* Posts by dephormation.org.uk

527 posts • joined 10 Mar 2008

Page:

Equifax UK admits: 400,000 Brits caught up in mega-breach

dephormation.org.uk
Pint

Re: Start complaining now....

Applying the ICO going rate for "fines per person affected" ... 0.2p/person... the total fine for Equifax would be 400,000x0.2p = £800.

And even that figure is assuming the ICO opt to issue a fine.

They are more likely to

- blame the victims for not opting out of something they didn't know about,

- claim 'the ICO are not IT experts' and unable to understand the technology,

- claim the leak was 'small scale and technical in nature',

- suggest it was 'too difficult to obtain consent from theory customers for the processing',

or some other utter nonsense.

The ICO are, absolutely, as useless as an ashtray on a space rocket (.. never mind a motorbike).

9
0

Last year's ICO fines would be 79 times higher under GDPR

dephormation.org.uk
FAIL

Excuse me if I'm not cheering...

That would mean BT's fine for covertly using Phorm would be 79x nothing at all.

See, unfortunately, the ICO staff still get to choose which bunch of criminals get fined, and which don't.

And the ICO staff "are not technical experts", we are only "theory customers", and Phorm was only "a small trial [on thousands of people and thousands of businesses that served them over three years by a bunch of foreign spyware developers]".

7
0

Your internet history on sale to highest bidder: US Congress votes to shred ISP privacy rules

dephormation.org.uk

Re: Phorm is the new norm in Trump's America.

When Nebuad attempted to do the same as Phorm in the US, it did result in an outcry and congressional hearings.

You might recall this;-

https://www.youtube.com/watch?v=l0AN-UhzsNs

"Just because I belong to an ISP, doesn't give you the right to track me. If I want to be tracked it should be affirmative... it really should be opt in. Why do I have to opt out. Why should the burden be on the American consumer?" said Bart Stupak.

Now, as I understand it, you have no option at all.

Quite apart from the personal intrusion, it also affects the other party to the communication. It is automated industrial espionage / intellectual property theft that will strip hard working law abiding content creators of their business.

The current vacuum of political opposition in the US (and the UK) is truly terrifying.

0
0

UK Parliament's back for Snoopers' Charter. Former head of GCHQ talks to El Reg

dephormation.org.uk

The role of mass surveillance in fighting cybercrime cannot be understated

... except where BT/Phorm is concerned.

Then it is completely ineffective. There is no evidence. And nobody is ever prosecuted.

2
0

Head of UK oversight body to join GCHQ 'tech help desk'*

dephormation.org.uk

Spinning Doors

In short... the woman who was supposed to regulate the Intelligence Services is rewarded for her service to the Intelligence Services with a job at the Intelligence Services.

After the Phorm affair, the Regulation of Investigatory Powers (Monetary Penality Notices and Consents for Interceptions) Regulations 2011 were introducted, with the IoCCO given explicit responsibility for investigating instances of 'unintentional interception' by ISPs.

Yet Jo Cavan stifled every single complaint. No investigation was conducted. No penalties were imposed. No statistics have ever been published (transparency? we've heard of it).

In short, she isn't a "champion" I recognise. If you work for telcos or the Intelligence Services, YMMV.

2
0

Ad slinger Phorm ceases trading

dephormation.org.uk
Mushroom

Re: "What exactly did they spend it all on and how do you get away with such things?"

Phorm was an industrial espionage scam... designed to extract economic intelligence from private/confidential communications.

It really was genuine spyware, GCHQ should have killed it with fire, and the people responsible for installing it should have been tried for treason.

8
0
dephormation.org.uk
Thumb Up

Thank you

Just briefly wanted to say thank you, to the Reg and its readers for all your support.

I'm delighted Phorm have ceased trading. I look forward to seeing Phorm finally struck off & dissolved.

30
0

BT hires cyber-security

dephormation.org.uk
Devil

Cybersecurity? BT? Phorm?

BT perhaps jumping the gun on the spying opportunities offered by the IP Bill?

0
0

UK Home Office seeks secret settlements over unlawful DNA retention

dephormation.org.uk
Holmes

Rematerialised, or never vanished?

