Feeds

* Posts by Vimes

454 posts • joined 3 Dec 2012

Page:

Say WHAT? ATVOD claims 44k Brit primary school kids look at smut online each month

Vimes
Bronze badge

Re: And yet....

Come to think of it, where are the parents in all of this? And why on earth are 6 year olds using the internet unsupervised?

We jail parents when their kids start truanting, so why shouldn't they be jailed for something that seems to amount to child abuse?

6
5

EE...K: Why can't I uninstall carrier's sticky 'Free Games' app?

Vimes
Bronze badge

Re: Again..

Samsung are also bad at this. Each time I updated my 1st gen unlocked Galaxy Note I ended up with a large number of unwanted apps getting installed too - and all of them German since this is where it was imported from so I couldn't even use them if I wanted to.

In any case EE and Samsung deserve each other...

2
1

Star Wars movie to start shooting in UK this summer

Vimes
Bronze badge

'PLEASE... NOT Jar Jar Binks'

That might not be so bad. It would depend on why he was included.

For example: a scene that has Jar Jar Binks accidentally getting trapped in a proton torpedo case - one that then gets fired out when they have to destroy <insert name of bad guy here>.

Now THAT has a certain appeal to it...

3
0

Amazon wants me to WEAR NAPPIES?! But I'm a 40-something MAN

Vimes
Bronze badge

It's no worse than some of the spam I've been getting.

'Are you unhappy with your breast size?'

I'm a man not a woman, and whilst I know I'm overweight this is pushing things a little... :)

12
0

UK's CASH POINTS to MISS Windows XP withdrawal date

Vimes
Bronze badge

I'd be more worried about this bit:

Physical attack is an option: NCR’s newest self-service ATMs have a USB slot for engineers, but NCR reckons this is an encrypted slot that’s hard to access.

'Hard to access'. So that's OK then. Except that 'hard to access' hasn't really been defined.

http://www.bbc.co.uk/news/technology-25550512

If the need to drill holes is the same thing as 'difficult' in their minds then we're all screwed...

3
0

Vodafone Germany looks to provide end-to-end encryption with SIM signatures

Vimes
Bronze badge

@Skelband Re: The service will not be offered to individual subscribers

If it's a service that people want and they can offer it at a price that people will pay, why on earth wouldn't they do it?

Perhaps because big corporate and government contracts will generate more money for them at the beginning of this scheme than a handful of customers that happen to be early adopters?

The various companies seem to have profited quite nicely from the spying. Why else would some of them be so willing to go further than the law demands?

If they can similarly profit from giving people a sense of privacy - that they helped to strip away in the first place - then no doubt they'll do this too.

Follow the money. Commercial organisations are there to generate profit, not to serve the public good.

0
0
Vimes
Bronze badge

Re: The service will not be offered to individual subscribers

It's worth nothing as far as the authorities are concerned. Zip. Zilch. Zero. Nada.

As for phone hacking, if you intercept the calls of a handful of people you get - albeit reluctantly - taken to court. If you do the same to hundreds of thousands of your own customers across the country as part of a senior role at a national telco then you end up in government.

Just ask Ian Livingston. He was heavily involved in the Phorm trials involving illegal interception of communications and yet he was chosen by Cameron as a trade minister.

Not that I have any more respect for Labour - they were in power at the time of the trials and one of their own was a non-executive director at BT - but shouldn't something have been learned from the mistakes made in hiring Coulson?

2
0

ICO issues guidelines on #FOI #requests through Twitter, Facebook

Vimes
Bronze badge

Surely by releasing something under the Freedom of Information Act they are telling us that it is suitable for publishing it online? Otherwise what are they doing releasing the information in the first place?

This just sounds like a get out clause that they've added for authorities that don't want to release anything embarrassing or incriminating via sites like whatdotheyknow.com. A bit too convenient if you ask me...

0
0

CIA snoops snooped on Senate to spy spy torture report – report

Vimes
Bronze badge

Almost as worrying is the reference to 'improperly' spying on senators. To me that implies that they have a proper way of going about such activities and may even be a regular occurrence for all we know.

9
0

NHS England DIDN'T tell households about GP medical data grab plan

Vimes
Bronze badge

Re: Perhaps it should be renamed...

Meanwhile in other news:

http://www.theguardian.com/society/2014/feb/24/hospital-records-nhs-patients-insurance

Still trust the NHS?

7
1

Top Brit docs wade into GP data grab row, demand 'urgent' NHS England talks

Vimes
Bronze badge

I'm still waiting to be told about this, despite going to see the consultant and doctor on a fairly regular basis.

