Re: Cost to me?
>Did I consent to this? No.
Well it depends on what was in the app's data access privileges/permissions request when you clicked 'I consent' and downloaded it...
4995 posts • joined 23 Apr 2010
>Did I consent to this? No.
Well it depends on what was in the app's data access privileges/permissions request when you clicked 'I consent' and downloaded it...
If your organisation relied on certificates and you were using more than a handful, I suggest you would be well advised to set up your own PKI, it isn't all that difficult. That would reduce your 3000 certificate (subscriptions) to one root certificate.
It also makes it practical to have as you suggest short lived certificates as they would be wholly managed within your own infrastructure.
BTY, if your Accounts department can't handle 3000 certificate renewals a year then there is something wrong with it - its not that difficult in many accounts/financial systems to set up a bank account and ledger for reoccurring IT expenditure/subscriptions. But I expect the problem is that in many companies IT doesn't talk finance to Finance and so get things neatly structured.
>To that I say, my £100 smartphone has two SIM cards in it, one O2, one EE.
So do you have both numbers on your business card, or do you use a virtual number and call redirection service?
Personally, given dual SIM phones aren't generally available in the high st. but unlocked phones are, I have two handsets (latest toy and previous toy), each on different networks (EE and Three) and my tertiary fallback is a quick trip to a local shop where I can pick up a Vodafone/O2 SIM or a suitable MVNO SIM.
>At least we still make our own bricks.
According to the British Geological Survey the UK isn't self-sufficient in bricks and imported bricks account for a significant percentage of the market...
Mind you perhaps this might be a benefit of Brexit - we won't be able to build all those rabbit hutches various parties say need to be built...
>This is why you test your restore/recovery procedures.
I've tended to make restore/recovery part of normal day-to-day operations - probably because of my initial training on non-stop and fail-safe computing systems and focus on business continuity. However, I suspect unless you've had your fingers singed (SSO) you probably haven't considered certificate expiry to be an operational risk.
Admittedly, there are stretched os single line operation and even sections where the light rail shares track with main line trains, so I suppose those sections might be more dangerous to operate without comms or signalling.
Suggest you read up on the early railways and why signalling systems were developed...
The whole system around certificates is irretrievably broken if you require humans to be in the middle of it. It has to be automated - a subscription service that automatically updates.
Suggest you dust down the risk assessments from the mid-1990's for Single-Sign-On solutions - these worked well whilst everything worked, break something and everything fell into a rather big heap, from which it was easier to reset and start again than trying to recover...
The obvious issue with subscription services is ensuring the bank account(s) from which monies are automatically taken always have sufficient funds (or haven't been closed) and if there is a hiccup in payment processing things get escalated so that action can be taken before certificates expire...
"How were they supposed to read the news when their phone data connection was down?"
How were they able to post in forums if they had no data connection...
I suggest that those able to access forums weren't those truely impacted by this outage, who's smartphone would have been reduced to a games console for Snake and Tetris (aside: showing my age here)
>Another being that the extra oversight of the Huawei kit makes it a bit more of a faff to get signed off. I’m assuming you’d want the kit tested by HCSEC before you plug it in/upgrade the software.
I would assume, given the nature of HCSEC, that you would want ALL kit that was to go into the core to be signed off by a UK organisation like HCSEC.
But then I suspect some agencies would prefer the core to be built using equipment from compliant sources, as then their keys will fit the backdoors and the hooks will be there for their virtual crocodile clips.
>It's likely that they are moving to a single vendor for core network elements in order to make maintenance and upgrades to the packet core more simple
Well given BT effectively didn't operate a mobile network until it purchased EE, it would seem the only reason to move away from EE's Huawei core network, would be if you were going to merge the fixed and mobile network cores.
A concern has to be about the merger. I can see that fixed can be handled as a special case of mobile, but is mobile a special case of fixed?
Currently, Apple (largely) relies on new hardware sales. Clearly, it would seem they are several years behind Microsoft - who themselves aren't known to be market leaders, and moving from product to service and subscriptions.
>but seriously, anyone claiming they thought this was avoidance not evasion is living in a fantasy land.
Particularly as HMRC did a clean out of the investment industry in the late 1980's/early 1990's where part of the tax free 'investment' was a loan back...
Suspect the author was:
1. Having problems succinctly articulating the problem for example:
Disguised remuneration schemes are an example of unacceptable tax avoidance that HMRC is right to pursue.
ie. schemes that use the legal tax avoidance cloak to achieve something not originally envisaged.
2> Didn't get as far as reading para 2 on page 3 of the report:
However, the Government’s approach does not appear to discriminate effectively between the full range of behaviours and circumstances it describes as tax avoidance. There is a clear difference in culpability, for example, between deliberate and contrived tax avoidance by sophisticated, high-income individuals, and uninformed or naive decisions by unrepresented taxpayers.
