445 posts • joined 3 Dec 2012
Almost as worrying is the reference to 'improperly' spying on senators. To me that implies that they have a proper way of going about such activities and may even be a regular occurrence for all we know.
Re: Perhaps it should be renamed...
Meanwhile in other news:
Still trust the NHS?
I'm still waiting to be told about this, despite going to see the consultant and doctor on a fairly regular basis.
Now they claim they're going to wait 6 months so they can communicate the advantages more effectively (note the convenient lack of any mention of the disadvantages nor any attempt at fixing the holes - it's difficult to see how this whole mess could ever be in our best interests).
More effective communication? Don't make me laugh - so far in my case there has been zero communication (effective or otherwise).
Presumably working practices don't suddenly magically change in a multinational from one part of the world to another, so how can we be certain that the same weaknesses didn't exist at some point in the UK based systems too? And might still exist if not dealt with properly?
DEA: 'To use it, we must properly protect it'
Compare and contrast this with the DEA's involvement with the NSA and their information gathering...
Drug Enforcement Administration training documents released to MuckRock user C.J. Ciaramella show how the agency constructs two chains of evidence to hide surveillance programs from defense teams, prosecutors, and a public wary of domestic intelligence practices.
In training materials, the department even encourages a willful ignorance by field agents to minimize the risk of making intelligence practices public.
The DEA practices mirror a common dilemma among domestic law enforcement agencies: Analysts have access to unprecedented streams of classified information that might prove useful to investigators, but entering classified evidence in court risks disclosing those sensitive surveillance methods to the world, which could either end up halting the program due to public outcry or undermining their usefulness through greater awareness.
The official Orange website was breached by unknown hackers who have stolen 800,000 customer records including names, email addresses and phone numbers.
Orange, the world’s largest mobile operator, suffered a data breach. Another clamorous case, after the one occurred to Vodafone in Iceland, according first information, data of more than 800,000 customers of giant has been exposed. Orange publicly announced it was targeted by unknown hackers last 16th January 2014, the attackers gained access to the accounts of the Orange website.
The news was issued by different media, PCInpact reports that the “My Account” section of the website was the target of an attack Thursday, January 16 and added that the site is back to normal.
(the PCInpact article is in French - so probably not worth including directly here)
A few requests:
Please could you consider extending the number of supported HTML tags. The 'u' tag for underlining doesn't seem to be supported.
A wysiwyg HTML editor?
At the moment when you reply to a post it starts off by showing the post you're replying to above the form. When you preview your post however this gets replaced with the preview of what you've written. Sometimes I copy and paste bits from the post I'm replying to into my own post when I'm trying to address certain points made by the previous poster, and having this replacement going on makes any referring back to the original more awkward if I want to make any further additions after previewing the post.
If the user is replying to a post please consider always displaying the post that is being responded to, even during the preview of a post. The user may still want to refer back to it and make more changes.
Come to think of it. If you have a thread of replies and can link them together then it might be even better if you just showed that thread of replies within the form, so you also have the opportunity of seeing what the previous poster replied to if there is more than one reply in the chain.
Just a small suggestion where the look and feel is concerned: the name of the poster - in each thread as well as the previously mentioned posts page - seems to be in a smaller and different font than that of the text of the comment itself.
I'd suggest making the poster name the same font as the comment text, at least where font name and size is concerned. Granted it's a small thing though, but it just looks inconsistent.
I'm guessing this will be turned down, but how about logging the IP address of those making the comments and making that IP address visible to posters when the message is in response to one of their own or the person viewing the IP address has been round long enough to earn a silver badge?
It might help discourage the sort of shrill posts that seem to be pushing one agenda or another that we see pop up from time to time, since it would limit - whilst not entirely removing - the anonymity that they enjoy at present.
Re: Always tricky
it becomes hard to leave any value in anonymised data
Value for whom? Advertisers and marketers?
You want Post Code for geografic analysis?
Again - geographic analysis - who is this being done by? If it's done for commercial purposes by the company that has actually been selling items or services then presumably they have access to all their own sales records. This only becomes a problem when you start handing data to 3rd parties, often for questionable purposes.
When is a quantum computer not a quantum computer?
Another idea: what happens when cars on the real highway are infected with a virus?
Just stand on a bridge somewhere with your device remotely infecting cars as they pass by. Watch those cars drive off into the sunset around the rest of the country (and possibly even other parts of Europe).
And then one day after a time limit has passed sit back and watch the ensuing mayhem that this causes.
It would make the carnage on 7/7 look like child's play by comparison...
