* Posts by DaveTheForensicAnalyst

33 posts • joined 30 Nov 2017

Super-mugs: Hackers claim to have snatched 20k customer records from Brit biz Superdrug


Re: Which one?


CKH, they own a number of Gas Distributors, Water, and Electrical distributors within the UK, all of which are Critical National Infrastructure, Cat 4 providers.


Bigger concerns here would be that the overall parent company of Superdrug also runs a considerable part of the UKs Critical National Infrastructure, let's hope the rot doesn't spread.

Telegram users get their stickers back as Apple passes update



"Are the little stickers a cannabis leaf for drug dealers/users, a bloke with a scarf around his face for terrorists and such like?"

Of course, and a Daily Mail sticker for narrow minded Muppet's who think encryption is just for criminals.

Kids and the web latest: 'Won't somebody please think of the children!' US Congresscritters plead


Re: We can protect them from those evil advertisers.

"We can protect them from those evil advertisers.

But guns? Meh, let the slaughter begin.

They'll be in our thoughts and prayers."

This, in bucket loads. What's the point in protecting them from an advert for a kids toy, if they have a limited likelihood of graduating school because some trench coat wearing tw*t comes in and shoots them and their friends.

America, you need to sort your fucking priorities out!

GDPR for everyone, cries Microsoft: We'll extend Europe's privacy rights worldwide


A lovely thought from Microsoft, shame the Cloud Act in America will "trump" that.

Blood spilled from another US high school shooting has yet to dry – and video games are already being blamed


Re: Early information


"dreaded "assault rifles" (a term invented by the anti-gun movement);"

Sorry mate, you're wrong on that one, not every term is an anti-NRA/Anti-gun dig. The term Assault Rifle was coined by the military after it moved from high velocity long range weapons, to lower velocity "Assault Weapons" duly named because of their specific ease of use during the "Assault" phase of a section/platoon level attack, and also "Assaulting" stronghold buildings during Fighting In a Built-Up Area (FIBUA), the weapons are better at assaulting due to their lower velocity/higher fire-rate ratio, meaning the depth of round penetration is more controllable whilst still capable of providing a sustained rate of fire to manage the enemy during the final phase of a fire-fight.

I do, however, utterly agree that the US is in "a hell of a mess", and being not a native of the US, can not truly imagine how desperate a people must be when out of 325.7 Million people, they could only come down to Hilary Clinton, or Donald Trump as their presidential candidates. From the outside, it makes for a grim irony that your former presidents have Library's named after them, when the level of reading of their own history is clearly so limited, if they haven't already learned that allowing your children to die because of a constitutional right, written in the 1700s when the weapons of the day were the Blunderbuss musket (let's face it, you didn't have the Harpers Ferry musket until after the constitution was ratified), then I feel they are unlikely to learn for a long time coming.

Maybe after a few of these nutter kids, end up breaking in the the NRA headquarters, trump tower, or even at a sitting of congress some more of your politicians will sit up and take note, but whilst the NRA are "lobbying" (see "throwing shed-loads of money at politicos) I doubt it will make a blind bit of difference.

Lawyers for Marcus Hutchins: His 'I made malware' jail phone call isn't proper evidence


24 mins @ LucreLout

I agree with what you are saying, and yes some of these things are obvious, but the point is what is admissible to a court (in any country). What did he agree to do? If what he agreed to do is ropey, then he's buggered, but if what he agreed to do (or was duped into by false presentation) seemed reasonable, then they would have difficulty in proving guilt of a criminal offence (in a civilised legal system).

"We can't just skate on by unless someone has given us a clear wirtten statement that they intend to use our work to break the law. Society, such that it is, simply cannot work that way."

Alas, that really is how life has to work, the way that subsequent governments in the developed world countries have changed laws through a system of paranoia driven decissions, the citizen (or corporation) is now in a "Cover my arse" scenario, where yes, they really do have to have written indemnity for pretty much everything, sad? YES, but reality.


"In the transcript, he admits to writing some code and passing on a binary so if its not thrown out he is in the brown sticky stuff."

I don't know, I don't think I agree. Whilst the transcript does make him look somewhat naïve about selling code when he's in a sticky situation with his finances, it doesn't really prove the code he wrote. What I mean is, if he has written code that would habitually scrub data, be that passwords, or any old crud, and he then sold that to an unknown purchaser, what is he actually guilty of? What if the buyer was a sysadmin who had taken over an old system after loss of staff, and needed to route out old service account passwords etc. is that criminal? If he has sold code built to a specification, but the specification isn't "please write me some code so I can nick a load of dosh from some banks", then I can't really see what he has done wrong, apart from being a bit stupid and selling some sniffing code in a chat room.

Maybe that just shows my naivety around the US legal system though.

As for the rest, he's used Jabber, presumably over SSL, where was he during the interception? Was there a warrant in place to allow the interception? There could some of the sticky brown stuff left on the FBI if this transcript gets before a good lawyer.

Equifax reveals full horror of that monstrous cyber-heist of its servers


Re: And how...

From the ICO...

