Posts by Vimes
181 posts • joined Monday 3rd December 2012 14:58 GMT
@Aldous
Except that this medication is prescribed by the consultant at the hospital, not the clinic. It also adds at least 2-3 days to the process of getting a refill not to mention take up the time unnecessarily of the doctors involved.
I've had entire items missing from my prescriptions in the past - even important anti-rejection drugs that I continue take on a daily basis, so I don't think repeatedly asking doctors for a prescription is a good thing, since it introduces the extra chances for errors to be made (especially since the requests often have to go through receptionists that have little if any knowledge of the medication being organised)..
I've had a kidney transplant and am currently on medication that will have to be given to me indefinitely. For me personally a better system would be to register a pharmacy with the clinic. The clinic can then tell them what medication I'm on and repeat that if it ever changes. I can then go direct to the pharmacy for a refill, and when I do so the clinic is notified. No need to get a response from the clinic that way and things are sorted out more quickly.
As for 'paperless' and 'reducing errors' perhaps it's escaped Hunt's notice, but all prescriptions seem to be entered on a PC anyway and then printed out for the GP to sign. How exactly is merely stopping the printing going to stop the errors?
Are we talking about money made abroad that the US thinks should be repatriated?
Assuming that I haven't misunderstood something here then it seems that the US government seems to want it both ways: they don't want corporations to pay tax abroad for money made within their own country - if that happens then that means less tax revenue for them - but they think that they should be able to demand tax from profits made within the borders of other states.
An assumption here is that remote access is always going to be available on the train. Try tethering your device to your phone and watch it repeatedly lose its connection to the outside world as you go from A to B.
As for any wifi provided in the train I can imagine this rapidly becoming congested and unusable.
Re: Taxes? No thank you. @JimC
We're probably never going to have a completely simple tax system - but that doesn't mean an overhaul isn't called for. You know you're in trouble when you see a copy of part a book that goes into detail on tax with a label like 'Volume 1b' on the spine and that book alone is more than an inch thick - not to mention the pages are so thin you can almost see through them and text that almost requires a magnifying glass to read.
Why are we surprised by any of this? The government has continually preferred to fiddle with the systems to accomplish short term goals rather than fix the system to reach long term ones. This inevitably ends up making things more complicated and then they have the gall to act surprised and feign anger and fury when they discover that they've actually ended up creating a number of loopholes in the process.
Also remember that those in charge of these companies are often under a legal obligation to minimise costs in order to maximise the return to investors and like it or not tax is a cost for the company. They will use every legal opportunity to pay less because they have to do so. The spirit of the law is meaningless in this regard - only the letter matters, and the government is the one responsible for defining what this should be.
Here's another Terry Pratchett quote for you (paraphrased): doing nothing in politics is one of the most difficult things to do properly. It seems that MPs and ministers here have never got the hang of it if the current complexity of tax laws are anything to go by.
That's not to say that tax dodging is always going to be acceptable by any means, but I'm always suspicious of a government that shows moral outrage - especially when they are in large part responsible for the problem they are complaining about.
Posted in Is Microsoft the new Bluecoat?
Is Microsoft the new Bluecoat?
"A Microsoft server accesses URLs sent in Skype chat messages, even if they are HTTPS URLs and contain account information. A reader of Heise publications notified Heise Security (link to German website, Google translation). They replicated the observation by sending links via Skype, including one to a private file storage account, and found that these URLs are shortly after accessed from a Microsoft IP address. When confronted, Microsoft claimed that this is part of an effort to detect and filter spam and phishing URLs."
http://yro.slashdot.org/story/13/05/14/1516247/microsoft-reads-your-skype-chat-messages
- Publish private data about the authorities that the public is interested in: get hounded half way round the world and have your financial support cut off.
- Publish private data about the public that the authorities are interested in: Well, let's just say that the reaction seems to be very different - but if EE and the police are anything to go by then they think that 'attacking ethics' involves invading a 3rd world country somewhere and not trying to define what is moral or not (reminds me of a quote from Terry Pratchett's 'Small Gods')
Re: This is all entirely legal ? @Peter Fairbrother
If they intercept a URL like http://www.somesite.com/indes.php?userid=1221&name=JohnDoe&age=28 are you honestly going to suggest that PII has not been intercepted and shared here? This is part of the problem - there is no clear line between traffic data and the content of the communication. Trying to separate the two in terms of web usage is literally impossible. URLs must be considered part of the content of the communication because of the details they often contain.
Re: Need details
http://www.bigbrotherwatch.org.uk/home/2013/05/everything-everywhere-ipsosmori-and-the-mystery-of-27m-peoples-data.html
Posted in China: Online predator or hapless host?