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/514152/Sept_2015_National_DNA_Database_Strategy_Board_Minutes.pdf

???

Found via https://www.gov.uk/government/groups/national-dna-database-strategy-board#minutes

0
0

Phorm suspends its shares from trading amid funding scrabble

dephormation.org.uk
Happy

:)

Hopefully, Phorm stays suspended.

14
0

Big Brother is born. And we find out 15 years too late to stop him

dephormation.org.uk

Re: EU?

DPA Subject Access request?

0
0

IOCCO: Police 'reckless' for using terrorism powers on journo sources

dephormation.org.uk
Angel

Re: What is the point of the IoCCO?

>Think of IOCCO as the police. They do the investigation, and then pass on the prosecution to the court system.

Except they don't. IoCCO claim they do not have the power to refer an offence to the IPT.

So after a finding of fault, or even "recklessness" in this case, IoCCO simpy dump the responsibilty for redress back on the victim, and tell them go forth and multiply.

There is no consequence unless the victim then complains *again* to the IPT and they find in the complainant's favour.

But the IPT reject 99.7% of all complaints they receive. So buena suerte amigo.

2
0
dephormation.org.uk
Facepalm

What is the point of the IoCCO?

What value does the IoCCO add if a policeman can act "recklessly" with surveillance powers, and the very worst sanction the "regulator" can offer is lobbing scornful words in his general direction.

3
0
dephormation.org.uk
Meh

Re: And what is being done...

"a detailed action plan was put in place as soon as the issue was highlighted".

A detailed action plan document written by the same force that "recklessly" ignored the detailed Code of Practice document.

I can't see that plan being very successful unless it includes reading lessons, and/or a note that the IoCCO are not to be invited for dinner again.

2
0

Mozilla annual report shows risky Google dependency now risky Yahoo! dependency

dephormation.org.uk
Pirate

Re: Not surprised they are losing market share

Mozilla could, for example, ask before taking that information. Rather than simply taking it.

And they could offer a user facing preference, rather than expecting the user to navigate past warnings to set the unintuitive option "extensions.getAddons.cache.enabled" to "false" to suppress it.

It is symptomatic of the disregard Mozilla have for their users.

4
0
dephormation.org.uk
Unhappy

Not surprised they are losing market share

The thing that once differentiated Firefox was the freedom & control offered to users & developers.

Mozilla seem to have abandomed much of that ethos in favour of restrictions and features that favour the interests of the marketing industry & government.

Undoing all of that on a new installation takes time. Lots of preferences to disable, features to restrict, back channels to knock out.

Meawhile, from an extension dev's perspective, to create an extension for FF now requires dev's to register details with Mozilla and have code approved before it can be distributed. In addition, the browser quietly reports back to Mozilla a list of the add-on installations chosen by users. I resent that, it is intrusive and unnecessary. So I've dropped support for FF.

Given alternatives like SeaMonkey, Iceweasel, PaleMoon, continue to respect the freedom of user's & extension developers' I can't see Mozilla recovering that market niche without a dramatic change of focus.

At present, there is little to differentiate Firefox from the default browser installed by OS makers, and little to motivate most users to replace the default with Firefox.

14
0

UK citizens will have to pay government to spy on them

dephormation.org.uk
Thumb Down

Why?

If this is about legitimizing the illegal things that the UK security services have already been doing, why is there a need to impose more cost on internet users?

0
0

'We can handle politicos, OUR ISSUE IS JUDGES', shout GCHQ docs

dephormation.org.uk
Childcatcher

The IPT?

Now there's a hollow sham of a regulator if ever I saw one.

2
0
dephormation.org.uk

Re: You Can't Rely on Politicians

You're hoping Labour might reform surveillance? Good luck with that; Phorm, Communications Data Bill, Jacqui Smith, Lord West, Gordon Brown, DRIPA, UKCCIS etc.

Not forgetting that most of the programmes revealed by Snowden manifested themselves under a Labour government.

Sadly, the only reform you are likely to get from Labour is yet more surveillance, not less.

14
0

Did GCHQ illegally spy on you? Now you can find out – from this page

dephormation.org.uk
Holmes

Privacy International

If it helps you decide whether or not to post your personal information, keep in mind the current director of Privacy International (Gus Hosein) was a consultant to BT/Phorm.

