cities.
What's wrong with a National Computer Security Strategy?
What's the difference between "cyber" and "computer", or is it just pointless jargon?
Re: y bother?
I walk to work so I don't see why you need a car.
Just because you won't personally benefit from this doesn't mean that no one will.
Re: Ah well...
This is surely more or less a simple substution code? English word for german soldier -> Navajo word for german soldier, plus a bit of Navajo grammar and glue. I think "decrypting" a novel language would not be that much of a challenge if it was used at all extensively since the actions that follow the message will quickly give clues to the language.
Encryption works partly because there is no correlation between the ciphertext of two messages, even if they say the same thing because different keys are used each time (there are protocols for securely agreeing new keys) and each ciphertext block is usually encrypted using the previous block as part of its input so even a repeat in the plaintext doesn't show up as a repeat in the ciphertext.
"From the evidence we have seen, we have concluded that this is unfounded." Looks like a bit of arse covering wiggle room there too. The ISC can later say "Oops we didn't see that bit of evidence."
Customer Relationship Managers?
They are supposed to be getting the taxes that are due, not running some golf club.
Re: What terrorists?
It has to be said that the spending on combatting Hitler's wehrmacht was a vastly bigger proportion of the GDP than the security services get now. That isn't to say that they aren't over-egging the terrorism threat and its plausible consequences now of course, or that spying on everyone is the most effective way of dealing with it.
Department of Energy, and err Climate Change
This must be from the Department of Energy side of the Department of Energy & Climate Change since there is no mention of any anthropogenic climate change caused by converting all this gas to atmospheric carbon dioxide. I really wish they would split the DECC into two departments, rather than having one with such a severe split personality disorder.
Re: scare tactic
Me neither. So they store it. But they can't read it, at least until quantum computers are available. So what are they going to use it for. A source of random numbers?
"we frequently reject such requests outright"
But not so often that we want to provide statistics on that?
And the point is?
You use your phone instead of your card. How is this different to sellotaping a contactless smart card to the back of your phone, apart from all the new imaginitive security flaws the "imagineers" have failed to imagine?
What is it with the QR code crap anyway, why not just interrogate the phone for its SIM and IMEI. Actually why not just give people a little card they shove into the machine. They can keep it with their money. Or they can sellotape it to the back of their phone if it is contactless.
Re: so what happened?
But Oracle is a smaller business as far as the Government is concerned.
Questions you should have asked
"We do also record the telephone numbers the SMSs are from and to."
Q. Do you think that the telephone numbers of the people that somone communicates with can be sensitive?
"One of the reasons for that is there's a huge amount of radio information that gets transmitted."
Q. Does this include data which could be used to track the user's location - for example the times and identities of the base stations the phone has been talking to, maybe the signal strength too?
"There are a sequence of key codes that can be typed by the user that cause the software to do things in the control center."
Q. What is the sequence of key codes that will turn the bloody thing off.
There are already loads of awards for engineering. How many people have heard of the British Engineering Excellence Awards, the MacRobert Award or the James Watt International Gold Medal?
I doubt even a million quid is enough to get a decent headline outside of the trade press.
...dissolves gold, the opposite of precipitation.
Could be worse - a common way of extracting gold is to dissolve it in a solution of sodium cyanide.
Don't need radiation proof armour
In a hazardous environment why would you want a person inside the suit at all - better to separate the sensors and the motors, and control it remotely.
Mess in non-public spaces
Children play in gardens too.
Glad to hear that the government are going to spend over half a billion pounds of our money on a new IT program. What could possibly go wrong?
"Real" certificates next time
Surprised there isn't a Syrian Internet Network Information Center already registered by default as a CA in my browser. The Chinese are well ahead of the curve here but I think the others will soon catch up.
Airliner Flight 322 hit a tree on takeoff at São Paulo, Brazil.
Hang on whilst my mind boggles.
They could reduce crime figures in the same way. Only people over, say 30, are allowed to report a crime and it costs them £1000 each time.
I wonder whether the electromagnetic radiation produced by switching all that current would interfere with the ship's radar and telecommunications.
And in another story
"I don't know of a Westminster hall debate that has ever changed anything."
says former minister Chris Mullin at a hearing a few days ago of the Commons public accounts committee. ( e.g. http://www.epolitix.com/latestnews/article-detail/newsarticle/ministers-engage-in-too-much-pointless-activity/ )
Three weeks for a simple fix to critical, currently exploited patch seems like taking the piss.
But maybe Adobe have worked out that this type of problem doesn't actually affect their core business or their revenues.
After all it is not going to affect Adobe Acrobat Writer sales. The reader is just a loss leader, Adobe aren't actually going to make any money out of fixing it.
- All ABOARD! Furious Facebook bus drivers join Teamsters union
- Review Samsung Galaxy Note 4: Spawn of Galaxy Alpha and a Note 3 unveiled
- Webcam hacker pervs in MASS HOME INVASION
- Comment Renewable energy 'simply WON'T WORK': Top Google engineers
- Nexus 7 fandroids tell of salty taste after sucking on Google's Lollipop