Now they claim they're going to wait 6 months so they can communicate the advantages more effectively (note the convenient lack of any mention of the disadvantages nor any attempt at fixing the holes - it's difficult to see how this whole mess could ever be in our best interests).

More effective communication? Don't make me laugh - so far in my case there has been zero communication (effective or otherwise).

2
0

Crafty French hackers tweak 'My Account' page, slurp 800,000 Orange users' details

Vimes
Bronze badge

Presumably working practices don't suddenly magically change in a multinational from one part of the world to another, so how can we be certain that the same weaknesses didn't exist at some point in the UK based systems too? And might still exist if not dealt with properly?

0
0

DEA: 'To use it, we must properly protect it'

Vimes
Bronze badge

DEA: 'To use it, we must properly protect it'

Compare and contrast this with the DEA's involvement with the NSA and their information gathering...

Drug Enforcement Administration training documents released to MuckRock user C.J. Ciaramella show how the agency constructs two chains of evidence to hide surveillance programs from defense teams, prosecutors, and a public wary of domestic intelligence practices.

In training materials, the department even encourages a willful ignorance by field agents to minimize the risk of making intelligence practices public.

The DEA practices mirror a common dilemma among domestic law enforcement agencies: Analysts have access to unprecedented streams of classified information that might prove useful to investigators, but entering classified evidence in court risks disclosing those sensitive surveillance methods to the world, which could either end up halting the program due to public outcry or undermining their usefulness through greater awareness.

https://www.muckrock.com/news/archives/2014/feb/03/dea-parallel-construction-guides/

0
0

Orange hacked?

Vimes
Bronze badge

Orange hacked?

The official Orange website was breached by unknown hackers who have stolen 800,000 customer records including names, email addresses and phone numbers.

Orange, the world’s largest mobile operator, suffered a data breach. Another clamorous case, after the one occurred to Vodafone in Iceland, according first information, data of more than 800,000 customers of giant has been exposed. Orange publicly announced it was targeted by unknown hackers last 16th January 2014, the attackers gained access to the accounts of the Orange website.

The news was issued by different media, PCInpact reports that the “My Account” section of the website was the target of an attack Thursday, January 16 and added that the site is back to normal.

http://securityaffairs.co/wordpress/21886/cyber-crime/orange-hacked-800000-records.html

(the PCInpact article is in French - so probably not worth including directly here)

0
0

New Forum Wishlist - but read roadmap first

Vimes
Bronze badge

A few requests:

Please could you consider extending the number of supported HTML tags. The 'u' tag for underlining doesn't seem to be supported.

A wysiwyg HTML editor?

At the moment when you reply to a post it starts off by showing the post you're replying to above the form. When you preview your post however this gets replaced with the preview of what you've written. Sometimes I copy and paste bits from the post I'm replying to into my own post when I'm trying to address certain points made by the previous poster, and having this replacement going on makes any referring back to the original more awkward if I want to make any further additions after previewing the post.

If the user is replying to a post please consider always displaying the post that is being responded to, even during the preview of a post. The user may still want to refer back to it and make more changes.

Come to think of it. If you have a thread of replies and can link them together then it might be even better if you just showed that thread of replies within the form, so you also have the opportunity of seeing what the previous poster replied to if there is more than one reply in the chain.

0
0
Vimes
Bronze badge

Just a small suggestion where the look and feel is concerned: the name of the poster - in each thread as well as the previously mentioned posts page - seems to be in a smaller and different font than that of the text of the comment itself.

I'd suggest making the poster name the same font as the comment text, at least where font name and size is concerned. Granted it's a small thing though, but it just looks inconsistent.

0
0
Vimes
Bronze badge

I'm guessing this will be turned down, but how about logging the IP address of those making the comments and making that IP address visible to posters when the message is in response to one of their own or the person viewing the IP address has been round long enough to earn a silver badge?

It might help discourage the sort of shrill posts that seem to be pushing one agenda or another that we see pop up from time to time, since it would limit - whilst not entirely removing - the anonymity that they enjoy at present.

0
0

Anonymous means NO identifying element left behind – EU handbook

Vimes
Bronze badge

Re: Always tricky

it becomes hard to leave any value in anonymised data

Value for whom? Advertisers and marketers?

You want Post Code for geografic analysis?

Again - geographic analysis - who is this being done by? If it's done for commercial purposes by the company that has actually been selling items or services then presumably they have access to all their own sales records. This only becomes a problem when you start handing data to 3rd parties, often for questionable purposes.

12
1

When is a quantum computer not a quantum computer?