7
0

Don't want Windows 10 FILTH on the company network? Step this way

dephormation.org.uk
Boffin

Re: Has anyone read

I can't comprehend why any sane corporate IT user would install Windows 10.

It opens your internal security and data for Microsoft to exploit at will.

Never mind using it as a home computing platform.

With Windows 10, the operating system is no longer the product... you are.

6
0

Wikipedia to go all HTTPS, all the time

dephormation.org.uk
Gimp

Excellent.

Ecryption is essential to negate the effects of mass surveillance, and scams like Phorm.

3
1

NSA slapdown prompts Privacy Int'l to file new lawsuit against GCHQ

dephormation.org.uk
Holmes

"First you need to parse obtaining phrases from clauses"

Before that you need to intercept private/confidential communications without consent from either party.

That's where the privacy intrusion starts.

The rest of your cunning theory is irrelevant thereafter.

5
1
dephormation.org.uk

Not sure who I trust less...

... GCHQ or Privacy International... while PI's director remain silent about his involvement in Phorm.

So far the net effect of the PI action against GCHQ has been to make "lawful" anything that GCHQ do. (Great, thanks for that PI, with friends like you...).

NB... Lawful in quotes because mass surveillance by GCHQ is clearly illegal under the ECHR article 8.

1
1

UK data watchdog: Massive fines won't keep data safe

dephormation.org.uk
Meh

What does it take to get the ICO to do actual work?

The excuses...

"We are not IT experts"

Then... "ICO are not IT experts and we lack the power to fine"

Then... "ICO are not IT experts and have the power to fine, but the fines are not big enough to make it worth bothering"

Then... "ICO are not IT experts and have the power to fine, and the fines are now big enough to hurt offenders, but we are still not going to do it because it might hurt offenders"

And now they wonder why, despite 97% public awareness of data protection, only 1% of respondents would bother complaining to the ICO when a data protection offence occurs.

The ICO are absolutely pointless. The truth is there is effectively no data protection in the UK at all. It doesn't matter what the law says any more. Doesn't matter what you think your rights are. No regulator will protect you. No law will be enforced.

Do not trust the ICO to defend your privacy rights against crooks. It never happens.

2
0

Microsoft drops Do Not Track default from Internet Explorer

dephormation.org.uk
Facepalm

DNT is a mirage.

Begging the crooked frauds running the advertising industry not to track you is just micturating in the direction of the prevailing wind.

Even the ICO don't comply with DNT requests. So who are you going to complain to if the ad industry laugh in your face when you discover you've been taken for a fool?

Like the ludicrous cookie law.

There is a much simpler solution that the ad industry don't want... Outlaw the creation of surveillance databases of personal data & communications data without the explicit consent of data subjects.

6
0

Nothing illegal to see here: Tribunal says TEMPORA spying is OK

dephormation.org.uk
Holmes

Re: "Anyone" != "Everyone"

" there is little evidence, or none, that the data retained has been or is being [[misused]"

BT/Phorm?

There is plenty of evidence that this data is being misused with impunity. Vodafone + Bluecoat replay attacks. TalkTalk + Huawei surveillance + replay attacks. UK Parliament + Bluecoat.

The intrusion begins the moment a third party obtains a copy of a private/confidential message with the intention of retaining some or all of the content. Subjecting the whole population to intrusive surveillance is simply undemocratic, offensive, and illegal.

0
1

ICO to fine UNBIDDEN MARKETEERS who cause 'ANXIETY'

dephormation.org.uk
Meh

"likely to cause annoyance, inconvenience or anxiety".

The only thing "likely to cause annoyance, inconvenience or anxiety" to the ICO data protection racket is the fear that they might actually have to do some proper work for a change.

Instead of photocopying boilerplate rejection letters fobbing off complainants, and always refusing to enforce the law.

Watch as they do nothing with their new powers, and find a new excuse for inaction.

0
0

O2 vs Vodafone: Mobe firms grab for GCHQ, gov.uk security badge

dephormation.org.uk
Unhappy

Vodafone...?