"It is our view that the condition for processing below covers the sharing of account

data with the credit reference agencies for the duration of a contract and six years


“The processing is necessary for the purposes of legitimate interests pursued by the

data controller or by the third party or parties to whom the data are disclosed, except

where the processing is unwarranted in any particular case because of prejudice to

the rights and freedoms or legitimate interests of the data subject.”

"We take a wide view of the legitimate interests and we consider that it is in the

interests of other creditors to make informed lending decisions. It is important to note

here that the fact that the processing may be seen by some to prejudice a particular

individual (for example, someone with an adverse entry on his credit reference file

may not be able to obtain credit facilities) does not necessarily render the whole

processing operation prejudicial to all individuals."


Re: Medical records also

...unless you specifically go to the case and ask for a Criminal Compensation Order to be made.


Re: And how...

"It's difficult to see what legal basis they would have for refusing a "right of erasure". There's no statutory reason for them holding the data (that I'm aware of) they are holding it under "legitimate interest" so it can be deleted."

They can hold the data without consent under "legitimate interests", as long as your fundamental rights or freedoms aren't obscured.

On top of that, there are government loopholes at a UK level.


Re: And how...

There is a "Legitimate Interests" loophole under Regulation (EU) 2016/679 (47) which will allow them to reply with a nice "Go away and pester us no more" letter I'm afraid.

Techies! Britain's defence secretary wants you – for cyber-sniping at Russia


Yeah, right!

"Defence secretary Gavin Williamson has called for "people with amazing cyber and IT skills" to join the Armed Forces"

Well Gav, you up the pay to about 650 per day, and I'll consider leaving my comfy little office for you, oh, and I don't want to pay tax!

Honestly though, why would anyone leave the comfortably paid civilian IT contracting market and join the Armed Forces, I left them after fifteen years, the pay was awful, the conditions were awful, the equipment was so sub standard we had to borrow the Americans and buy our own. Until there is a massive shift change in how the Armed Forces are treated they will never get the people they keep begging for.

We 'could' send troubled Watchkeeper drones to war, insists UK minister


Re: So...

"That said, I'm sure I recall the CO of Collingwood in Fareham having to direct the gate to not let any sailors out before at least midday on Friday, as it was getting silly."

Well, that is the Senile Service for you, I assure you 'other' arms have been known to work a little harder ;)


Re: So...

This is true to the point of being the word of god!

I used to frequently spend my time in a brigade headquarters, wearing green a lot at the time, and actually remember a conversation with an AA (Administrative Assistant) Typist (Lower grade than Whale poo, which resides at the bottom of the ocean) who insisted the Brigade couldn't deploy without the civilian support teams doing anything. Funny thing is, they weren't around on the bank holiday weekend that we deployed to Kosovo, and we managed to get there okay! Turns out the typist in question didn't even manage to write up the Part One Orders on the Tuesday, must have had a case of the civil service snuffles!

Fact of it is, civilian staff, be it Sodexo in the cook house/mess, or the Civil Service in Abbey Wood, are largely clueless about military requirements, and couldn't give a hoot when they bugger off on flexi at 2pm on a Friday,

Rudd-y hell, dark web! Amber alert! UK Home Sec is on the war path for stealthy cyber-crims


"Will this "cyber app" have encryption?"

Have you seen Amber (C)rudd's other comments about encryption? Surely if it is true that we are all equal in the law, then she will hold all of the keys for the encryption to ensure she and her carefully selected partners (anyone that has a RIPA exemption, which includes everyone entitled to a .gov.uk email address, including your bin man) can access any of the apps data for investigation purposes.

Just a side note, this ladies understanding of technology is deplorable, her understanding of law is even worse, which is sort of scary when you consider she is the Home Secretary.

UK.gov told: Draw up code of practice for cops bulk-slurping car plates


Re: So, In a Blofeldian world...

"Public transport is also good"

Most of the larger bus companies have at least 11 cameras (internal and external) per vehicle, One will cover the entrance, and one will cover the driver cab. With the current use of facial recognition (See South Wales Police, who by the way have a sharing system with a certain capital cities bus company), it will not be long before your mug is well known, as well as your travel patterns, and a live "he's on the 13 to *** NOW".

I'm not here fighting for the pros or cons on this one, but the above is happening now.

Does Parliament or Google decide when your criminal past is forgotten?


Re: Going back in time to modify history

People are using the term CRB incorrectly here. What use to be the CRB (Criminal Records Bureau) ceased to exist and was replaced by the DBS (Disclosure & Barring Service). The DBS provides two levels of check (I believe) Standard, and Enhanced.

Standard Disclosure will not show crimes that are spent under the Rehabilitation of Offenders Act.

Enhanced Disclosure WILL show ALL convictions, including those that are deemed spent.

Your PNC record (Police National Computer) will hold your Criminal Data until your 100th birthday, regardless of the Rehabilitation of Offenders Act.

On the part of Google, I can't see any problem here, they are a search engine, they are merely echoing information already in the public domain on other websites that it is indexing. If the person in question has issue with those websites, he would need to take up his issues with them.