Vimes
Bronze badge

When is a quantum computer not a quantum computer?

http://tech.slashdot.org/story/14/02/03/1449220/first-evidence-that-googles-quantum-computer-may-not-be-quantum-after-all

0
0

Eurocops want to build remote car-stopper, shared sensor network

Vimes
Bronze badge

Another idea: what happens when cars on the real highway are infected with a virus?

Just stand on a bridge somewhere with your device remotely infecting cars as they pass by. Watch those cars drive off into the sunset around the rest of the country (and possibly even other parts of Europe).

And then one day after a time limit has passed sit back and watch the ensuing mayhem that this causes.

It would make the carnage on 7/7 look like child's play by comparison...

1
1
Vimes
Bronze badge

Cars on the run have proven to be dangerous for citizens.

It seems like technologically illiterate politicians with delusions of adequacy are an even bigger threat to the public. What can be done about them I wonder?

Its interesting to note that they don't seem to see the problems with this idea. What happens for example when the firmware for such a system has been compromised? Do they pay people for their old and now unsafe cars - that can be stopped by anybody with the right knowledge - or will people be forced to simply accept that their pride and joy is now just a heap of scrap metal? Or perhaps they won't be told?

3
2

UK internet filtering shouldn't rely on knee tappers, says Tory MP

Vimes
Bronze badge

It's interesting to note their insistence that porn is bad, that parliament ought to be a child-friendly place for MPs with children and then compare that with what they actually do themselves...

http://www.dailymail.co.uk/news/article-2410261/Parliaments-computers-used-log-porn-websites-300-000-times-year.html

1
0
Vimes
Bronze badge

Perry claimed reports of overblocking were “fanciful”.

Isn't the idea of relying on web filters to keep your kids safe rather than doing the job yourself - and then expecting there to be no problems as a result - just as fanciful?

24
1

Angry anti-NSA hackers pwn Angry Birds site after GCHQ data slurp

Vimes
Bronze badge

Anti-NSA hacker

Whoever they are have a long way to go...

http://xkcd.com/932/

7
0

Microsoft to Australian government: our kit has no back doors

Vimes
Bronze badge

Re: Do people have no memories at all? @Sir Runcible Spoon

...It only takes one low level code monkey to slip up...

Like within the parts of the tech industry that make routers for example?

http://www.theregister.co.uk/2013/12/04/dlink_finally_slams_shut_joels_backdoor/

And that was only fixed after people complained about it. How do you complain about systems you don't even know exist, much less how they operate?

2
0
Vimes
Bronze badge

Re: Stop using MS software then

There isn't a backdoor because one isn't needed to access customer data.

The fact that Microsoft is a US company and subject to US law is a far bigger threat than anything contained within the code.

The existance - or lack thereof - of a backdoor is just a red herring aimed at distracting us from the laws in place within the US that give the authorities the right to demand access to data.

9
0
Vimes
Bronze badge

Re: UKUSA

Documents leaked by Snowden there are things that the US won't even share with partners like the UK, let alone Australia (remember the NOFORN designation on some of the documents?).

Part of the information revealed under this designation told us that the US could end up spying on the UK even without the knowledge or consent of the UK authorities, and despite prior agreements that this would not happen.

http://www.nytimes.com/2013/11/21/us/united-states-can-spy-on-britons-despite-pact-nsa-memo-says.html?_r=0

You can bet that the US is doing the same with Australia too even though they are supposed to be in the 'Five eyes' club.

3
0
Vimes
Bronze badge

Re: No need for a back door

No back doors are necessary when working for the NSA and the law is your friend...

[snip]Data located in Australia but owned or operated by a US company could be accessed under a Patriot Act request, even if this violates National Privacy Principles, a legal expert has warned.[/snip]

http://www.computerworld.com.au/article/413379/australian-based_data_subject_patriot_act_lawyer/

11
0

Tech giants CAN disclose US spooks' data demands - but with heavy restrictions

Vimes
Bronze badge

@Yet Another Anonymous coward

It's like the UK restricting laws to specific high risk terrorist targets and then having the Met classify all of London as a potential target for an indefinite period.

...or pretending that what the spy agencies are doing is monitored by government by requiring a warrant from the foreign secretary each time they use their powers, then allowing the foreign secretary issue a blanket warrant for everything they do.

Oh, wait... they already do that don't they?

0
0
Vimes
Bronze badge

I wonder if this is because apps running on iDevices leak enough information for the spooks to not need to ask in the first place?

8
1

Gmail scanning becomes censorship

Vimes
Bronze badge

Re: Gmail, still ok IMO

How can it possibly be good when it's blocking messages in such a haphazard way?