The telco that allowed the Californian company Bluecoat to covertly monitor their UK network, engaged in replay attacks launched from Bluecoat's offices in California, and all done without knowledge or content from either party to the communications... that one?

See,

Vodastalk; Vodafone and Bluecoat Stalking Subscribers

https://nodpi.org/2011/06/22/vodastalk-vodafone-and-bluecoat-stalking-subscribers/

0
0

Naughty NSA was so drunk on data it forgot collection rules

dephormation.org.uk
Big Brother

URLs are Content

They are the content of an HTTP GET request.

They are not addressing data. They also reveal the content of the likely response to the request.

Addressing data is the IP address (clue in the name) and nothing else.

That is, co-incidentally, how it was specified in the 'invalid' EC Data Retention mass surveillence regulations too.

9
2

BT: Whew, we've been cleared of major privacy breach. Oh SNAP, another webmail blunder

dephormation.org.uk
FAIL

BT: immune from ICO enforcement..

Some examples...

BT/Phorm - no ICO enforcement despite covert trials of Russian supplied spyware monitoring the content of customers' private/confidential web browsing, without consent from sender and recipient.

BT/ACS law - no ICO enforcement action despite BT sending an unencrypted email full of sensitive customer data, and despite a court order requiring that data to be encrypted and sent on physical media.

BT/email - again... no ICO enforcement action despite months of security failures that put customers at risk of identity theft.

I'm not sure what it would take to cause the ICO to enforce the Data Protection Act against BT.

1
0

BT caught in data gaffe drama: Whistleblower squeals over alleged email fail

dephormation.org.uk
Devil

Recalling that

... the ICO blamed BT's own customers for the Phorm affair (claiming there was a measure of "implied consent" for private/confidential telecommunications to be covertly intercepted & secretly sold to Phorm).

And also the same ICO that blamed ACS:Law for *receiving* unencrypted emails from a lawyer in BT (whereas BT were supposed to comply with a court order instructing them to encrypt the data *before sending* it via CD/media). Not that ACS:Law were blameless, but if the data had been encrypted as instructed by the judge, it would probably never have been hacked. BT escaped any penality in that instance too.

So sadly... I expect the ICO's conclusions to be that BT customers were somehow to blame... and BT Directors to be completely exhonerated :(

I call it Muffins Law (cf Tea & Muffins at the ICO).

0
0

Microsoft: NSA snooping? Code backdoors? Our hands are clean!

dephormation.org.uk
Childcatcher

Backdoors like WPAD?

For starters,

WPAD: The Internet Explorer Security Flaw that Threatens all UK Microsoft Users

https://nodpi.org/2013/05/09/wpad-the-internet-explorer-security-flaw-that-exposes-all-microsoft-users-in-the-uk/

3
1

DNS poisoning slams web traffic from millions in China into the wrong hole

dephormation.org.uk
Devil

Ultrasurf?

65.49.2.178 -> Sophidea -> Ultrasurf

"a product of Ultrareach Internet Corporation, originally created to help internet users in China find security and freedom online"

0
0

Google: The Man RUMMAGED all your data (and a load MORE that's SECRET)

dephormation.org.uk
Big Brother

Would also be interested to know...

if Google have attempted to estimate how many Tbytes of data were pilfered by NSA/GCHQ without any legal authorisation at all.

"Fuck these guys" is apparently the proposed solution... Personally, I would opt for encryption.

These statistics are meaningless.

0
0

Snowden leaks latest: BT, Vodafone, Verizon jack GCHQ into undersea fiber

dephormation.org.uk
Big Brother

Undersea cables?

Vodafone: use Bluecoat to covertly tap UK telecoms and divert to California USA for analysis & replay attacks.

BT: used Phorm to covertly intercept, copy, and analyse the content of UK telecoms.

3
0

Ex-BT boss bags £9 MILLION bye-bye bundle, moves to key gov post

This post has been deleted by a moderator

ISPs set to install network-level smut filters despite Lib Dem opposition

dephormation.org.uk
FAIL

Nothing wrong with that in principle

There *is*. And there is something wrong with that in law.

