ren virus.csv virus.exe
Presumably you can send a malicious payload with a trusted extension, combined with a .bat file to rename it. Pwnage done.
1030 publicly visible posts • joined 30 Jun 2010
> presumably staff have legitimate need to communicate with the outside
It's the wrong way to go about it though. If you allow staff to forward sensitive data to their personal accounts, then you have no idea where it went next. Whereas if you give staff access to their work accounts from home (via web access, VPN, or whatever) then you maintain the log of what was sent to whom. And if the employee does forward sensitive documents to their personal email account, you can discipline* them for it.
(*In Singapore, that means the cane. How I would love to take the cane to some of my co-workers.)
Try preparing a response to a tender document. You're stuck with what's written - there's little scope to ask questions, and you spend most of your time second-guessing what the poor civil servant who wrote the thing was trying to say. Extra points if it comes from a non-English-speaking country.
This seems dangerous.
Let's say I steal a password database from LinkedIn. I pick out all the passwords which contain the website name, e.g. yours is ma1LinkedIn4ry. Being a vaguely competent hacker, I'll go round all the banks trying ma1Barclays4ry, ma1HSBC4ry, ma1Paypal4ry, etc. Bingo: your money is mine.
From the article:
"it will create a private monopoly hold over public data"
From page 8 of the consultation document:
This Government believes that it is important that the Registers continue to be owned by government, and this proposal would not change that. The data within the Registers is protected by Crown copyright and database right as material created by a public body. Land Registry has delegated authority from the Controller of Her Majesty’s Stationery Office in the National Archives to control and licence the database and copyright in its work and register data. This would not change going forward and the copyright of the Registers would remain under the ownership of the Crown.
So no, it won't create a private monopoly over public data.
Quite why they feel the need for such an unpopular move escapes me; but the consultation document contains plenty of safeguards. It certainly doesn't seem any worse than past privatisations, the fears of which ended up largely unfounded.
How about giving the end user a choice? Google's search results could have a little performance indicator next to each result, to give you an idea of how long the page takes to load. Facebook could do the same: a lightning symbol to indicate fast-loading pages, a snail symbol to indicate slow pages.
Google already shows the words "mobile friendly" to indicate that the page isn't too small to read; something similar could tell us that the page takes forever to load. But who benefits? Follow the money: all those slow advertising scripts probably lead back to Google's revenue stream. Are they really going to bite the hand that feeds?
Getting 0.5Mbps is a transformative experience, as anyone who got broadband in the early 2000s will remember. Moving up to 2Mbps is very nice: you can watch Youtube in better quality, pages load faster, emails download sooner; but it's not a revolution in the way that the first step was.
Stepping up to 10Mbps just isn't that important. Yes you can watch Netflix in HD, but in terms of getting things done it doesn't change much. You can't buy stuff from Amazon any faster; you can't fill in your online tax return any faster. The main complaints come from rural businesses, in particular farmers. They complain that e.g. DEFRA's 200-page image-heavy PDF on how to claim farming subsidies takes too long to download. I can think of a solution that doesn't cost billions.
Getting 99.9% of farmers up to 2Mbps would be money better spent than getting 50% up to 10Mbps or higher.
Often true; but sometimes you end up writing incredibly complex code and spending weeks optimising to get every last ounce of performance out of the system, when simply throwing more RAM into the box would have solved 90% of the performance issues.
This situation usually arises in government-type organisations, where the budget for man-hours has been approved but there's no budget for additional hardware until the next refresh cycle.
The obvious solution to the anti-trust issue is to force Google (Alphabet) to sell off ChromeOS and/or Android as separate, stand-alone companies. That has been done before in telecoms, e.g. when Ma Bell was split into the Baby Bells in the early '80s.
In fact they could go further and force Google to split off e.g. its Gmail, Search, Cloud, and all the rest. Not sure how much consumers would really benefit though.
Back in the old paper days, your bank account number and sort code was printed in the corner of every cheque. The cheque system itself was ridiculously insecure: a piece of paper granting easy access to any sume of money in your bank account at any time. People stored cheques at home in ridiculously insecure conditions (e.g. in an unlocked drawer).
Keeping your PIN safe is common sense; but it's hard to do any damage with your bank account and sort code. Jeremy Clarkson proved this in 2008 by publishing his bank details. The worst that happened was someone signed him up for a direct debit to a charity, which he was able to cancel immediately under the Direct Debit Guarantee.
Train them in-house! Just like big companies used to do.
In fact, if the concept of forward planning still exists, they should have begun training them a years ago to be ready for today's demand. Plenty of people were predicting growing demand for such skills a few years ago.
If we're going to have remote consultations, let's at least use cheaper doctors overseas. For the last couple of decades we've become increasingly accustomed to foreign doctors (at the last count, 37% of BMA-registered doctors were trained overseas). Most patients won't notice the difference if their tele-GP is in India rather than down the road.
Carlos Slim Helu is a very rich man, but he's no tech geek. He bribed Mexican politicians to maintain a monopoly on telephone services, then raised calling rates to squeeze every last peso out of his customers (i.e. the entire country). Mexicans should be calling for his head on a plate; but they can't afford the calls.
We're still waiting for cross-network HD Voice calls. The standard was defined in 2002-3; in the UK all the networks support it (O2 was behind the pack, but got there in May 2015). Practically all phones support it. Yet there's still no sign of cross-network calling.
Whatever chicanery they're up to with 4G calls, it'll be another decade before it reaches mass-market.
> "Why on Earth would you let a developer have access to a production system?"
If your team has fewer than five members, everyone has access to the production system. It also means your system isn't that valuable in the first place.
This is just an answer looking for a problem. Government IT is beset by all kinds of problems: poorly-specified requirements, ever-changing needs, and of course getting locked in to long-term expensive contracts (HMRC I'm looking at you). Blockchain solves none of these problems.
It's the servicifation servicisation financialisation of the economy. Soon you won't be able to buy a PC - you'll only be able to lease one, with capital and maintenance costs rolled up into a single monthly payment. We're already there with cars, with mobile phones, even with our homes. Why buy when you can rent instead? The mind boggles.