Interesting. Any links to reputable sources?
247 posts • joined 29 Nov 2011
Please can we keep politicians away from talking about technology please? All they end up doing is embarrassing themselves, panic the moronics in our society and generally fuck things up.
Liam Maxwell - recruitment agent.
Same old same old
Neighbourhood tough guy oversteps boundaries…again.
This is getting very tiresome.
Neither here nor there....
Lovely! Then again...Russian e-commerce site...
Look at it this way...
While he's playing games he is less likely to harm the country. More video games for MP's says I!
NBA - National Butty Association
"I'll give you my bacon butty and pint when you pry it from my cold, dead hands"
Doll going for 230 quid.
Malibu Stacy must be laughing all the way to the celluloid...
Save me from politicians
said it before...will say it again...politicians talking about tech makes my ears want to commit suicide.
My god...this is even worse than listening to Cameron talk about IT!
How is this different from pretty much every other gov sponsored IT programme?
For the vendors its all just money for old rope.
I was in a meeting with that gov czar guy a while back and asked about quality in projects...answer was shoulder sloped with "cheapest wins".
Yes. And Travelodge also have some 6,000 employees, generated something something like 300 million squids in revenue (2010 figures according to wiki)...unlike this little pokey hotel.
Cheap one hotel operations charging low cost rooms are not going to match places like Travelodge...
Easy answer for the owners?
Just state "what the hell do you expect for 35 quid a night? The fucking Ritz?"
Cry me a river. You don't want bad reviews? Don't go online to flog your wares. Or you know...reply to the bad review and explain why it had gone wrong, what you had done to fix it or plan to or to highlight unreasonable behaviour.
This is a perfect respose for example -
Salt mines. Its the only answer.
Dammit...whats the saying? Everyone is a child of someone?
I think I just sicked in my mouth.
somebody just think of the children?!
How in the fuck did this idiot get that particular gravey from the train?
Can we finally kill this?
Already been said here but
DDOS is not DDOS when your DNS server goes tits up. Singular. Because they have no resilience built into LiveDNS.
2003 flaw. My god...someone turned on the WSUS server.
DDOS. Don't make me laugh.
Children as young as 11 are introduced to the concept of cyber crime and what can be done to stop it.
That is all.
if you want SLA's etc you would not use LiveDNS
Given their one freakin datacentre hosting their LiveDNS
Re: Microsoft Office is a social-network-for-suits now??
The killer app here is being able to downvote your bosses insane business proposals anonymously.
Who am I kidding?
Annoyed by Politicians
So the Freshly Wanked Cock does it again...showing quite clearly that when he says public discourse he means the unquestioned output from his "Cobra" meetings with the rest of the dickswinging autocrats who had their last proper technology interaction whacking off to pron on a dodgy version of Win95me.
We obviously are not allowed to be part of any discourse beyond the usual pedo under the bed scare.
Re: All good stuff but...
@ Nigel Smart
Nice. However I can see that being cost prohibitive for SME's. Well mine anyway. If my org was bigger I would certainly agitate for solutions like this. All I can do at the moment if document and highlight risk and let the business decide its course of action. Of course I do propose solutions but the fact is that as soon as technology rears its head non IT directors eyes glaze over as the topic is of little interest. The only time I can rouse any interest is with financials which is not the easiest topic for IT to deal with.
Re: Honeypot should already be in place
Automated? What? You just pull out a new system like that out of yer arse along with the associated policies?
Re: All good stuff but...
Oh yeah...data breach/loss is also a big big no no and can lead to some pretty hefty fines. On top that you also have the ICO who purview is the Data Protection Act. They can also land you with some pretty hefty fines as well.
I have no real issue with these things though...and would rather like to see them tightened up further. Howeveras someone else mentioned on this thread...bosses don't care until they have been stung.
As for the honey pot discussion....ludicrous. How many small businesses have the cash and the technical know-how to implement that? To keep it running, to dea with issues arising from it? Unless you are a tech company...not fucking many.
That is the thing with the so-called security experts in the article...they are ensconced in their ivory tower pontificating but with little knowledge of the world of the small business.
Re: All good stuff but...
@ Destroy All Monsters
TMG is utterly shyte at that. Certainly there are thrid party plug ins to provide more indepth logging but its not "real" logging...rather extrapolations of activity.
And should one really consider software plug ins as acceptable on security systems? <-- honest question for debate
Re: All good stuff but...