TalkTalk are non entitled to divulge the content of a lawful private/confidential communication (a url) to a third party without explicit consent from sender & recipient (or a warrant for surveillance). (UK RIPA).

TalkTalk are not entitled to retain the content of a communication or anything revealing the content of a communication (EC Data Retention directive).

TalkTalk are not entitled to commercially exploit the content of communication without a licence from the author (UK CDPA).

TalkTalk are not entitled to interfere with the operation of a computer without consent from the operator (UK CMA).

0
0

Brazilian TV show accuses NSA of spying on oil firm based on leaked docs

dephormation.org.uk
Holmes

Looking for confirmation of US/UK economic espionage?

www.phorm.com.br

The clue is in the name. The .br bit stands for Brazil.

Does that help?

1
0

Reports: NSA has compromised most internet encryption

dephormation.org.uk
Thumb Down

GCHQ are doing their job

When did it become GCHQ job to spy on *law abiding* citizens unencrypted, let alone encrypted, private/confidential communications?

Or rather, 'adversaries', to use the new colloquialism?

These revelations, or rather the fact of the corrupt co-operation between IT industry leaders and these fascists, will do huge damage to public trust in IT people & products.

17
0

New BT chief gets keys to copper-encrusted door next month

dephormation.org.uk
Thumb Down

Phorm

Don't think we've forgotten.

Both Livingston and Patterson oversaw the covert trials of Phorm in 2006, 2007, and 2008.

1
0

Mobe-slurping Wi-Fi SPY BINS banned from London's streets

dephormation.org.uk

Re: Rah Rah Rah

As a personal identifier, the MAC address of your phone is more globally unique than your name.

4
0

BT's not at home to Mr Profit, but its lordly boss probably isn't too fussed

dephormation.org.uk
Devil

Ian Livingston & BT

The people who imposed Phorm mass surveillance on their subscribers, and the web sites that served them.

I don't trust either of them.

2
0

WAR ON PORN: UK flicks switch on 'I am a pervert' web filters

dephormation.org.uk
Stop

Re: I like how they state .....

Already been done;

www.dailymail.co.uk/news/article-2276344/Adultery-website-Out-Town-Affairs-received-52-000-hits-seven-months-Parliament-computers.html

It would appears MP's communications are being filtered and monitored by an unnamed 'third party', thought to be Bluecoat in California, with URLs being categorised, analysed, and censored (even if legal).

See also;-

https://www.whatdotheyknow.com/request/surveillance_of_internet_use

Sadly. the pres (including the Register) won't report it.

2
0

Admen's suggested tweaks to Do Not Track filed straight into the bin

dephormation.org.uk
Devil

DNT is a mirage

We need to outlaw the unauthorized creation of personal profile databases/communications databases... or in the alternative.... face the unpleasant truth that evil people will create these databases regardless of any signal sent by a web browser if they think they can get away with it.

17
1

PM writes ISPs' web filter ads for them - and it must say 'default on'

dephormation.org.uk
Thumb Down

Why is regulation a bad thing?

Versus the alternative; unaccountable ISPs imposing opaque censorship restrictions on wholly lawful communications.

1
4

Forget Snowden: What have we learned about the NSA?

dephormation.org.uk

Re: Civil servants can't be trusted to stay in their remit and will always try to widen their remit.

"It is grossly disproportionate to the crime it allegedly counters"

Approximately the same number of people are killed in the UK after falling out of trees.

On average 5x as many people die every year in UK police custody (~30) as die from acts of terrorism (6).

Meanwhile, 100,000 people die from the effects of smoking every year. Around 2,000 die in road traffic accidents. And 800 from murder. To offer a few popular preventable terminal scenarios.

7
2
dephormation.org.uk
Boffin

Trust

Trust is the big issue.

When you collapse trust in Governments, law, and telecommunications... the consequences that follow are frightening but inevitable.

10
0

Sky asks Ofcom to unlock BT cabinets

dephormation.org.uk
Angel

Virgin

I'd like to see the Virgin cable network made accessible to other providers.

4
1

Google gets gentle Street View slurp slap from UK data cops

This post has been deleted by a moderator

Page:

Forums

Biting the hand that feeds IT © 1998–2017