Re: soam.. @George 8
That's probably a better idea than you realise...
http://www.theregister.co.uk/2009/03/30/huawei_threat/
Posted in China: Online predator or hapless host?
It’s difficult to feel much sympathy with Beijing given the apparent volume and persistence of state-sanctioned attacks originating from within the Great Firewall. But it’s also worth remembering that activity of this kind is certainly being carried out to a lesser or greater extent by all major global powers.
*cough*NSA*cough*Utah*cough*
Life's a lot easier isn't it when you don't have to hack the PCs and the telcos just roll over and play nice?
And then we have NowTV for other exclusives. And Netflix for yet more exclusives...
I wonder how many people are prepared to pay for all three just to get around all these limits put in place by all these exclusive deals?
No mention of IE either in that article you linked to by the way. Did you just search for WPAD but not pay attention to the rest?
http://forums.theregister.co.uk/forum/1/2013/04/21/Vimes_Serious_WPAD_flaw_in_IE/
If you had seen my previous posts then you would have realised that I was not actually referring to that issue. I suppose I should have been more specific though.
When will they get around to fixing that WPAD flaw in IE that leaves user open to attack?
Re: Hmmm...
caught handing over information to the NSA
If anybody at the register is reading this, please consider allowing all your users to have editing facilities.
Re: Hmmm...
The majority of attempts on my site seems to be originating from US IP addresses at the moment, with Russia/eastern Europe being a close second.
As for the rest:
http://forums.theregister.co.uk/forum/1/2013/04/21/Vimes_Serious_WPAD_flaw_in_IE/
Perhaps a more productive course of action would be for the DoD to focus their attention a little closer to home? If they tried to do something about US companies releasing software with these sorts of mistakes then maybe at least the Chinese would find things a little more challenging?
Avoid using IE for your browser if you're in the UK.
The mention of Verizon is also interesting given that they have been caught handing over to the NSA. The US government don't have to hack people when they have the active cooperation of the telecoms companies.
Re: China involved in cyber-attacks
Speaking of wikileaks:
http://news.antiwar.com/2013/05/06/manning-judge-orders-secret-practice-trial/
Might as well get some kangaroos ready too while they're at it...
Re: China involved in cyber-attacks
One name for you: McKinnon.
And the DoD still expects to be taken seriously in the information security stakes?
Re: OMG Soldiers controlling submarines, Marines controlling USAF assets.
Even worse - from the PoV of those working within the armed forces - a unified control system implies a unified help system.
Cue the picture of that damned Clippy assistant popping up with 'You appear to be trying to bomb Iran. Would you like some help?'
On a not entirely related note there's already a system called Skynet. It's operated for the benefit of the MoD.
http://en.wikipedia.org/wiki/Skynet_(satellite)
You are aware I assume that proposed legislation like CISPA that keeps on getting put forward would loosen controls between government and private industry where the sharing of personal data is concerned?
Don't assume your information will be safe with the government.
Re: @ Vimes - I would really like to know how the porn-filtering is supposed to work. Anyone?
I never said the system would be effective. In any case the concept of 'naughtiness' is relative as you have noted yourself.
Personally I suspect this move is partly down to the links that industry has with government. It's easier for the phone companies to pay lip service to child safety than it would be to start asking questions as to why children are being given smartphones to start with. Asking those sorts of questions would end up costing them money if parents ever realised that their kids having them is a bad idea and that limiting them to dumb phones is a safer option (and opt for cheaper price plans as a result).
As for wifi why are they being allowed access to devices that in turn give them the option of unsupervised internet access? Stop that and you get rid of the perceived need for filtering. But then that would cost companies selling the gadgets money again.
And we absolutely can't have that now can we?
Re: Dangerous thinking ..
Don't rely on your own national laws to protect you.
http://www.computerworld.com.au/article/413379/australian-based_data_subject_patriot_act_lawyer/
From the article:
Data located in Australia but owned or operated by a US company could be accessed under a Patriot Act request, even if this violates National Privacy Principles, a legal expert has warned.
Connie Carnabuci, a partner of the law firm Freshfields Bruckhaus Deringer, said that under the Act which was passed in 2001, US authorities have the ability to pass orders for the disclosure of non-US data that is stored outside the country. “The basis for that disclosure is that you have to establish a sufficient connection with the US,” she said.
“One is that you have a US company with foreign subsidiaries outside the US, such as a service provider setting up in the Asia Pacific. The second might be that you have a non-US company that sets up a US subsidiary.”
BT: a company that previously trialled systems offered by Phorm.
Telephonica: a company whose Brazilian branch is currently trialling systems offered by Phorm.
I don't think either of them can be trusted.
Something else: doesn't the government have certain legal obligations that they have to adhere to where the disability discrimination act - or whatever it's called these days - is concerned? Has something changed in recent years?
This doesn't surprise me. I remember doing web development a number of years ago. One of our government customers we were developing for were stuck on Netscape 4 and were steadfastly refusing to upgrade. This was at a time when Firefox was already available.
Re: I would really like to know how the porn-filtering is supposed to work. Anyone?
I suspect a blacklist, not whitelist, will be used as a basis of this in order to try and at least minimise the possibility of over-filtering.
The real problem however will lie in how the blacklist is established. Political blogs have been known to find their way onto such lists for example with little or no reason. My own experience also tends to suggest that even once the list has been established that problems can arise once it has been put into use. Like all UK customers my mobile phone connection started out by being filtered. I got them to take the filtering off eventually (just getting that far proved to be a challenge) but then seemed to get switched back on without me asking for it. Even if they manage the impossible by designing a perfect system there will still be problems with how it's used. Depend upon it.
If you want to know exactly how it will be implemented I suggest you look up Bluecoat as a good example. Despite some rather questionable practices there are a number of organisations in the UK that use their services (Hampshire police being one of them). They already seem to be used by at least one wifi provider if the forum thread linked to below is anything to go by, and have already been used by at least two national telecom companies in the UK too.
https://nodpi.org/forum/index.php/topic,4603.0.html
Whether Jeremy Hunt is suitably qualified for this role is anyone's guess
Given his past 'congrats' text to James Murdoch it would certainly be interesting to see any communications between him and the private sector.
@breakfast
Personally I would disagree where civil servants are concerned. Using Phorm as an example: it was home office / BERR civil servants that deliberately failed to take minutes of meetings that involved Phorm. It was home office civil servants that tried to give out 'comforting' advice about Phorm, and it was in all likelihood not a SPAD that admitted Phorm to UKCCIS. Then of course you have the likes of the CPS that try to pretend that Phorm doesn't need to be dealt with.
'Non partisan' is not necessarily the same thing as 'No agenda'. They no doubt have their own opinions as to what should happen, and it's possible that this 'experience' that you mention leads in some cases to an unhealthy arrogance when it comes to who they think is right.
I also came across this:
http://www.guardian.co.uk/public-leaders-network/2013/apr/25/gus-odonnell-ucl-lecture-political
He clearly has some very strong views, many of which would have found their way into the advice given to ministers.
How about getting people to opt in rather than out?
If the only people you're including are those that have previously chosen to take part then the worst that can happen is that they're removed from a list in error and information is not shared and takes a little longer to retrieve. The other way around could lead to information being shared without the consent of those involved.
Re: @A/C 15:46
Incidentally even documentation produced by BT referred to what was going on as 'stealth' trials. I can't get rid of the impression that they damned well knew what they were doing was wrong.
Re: @A/C 15:46
It's easy to not find anything when you don't want to do so. The CPS used the same police officer in the second investigation as the one that ran the first one, despite his conclusions being the subject of the second investigation. It's even easier when that police officer has been wined and dined by Phorm prior to him dismissing any concerns without ever formally interviewing them.
Trying to ignore something hoping it will go away. Being part of the same civil service trying to give out information that they want to be 'comforting' to Phorm. Using somebody who you know will give answers that you want to hear.
Are you honestly going to suggest that there wasn't something amiss here?
As for the phone hacking:
http://www.huffingtonpost.co.uk/2012/05/01/john-yates-and-and-keir-s_n_1467432.html
@A/C 15:46
There's nothing subjective about doing nothing to punish those involved in the illegal interception of communications - interceptions that involved tens if not hundreds of thousands of BT customers affected by the trials.
As for the rest there are other instances - phone hacking and Simon Harwood both come to mind.
Would you really like me to find more examples?
He headed a service that refused to take any action against Phorm or BT after taking literally hundreds of times longer than the average time taken to come to a decision over whether to prosecute. I certainly won't miss him.
Good riddance.
Re: Here we go again
@RocketBook - Home secretaries come and go, but it's always the same civil servants in the background. Those same civil servants have got good at destroying what little moral backbone still exists in anybody by the time they reach that level of government. Tales of possible doom and destruction - you name it...
The number of IP addresses belonging to US organisations and involved on hacking attempts on my website certainly seem to outweigh any from China.
Another thing to consider:
http://it.slashdot.org/story/13/03/29/2045245/us-and-russia-lead-list-of-malware-hosts
Remember who it is making these claims...
http://washington.cbslocal.com/2012/12/04/they-can-hear-you-now-verizon-patent-listens-in-on-customers/
What's bad about this is that it has the potential to affect people well outside the borders of the US.
Take the mobile phone companies in the UK. I know I'm repeating myself here, but at one point both 3UK and Vodafone were using the services provided by Bluecoat. This entailed them sending all URLs being visited by their customers to Bluecoat, whereupon Bluecoat would then attempt to access the same page. Apparently this was all part of the filtering product they offer - the one downside to that being that it just didn't work the moment you started visiting pages protected by SSL (and the less said about redirecting known Bluecoat IP addresses or deny them access entirely with a few simple lines added to the .htaccess file the better).
In any case a US company both based in the US and subject to US law would at that point have a complete browsing history where non-SSL protected traffic of UK based users is concerned and would be able to hand over personal information even more easily and with fewer checks than before.
Oh, and in case other readers here have forgotten there are a number of UK.gov websites - including the ICO - that use Google Analytics from Google's own servers.
Re: Logic.
1. Most fraud is committed by politicians, where it is deals behind closed doors, expenses or abuse of position.
I still say that the Discworld solution is the best: lock politicians up as soon as they're elected. It saves time in the long run...
Posted in Serious WPAD flaw in IE?
Serious WPAD flaw in IE?
https://nodpi.org/forum/index.php/topic,5549.msg50007.html#msg50007
Before fetching its first page, a web browser implementing this method sends the local DHCP server a DHCPINFORM query, and uses the URL from the WPAD option in the server's reply. If the DHCP server does not provide the desired information, DNS is used. If, for example, the network name of the user's computer is pc.department.branch.example.com, the browser will try the following URLs in turn until it finds a proxy configuration file within the domain of the client:
http://wpad.department.branch.example.com/wpad.dat
http://wpad.branch.example.com/wpad.dat
http://wpad.example.com/wpad.dat
http://wpad.com/wpad.dat (in incorrect implementations, see note in Security below)
(Note: These are examples and may not be live URLs.)
Meaning the person controlling wpad.co.uk or wpad.com has the potential to return malicious proxy configuration to almost anyone who isn't on a corporate network.
That is soooo bad. So so bad.
If stuff was bought with the stolen credit card then presumably they have his address within the block of flats when he provided a delivery address.
Personally there is one other thing I would consider doing: try to get a hold of this address and then sign him up for as many samples as possible. Drown the bastard in unwanted mail and as much embarassing crap as possible being delivered to his door and in plain view of his neighbours.
Re: Time to go Steve @Jordan Davenport
...that everything about it was by design...
It's the same with office too. They've changed the way protection works in Excel 2013 and other office applications so that it deliberately works more slowly. Apparently this is done to make brute force attacks more time consuming to perform, but it's irritating nevertheless. Working with a large workbook used to take ~1 minute. Now it takes nearer 10.
Yet again we have Microsoft telling us what we want without bothering to ask why we're using these features. In my case it's more to do with stopping users doing boneheaded things rather than protect information as such, but rather than listen to what users are telling them - there are plenty of complaints online if you go looking for them - they prefer to parrot the line about this being done 'by design' and there being no fix for it. They keep on repeating that this change has been made to comply with ISO standards, but this seems to ignore that those same ISO standards are based on Microsoft's own work.
In short Microsoft seem to be telling the users 'this is what we're going to do whether you like it or not - screw you'.
(and it would be nice to have editing features wouldn't it? personally I'm not sure why they would want to restrict this to members that have badges since a post with errors in affects them as much as anybody else)
Re: Time to go Steve
They also seem to have got stuck in telling us what we want rather than simply listen to what we're telling them. Complaints about Metro aren't exactly difficult to find after all and it's a pity they don't pay more attention to them beyond offering the option to boot direct to the desktop in 8.1 (perhaps they'll end up having to release an '8.1.1 for workgroups desktop users' so that TIFKAM can be removed entirely?).
Some executive somewhere at Microsoft is probably so emotionally invested in the whole Metro - TIFKAM? - thing that they seem to be completely incapable of seeing how much people would rather get rid of it. I guess working at a large corporation really *is* like living in a Dilbert strip...
Incidentally shouldn't that last sentence read 'arguing about what exactly they want the U word to mean'?
we'll keep arguing about what exactly the U word means.
From dictionary.com:
adjective
1. not limited; unrestricted; unconfined: unlimited trade.
2. boundless; infinite; vast: the unlimited skies.
3. without any qualification or exception; unconditional.
Seems fairly straight forward to me...