And as for people preferring this: just because people prefer it doesn't make it a good idea. I've heard of cases where GPs have genuinely been asking why they can't store sensitive patient information on Google docs as one such example. These are preferences expressed by people that don't seem to know much about what they're talking about.

Finally with regards to clients I've come across so many cases of PEBKAC - problem exists between keyboard and chair - that the preference of customers means pretty much nothing to me. If anything it's an indication of what to avoid.

0
0

F-Secure's Hypponen leads RSA refuseniks to NSA-free infosec chatfest

Vimes
Bronze badge

So they're swapping one corporation that helped the NSA with another when it comes to funding? (Didn't Microsoft compromise Skype in order to make life easier for the spies?)

2
0

Take that, BT: Vodafone and BSkyB mull over broadband tie-up - report

Vimes
Bronze badge

Saying someone is making a childish response whilst failing to understand the comment itself is even more reason to laugh in your general direction.

And your lack of basic reading skills is enough to take the piss out of you. You were the one that specified US companies. I might not be able to stop government access but I can damn well stop unwanted commercial parasites from seeing my private communications.

4
0
Vimes
Bronze badge

Where to begin?...

1) I never specified just search history. I was referring to each and every single HTTP request made by Vodafone customers that didn't involve SSL. This is the sort of area where choice of ISP could very well make a difference.

2) It's still no excuse to be actively sharing personal information with others when there is zero need to do so, nor does it excuse the shadow visits by Bluecoat that could in some instances be seen as replay attacks.

'B..b..b..but everybody is doing it!!!' is a rather childish response and I fail to see how that justifies in any way what Vodafone has done in the past.

5
3
Vimes
Bronze badge

I would not want to go anywhere near any ISP that has any involvement with Vodafone. Remember that Vodafone is one of the ISPs that has in the past allowed a US company access to the web browsing habits of their users (and the Bluecoat product used appeared to repeat the visits made by their users too).

5
1

EU pulls out antitrust probe, prods Euro pay-TV contracts

Vimes
Bronze badge

Where the BBC is concerned does this mean they'll be forced to spend more on the bureaucracy of making sure that only British citizens can use the likes of iplayer when used elsewhere within the EU? The BBC is a pay TV service after all - the only real difference between it and other providers is the lack of choice when it comes to whether we want to pay.

Presumably some form of account associated with a household would be needed but it would still result in more work for the BBC and less money to spend on our own programs.

0
0

Staffs Police face data protection probe over 'drink drivers named' Twitter campaign

Vimes
Bronze badge

Funny how when it's a public authority making the mistake the ICO respond far more quickly.

Regardless of whether what the police have done is wrong or not, what's the bet that the officers concerned will be unaffected by this, but the police force will have to pay a fine that will result in tax payers getting a worse service?

9
1

Meta search engines may infringe database rights: EU Court of Justice

Vimes
Bronze badge

The 'sui generis' database right only allows a creator to stop others using a database or the information in it if the investment of time, money and skill in that original database is large enough.

Does this have any impact on 'security' firms that provide filtering based in part on following their customers around the net and shadowing every visit to any website, thereby executing what could be seen as a replay attack?

They're accessing the pages stored on websites - many of which are effectively stored within databases - and doing so for commercial purposes to help support their own services. And without consent of the website operators I might add.

2
0

Europe MPs: Time to change our data-sharing policy with US firms

Vimes
Bronze badge

Re: Oh Dear ... @John Smith 19

In reality the EU has acted more as a brake on surveillance compared to the UK than the UK govt (whoever's in power at the time) has ever been.

Agreed, but just because nation states have been behaving even more badly does not excuse the commission's own dubious actions IMO.

Just look at the current TTIP negotiations as one such example, and in particular pay attention to investor-state dispute settlement and corporate sovereignty. The commission apparently wants to be able to sign away then ability of national governments to regulate their own affairs. It's not even the commission itself that will be claiming this power as it does with many other things - they plan to hand it over to the private sector (despite being previously burned by the likes of ACTA).

Come to think of it: if companies are given the right to sue governments in secretive courts and override the will of parliaments by doing so, where does that leave our ability to stop unwanted snooping on us? A lot of that spying would appear to be done one way or another by the private sector, and given the private sector's apparent willingness to bow to US authorities on most matters I can't see this ending well.

0
0
Vimes
Bronze badge

Re: Oh Dear ...

...bulk processing of personal data...

Hang on a minute, isn't this the sort of activity encouraged by the Data Retention Directive?