Cars on the run have proven to be dangerous for citizens.
It seems like technologically illiterate politicians with delusions of adequacy are an even bigger threat to the public. What can be done about them I wonder?
Its interesting to note that they don't seem to see the problems with this idea. What happens for example when the firmware for such a system has been compromised? Do they pay people for their old and now unsafe cars - that can be stopped by anybody with the right knowledge - or will people be forced to simply accept that their pride and joy is now just a heap of scrap metal? Or perhaps they won't be told?
It's interesting to note their insistence that porn is bad, that parliament ought to be a child-friendly place for MPs with children and then compare that with what they actually do themselves...
Perry claimed reports of overblocking were “fanciful”.
Isn't the idea of relying on web filters to keep your kids safe rather than doing the job yourself - and then expecting there to be no problems as a result - just as fanciful?
Re: Do people have no memories at all? @Sir Runcible Spoon
...It only takes one low level code monkey to slip up...
Like within the parts of the tech industry that make routers for example?
And that was only fixed after people complained about it. How do you complain about systems you don't even know exist, much less how they operate?
Re: Stop using MS software then
There isn't a backdoor because one isn't needed to access customer data.
The fact that Microsoft is a US company and subject to US law is a far bigger threat than anything contained within the code.
The existance - or lack thereof - of a backdoor is just a red herring aimed at distracting us from the laws in place within the US that give the authorities the right to demand access to data.
Documents leaked by Snowden there are things that the US won't even share with partners like the UK, let alone Australia (remember the NOFORN designation on some of the documents?).
Part of the information revealed under this designation told us that the US could end up spying on the UK even without the knowledge or consent of the UK authorities, and despite prior agreements that this would not happen.
You can bet that the US is doing the same with Australia too even though they are supposed to be in the 'Five eyes' club.
Re: No need for a back door
No back doors are necessary when working for the NSA and the law is your friend...
[snip]Data located in Australia but owned or operated by a US company could be accessed under a Patriot Act request, even if this violates National Privacy Principles, a legal expert has warned.[/snip]
@Yet Another Anonymous coward
It's like the UK restricting laws to specific high risk terrorist targets and then having the Met classify all of London as a potential target for an indefinite period.
...or pretending that what the spy agencies are doing is monitored by government by requiring a warrant from the foreign secretary each time they use their powers, then allowing the foreign secretary issue a blanket warrant for everything they do.
Oh, wait... they already do that don't they?
I wonder if this is because apps running on iDevices leak enough information for the spooks to not need to ask in the first place?
Re: Gmail, still ok IMO
How can it possibly be good when it's blocking messages in such a haphazard way?
And as for people preferring this: just because people prefer it doesn't make it a good idea. I've heard of cases where GPs have genuinely been asking why they can't store sensitive patient information on Google docs as one such example. These are preferences expressed by people that don't seem to know much about what they're talking about.
Finally with regards to clients I've come across so many cases of PEBKAC - problem exists between keyboard and chair - that the preference of customers means pretty much nothing to me. If anything it's an indication of what to avoid.
Gmail scanning becomes censorship
So they're swapping one corporation that helped the NSA with another when it comes to funding? (Didn't Microsoft compromise Skype in order to make life easier for the spies?)
Saying someone is making a childish response whilst failing to understand the comment itself is even more reason to laugh in your general direction.
And your lack of basic reading skills is enough to take the piss out of you. You were the one that specified US companies. I might not be able to stop government access but I can damn well stop unwanted commercial parasites from seeing my private communications.
Where to begin?...
1) I never specified just search history. I was referring to each and every single HTTP request made by Vodafone customers that didn't involve SSL. This is the sort of area where choice of ISP could very well make a difference.
2) It's still no excuse to be actively sharing personal information with others when there is zero need to do so, nor does it excuse the shadow visits by Bluecoat that could in some instances be seen as replay attacks.
'B..b..b..but everybody is doing it!!!' is a rather childish response and I fail to see how that justifies in any way what Vodafone has done in the past.
I would not want to go anywhere near any ISP that has any involvement with Vodafone. Remember that Vodafone is one of the ISPs that has in the past allowed a US company access to the web browsing habits of their users (and the Bluecoat product used appeared to repeat the visits made by their users too).
Where the BBC is concerned does this mean they'll be forced to spend more on the bureaucracy of making sure that only British citizens can use the likes of iplayer when used elsewhere within the EU? The BBC is a pay TV service after all - the only real difference between it and other providers is the lack of choice when it comes to whether we want to pay.
Presumably some form of account associated with a household would be needed but it would still result in more work for the BBC and less money to spend on our own programs.
Funny how when it's a public authority making the mistake the ICO respond far more quickly.
Regardless of whether what the police have done is wrong or not, what's the bet that the officers concerned will be unaffected by this, but the police force will have to pay a fine that will result in tax payers getting a worse service?
The 'sui generis' database right only allows a creator to stop others using a database or the information in it if the investment of time, money and skill in that original database is large enough.
Does this have any impact on 'security' firms that provide filtering based in part on following their customers around the net and shadowing every visit to any website, thereby executing what could be seen as a replay attack?
They're accessing the pages stored on websites - many of which are effectively stored within databases - and doing so for commercial purposes to help support their own services. And without consent of the website operators I might add.
Re: Oh Dear ... @John Smith 19
In reality the EU has acted more as a brake on surveillance compared to the UK than the UK govt (whoever's in power at the time) has ever been.
Agreed, but just because nation states have been behaving even more badly does not excuse the commission's own dubious actions IMO.
Just look at the current TTIP negotiations as one such example, and in particular pay attention to investor-state dispute settlement and corporate sovereignty. The commission apparently wants to be able to sign away then ability of national governments to regulate their own affairs. It's not even the commission itself that will be claiming this power as it does with many other things - they plan to hand it over to the private sector (despite being previously burned by the likes of ACTA).
Come to think of it: if companies are given the right to sue governments in secretive courts and override the will of parliaments by doing so, where does that leave our ability to stop unwanted snooping on us? A lot of that spying would appear to be done one way or another by the private sector, and given the private sector's apparent willingness to bow to US authorities on most matters I can't see this ending well.
Re: Oh Dear ...
...bulk processing of personal data...
Hang on a minute, isn't this the sort of activity encouraged by the Data Retention Directive?
This would be the very same law pushed through at the EU level and supported by member state politicians when their own governments couldn't get it passed at the national level - thereby showing complete contempt for democracy and using the EU as little more than a tool for politicians to evade personal responsibility for pushing through laws that they have trouble justifying at home ('it's not our fault - the EU made us do it!!!')
I know that the activities of both the NSA and GCHQ and the fallout from their actions need urgent consideration, but that doesn't mean that the EU should ignore their own failings.
Re: Ban dragnet surveillance data for use in domestic law enforcement @SeymourHolz
...'legally poisonous' to domestic LEO...
I seem to recall that to some degree this is already the case in the US, but the authorities there seem to manage to find ways around this. Witness for example the use of data gathered by the NSA being used domestically by the DEA.
The data would be handed to the DEA by the NSA unofficially and the DEA would come up with some bullshit excuse so they would never have to reveal the existence of the real reason for the arrest, much less the data that supported it.
Journey time once you're in the tunnel is only about 35 minutes. Personally I'd be more interested in the roaming rates people are paying when they're the other side than this sort of arrangement.
Up vote total query
Does the total of up votes listed on the 'my posts' page relate to my account regardless of handle, or only the upvotes that are associated with my current handle?
Re: Publicly available PI
Was it really entirely publicly available? If it was then why were fake accounts required to do the scraping?
Members only != publically accessible (IMO)
And as far as I know accessing *publiclicy available* data is not an offence
It may well be if it has been made clear that their presence is not welcome. See the parts of the Computer Misuse Act 1990. In particular sections 1(1)(b) and 1(1)(c).
IANAL, but they would appear to have deliberately evaded limits put in place that define who can access it - members only in this case? - and limits stated in the robots.txt file. All this would make their actions far more questionable than it may first appear IMO.
Re: crawling security @Chris Miller
It's a good way though of picking out bots that need to be blocked - just add a line to deny access to a location that doesn't exist then periodically check the error log.
Of course using something like iptables or 'deny from' entries in the .htaccess file is probably better if you really do want to block access. Personally speaking I've done my best to block all Amazon EC2 IP addresses from my site. After all, how often does anybody see a legitimate visit from 'the cloud'?
Things still seem to be a bit off where the ads are concerned. Yesterday I kept on seeing ads for how to keep your teeth white complete with an example in the image of how bad things can get - not a particularly pleasant image. This has been the case for the preceding few days too.
Today the ads seem to be in Spanish - or Portuguese? - for some reason that I don't understand (it's not as if I'm using a VPN connection or anything else that would hide my real location, and I'm in the UK).
At least the auto-playing and auto-resizing ads have disappeared though. That is certainly a welcome change.
Re: Spammers. @Bert 1
2) Also regarding the "Occupier" addressed stuff. There is a problem here because some legal papers (such as eviction notices) must be sent addressed to the occupier, in case the house is sub-let.
All very well, but shouldn't the sender still be under some sort of obligation to not do this unless absolutely necessary? I find it difficult to believe that junk mail would fall into this category when they've been told by those living at the address to stop sending them stuff that they'll never want to respond to.
This sounds familiar.
At one point I was trying to get connected to their services for internet access only to find that - according to the engineer - the cable to my house had been broken. They're currently refusing to fix it, and they're definitely aware of it as I have talked to them about trying to get it fixed (this was before abandoning them as an option). Despite knowing that they can't connect me they have still insisted in the past on sending out flyers to my home telling me that I can get their services.
They really do need to pay more attention to detail. Apart from anything else it's a waste of their time as well as mine to send me adverts for services that I can't use.
Re: Crime and punishment
Perhaps 'punished' was the wrong way of phrasing it. Maybe 'face the consequences of their actions' would be better?
In any case the care taken to avoid committing an offense in the first place should IMO be taken into account. I don't think anybody would disagree with that.
The problem that I have is this: placing a lower limit below which cases will automatically be dismissed in regards to damage done is a very risky course of action - again IMO - regardless of the care taken in avoiding defamation. This is especially the case when terms like 'serious' are vague at best (and can be interpreted in more than one way depending on who is making the definition).
It's also easy to imagine a situation where ordinary members of the public suddenly find it much more difficult to make claims of defamation as a result of this change, whilst large organisations and well known personalities will continue to have a smoother ride.
The new Act enables individuals or businesses to lodge claims, but only where they can show that defamation of them has caused, or is likely to cause, serious harm to their reputation. Businesses can only be said to have suffered 'serious harm' if they can demonstrate that they have experienced, or are likely to experience "serious financial loss" as a result of defamatory comments.
I smell the stench of civil servants desperate to minimise their workload all over this one. It was the CPS after all that accepted the excuse of 'no criminal intent' in regards to Phorm trials undertaken by BT (the bullshit meter just exploded on that one considering the lengths BT went to in order to conceal the trials) and it was the various police forces around the country that refused to take on other potentially illegal interception by the telcos. Also note the resistance the police put up over claims of phone hacking before being forced into taking action.
Also I wonder who gets to determine what constitutes 'serious' harm?
"In the main, the new 'serious harm' threshold should help discourage trivial or vexatious claims from being brought before the courts, or at the very least ensure they are eliminated at an early stage in proceedings," Birdsey said.
Umm... Trivial or not - and again who gets to determine this? - if an offense has been committed should those responsible not be punished?
It's amazing the lengths civil and crown servants will go to in order to avoid actually having to do their job...
Re: Not illegal
There is however a law against British intelligence agencies bugging British MPs
And yet parliamentary authorities still manage to respond to FoIA requests in regards to the web usage associated with PCs within the houses of parliament.
MPs are already being watched. It's not just solicitors that need to worry.
which is when the person concerned actually gets spied on
No, it starts when they gather the information to get a hit from searches in the first place. Otherwise what data would the search algorithm be working on?
Both Google and the government might like us to believe that it's not really spying if it's a machine doing it, but I suspect that a fair few people here would have problems with that definition.
Re: So what they are saying is:
All of the American people (as well everyone person in the world) along with Congress are all suspected terrorists?
Look up Edgehill and Bullrun - both were battles in the US and UK civil wars where citizens were themselves considered potential enemies of the state. And both are codenames used by GCHQ and the NSA respectively.
Members of Congress have the same privacy protections as all U.S. persons
So that's a 'yes' then?
TorrentFreak now blocked by Sky parental filters
@Lost all faith
Except that paying criminals in this case didn't serve any investigative purpose whatsoever. Botnets and how they function were already well known. What they were trying to explain could have easily been put into words without handing over cash to crooks.
This is no different to a reporter paying somebody to break into a house to show how easy it is but not steal anything. I'm sure that they would argue that no harm was done but the home owner would still feel violated and the reporter would still be in trouble with the police.
Why should it be any different with the online world?
- Vid Hubble 'scope snaps 200,000-ton chunky crumble conundrum
- Bugger the jetpack, where's my 21st-century Psion?
- Google offers up its own Googlers in cloud channel chumship trawl
- Windows 8.1 Update 1 spewed online a MONTH early – by Microsoft
- Interview Global Warming IS REAL, argues sceptic mathematician - it just isn't THERMAGEDDON