3. The opening paragraph was edited with too much zeal to give it a little too much punch; but then there are some who think tax avoidance - including HMRC sanctioned schemes such as tax-exempt savings (ie. ISA's) and tax breaks on pension contributions, should be illegal...
The question is why he was engaging in a research activity without agreement from the subjects using his employer resources without an authorization for that.
Without knowing more about the nature of the research activity and the dataset retained it is difficult to determine the legitimacy of the research activity and use of school resources.
However, I suspect like many teachers he was tasked with improving standards and one of the ways to improve standards is to collect data and review so as to determine what went well, what could be done better, and what you would do differently, thus the dataset would reflect what he regarded as being relevant and potentially useful. Data can include SATs results, samples of pupils work, etc. Naturally in the school context, it would be normal not to anonymise data, thus the data becomes categorised as personal.
Thus the issue that was picked up on was the taking a copy of this data outside of the school in which it was originally collected and processed.
Given with GDPR, the world has changed, it is irritating that the ICO hasn't released more details so that others (ie. general public) can be more aware of what is now regarded as unacceptable data handling and processing.
>What excuse is there for leaving eternalBlue open for this long?
Perhaps you are coming at this from the wrong direction. The NCC Group reports, unfortunately, don't comment on whether the client's network did or did not have fully up-to-date patched systems or not. I suspect from their articles the network did contain systems that were fully patched and running the latest AV software designed to detect NotPetya...
Not really a bug, the setting just hinders one of the attack vectors used, significantly slowing propagation, which given the exponential nature of propagation might increase the odds of detection and damage limitation before too many systems are taken down.
>what are the side effects?
"there was one revelation in the guise of an ‘oh wow – I did not know that’ moment. NotPetya could use EternalBlue as a propagation method"
I like the footnote to the conclusion: "Noting is entirely risk free".
>Just what kind of company would intentionally infect itself with malware.
Looks like NCC EternalGlue will become a standard PEN testing tool - so in answer to your question, that will be any company that takes a proactive approach to security, which would most probably encompass all of NCC Groups cyber security clients.
Ofwat has done what the Pensions Ombusman has failed to do and linked pension scheme deficit reduction to investment and dividends; albeit in a tentative way. So as to improve the level of pension funding before a business enters the critical "unable to fund anything due to monies being extracted by
'investors' " - the Pensions Ombusman has a track record in turning up late resulting in everyone getting an excessively large haircut, that could have been avoided if they had acted years earlier.
Perhaps Ofcom needs to do similar, but be bolder, and directly link pension deficit reduction to dividends (eg. pension deficit contribution must be equivalent to at least 50% of gross annual dividend). Also linking wholesale price increases to pension deficit reduction.
And this book will give you an example of how you might use those sharpened pencils
But this is a tech website, so "keyless" should be used in the same sense as "serverless"...
>The truth is the cost has already been loaded onto our billing, and you can bet once the installation programme is over - there will be no downward adjustment to take the end of the project (and outlay) into account.
I've been thinking about this - my utility is currently trying to get me to have a smart meter installed. I'm delaying until they can confirm the meter is at least a 3rd generation meter - I've worked in IT for a long time and so understand the difference between first, second and third generation products and thus why the first release of NT was 3.1, hence why I will sit out the first (now obsolete SMs) and second (current generation that will be found to be incompatible with the back office systems needed to deliver the full SM dream)...
I suspect this 'windfall' will be shared with a 'small' amount being returned to the consumer, because it allows the politicians to claim smart meters have reduced bills just like they said they (SMs) would do...
And 18% coal, limestone or somesuch?
If on the pet food section that will be 18% Ash.
Yellow/RF - FTTC fibre + copper (the latter in Italian "Rame", hence the R), or fibre + radio (including broadband ones like FWA, 4/5G, etc.)
I think this doesn't quite go far enough; I suggest there also needs to be a distinction between FTTC and FTTM services (ie. fixed and mobile 'fibre' services), something will become more important when the 5G bandwagon really gets rolling and the advertisers will be making the most of the headline speed figures.
I suspect NASA doesn't want to be in a position to be seen to award a contract to a non-US company whilst Trump is in the White House.
Going on the Snowden disclosures, the agencies can already attach "crocodile clips" to the Internet and capture the raw packet streams/conversations, just as they could with the analogue telephone. If the call was encrypted they either had to crack the code or place eavesdroppers in handsets so they could pick up the unencrypted call.
Thus what is being asked for isn't a virtual crocodile clip but for an eavesdropping circuit built into the handset, complete with the apparatus necessary to exploit it without having to actually pay a visit.
>You still have to do something that actually USES a gigabit.
Not really, remember people currently buy Ferrari's and other supercars and go nowhere near a road or race track where they can actually open them up and exercise the horse-power. Thus I expect many will buy gigabit Broadband, not because they need it, but because they haven't a clue about what the numbers mean, other than bigger must be better and gigabit sounds more 'manly' than 80 megabits.
"I'd have thought May should be first up. ..."
The trouble is that May most probably really wants to deliver "Brexit", something I think many of her Brexiteers colleagues have forgotten. May wants to have an election "post-Brexit" and be able to say she (and the Conservative party) delivered on "the will of the people". In this context (ie. winning the next general election) it doesn't really matter what 'Brexit' is, just so long as it can carry the 'Brexit' label and the Conservatives can claim to have delivered it.
"No we aint. The EU is just over there, feel free to go."
An insightful comment Codejunky!
This perception of separateness I think is key to understanding some of the relationship issues this country (and probably its just the English) has with the EU and Continental Europe over the decades. Many in the UK have failed to grasp that if you live in a nation that is a member of the EU then you are living in the EU - but not in Continental Europe.
And then that trade deal with the EU: Spain will have the opportunity to veto it, if they don't get what they want over Gibraltar, Greece likewise will naturally request the Elgin Marbles or veto it...
Expect the UK to get a good kicking in the coming years, all because the UK decided to open Pandora's box...
Nice try at sarcasm, but this statement David Davis was undermined COMPLETELY by Traitor Mrs May gave it away.
David Davis and Boris Johnson undermined themselves - remember they agreed to the Chequers Plan... Then David Davis, along with a bunch of other Brexiteers then stood up in public with Mogg and showed themselves up to be deluded idiots...
However, Norway's role is to host facilities.
Likewise other non-EU states have access (to PRS signals)
The UK is wanting to not only have access - solvable, but also continue being an insider on the development of the PRS service ie. Norway, USA get to use the blackbox, the UK wants to build the blackbox and thus be privy to all its inner-workings.
Who said anything about the EU or US denying the UK access, in line with the "taking back control" the UK can't have a third-party supply it with military signal... So it will be the hard Brexiteers complaining that the EU/US are punishing the UK by not allowing the UK to provide the military signal to them.
>Those of us who voted in favour wanted a clean break
Delusional in thinking that all 17.2M wanted the same thing...
The only thing 17.2M people voted for was a direction of travel, at no time have they been given an option to express an opinion about the mode of travel...
Additionally, whilst the hard Brexiteers might have wanted a "clean break", what they overlook is that once the UK leaves, the UKs negotiating position will be much much weaker than it is now; al the fun-and-games with the EU27 is just a taster to the fun and games we will have with the WTO...
>A typical (non Reg-reading) household connects every single one of their Internet devices to their ISP supplied WiFi-router by default. Yes, even the 4K Smart TV which is less than a metre away from the bl**dy router!
I think you will find the default configuration used by Virgin Media is to link the TV box to the Internet via the WiFi. I discovered this the hard way after VM updated my inlaws service and router. I went in and changed the default WiFi SSID/PSK to something a little more useful and senior-user-friendly, subsequently they complained because the program guide etc. no longer worked. It took a walk through the TV Box settings to discover the configuration problem waiting to happen...
>does that three sim have a acceptable use limit?
Go check the price plans - Three has a SIM only deal for £27 with unlimited data, which includes tethering (aka personal hotspot)
However, if you move fast Three are offering an Unlimited Data/Minutes/Texts SIM for £20pm as a Black Friday deal. In theory you should be able to drop that SIM into your MiFi.
>1) buy Android phone that does "mobile hotspot"
This approach works when you only need to connect a few devices (typically up to 4) and they all effectively reside within your own personal cloud (ie. within circa 6m of the phone).
Back in circa 2006, the poor mobile signal meant I had to put an external antenna on the roof, which in turn meant sourcing 3G dongles that supported an external antenna.
Interestingly, whilst I have upgraded to FTTC, The 'ancient' Three system is still my DR option, as whilst its headline connection speed is significantly less than what my EE 4G handset claims it is getting, when it comes to reliably downloading stuff it outperforms the EE connection; but then that was to be expected, EE upgraded the local mast with 4G radio's, but it continued to use the 1Mbps backhaul...
1G is what came before GSM (aka 2G) ie. what the UK had in the mid 1980's and where the phones were so big you needed a car to carry and power them - hence Carphone Warehouse...
>Let's not have fake comparisons with a WiFi point on the end of 3km of aluminium twisted pair
Agree, however, it is valid to do the comparison in countries without a well developed fixed infrastructure ie. those who are effectively going from zero directly to mobile with wireless backhaul - where wireless is not the same as WiFi. But this approach probably doesn't provide the OTT soundbites that the hype merchants like.
"Wifi offers smartphone users a faster experience in countries where fixed networks are relatively strong"
So what is being measured here isn't "WiFi" v. 4G but something quite different.
Once you start questioning the findings, you very rapidly realise this report has been written by someone with an LTE/4G agenda.
Now perhaps Mansoor Hanif will do the honest thing and instead of giving yet more spectrum over to the mobile operators and make it free access...
>Was staggered how fast a 4G connection is at St Pancras station
Suggest repeating your experiment at different times of the day and at different locations in and around the vicinity of St.P.
>> I simply don't believe that many major retail banks could survive a full-scale DR if they lost one of their data centres in some kind of plane-flies-into-it style event, for instance.
Ours could, depending on the affected DC :D
From my experience, whilst many companies can survive the plane-landing-on-datacentre - because someone has thought about it, they have great difficulty in surviving events (eg. a bomb going off - an event not unknown in the city of London during the 80's and 90's) that prevent usage of head office or similar key office location.
>Its as if saving money by not planning your infrastructure to cope with these foreseeable rare events has nothing whatsoever to do with these incidents.
It is foreseeable that your house might be burnt down, have you planned for this eventuality beyond purchasing an insurance policy?
What is particularly noteworthy is how it seems to have escaped the politicians that the spate of single event outages at: Visa, Barclays, RBS, TSB, HSBC and Cashplus is very different to 6 outages at one bank in the same period.
>would certainly make IT systems more resilient at the banks.
Probably more cost effective and resilient to re-open the branch infrastructure and close the online banking division...
> withdrawn restrictions on the use of handset SIMs in dongles and mifis
Missed that - thanks.
I like the fact that on the Three website they are still clearly labelling SIMs as being for Phones or Mobile Broadband, having used Three for many years now, I naturally assumed they still restricted the use of phone SIMs in mobile broadband devices.
However, I suspect Three still use different APN's for their phone and broadband networks - they used to apply different firewall/content filtering policies and connection/traffic profiles. So you may need to change the default phone APN to the broadband APN get the full broadband service.
Suspect Three have brought online more capacity and now wish to grow subscriber numbers again.
>Not sure why you'd resteer the beam that covers a house (or a few houses) that frequently?
It's a shared medium, thus it sends a packet to you, then it beam steers and sends a packet to someone else and so on before it gets around to sending you another packet.
>Go check the price plans - Three has a SIM only deal for £27 with unlimited data, which includes tethering (aka personal hotspot)
Looks like everyone missed last month's 'announcement' from Three:
However, what does need to be clarified is whether Three have also lifted their restriction on using a phone SIM in a mobile broadband only devices.
I must admit to slightly harbouring the hope that May would be kicked out and a hard brexitter taking charge.
Yes it is a shame we haven't had the benefit of seeing the hard Brexiteers actually having to walk-their-talk, although I anticipate they will somehow find a way blame the EU on why they are incapable of reaching an agreement between themselves over which Brexit they actually want; I mean it is so unreasonable for the EU to expect them to actually know and articulate just what exactly it is that they want and how it can be realised in the real world.
I think yesterday's Mogg event was the first time the media started to appreciate just how deluded the leading hard Brexiteers are... Remember Mogg wants a hard Brexit, yet is too scared to publish his plan because he knows it contains more holes than a sieve, he is also too scared to put himself forward as a candidate to replace T.May...
I grant you that UKIP were and still are the only group to publish a plan, which whilst I'm not so sure it would have avoided all the problems we currently face, it was, at least, definite about where the UK would be on 30-Mar-2019.
>a gov trying to remain in all but name.
Funnily I don't see that, May seems committed to achieving Brexit, but without the total break in trade relations that is part and parcel of the UKIP plan; remember everything in the UKIP plan about the WTO can be regarded as being rubbish as it is based on a flawed understanding of how the WTO operates.
What is going to be interesting in the coming weeks, is given the events of yesterday, where Mogg, Davies and other prominent Brexiteers publicly demonstrated the extent of both their delusions and support (and more importantly being ridiculed in the Brexit leaning media), is whether May has the strength (or can be forced) to toss Brexit altogether... :¬
It looks as if this really will run to the last minute, however, might be advisable to save some popcorn for the encores...
>This was the reason I created a Dropbox account (many years ago).
Whilst this resolves some issues with Keepass, you are still vulnerable to Dropbox outages.
Personally, as a Lastpass user, I wasn't aware of there having been a problem until reading this article, but then I use the off-line client across my devices...
Biting the hand that feeds IT © 1998–2018