EU aviation agency publishes new drone framework. Hobbyists won't like it


EASA - Early Adoption Services Accounts

CAA - Cash Always Accepted

Trust me, there will be a litany of charges associated with hobby users for this, I've not met a policy that has come of of EASA, and picked up by the CAA that hasn't cost the end user money.

UK's BT: Ofcom's wholesale superfast broadband price slash will hurt bottom line


Re: Bad move

Laughed so much when I read this, I thought I'd popped a rib!

Let's face reality, as an IT person, if you see an OpenRetch (spelling is not a mistake!) van within a 10 mile radius of your office on the way in to work, you immediately pull over get out the mobile and phone your nearest and dearest with the line "It'll probably be a late one tonight love, I've seen an OpenRetch van!)".

Roses are red, Windows error screens are blue. It's 2018, and an email can still pwn you


Strike Bill

>You strike Bill!

>Bill's privately funded secret 'charity' Army, hunt you down.

>You are dead

>You have mastered 3% of this adventure

UK Home Sec Amber Rudd unveils extremism blocking tool


Sounds like they've been getting project plans from Blackadder and Baldric again "Well, no, it’s not a particularly cunning trick, because we’ve seen through it! But obviously they thought it was cunning when they thought it out."


Re: "unnamed algorithm"

I was going to go with "Rudd's Crud"

TalkTalk to splash £1.5bn laying full fibre on 3 million doorsteps

Thumb Up

Totally agree, lets get some fibre everywhere, before we aim for awesome fibre in one city, but dial-up somewhere else.

MPs: Lack of technical skills for Brexit could create 'damaging, unmanageable muddle'


Sounds like a job for super Crapita!

Vast majority of NHS trusts have failed cyber security assessment, Brit MPs told


I think a large part of that is the fact that "the NHS" doesn't really exist, individual trusts purchase for themselves, hence the disparate systems used across trusts. Due to that there is no NHS buying power. In fact, in one trust I have worked with, individual hospitals within the trust controlled their own IT budget.

(IT consisted of one trained member of staff, and one trainee who worked part-time, for a city of approx 462,000 within its metropolitan area)

Oh good, half of Defra's Brexit projects involve IT


Since HM Treasury / HMRC are so convinced on pushing IR35, chances are Gov won't find anyone willing to do the work anyway.

UK.gov needs help getting folk to splurge on full fibre and 5G


Re: "The market will provide"

If I could upvote this twice I would.


Re: End Openreach, BT, Monopoly

I'm knackered regardless. They've decided that they aren't going to do any more work FTTC or FTTP on the cabinet that serves me, they completed 50% of one module in the cab, but have stopped, even though all existing properties connected to the cabinet were paid for by the Welsh Government.


End Openreach, BT, Monopoly

Here's an idea, only slightly over the top.

Take the entire board of BT/Openreach (Let's face it, they are still joined at the head), line them all up on a North Korea firing range, and just go crazy with them guns.

After all, once that monopoly (that the government happily allow) which continues for the benefit of it's very wealthy share holders is finally ended, you could replace it with a national communications infrastructure organisation (Like, oh I don't know the GPO, https://en.wikipedia.org/wiki/General_Post_Office (For the nippers)) and actually look at investing strategically in our countries future communication abilities, and I daresay GCHQ would be quite happy having our comms re-nationalised too :)

(Personal Note Follows)


Signing up for the RAF? Don't bother – you've been Capita'd


Re: Another resounding Crapita success

They are cheap! That is all (at the beginning, until you realise you will be on to their support, every day, of every month, for ever!)

EU data protection groups: Fix Privacy Shield or face lawsuit


PS may as well be blank paper

Looking at another US / UK Case this week (Extradition), every agreement between <Enter Country> and the USA has to favor the USA or it will never be agreed to by them.

The same goes for the EU super state, the CJEU can bring as many cases as it wants with regards Privacy Shield against <Enter US defendant>, I'll bet my last groat, that not a single case will come to fruition, and personal cases will never even get an initial hearing.

On top of that, while 5Eyes are sharing intelligence, all information that is collected by the US will be obfuscated via UK, US, NZ, Aus, Can so that the source country will become unidentifiable, and therefore it will be masked as no case to answer.

With that in mind, Privacy Shield maybe a blank sheet of paper for the use it will be.

(All further communications will be via writing a note backwards, and tying it to the famed messenger pigeon Speckled Jim, to avoid all but the most intelligent of US's intel analysts)

Unfit to plead before a US court? You may face 'indefinite detention'


Can he face trial here? Well, YES!

The facts are, the crime(s) with which he has been accused of were committed from within the UK. We have s.1-3 of the Computer Misuse Act, which appears to cover them all adequately, and the evidence, which would rely heavily of Digital Forensic reports, as it does in all Cyber cases, could be easily transmitted. Any HDD images etc. could be sent over in chain of custody for analysis in this country in respect of the defence, therefore I can't see any reason as to why he cannot face trial in a UK court. Looks a little like the good ole' USofA want him there for a show trial where he gets 99 years if found guilty or until he dies if he cannot stand trial, pretty sure there is a human rights question in that little point.

Biting the hand that feeds IT © 1998–2019