My fail...I work for a company that is regulated by the FCA (possible that that alone is a fail rather than the omission from my original post that we are regulated)
One of the things they seem to be interested in is if we log and read the logs and what actions are taken with regards to logs. I have no talent in my team that can read logs...let alone actually get logs (proper) from our TMG. Luckily it is eol next year so I will be able to get something new but I still have the base issue of not having the skill and time to have logs read. Let alone the logs off the servers to determine who had accessed what.
All these things are not massive issues if allowed to remediate but the business does not want to spend money. There is a trade off eventually that needs to be decided upon...document the policy/process and weigh up the risk appetite.
Probably my bad luck that I am in just the wrong side of the tipping point for enterprise/small medium business ;)
All good stuff but...
Reality is a bit more complex for smaller companies that cannot afford to have a person dedicated to reading and interpretating the various logs, to pay for the IDS applicances etc etc etc
And then there is documentation. Oh and of course data registers...and who owns what and the requirements surrounding the management of the data and....and....
Its really annoying when you know what needs to be done but the business is either not inerested or not in a position to do all these gnarly things.
Re: Mulder & Scully
Sadly that is the default these days as far as I am concerned.
Paranoid? No. Just careful.
Mulder & Scully
Trust No One.
Re: Hey stupid.
@ Jack Faust meets Mephistopheles
Wasn't Samuel Plimsoll and Englishman?
Wait for it...
Pretty shitty move that....!
@ Dr. Mouse
It also looks rather horrible.
That's debatable to be honest...but is a very valid point and I propably would tend to debate in favour of your point. Guess it depends if you have the readies and tech to ensure you're on the right side of the compliance matrix though.We don't, so need to be cost effective and do the right thing. Not easy but do-able.
We use both - on one website we use a seperate pop up for the payment processor and on another system we use tokens.
We are of course compliant in both and certified.
Re: We do it on our website
"Means we don't have to comply with PCI DSS! That's a few million very year saved."
Actually yes you do need to undergo a compliancy check and get the certification. However it also means, as you correctly state, that you won't need to secure your infrastructure to meet PCI compliance for non token based environments.
Why? Surelyit is easier to have your website open a window direct to your payment processor? Means it completely by passes your site and you don't to worry about tokens etc..
Of course you need to get the PCI compliance certificate but I had no issue getting past the SAQ...all the cert company did was open the link on the website and cehcked the URL...of course the payment processor needs to be also compliant and that is verifiable via the payment processor at a cost of I beleive £50.
Re: Low Ball
You'd get a fair amount with my utter contempt and ever burning hatred...
Politicians and Technology - water & oil
When are these politicians going to learn that they are not experts, that sound bites tend to come back and take a chunk out of their arses, that they cause more problems than creating solutions that actually work, that frankly they should know by now to stay away from anything resembling a keyboard and most certainly to learn that "social media" is not a one way tool and indeed trolling is no worse than heckling these arseholes on the hustings.
Nemisis and the ABC Warriors...
Those who can't teach
"The programme’s objectives include tackling cyber crime and making the United Kingdom among the best places in the world to run secure e-commerce operations."
I laughed. Simple fact...unless there is a financial return or there is a regulatory requirement a lot of companies don't get give a rats arse if they need to spend £££.
I will say that my comment comes off the back of a meeting with the CFO to invest in some basic security measures that we are currently lacking.
Thank fek its bloody Friday.
Now that is some decent looking and amazingly enough USEFULL tech...
Not often the two come hand in hand...well done to eegeo...
Here's a pint to the devs...well done!
Re: Rampant Imaginings
Usually the board. Sometimes, for a split second, I do wonder where these people come from. Then reality takes hold again and I find my happy place.
Re: Rampant Imaginings
i like crisps
Inspired. You must be my boss.
MAKE IT LIKE IT IS IN MY HEAD!
Shift everything to the cloud...its the only choice. Oh...wait...
Seems the site is bouncing harder than the doormen at the Big Market in Newcastle when confronted with Amazonian Geordie lasses wearing less than owt and brains to boot.
@ Dan -
Luckily "make it like it is in my head" is recognized in the field of jurisprudence.
Things that make me weep
From a supplier, one of their "technical" guys -
"We need a public key for us to log into to set up sending the file"
The really annoying part is that I have to be polite.
Re: Ok, you've had your fun