This would be the very same law pushed through at the EU level and supported by member state politicians when their own governments couldn't get it passed at the national level - thereby showing complete contempt for democracy and using the EU as little more than a tool for politicians to evade personal responsibility for pushing through laws that they have trouble justifying at home ('it's not our fault - the EU made us do it!!!')

I know that the activities of both the NSA and GCHQ and the fallout from their actions need urgent consideration, but that doesn't mean that the EU should ignore their own failings.

4
0
Vimes
Bronze badge

Re: Ban dragnet surveillance data for use in domestic law enforcement @SeymourHolz

...'legally poisonous' to domestic LEO...

I seem to recall that to some degree this is already the case in the US, but the authorities there seem to manage to find ways around this. Witness for example the use of data gathered by the NSA being used domestically by the DEA.

The data would be handed to the DEA by the NSA unofficially and the DEA would come up with some bullshit excuse so they would never have to reveal the existence of the real reason for the arrest, much less the data that supported it.

http://www.theverge.com/2013/8/5/4590452/dea-nsa-surveillance-cover-up

5
0

EE and Voda subscribers to get 2G and 3G INSIDE the Channel Tunnel

Vimes
Bronze badge

Journey time once you're in the tunnel is only about 35 minutes. Personally I'd be more interested in the roaming rates people are paying when they're the other side than this sort of arrangement.

0
0

Up vote total query

Vimes
Bronze badge

Up vote total query

Does the total of up votes listed on the 'my posts' page relate to my account regardless of handle, or only the upvotes that are associated with my current handle?

0
0

Data scrapers used Amazon cloud to reap biz bods' CVs, wails LinkedIn

Vimes
Bronze badge

Re: Publicly available PI

Was it really entirely publicly available? If it was then why were fake accounts required to do the scraping?

Members only != publically accessible (IMO)

And as far as I know accessing *publiclicy available* data is not an offence

It may well be if it has been made clear that their presence is not welcome. See the parts of the Computer Misuse Act 1990. In particular sections 1(1)(b) and 1(1)(c).

IANAL, but they would appear to have deliberately evaded limits put in place that define who can access it - members only in this case? - and limits stated in the robots.txt file. All this would make their actions far more questionable than it may first appear IMO.

0
1
Vimes
Bronze badge

Re: crawling security @Chris Miller

It's a good way though of picking out bots that need to be blocked - just add a line to deny access to a location that doesn't exist then periodically check the error log.

Of course using something like iptables or 'deny from' entries in the .htaccess file is probably better if you really do want to block access. Personally speaking I've done my best to block all Amazon EC2 IP addresses from my site. After all, how often does anybody see a legitimate visit from 'the cloud'?

5
0

Ads

Vimes
Bronze badge

Re: Ads

Things still seem to be a bit off where the ads are concerned. Yesterday I kept on seeing ads for how to keep your teeth white complete with an example in the image of how bad things can get - not a particularly pleasant image. This has been the case for the preceding few days too.

Today the ads seem to be in Spanish - or Portuguese? - for some reason that I don't understand (it's not as if I'm using a VPN connection or anything else that would hide my real location, and I'm in the UK).

At least the auto-playing and auto-resizing ads have disappeared though. That is certainly a welcome change.

0
0

Virgin Media spanked by ad watchdog over 'in your neighbourhood' fibs

Vimes
Bronze badge

Re: Spammers. @Bert 1

2) Also regarding the "Occupier" addressed stuff. There is a problem here because some legal papers (such as eviction notices) must be sent addressed to the occupier, in case the house is sub-let.

All very well, but shouldn't the sender still be under some sort of obligation to not do this unless absolutely necessary? I find it difficult to believe that junk mail would fall into this category when they've been told by those living at the address to stop sending them stuff that they'll never want to respond to.

0
0

Defamation expert: New '1 year after publication' rule means EASY LIFE for UK libel judges

Vimes
Bronze badge

Re: Crime and punishment

Perhaps 'punished' was the wrong way of phrasing it. Maybe 'face the consequences of their actions' would be better?

In any case the care taken to avoid committing an offense in the first place should IMO be taken into account. I don't think anybody would disagree with that.

The problem that I have is this: placing a lower limit below which cases will automatically be dismissed in regards to damage done is a very risky course of action - again IMO - regardless of the care taken in avoiding defamation. This is especially the case when terms like 'serious' are vague at best (and can be interpreted in more than one way depending on who is making the definition).

It's also easy to imagine a situation where ordinary members of the public suddenly find it much more difficult to make claims of defamation as a result of this change, whilst large organisations and well known personalities will continue to have a smoother ride.

0
0

Page: