back to article Contact-tracer spoofing is already happening – and it's dangerously simple to do

British people will soon begin receiving random phone calls from so-called "contact tracers" warning them about having been in close proximity with potential coronavirus carriers. One of many problems with this scheme is it's dangerously easy to pose as a government contact tracer. As detailed by the NHS, contact tracers will …

  1. The commentard formerly known as Mister_C

    Scam callers coming out of lockdown

    We had two scam calls to the landline yesterday. First since lockdown started. Not Covid, just good old recorded scare message with "press 1 to talk to us".

    The parasites are taking govt advice and returning to work.

    Bastards

    1. Anonymous Coward
      Anonymous Coward

      Re: Scam callers coming out of lockdown

      I'm getting calls from people claiming to be my investment advisors "working from home" .... maybe, maybe not.

  2. Aspie73
    Flame

    1) my phone blocks numbers not in my contact list

    2) the gsm standard does not guarantee SMS delivery. If I get one of these messages, legit or not, I'll not be putting my life on hold.

    Flame away.

    1. John Robson Silver badge

      So if you got a bomb threat in the post (also doesn't guarantee delivery, things do get lost) then you'll ignore it and go that that place at that time?

      SMS is, whilst not guaranteed, sufficiently reliable to be a useful way of contacting people.

      1. Wellyboot Silver badge

        Bomb threat? I'd call plod, then mostly ignore it, anyone in a 'special' job will follow the procedure they were given for these events.

        Can we just assume scam and call the 0300-013-5000 number directly if contacted?

        1. John Robson Silver badge

          ^ Yes - contacting them back is a reasonable approach... Just plain ignoring it - as was suggested by the OP - is not.

          1. Anonymous Coward
            Anonymous Coward

            ^ Yes - contacting them back is a reasonable approach

            to tell them you need it in packs of 12's, well boxed, with same day shipment, and delivery straight to pentagon training facility. Maybe even demand for a discount with bigger bundle.

            My coat is that bullet vest.

        2. Anonymous Coward
          Facepalm

          > Bomb threat? I'd call plod, then mostly ignore it, anyone in a 'special' job will follow the procedure they were given for these events.

          I once worked in a place that had a bomb-threat procedure. There was script card you could print out from the corp Intranet and keep on your desk next to the phone, just in case. There was also a clear desk policy...

          1. TDog

            Clear desk policy - lock all your bombs away in a safe place...

    2. Steve Davies 3 Silver badge
      Facepalm

      re: 1) my phone blocks numbers not in my contact list

      That is all well and good but how does your Doctor or the NHS in general get in contact with you?

      They think that calling from a phone with 'Number witheld' is a good idea. They say that it is for data protection and privacy reasons. (eg if the call is to tell you that you have the 'clap')

      They could impliment a solution but my guess is that they can't be bovvered to impliment it.

      Perhaps you might like to think again about that rule given the current climate with CV-19

      1. Tom 7

        Re: re: 1) my phone blocks numbers not in my contact list

        My Doctor informs me when I'm going to get a call.

        1. John Robson Silver badge

          Re: re: 1) my phone blocks numbers not in my contact list

          That seems like a turtles all the way down situation...

          How does your Dr ttell you when they are going to call?

          I know my Dr well enough that I recognise them when they call, that's good enough security for me.

          1. EBG

            you're a Byzantine general

            and I claim my £10

          2. EBG

            you're a Byzantine general

            and I claim my £10

          3. Gonzo wizard

            Re: re: 1) my phone blocks numbers not in my contact list

            My surgery generally leaves a voicemail if I don’t answer. But neither do they block their number.

        2. This post has been deleted by its author

      2. Intractable Potsherd

        Re: re: 1) my phone blocks numbers not in my contact list

        I also have a policy of "unrecognised numbers get ignored". Doctors etc have instructions to leave a message - no message, no contact. I don't give a flying monkey whether I miss a contact-tracing call - it means less than nothing to me.

        1. This post has been deleted by its author

      3. Cynic_999

        Re: re: 1) my phone blocks numbers not in my contact list

        Many companies use number withheld for good reason. If someone from that company calls you and gets no answer, you would probably see the missed call and call back. You'd then get through to the company's switchboard, and the receptionist would have no idea which of the company's employees had tried to call you.

        1. Teiwaz
          Alien

          Re: re: 1) my phone blocks numbers not in my contact list

          Many companies use number withheld for good reason. If someone from that company calls you and gets no answer, you would probably see the missed call and call back. You'd then get through to the company's switchboard, and the receptionist would have no idea which of the company's employees had tried to call you.

          That's not That good a reason.

          The amount of times when I've actually gotten a name and number on voicemail so I could call back some company and find out the person who called has gone on leave and no one else in their office has a clue what it's about.

          icon: Cause..... Aliens!

        2. Intractable Potsherd

          Re: re: 1) my phone blocks numbers not in my contact list

          "Many companies use number withheld for good reason. If someone from that company calls you and gets no answer, you would probably see the missed call and call back."

          Nope - no message with relevant extension number etc, no return call. Calls with no message are almost always to the caller's advantage, not mine.

          1. Cynic_999

            Re: re: 1) my phone blocks numbers not in my contact list

            If the caller can leave a message with their extension, they can also include the main phone number - so no need for caller ID

        3. Martin-73 Silver badge

          Re: re: 1) my phone blocks numbers not in my contact list

          Not if the PABX is Centrex* style, then each extension has its own landline number.

          Most universities and hospitals do this... extension 1234 will have the number 0xxxx xx1234 as its caller ID and DDI number

          *centrex is a US term, I forget what Brutish Tellycon call theirs

      4. Toni the terrible Bronze badge

        Re: re: 1) my phone blocks numbers not in my contact list

        The NHS & Doctors dont phone me. Either email or letter.

    3. Roland6 Silver badge

      >1) my phone blocks numbers not in my contact list

      A few weeks back my home phone received a call, the CLI indicated the caller was my home phone...

      1. TeeCee Gold badge
        Coat

        You do know that talking to yourself is the first sign of madness?

        (The second sign is a saxophone solo in the middle 8)

        1. Anonymous Coward
          Anonymous Coward

          Phe wee du du du dudud deerrr, phe wee da, du du du daaaah...

    4. This post has been deleted by its author

    5. Cynic_999

      Good that you never need to take calls from numbers that are not in your contact list. I wonder whether your contact list includes all the numbers that may be used by your doctor, bank or the police?

  3. Jonathan Richards 1
    WTF?

    OT - Did I miss something? 301 moved permanently??

    The URL https://www.theregister.co.uk/Week has asked to redirect to https://www.theregister.com/Week [emphases added]

    When did that happen? The .com incarnation still needs permissions to go back to regmedia.co.uk, though. Wossallthatthen?

    1. Benchops

      Re: OT - Did I miss something? 301 moved permanently??

      Indeed. I only noticed because my password manager refused to dish out the goods for this previously unknown domain. I expect it's one big elaborate phishing scam. They can have my reg account -- Reg lost all the passwords some years ago anyway so they know what to do ;)

      1. big_D Silver badge

        Re: OT - Did I miss something? 301 moved permanently??

        Same here. I started my work PC after my leave and the password manager said no passwords, wtf?

        Looked at the pinned site and it was now showing .com. No warning, nothing. I did a quick check of the certificate, before logging back in.

      2. Anonymous Coward
        Anonymous Coward

        Re: OT - Did I miss something? 301 moved permanently??

        Anyone know the easyway to get the reg to delete my account . and or posts?

        Thought id start again.

        15 years or so of posts is quite a footprint

        1. Benchops

          Re: OT - Did I miss something? 301 moved permanently??

          https://www.theregister.com/about/company/privacy/#s7

          "Your right to rectification and erasure"

          sounds painful

    2. Anonymous Coward
      Anonymous Coward

      Re: OT - Did I miss something? 301 moved permanently??

      Possibly had to log in again at some point? That's when it happened. ;)

    3. BenDwire Silver badge

      Re: OT - Did I miss something? 301 moved permanently??

      I noticed too, but I thought that my password manager was just having an off day. I do hope this doesn't mean a less UK-centric sense of humour is on the horizon? (Yes, There is a 'U' in humour)

      1. Someone Else Silver badge
        Meh

        Re: OT - Did I miss something? 301 moved permanently??

        (Yes, There is a 'U' in humour)

        Perhaps, but only locally....

    4. Doctor Syntax Silver badge

      Re: OT - Did I miss something? 301 moved permanently??

      Thanks. I hadn't noticed that. It probably explains various breakages. I'll have to go and reset permissions.

      1. Doctor Syntax Silver badge

        Re: OT - Did I miss something? 301 moved permanently??

        Sorted.

        Temporary Interruption To Satisfy User Permissions.

    5. Steve Foster

      Re: OT - Did I miss something? 301 moved permanently??

      Over the weekend. As you say, a PITA.

    6. doublelayer Silver badge

      Re: OT - Did I miss something? 301 moved permanently??

      I noticed that too. It just seems wrong. Incidentally, a recent email from their tech panels was sent from marketing at theregister.co.uk, so they haven't switched over completely. Said message was delivered about 12:00 UTC today (Tuesday).

    7. Solviva

      Re: OT - Did I miss something? 301 moved permanently??

      host www.theregister.com

      www.theregister.com has address 104.18.4.22

      www.theregister.com has address 104.18.5.22

      www.theregister.com has IPv6 address 2606:4700::6812:416

      www.theregister.com has IPv6 address 2606:4700::6812:516

      host forums.theregister.com

      forums.theregister.com has address 104.18.5.22

      forums.theregister.com has address 104.18.4.22

      forums.theregister.com has IPv6 address 2606:4700::6812:516

      forums.theregister.com has IPv6 address 2606:4700::6812:416

      They've finally gone IPv6 by moving to a .com address?

  4. Lotaresco

    Unhearing government

    I have been in the position of giving advice to UKGOV about the security implications of their interactions with the public. They even have copious documentation on the subject such as the 2012 Requirements for secure delivery of online public services. Although the focus there is more about how the government sets out to avoid being scammed by the public. Yet repeatedly when there's a "government initiative" they fall flat on their face and constantly try to engage the public in ways that look like phishing, smishing etc. I had an invitation to an InfoSec conference that I ignored because it had all the paw prints of spear phishing on it, sent from a non-UK hosted domain using a no-reply From: address, poor grammar and spelling, talked in vague and inaccurate terms about security, asked for advance registration through a poorly designed http-only site with a long questionnaire about personal details and also requests for the applicant to state their security clearance(s) and provide the details of a referee from a client.

    It turned out to be genuine and from NCSC who had farmed the work of taking bookings out to a particularly clueless contractor.

    The financial industry is better at providing contact details and extra information to verify that a communication is genuine. The Government Communications Service exists with the mission statement "Supporting ministers’ priorities, enabling effective operation of public services and improving people’s lives." Either it's not very good at its job or it's not consulted for these mass-communication efforts.

    1. jake Silver badge

      Re: Unhearing government

      "from NCSC who had farmed the work of talking bollocks out to a particularly clueless contractor."

      FTFY

    2. TimMaher Silver badge
      Mushroom

      Re: Unhearing government

      Ever tried reporting a phishing site to NCSC?

      Totally impossible and they don’t reply when asked how, exactly, to achieve it.

      I won’t bore you with the details.

      Fume, rant!

      1. doublelayer Silver badge

        Re: Unhearing government

        If you do succeed in sending the report in, does anything happen? In my experience, nothing ever happens with reports sent to the registrars of the domain and the operators of the rented server, so I'd expect someone who is neither to have even less effectiveness. Usually, I just ensure the domain is blocked on any firewalls I can, send in the reports anyway, and possibly try to tamper with the phishers though I have a feeling my efforts there are always useless.

        1. Gonzo wizard

          Re: Unhearing government

          I’ve reported a few - I usually sent email to both the domain reseller and the hosting company. I get a reply about half the time. It’s pretty dispiriting when a hosting company genuinely doesn’t care about enabling cyber-crime.

          Usually when I get a response it is because the hosting and domain sales have been done by the same company (or two related ones) - although the big companies tend to be the exception to that experience, either not caring or just not set up to deal.

    3. Commswonk

      Re: Unhearing government

      @Lotaresco: "Supporting ministers’ priorities, enabling effective operation of public services and improving people’s lives." Either it's not very good at its job or it's not consulted for these mass-communication efforts.

      OR (and IMHO much more likely) data security and the minimisation of the risk to the public from contact - tracing based scams simply isn't a ministerial priority. Why would this application be an exception?

    4. Doctor Syntax Silver badge

      Re: Unhearing government

      "The financial industry is better at providing contact details and extra information to verify that a communication is genuine."

      Shall we settle for "just about as bad"?

      I've certainly never experienced any branch of the financial industry providing any verification of their contacts. Emails purporting to be from them arrive at the appropriate unique address but that's not intentional verification on their part.

      1. Steve Foster

        Re: Unhearing government

        Indeed, if I get a call from my bank (to my mobile number), the first thing they do is ask me to answer security questions (something their own advice says is bad).

        I always say no, and explain why (the explanation is for the benefit of the staff person calling *and* their trainers [who use the recordings of those calls :p]).

        1. Doctor Syntax Silver badge

          Re: Unhearing government

          I always refused point blank to believe that they were my bank on the basis that I'd already made clear to my bank that I couldn't accept such calls without caller verification and I wasn't even prepared to indicate whether or not they'd guessed right. It was followed up by a miffed letter from the bank saying they couldn't get in touch to sell me something I wasn't looking for (I paraphrase).

          It only happened with my business account. I suppose I could have simply said discussing financial matters with unsolicited callers was contrary to company policy.

          1. SImon Hobson Bronze badge

            Re: Unhearing government

            ha ha, yes I recall that sort of conversation where I explain that they've called me, so I'm either me or someone able to answer my mobile phone - so a very small set of people - but they could be absolutely anyone from anywhere in the world, so no, I am not going to tell them anything whatsoever until they prove who they are. Ah, but if we prove who we are, we could be telling someone else that you bank with us. I still don't care.

            On that occasion, I think it was implied that the call was urgent, so I called the bank back using the number on the back of my card - only to find out (eventually) that it was just trying to sell me something I didn't want. I made an official complaint - the result of which was that the bank put a note on my account to say I didn't want marketing calls.

            I did once get a call (from the same bank) that was genuine and urgent - fraud on one of my cards. Bu they still didn't get it. When I refused to identify myself, the person suggested I phone back and started giving me a number - I interrupted and pointed out that there was no way on earth I'd use any number given to me by some random caller who couldn't prove who they were. So again, called them back using the number of the back of the card, and took a while to get through to the right department and find that it was a genuine call.

        2. Ian Johnston Silver badge

          Re: Unhearing government

          The Co-Op bank used to call me regularly and ask me for two of four digits from my online banking PIN to identify myself. They seemed utterly clueless about how quickly and easily that could be used to get the whole PIN, and used to get quite aggrieved when I refused.

          So I started reporting every single call from them to their own fraud department. I don't know if they still do it to anyone, but they don't do it to me.

          1. Doctor Syntax Silver badge

            Re: Unhearing government

            The site currently asks you if you'll fill in a survey. The first thing to notice about the survey is that it's run from a 3rd party domain. Wankers in marketing never learn.

        3. TDog

          Re: Unhearing government Bank phone security

          On occasion I have stated that I have deposited a security number with them and can they please give me the 2nd and 4th digits.

          Cruel really.

    5. Fruit and Nutcase Silver badge
      Coat

      Re: Unhearing government

      Although the focus there is more about how the government sets out to avoid being scammed by the public

      Surely, it is the public who's got to avoid being scammed by the government?

  5. Anonymous Coward
    Anonymous Coward

    I just don't understand why this is a thing, and why it can't be prevented, shut down, stamped on.

    1. Persona Silver badge

      I just don't understand why this is a thing

      Crime exists partially because it is easier than working. Crime is prevented, shut down, stamped on, yet it still persists.

    2. Charlie Clark Silver badge

      It's a thing because the networks have flexiblity built-in: there are good reasons for being able to change the CLIR: off-directory number, switchboard, etc. (My current mobile network provider has joined the "corona" bandwagon by changing its ident to "stay safe".) However, the networks routing the calls do know the actual originating MSN but have no incentive to do anything: they can charge for blocking and the punishments for letting traffic onto the networks, which is easier to trace once you know the actual MSN for the call.

      1. Anonymous Coward
        Anonymous Coward

        Yeah, I get that - but why not set up a bond scheme? If you want to spoof your CLI, before BT or whatever network accepts the call, you must have signed up to a register and logged a £10000 deposit.

        1. Charlie Clark Silver badge

          Well, that makes it a pay-to-play scheme. There are lots of reasons for wanting to spoof the MSN. For example, think of a crisis centre or somone who is being stalked. Networks could, however, do more to reduce scamming by comparing the real MSN with the displayed one but they don't like to do this without being paid for it.

          The real problem, however, is with the providers who hand out blocks of numbers and provide access to the scammers. This is why in Germany regulation focusses on fining the providers because the scammers are often hard to trace or sanction, but whoever is providing their access to the PSTN must be registerted with the German network authority. As a result, AFAIK, there are far fewer phone scams here than in other countries.

  6. iron Silver badge

    Even if the actual government contact tracers call, how are you supposed to answer their questions? During lockdown I've gone to a nearby shop 10 minutes walk away for food every 3 or 4 days, on some trips I came into contact with up to 90 people! I don't know who any of them are. Nor can I remember which days or at what times I made those trips. So all I would be able to tell the NHS is I've come into contact with hundreds of people in the last 2 weeks but I've no idea who, how, what, where or when it happened. Very useful I'm sure.

    Once more we lead the world in being a total shambles. The whole thing is a fucking farce.

    1. Christopher Reeve's Horse

      I think it’s not the people you happen to have casually passed, but the people you’ve had a more meaningful and longer interaction with?

      1. Commswonk

        a more meaningful and longer interaction

        Sounds very like some sort of euphemism to me. In which case "I should be so lucky..."

        1. Barrie Shepherd

          "Sounds very like some sort of euphemism to me. In which case "I should be so lucky...""

          If it's the euphemism I'm thinking of the Govt. made that illegal from 1st June - so maybe the questioning is more to do with getting you to self incriminate than 'contact tracing' :-)

      2. aje21

        Indeed, to count as a contact you have to have been less that 1 metre away from them or between 1 and 2 metres away from them for 15 minutes or longer. I assume that having PPE will change the criteria to an extent, so use your best judgement to decide if something meets either criteria (e.g. if you are facing each other then that is worse than facing away, etc.) - to be honest, you can't actually test what mechanisms really transmit the virus without trying to infect people on purpose (and the same problem exists for vaccine testing) so much of what we are told is based on... well, guesswork.

        1. Richard 12 Silver badge
          Holmes

          So I'll be almost totally ignoring the tracers then

          I'll contact the people I've contacted myself. I can do that far faster and more effectively than any 25,000 people forced to try to use a web system managed by Dido Harding and created by the mates of the Tory party.

          Though weirdly I keep bumping into this guy wearing a beanie in a forest. Said he was having an eye test in a castle. Name of Despicable Cummings, or something like that.

        2. Scott 53

          Re: Contact-tracer spoofing is already happening – and it's dangerously simple to do

          to count as a contact you have to have been less than 1 metre away from them or between 1 and 2 metres away from them for 15 minutes or longer

          15 minutes, eh? Sadly, not a problem

      3. Charlie Clark Silver badge

        Which again is flawed logic. When someone is infectious with an airborne virus, such as the flu, even brief close contact is sufficient to pass it on. This is why colds and flus spread so fast and why, the 1.5 metre rule is about the best we have.

        The longer time really only makes sense in enclosed spaces where over time, even over distance you can expect to exchange biomes, which is why registers in restaurants and other places kind of make sense.

        1. gnasher729 Silver badge

          "This is why colds and flus spread so fast and why, the 1.5 metre rule is about the best we have."

          We have something better. The 2 metre rule.

    2. John Brown (no body) Silver badge

      "The whole thing is a fucking farce."

      It may well be, but clearly you have no idea what a "contact" is or you'd not have mentioned the 90 people you passed in the street and *may* have been within 2m of you for a second or two. After 2 months of being told constantly what a "significant contact" is, you still haven't got yet.

      1. Anonymous Coward
        Anonymous Coward

        It changes daily.

        I also note that "we won't change until level 3" and "we're guided by the science" have mysteriously changed to "LOOK AWAY FROM CUMMINGS. YOU CAN GO OUT, DO WHATEVER, JUST DON'T LOOK AT CUMMINGS"

        1. John Brown (no body) Silver badge

          Re: It changes daily.

          No one is claiming things are perfect nor denying that some aspects are farcical. But we don't need people inventing fake complaints to drown out the real and valid ones. I'm starting to wonder if maybe this is not an invasion of Sun readers but an invasion of Tory spindoctors spreading mis-information to hide the mistakes.

        2. TheMeerkat

          Re: It changes daily.

          It the other way around. Cummings was the destruction and idiots like you fell for it and still can’t shut up.

    3. Prst. V.Jeltz Silver badge

      Even if the actual government contact tracers call, how are you supposed to answer their questions?

      As a techie i find it staggering the the govt appears have just given up on a tracing "app" and just said , "nah we'll just get a load of people with telephones and if anyone gets it we'll ring them up and see if they can remember who they went near to."

      This was technology's time to shine .

      Then again it would never have worked looking at the comments underneath the news stories about it.

      People seem to think if they use the app they'll be rounded up and shot.

      1. John Brown (no body) Silver badge
        Black Helicopters

        "People seem to think if they use the app they'll be rounded up and shot."

        Don't be daft!! The "sheeple" will install the app. Anyone independent enough to refuse will be shot.

      2. Richard 12 Silver badge

        Because it tells Ms Patel where you are

        Priti Patel, or someone else in Government decided that "follow everyone everywhere, log their every movement and lock 'em up if I feel like it" was a higher priority than "make it work"

        Apple and Google were falling over themselves trying to help, only to be snubbed because their design had "user privacy" and "actually works" as design goals.

        1. Toni the terrible Bronze badge

          Re: Because it tells Ms Patel where you are

          Funny Taiwan has a good track and trace system, it was in place as soon as that Doctor in Wuhan (now dead) said there was a problem. I heard they had only 7 deaths from Corvid-19. What is it here now 39000? Hmmm makes you think....

      3. Doctor Syntax Silver badge

        As a techie i find it staggering the the govt appears have just given up on a tracing "app"

        I don't think they have. They just realise it won't be sufficient (assuming it works) because ..... not everyone has a smartphone to run it on. And not everyone who has a smartphone can be arsed to carry it everywhere or even keep it charged up; I certainly can't.

        1. Prst. V.Jeltz Silver badge

          not everyone who has a smartphone can be arsed to carry it everywhere

          I cant be arsed to go to work , or do the washing up , but i do for various reasons.

          Fighting an outbreak of a contagious disease is like fighting a war , in that it requires a soupcon of co-operation (or coercion) from the populace.

          Sitting at home bitching saying things like "well what if I dont want to carry a phone" is not the attitude!

          If i were in charge i would implement this simple solution:

          .

          "Cant / wont / too lazy / too obtuse to get yourself a smartphone ?

          YOU CANT GO OUTSIDE THEN"

      4. Charlie Clark Silver badge
        Stop

        As a techie i find it staggering the the govt appears have just given up on a tracing "app" and just said

        Well, maybe as a techie, you just don't understand the sketchy science (the heuristics both of the proximity calculations and the statistics required for results to be helpful) and the very valid concerns about data protection but still continue to place your faith in a technological solution.

        1. Prst. V.Jeltz Silver badge

          You mean how it can think that your in contact with your neiebour even though theres a wall between you?

          Yes i've thought about that.

          I'm kind of the "every little helps" school of thought.

          Whereas everybody else seems to be of the "if we can think of one single disadvantage ranging anywhere from 'its impossible' to 'i dont like the colour' then the whole things a non starter.

          imagine this:

          Sherlock homes: "Commisioner , i have detected the killer has only one leg due to his gait"

          Commisioner: "Plenty of non killers have one leg too so fuck off Holmes"

          1. Charlie Clark Silver badge
            Facepalm

            I'm kind of the "every little helps" school of thought.

            What about "every little error"? You can buy covid-19 antibody kits in the US with an accuracy of 50%. Do these help as well? Forget about walls – Bluetooth isn't directional so proxmity data is really unreliable: you get signal strength only. Add to this the problems due to extrapolating from insufficient sampling data.

            Our biggest challenge with this virus is detecting it before symptoms show, which is why the Chinese have invested so heavily in remote temperature sensors. If we could quickly and reliably identify infected people then we should be able to reduce the spread of the virus very quickly.

      5. Teiwaz

        This was technology's time to shine .

        With UKGov's greasy fingerprints all over it, <u>shine</u> was never a possibility.

  7. jake Silver badge

    Here in the States ...

    ... I've been receiving cold-calls from people purporting to be contact tracers for about two weeks now. I tell 'em to fuck off and hang up. I have no idea if they are legit or not, and quite frankly I don't care, either. If they need to talk to me, they have my address. And they'd best have some really, really good ID/credentials if they decide to show up here.

    1. Chris G

      Re: Here in the States ...

      When I lived in the boonies in Nothern California, our credential checking equipment was supplied by a Mr Mossberg.

  8. Chewi

    STIR/SHAKEN

    As someone who helped to implement the STIR/SHAKEN protocol to allow telcos to block robocalls, I was wondering why it wasn't extended to SMS, but apparently it's being looked into. I guess they figured it was less of a priority because it's arguably less annoying and SMS is falling out of use anyway.

    1. Anonymous Coward
      Anonymous Coward

      Re: SMS falling out of use

      not amongst those who are ditching FartBook/Twitter etc it isn't.

      SMS is the one thing you know that everyone with a phone has. You have no clue (unless they tell you) what a person's Social Media ID's are.

      1. Chewi

        Re: SMS falling out of use

        Aww, a down vote? I should have been clearer in saying that I do still use SMS myself for that very reason and because I avoid social media in general. I do have Signal but no one else does. The Signal app also works well for plain SMS. None of this changes the fact that SMS is still falling out of use. Don't shoot the messenger. ;-)

        1. ThatOne Silver badge
          Devil

          Re: SMS falling out of use

          > I do have Signal but no one else does

          The world is full of people who have Signal but no one else does... :o)

          Seriously, it's not the app to keep in touch with your teenage children (or grandchildren). A lot of people use it (me included), but professionally.

          1. Anonymous Coward
            Anonymous Coward

            Re: Signal

            "Seriously, it's not the app to keep in touch with your teenage children (or grandchildren)"

            It is if they're after a quarter

          2. Charlie Clark Silver badge

            Re: SMS falling out of use

            I use it with my nearly teenage nephew and have seen known contacts spike recently.

    2. Missing Semicolon Silver badge
      WTF?

      Re: STIR/SHAKEN

      "Falling out of use"? You're 'avin' a larf, right? In fact, it's now the most popular form of 2FA! So no need for security at all!!

  9. IanRS

    What are the odds?

    How likely is it that while reading an article on COVID-19 related spam or phishing calls, the phone rings? And it is a COVID-19 related phishing call?

    Regardless of the odds, it happened.

    1. Anonymous Coward
      Anonymous Coward

      Re: What are the odds?

      One in a million chance?

      1. Evil Scot

        Re: What are the odds?

        About 90% then!!!!!

    2. Aristotles slow and dimwitted horse

      Re: What are the odds?

      I just spoke to a bloke in the Co-Op and the chances are they same as anything coming from Mars (he said).

      1. OssianScotland
        Pint

        Re: What are the odds?

        Yes, but as Nobby Nobbs will tell you, million to one chances happen nine times out of ten

        Icon: GNU PTerry

  10. Pascal Monett Silver badge

    Jumping the gun a bit, aren't they ?

    The UK contact tracing app has just been made available and scammers are already on the hunt ?

    It's a bit quick I think, and a lot of those calls must logically end in "but I don't have the app on my phone yet, so how did I get into your database ?".

    Of course, there still is the obvious issue of users not engaging brains when getting a phone call, so maybe it's okay for the scammers.

    1. Anonymous Coward
      Anonymous Coward

      Re: Jumping the gun a bit, aren't they ?

      At the moment the UK contact tracing is not using an app. You get diagnosed positive, you get phoned, you tell the tracers who your significant contacts were, tracers phone your contact and say 'please self isolate' but won't say who it was you were in contact with. So you could get a scam call.

      Personally I'm not too worried, as if you are abiding by the recommendations you should know which mate you went to the pub lock-in with / significant other who popped around for afternoon delight etc, and you can just call them up and check if they are coughing.

      But if spam calls didn't work that nice man from BT wouldn't have phoned 5 minutes ago to tell me about the 'suspicious activity on my line'......

    2. Omgwtfbbqtime
      Facepalm

      Re: Jumping the gun a bit, aren't they ?

      Just looked for it on the app store, found 6 or 7 contract tracing apps, not one had NHS or UK Gov in the title (one did say New Zealand but they seem to be a bit more alert).

      Not going to risk downloading a fake.

      1. Doctor Syntax Silver badge

        Re: Jumping the gun a bit, aren't they ?

        Not going to risk downloading a fake any of them. The fake has the advantage that they probably won't hang on to your data for a couple of decades.

    3. ibmalone

      Re: Jumping the gun a bit, aren't they ?

      The level of confusion, even on this forum which should be relatively clued-up, between the contact tracing effort and the contact tracing app tells you a lot about our government's success in communicating its plans.

      1. John Brown (no body) Silver badge

        Re: Jumping the gun a bit, aren't they ?

        But considering it's been all over the news for weeks now, including details of how than manual contact tracing works and that the app is still not ready/being tested on the Isle of Wight, I'm gobsmacked at the numbers posting here who clearly have no clue and are ill informed. Have we been invaded by Sun readers?

        1. Richard 12 Silver badge
          Facepalm

          Re: Jumping the gun a bit, aren't they ?

          Several ministers have insisted that the app is necessary, does work and will be rolling out soon or has already been released, interspersed with "clarifying" statements that it's not needed, still being trialled and not going to be used at all.

          In other words, the usual clarity, accuracy, truthfulness and openness that has defined Boris Johnson's entire career.

    4. Graham Cobb Silver badge

      Re: Jumping the gun a bit, aren't they ?

      Most contact tracing is nothing to do with the app and can begin as soon as the tracers are trained. Most of it will be contacting work colleagues.

      Surely the app is only really relevant for finding contacts on public transport. Any other context you either know who your contacts are or you have not been in close proximity for any length of time (if you are following social distancing rules).

  11. A. Lewis

    Eh...

    If one calls me, the only person I'm going to say I've had any contact with is Dominic Cummings.

    1. Anonymous Coward
      Anonymous Coward

      Re: Eh...

      if you really have then self-isolation is not enough. I recommend an acid wash, gargle a pint of dettol and say 24 hail-marys.

      1. Steve Foster
        Mushroom

        Re: Eh...

        Self-immolation, OTOH, might just do...

        (obvious choice of icon)

    2. Cederic Silver badge

      Re: Eh...

      I think every public figure is likely to find the NHS thinking they've been in dozens of different parts of the UK all at the same time.

      Although it's a predictable issue I haven't heard how the system being put in place seeks to address it.

    3. Anonymous Coward
      Anonymous Coward

      Re: contact with Dominic Cummings.

      Should be enough to send you to Jail, do not pass go, do not collect your next benefit payment.

      1. Anonymous Coward
        Anonymous Coward

        Re: contact with Dominic Cummings.

        Why? It's a high possibility we've come into contact with Cummings!

      2. Intractable Potsherd

        Re: contact with Dominic Cummings.

        @AC - assuming (probably wrongly) that you aren't another troll - would you care to explain your thinking?

        1. Anonymous Coward
          Anonymous Coward

          Re: contact with Dominic Cummings.

          Obviously it's a joke based on the fact Dominic Cummings has been ignoring lockdown rules to make jaunts up and down the country.

  12. Anonymous Coward
    Anonymous Coward

    The government "shielding" calls for the vulnerable

    They also came across like a phone scam. The wife is officially in the high risk category and she passed me the phone when she got such a call. They wanted to take her through security by asking her some personal questions. As I said to the caller - "You called us, you could be absolutely anyone; so we need to take YOU through security." All I got was blather along the lines of "I assure you I am not a scammer" to which I replied "I assure you then that you've called the correct person and don't need personal information from us to verify who we are." We hung up in the end as they wouldn't budge. Even their claim that they are legit based upon the telephone number is bogus as scammers routinely spoof the number they are calling from.

    1. Yet Another Anonymous coward Silver badge

      Re: The government "shielding" calls for the vulnerable

      >I assure you I am not a scammer"

      For classifications of secret and above they have to use the phrase "scouts honour, I'm not a scammer" for data classified as confidential or restricted then a "pinkie swear" is sufficient

  13. Anonymous Coward
    Anonymous Coward

    The government is not your friend.

    1. Phil O'Sophical Silver badge

      But not necessarily your enemy either.

      1. Tom 7

        This one is.

        1. Anonymous Coward
          Anonymous Coward

          why?

          are you not PM then?

          come on... we need to know how are you are going to do a better job. Hindsight is not allowed.

          BlowJob isn't perfect. Not by a long chalk but I would not want his job for all the tea in china and india combined.

          1. Anonymous Coward
            Anonymous Coward

            Boris is worse than useless

            He's responsible for somewhere in the region of 10,000 deaths so far by acting late. The sudden early reopening policy is directly opposed to the scientific evidence, and is likely to kill thousands more.

            I don't want his job either, but I'd be far, far better at it.

            You'd probably be better at it too, AC. And probably almost every commentard on this here forum.

            You can usually spot the people who would make good PMs and senior ministers because they don't want to do it.

            Anyone who actually wants to be a senior minister or PM should never, ever be allowed anywhere near Government, because they will kill people.

            The trouble is that most of the deaths are indirect, so you can rarely point at a specific funeral and say that they in particular would have lived if it were not for Boris, Cummings and his incompetents.

            1. Anonymous Coward
              Anonymous Coward

              Re: Boris is worse than useless

              you can rarely point at a specific funeral and say that they in particular would have lived if it were not for Boris, Cummings and his incompetents.

              Just be grateful that Corbyn didn't win the last election. He'd still be trying to decide what do, and the unions would be insisting on double-time for working at home.

          2. Doctor Syntax Silver badge

            Re: why?

            "Not by a long chalk but I would not want his job for all the tea in china and india combined."

            That means you're temperamentally better suited than anyone who does, including him.

          3. Anonymous Coward
            Anonymous Coward

            Re: why?

            Oh come on... The whole government response has been a huge disgusting failure.

            They are more interested in their own spin and PR than saving people.

            BJ missed 5 cobra meetings. He went on holiday at a key time, he won't sack his boss; against all recomendations he's relaxing lockdown to take the heat off Cummings.

            The only "free world" leader who's been worse than Boris is Trump, and "not being as bad as trump" is hardly an endorsement.

            1. Maverick

              Re: why?

              COBRA doesn't exist and is not routinely chaired by the PM, but keep taking the misinformation feed from the press scum

              1. Martin-73 Silver badge
                Facepalm

                Re: why?

                I suppose the moon landings were faked too

          4. codemonkey

            Re: why?

            His job is superfluous. If he did implement what scientist said, then he's just a broken filter. So if you "believe" in his job, then you're very much into puppets. I, personally, don't need them.

  14. anthonyhegedus Silver badge

    This is not how security works

    I just got a text from 'UK_Gov' that said along the lines of "UK Gov National Shielding Service. Please expect a call from 03333 xxxxxx blah blah blah". We use a text message service for bulk texting some of our clients, and I tried to send myself a text with a 'from' of 'UK_Gov'. It didn't arrive. The service said it was delivered, so it must have been the carrier that blocked it.

    So OK, that's *some* protection. At least one mobile provider blocked a spoof attempt at least once. I'm still not sure if they block spoofed phone calls. I could try, we have a service that used to let you do that for some reason, but I really don't want to.

    I saw on TV in the last week, ministers and advisers have been asked twice how we'll know it's a genuine call. And twice they've said more or less the same thing, that it'll be obvious you're talking to a professional. Sorry, UK_GOV but that IS NOT HOW SECURITY WORKS!!

    1. David Nash Silver badge

      Re: This is not how security works

      Exactly....they've confused false positive with false negative.

      Even if it is obvious when you're talking to a real professional, it doesn't mean that it would be obvious if you are talking to a scammer.

      1. ibmalone

        Re: This is not how security works

        I suppose maybe they could be an amateur scammer.

    2. ibmalone

      Re: This is not how security works

      I saw on TV in the last week, ministers and advisers have been asked twice how we'll know it's a genuine call. And twice they've said more or less the same thing, that it'll be obvious you're talking to a professional. Sorry, UK_GOV but that IS NOT HOW SECURITY WORKS!!

      This is so poor. There's actually a process, they're meant to refer you to the contact tracing site (in fact, it's meant to be the preferred route for providing the details), which you can confirm from gov.uk guidance (domain is phe.gov.uk). If even the people at the podium don't know this then what hope do the rest of the country have?

      1. anthonyhegedus Silver badge

        Re: This is not how security works

        phe.gov.uk? The one which is currently saying

        This site can’t be reached

        phe.gov.uk took too long to respond.

        ERR_CONNECTION_TIMED_OUT?

        1. John Brown (no body) Silver badge

          Re: This is not how security works

          I tried https://www.phe.gov.uk/ and got Error code: SSL_ERROR_BAD_CERT_DOMAIN

          1. SloppyJesse
            FAIL

            Re: This is not how security works

            Brave says:

            This server could not prove that it is www.phe.gov.uk; its security certificate is from *.phe.org.uk.

            That site is not getting any of my details...

        2. ibmalone

          Re: This is not how security works

          It's a mea culpa, I was being too light on detail, the actual site is a subdomain, https://contact-tracing.phe.gov.uk/ (plain phe.gov.uk doesn't appear to exist, www.phe.gov.uk is a redirect to a www.gov.uk page, but they seem not to have got the certificates right for anyone specifically requesting https://www.phe.gov.uk)

    3. Anonymous Coward
      Anonymous Coward

      Re: it'll be obvious you're talking to a professional

      Oh, if only...

    4. RM Myers
      Unhappy

      Re: This is not how security works

      This IS how security works. Haven't you been reading about all the security breaches on El Reg?

      Is it how security is supposed to work? of course not.

    5. Aussie Doc
      Pint

      Re: This is not how security works

      "... it'll be obvious you're talking to a professional."

      Totally OT but I received a frantic phone call from a business customer saying that they had a call to say their phones would be cut off unless blah blah blah.

      I told them that we'd discussed this before - it was a scam.

      The reply? "BUT THEY SOUNDED SO SURE OF THEMSELVES."

      They walk amongst us and even vote.

      Stay well.

    6. TrumpSlurp the Troll
      Trollface

      Re: This is not how security works

      If, on the other hand, the caller sounds confused, uncertain, and then breaks down part way through and admits that they don't know what they are doing because they haven't had any training you can be reasonably sure that it is genuine,

  15. Doctor Syntax Silver badge

    But - but -but isn't that experienced professional Dodo Harding, reporting to that expert on secure personal apps Matt Hancock, in charge of this?

    1. anthonyhegedus Silver badge

      Dodo Harding!

      Yes real security experts there. I got a call just now, and I'm sure it was genuine, they confirmed my address.

      1. Sir Runcible Spoon
        Trollface

        "they confirmed my address."

        So you told them your address and they said 'yep, that's correct' ?

  16. Will Godfrey Silver badge
    Linux

    I feel left out

    I never got any kind of of warning at the start of this pantomime (and yes I'm well over 60). I've not had any text messages either about not going out, nor recently that I now could. I'm not even getting any scam attempts - apart from the usual supposed bank telephone warnings and outlook folder full emails.

    What am I doing wrong?

    1. Chris G

      Re: I feel left out

      If you like I can forward a few of the Spanish bank scam emails that I get several times a day.

      Most are phishing but a few seem to have some fairly chunky code in them.

      My bank knows my preferences are set to cash only, no online banking so even without looking at the medsage source I know they are iffy.

      I have almost finished with my sixties but I'm not quite gaga yet.

    2. John Brown (no body) Silver badge

      Re: I feel left out

      "What am I doing wrong?"

      Well, the first probably appears to be that you are chronologically challenged. If you were 10 years older you'd probably have heard from them. Likewise, you need to be in the clinically at risk group and have a medical professional aware that you are. If you are, and they ought to know, you may be one of the few who fell through the cracks.

      1. Anonymous Coward
        Anonymous Coward

        Re: I feel left out

        Two weeks ago my wife was suddenly contacted by SMS and phone and told that she should shield.

        The texts and calls came from a variety of different numbers, which matched both national and our local council, and she was never asked for personal info.

        We still do not know whether it was real or not.

        Our GP said that around 10,000 people were wrongly told to shield, and a similar number wrongly *not* informed. So who knows.

      2. Doctor Syntax Silver badge

        Re: I feel left out

        "If you were 10 years older you'd probably have heard from them."

        I'm 10 years older than you probably think Will is (well over 60 is stall a valid statement, of course). So is SWMBO with additional criteria and neither of us have been contacted. I suppose it's possible someone might have attempted to send her an SMS but it's not an effective way of contacting her - she hardly ever has her mobile on unless she wants to make a call. Plain old letter would be more effective.

        1. John Brown (no body) Silver badge

          Re: I feel left out

          I agree, the system isn't perfect and there are many and varied valid criticisms. And while agree that saying he is "well over 60" implies that he doesn't know the cut off point for age related shielding or that he's under 70, but over 60 and still doesn't "qualify". Either way, it strongly implies he's ranting with incorrect facts and as I already said, there are actual and valid concerns without adding "fake" ones.

          1. Anonymous Coward
            Anonymous Coward

            Re: I feel left out

            My 90 year old MIL, fortunately in goodish health for her age, has not had any contact. There is as far as I know no such thing as 'age related' shielding if you take it in its medical sense as 'really really really stay isolated'. There has just been advice as there has been to the rest of the population.

      3. Will Godfrey Silver badge

        Re: I feel left out

        10 years older than what? I'm actually over 70, and indeed have some health issues.

        Oh, and whoever said 'rant', I don't do rant. Piss-take, yes, but not rant.

  17. David Nash Silver badge
    Facepalm

    Smishing warning

    I got a warning from Three in the form of an SMS telling me to click an anonymous-looking link to get more info.

  18. Anonymous Coward
    Anonymous Coward

    Why don't they have a page on the .gov.uk domain created automatically when making the call that the person calling can direct the caller to with a code? Then once the page has been accessed the server deletes it or am I missing something?

    1. Tom 7

      The gross incompetence of the people in charge of the actual system.

      1. Anonymous Coward
        Anonymous Coward

        Sounds about right, I mean thinking about it they could have 12 pages set up for the day and then release the details each hour to the contact tracers with a 6 number code on the page and a big confirmation sign. Change addresses and codes each day. It would be easier however open to abuse if a contact tracer knows a scammer but better than absolutely nothing.

    2. Velv
      Boffin

      Hiscox Insurance have an interactive page exactly like this they use when on the phone discussing insurance policies. It shows the text of the standard blurb they read out as they read it out, as well as other Key Facts.

      This is not rocket science.

    3. doublelayer Silver badge

      A few reasons:

      1. They'd need some method of identifying the page to the user so it was obviously not generic and the user could determine that. Probably the best way would be to use the phone number as a key.

      2. They'd need to stop bots from scraping the pages and tracking people by watching the pages pop up.

      3. They would need to consider these issues and understand that the public is not made of children.

      4. They'd need to invest some time in thinking of and creating a good system.

      5. They'd need to consider the point of this endeavor rather than just jumping to the first idea someone had.

  19. Tanglewood73

    NHS Number

    The 'could' tell you your NHS number as basic verification to prove it's the actual contact tracing service instead of a a scammer as they're very unlikely to know this. Unfortunately the person being called is unlikely to know their NHS number as well...

  20. Velv
    Mushroom

    "the British government sent the entire nation a text message saying "Stay at home.""

    I'm guessing Dominic Cummings didn't get that text message, even though he wrote it.

    Sack Cummings now Boris, we're not going to let this go.

    1. Cederic Silver badge

      1 - he didn't write it

      2 - the Government published a lot of guidance that included various exceptions, such as caring for vulnerable people. E.g. four year old children.

      3 - the deputy CMO explicitly stated that childcare was an exceptional situation

      You may not want to let it go but you're not going to get anywhere.

      1. sabroni Silver badge

        @Cederic

        Bollocks.

        Take a look at yourself in the mirror and have a good long think about what you believe and who you trust.

      2. JDPower Bronze badge

        I found today's Tory and hereby claim my prize

      3. Anonymous Coward
        Anonymous Coward

        1 - He probably did he is the chief adviser so at the least it will have been run by him for the optics.

        2 - Yes they did while sending vulnerable people back home from hospital with Covid-19 so other vulnerable die.

        3 -Exceptional situations require you to fix them with the safest option. Driving 260 miles to Durham while your wife has the virus is not safe and driving to Barnard Castle to test your eyesight *cough* on your wife's birthday *cough* even though your wife can drive *cough* Bollocks.

        He'll be gone soon, people aren't going to forget after the sacrifices they made to keep everyone else safe like not visiting dying relatives, The optics (I like using that work) on this are terrible and if we get the expected second wave because of the completely shite management of the crisis he'll take Boris with him. No blaming the scientists now that would be naughty and totally ignored by the public because plenty of scientists have said what we are doing is wrong.

        You're welcome.

        1. Cederic Silver badge

          Yes they did while sending vulnerable people back home from hospital with Covid-19 so other vulnerable die.

          Oh, nice whataboutism. Shame that nobody was sent home from hospital without sign-off from a clinician.

          The NHS also denies it: "“It is a damaging and mistaken belief that trusts knowingly and systematically discharged Covid-19 patients into care homes,” she said."

          -- https://www.ft.com/content/aeca8c12-fc27-45cf-9141-a0820a47c6d2

          people aren't going to forget after the sacrifices they made to keep everyone else safe like not visiting dying relatives

          You mean the way that Cummings didn't visit his dying Uncle, or go to his funeral?

          Unlike, I don't know, Tahir Ali who went to two different funerals on the same day (as an observer!), but hasn't resigned or been criticised by the millionaire Sir Keir Starmer?

          The optics (I like using that work) on this are terrible and if we get the expected second wave because of the completely shite management of the crisis

          A lot of people want lockdown to continue. A lot of people want lockdown to end. Some people say lockdown was a mistake, some people say that lockdown was put in place too late. I'm not even describing members of the public here, I'm talking about SAGE members.

          Yes, mistakes have been made, but please, stop fucking attacking a man that broke no laws while assuring that his child could receive continued care. That makes you look as stupid as the BBC.

          1. JDPower Bronze badge

            If you're gonna criticise someone for whataboutism, generally best not to resort to it yourself ;)

          2. Anonymous Coward
            Anonymous Coward

            Two words "Barnard Castle" I like how you ignored that completely. Go on, justify it. You won't because you can't and never will. You and I know the reason for the trip to Durham was so he could take his wife there besides what sort of adviser and journalist who has worked for the same paper for years in London have no friends they can rely on to help with their kids? I don't like the BBC, I form my opinion based on actual evidence and the words the accused speak themselves.

            1. Cederic Silver badge

              Personally I have doubts over the story provided for the Barnard Castle visit. Fortunately someone else has done a proper investigation and.. well, Durham Police stated there _might_ have been a minor breach of lockdown "rules".

              Which rules? The law? Guidelines? This is not the smoking gun you are looking for.

              Is it reasonable to test whether you are healthy enough for a 5 hour drive? Yes. Was that the sole reason for the drive? Maybe we'll find out when Cummings writes his memoirs.

              As for expecting colleagues to look after kids, maybe you have a different working relationship than I do, but I've never been so close to a work colleague that I could approach them and say, "Please put your family at risk by taking in my son." Especially if I have family members already offering support.

              That's not even factoring in the rumours that Cummings' son is autistic, or the wealth of evidence that Cummings is too. That's not factoring in the death threats he was receiving at his home, It's very obvious why he didn't ask his neighbours, given the subsequent abuse from them and the member of parliament supposedly representing him tacitly supporting that abuse.

              Why do you think there was an orchestrated campaign against him? We haven't seen the media and other public figures mobilising in concerted effort like this against any of the people that actually did break the guidelines and the law, so why this one man?

              1. Anonymous Coward
                Anonymous Coward

                Can I have some of what your smoking please? He admitted it in his interview and gave the excuse as testing his eyesight. The law that means if you go out for unnecessary trips you get fined. The law that at the time didn't let you drive out for excise meaning you had to leave from your front door. The law that said you only go out for essentials such as food shopping or if you are a worker going to work because you can't work from home. This counts as none of them.

                As for colleagues Laura Kussenburg is a very good friend of his and we are talking nearly 10 years in London so he must have close friends unless no one likes him.

                Finally do you have no memory? People have already been sacked or resigned for this and were actively pursued by the media.

                Professor Neil Ferguson, Rosie Duffield, Dr Catherine Calderwood

                Oh and lets not forget his wife writing articles lying about their lockdown experience.

                If you reply can you please do a bit of fact checking before trying to defend the indefensible.

              2. Katy_B

                We haven't seen the media and other public figures mobilising in concerted effort like this against any of the people that actually did break the guidelines and the law, so why this one man?

                That is because the two most prominent breakers who were found out IMMEDIATELY RESIGNED.

          3. Richard 12 Silver badge

            He drove to Barnard Castle

            That's illegal. He admitted the act, Durham police have confirmed that had they caught him at the time he would have been sent home and/or fined.

            Furthermore he says that he did it while unsure whether he was fit to drive.

            That is also illegal. Haven't looked up the punishment but it's rather greater than the fine for breaking lockdown. Odd thing to admit to.

            He also lied to ministers and/or told ministers to knowingly lie to the public, accused Durham police of lying (or decided his own father isn't family?). On top of that he told further lies to the country while trying to explain his previous actions, this time purely to stoke his ego.

            In unrelated news, the Government then suddenly announces a whole load of lockdown rule and guideline relaxations, starting simultaneously, despite the previous announcement that nothing would change until Level 3 (we are still 4) and the fact that SAGE explicitly advised against this.

            The most ridiculous part is that if he'd just admitted it, paid the £60 fine and apologised, then the whole thing would indeed be long over.

            The man has an ego the size of a planet and is incapable of accepting he could ever make a mistake. How many more must die to save Cummings career?

            So no, the public will not forget.

            1. Cederic Silver badge

              Re: He drove to Barnard Castle

              Where did Durham police make these statements that you're claiming? I've seen nothing but 'may', 'might' and 'could have' but you're claiming 'would have' and added in 'fined'.

              It's also clear that Cummings felt he was able to drive (unless you really think he'd put his 4 year old into a car not thinking it was safe) but wanted to be sure that he was sufficiently recovered to safely drive long distance. His wording wasn't great but even Durham police describe it as "the purpose of this drive was to test his resilience to drive to London the following day".

              But before that, yes, Durham police did lie. They said they'd spoken to the father about lockdown rules, and had to subsequently retract that statement and replace it with one that stated that they only spoke to the father about security.

              As for the 'lied to ministers and/or told ministers to knowingly lie' that's defamation and you'd best be hoping his lawyers don't read The Register. There was a Downing Street statement that stated "His sister and nieces had volunteered to help so he went to a house near to but separate from his extended family in case their help was needed." and later said, "At no stage was he or his family spoken to by the police about this matter, as is being reported".

              Now you're welcome to criticise the precision of the wording of that statement but 'extended family' is clearly differentiated from 'family' and 'about this matter, as is being reported' is quite obviously referring to the explicit lies published in the press. Lies that were confirmed to be lies by the Durham Police statement release at 4.01pm on the 25th.

              Then you claim Cummings "is incapable of accepting he could ever make a mistake" when on the 25th he admitted that he's made many mistakes and makes mistakes every day. It's ok, the press didn't report that bit very well; they were too busy trying to stitch him up.

              Hell, there are plenty of reasons to dislike Cummings and to challenge his decision making, his strategies and his politics, but on this occasion, it's been a blatant witch hunt.

              So no, the public won't forget the media duplicitousness in this whole affair.

              1. Richard 12 Silver badge

                Re: He drove to Barnard Castle

                Cummings statement was written by a very expensive lawyer. It's a witness statement of the type you see in court and attempted to individually address every single sighting that Cummings thought he couldn't deny.

                Unsurprisingly, he didn't swear to it's accuracy.

                The police cannot say that a person did commit an offence until after conviction. This is because they try to obey the rule of law.

                Cummings behaviour after the trip is what is indefensible.

                Why are you defending the indefensible?

                1. Cederic Silver badge

                  Re: He drove to Barnard Castle

                  Interesting that you think I'm defending anything. But to the extent that I am, it's because I've seen the media lie and hound a man far beyond what's reasonable while entirely ignoring other public figures doing things that are far worse.

                  That's led to a public perception and ignorance on the subject that doesn't align to simple facts. You should be thanking me for helping educate people.

                  I do also believe that this orchestrated campaign has ulterior motives. What's your explanation for the combined and extended assault that goes far beyond anything targeted at Kinnock, Blackford, Duffield, Ali, Corbyn or Jendrick? They're all actual MPs that have breached lockdown rules, none of them have resigned from their job, none of them have been sacked, none of them have had the press harassing them for days on end.

                  1. Anonymous Coward
                    Anonymous Coward

                    Quid custodio ipso cutsodes?

                    The higher you are the harder you fall. DC, a contributor, despite his lack of scientific qualification, to SAGE, broke the spirit of the law and guidanceb y going to Durham, excusing his action by invoking a clause designed to protect vulnerable and abused people from abusive domestic arrangements. He then broke the guidance again by going on an unnecessary journey, at his own admiitance while being unsure if he was fit to drive. He has subsequently invoked the classic 'I'm sorry if you are upset apology strategy'. if he had come out on Day 1 saying 'unwell - taken my child to my second home' everyone would have huffed and moved on. He didn't, so it rightly will haunt him for whats left of his career.

                    1. Graham Cobb Silver badge

                      Re: Quid custodio ipso cutsodes?

                      He is responsible for the government "optics". He forced other advisors who broke lockdown rules to resign because it looked good. He then refuses to do the same thing himself.

                      Worse, Boris should have taken the strong line and forced him out - he could have continued to pay him as a party advisor in party HQ but Cumming should have been forced out of Downing Street very publicly for breaching lockdown rules.

        2. Anthropornis
          Terminator

          Totally agree, *except* -

          This is the cockwomble who wants to impose his own views on how the economy should run, and believes in killing off what he probably thinks of as a "useless third of the population". To me, given that he understands how to swing voters to his plans, this looks like a deliberate attempt to ensure that the lockdown collapses, and that only those with "herd immunity" (his preferred approach, was it not?) survive.

          And it seems to be working - reduced lockdown in England to distract attention from DC, and many people not paying any attention to distancing.

          Sorry about the icon, I was looking for DEATH on Binky, but this seemed the nearest.

          Cynical, moi ? Oui.

        3. Doctor Syntax Silver badge

          "Driving 260 miles to Durham while your wife has the virus is not safe"

          Driving 260 miles when you yourself might be infected is even less safe. There have been reported cases where individuals started out feeling fine on shorter drives than that and were in a state of collapse by the end of it.

      4. Doctor Syntax Silver badge

        "1 - he didn't write it"

        He did sit in on several meetings of SAGE who originated - despite being unqualified.

        "3 - the deputy CMO explicitly stated that childcare was an exceptional situation"

        Yes. And suggested that if there were no suitable alternatives, contact local social services. Of course social services are only for the little people.

        1. Cederic Silver badge

          Six SAGE meetings, I recall reading, but can't find the reference at the moment.

          As you said, "if there were no suitable alternatives". Cummings decided that an offer from his nieces was a suitable alternative. Durham police agreed that this was a reasonable interpretation.

      5. Jamie Jones Silver badge

        That view isn't just political allegance, it's dangerous.

        Get out from your Daily Express bubble, and listen to this: https://youtu.be/IhBSfY9eTUc

        P.S. If he didn't do wrong, why did the Daily Mail report

        "Boris Johnson has issued a stern rebuke to his aide Dominic Cummings, warning that he ‘will not tolerate’ another media firestorm.

        The Prime Minister has ordered his top adviser to stay firmly out of the public eye following the crisis caused by his lockdown trip from London to Durham, with one senior Downing Street source telling The Mail on Sunday: ‘Dom’s been firmly put in his place.’

        Mr Johnson’s ‘last chance’ ultimatum comes after Remainer and Left-wing critics leapt on the saga to take revenge for Mr Cummings’s role in winning the Brexit referendum and a landslide Tory Election victory."

        - https://www.dailymail.co.uk/news/article-8372911/Boris-puts-Dominic-Cummings-chance-one-witness-admits-sighting-aide.html

        Incidentally, that last sentence is sick. People are ignoring lockdown, and the government is relaxing it due to Cummings. The government also deemed it appropriate when the scientist resigned.

        Yet the Mail puts the whole thing down to bitter brexit lefties.

        When you thought they couldn't sink any lower...

      6. This post has been deleted by its author

    2. sabroni Silver badge
      Facepalm

      re: Sack Cummings now Boris

      Seriously? You haven't worked out who's actually pulling the strings yet?

      Cummings is running the country. Bojo is just the comedy front man.

  21. Dwarf

    Easy to fix..

    Don't install the app, then you know with 100% confidence that its a scammer.

    I know that the app won't be going onto any of our family devices, reasons include

    1. Battery life will suffer - blasting out bluetooth all day long like a canary

    2. The government has said that they will keep the data for unspecified reasons.. Err, GDPR logic should also apply.

    3. Bluetooth only says a big circle from here, not that the person was within 2 metres of me. If social distancing needs 2M, then why use a 100M technology to do that.

    4. It doesn't understand vertical spacing, so if I'm 30 metres up or down compared to someone, it won't be able to tell the difference.

    5. IT doesn't see everyone,so those with no mobile / those that don't want to use it, the person that wiped their hands with CV on the same hand rail / door etc 20 minutes ago, etc.

    6. Not all problems require a technology solution.

    7. This is really about making people feel better about things rather than actually fixing the problem.

    Now, given that Bluetooth is 2.4GHZ and that's the same frequency (ish) as a microwave oven, then if they could find a way of boosting the power and providing me with an star trek style anti-bacterial surface wiper device, then I might be prepared to use it as that would be useful.

    Some that I've mentioned this idea to suggested that Samsung have already started to do this with their Galaxy Note 7 range, bit its a one-time capability..

    1. John Brown (no body) Silver badge

      Re: Easy to fix..

      "Don't install the app, then you know with 100% confidence that its a scammer.""

      You do know that the track and trace system doesn't rely on the app, has already started operation and that the app is not yet available anyway, don't you? You not having the app doesn't stop someone else from reporting you as one of their contacts (assuming you actually are one). If you know for sure you've never met the conditions to be a contact, then yes, any call is likely to be a scammer.

  22. General Purpose

    My GP texted good advice a few days ago

    "Dear patient

    "We have been made aware that patients are getting calls by unscrupulous / dishonest persons claiming that they are from the Government and asking for information regarding their health or their NHS number. Some patients are also receiving messages threatening them with fines if they have left their homes during lockdown. Please do not give any information out to such people and do not click on any links of such messages

    "Please take care. [redacted] Surgery"

    At least, I think it was my GP. Good advice anyway.

  23. Anonymous Coward
    Anonymous Coward

    I'm from the government, and I'm here to help you...

    Clearly bogus. The government does not help you without you jumping through hoops and following contorted logic.

    1. hoola Silver badge

      Re: I'm from the government, and I'm here to help you...

      The trouble is that for every attempt to do something useful there is an ever greater number of total arseholes that exist for the sole purpose of conning people. It is a game of whack-a-mole that the criminals are always going to win.

      Telephone providers appear to have no desire to stop the spoofing of caller ID.

      They clearly know where the calls come from but will not block them.

      The chances of these scroats being caught is very low.

      Many of them are not even in the UK.

      They continue to make vast amounts of money.

      Where my mother lives in Surrey the majority of people in the area are older and they are hounded by tossers coming round in the vans wanting to:

      Fix a roof:

      Relay the drive

      Clear the gutters.

      Replace fencing

      They are also getting to be smart and target houses that have had recent work claiming to be from the builder or whatever. One person in the road had a recently re-roofed porch stripped of it lead and a bit of crap felt put on.

      The police don't have the resources to follow these up and invariably they are long gone by the time they respond. The only way to catch them is to have the police turn up when they are doing the "work". Unfortunately that just does not happen

  24. Screwed

    Four countries - same CLID?

    The government has told us one number to look for.

    Do we know that Scotland, Wales and Northern Ireland will be using that same number? They are running their tracing operations separately so it would be quite an assumption they are using the same number.

    If they are NOT using the same number, the government has already sown seeds of confusion - anyone who getting a call from one of the non-England systems and checks the number they have seen is likely to think the call is malevolent.

    1. Doctor Syntax Silver badge

      Re: Four countries - same CLID?

      But then do we even believe the CLID?

    2. Danny 2

      Re: Four countries - same CLID?

      Aye, I'll assume any contact tracer is malevolent even if it is a Scottish CLID because no phone number has been published here.

      Public information about contact tracing is available on NHS inform.

      404: Page not found

      Plus I don't know where my phone is, no use for it now. One mate called me for a chat and I effused because it was the first time in five months I'd heard a non-relatives voice. He laughed because apparently he is an 'essential worker' and got to go out three times a week.

      [Although I can see the benefits of a system that warns me I was inadvertently close to someone English. Fe Fo Fi Fum, I got an alert about the blood of an Englishman]

  25. Anonymous Coward
    Anonymous Coward

    There is going to be so much fun to be had with this. Anytime you're pissed off with anyone, just phone the NHS hotline, give a false name, tell them you have had a long conversation (or, if you prefer sex) with your target and bingo - they're shut up for a couple of weeks. Boris's dom is the obvious target, but we'll also be able to use it avoid work deadlines and just to annoy people.

  26. Ian Johnston Silver badge

    I had a fascinating series of spam SIP calls to my VOIP box yesterday. As far as I can see, they came from a Russian space website (I was researching Soyuz capsules for work) which included SIPVicious as a malware payload. How imaginative.

  27. sanmigueelbeer Silver badge
    Facepalm

    Hello, my name is Ash and I'm calling from Microsoft. I am calling you because your computer may have been infected with COVID-19 ... Ooops, sorry. Wrong script. Can we try again?

  28. slartybartfast

    Since lockdown my Mum has told me she’s received several unknown calls to her Facetime. Luckily, she’s getting wise to scammers so she didn’t answer any of them. A quick search revealed the phone number used is a scam.

  29. Arachnoid
    Stop

    Virus-tracking app angers thousands in Moscow with fines

    https://apnews.com/ca08db0bc06f0a9d20e205104680c881

    Coronavirus laws changed to mean relatives are not 'childcare' after Dominic Cummings scandal

    https://www.independent.co.uk/news/uk/home-news/coronavirus-laws-dominic-cummings-lockdown-childcare-relatives-a9542381.html

  30. JulieM Silver badge
    Boffin

    Colour me surprised -- NOT

    If you have access to the right services (a wholesale telecomms provider), equipment and knowledge (which you will definitely have, if you are using wholesale comms) then it would be trivial to make a fake COVID alert call. And it will be hard to notice, just due to sheer weight of numbers.

    But that's boring, and it also is giving the (false) impression that you might need to have access to things that are out of the reach of "normal people" in order to pull off such a stunt.

    I do not think it is entirely unfeasible for two bored young punks with brains and attitude to lay hands on a scrap PC, a hardware card available from the usual places online, an inverter and battery and one of those red and white tent things that Openreach engineers use to cover up wiring cabinets while working on them.

    Thus equipped, all they would need to do is find a suitable cabinet, deploy the tent and enjoy as much mischief as the battery permits. They could disconnect anyone's landline running through that cabinet and patch it to an FXS port on their own "sky blue pink box with yellow spots on" instead of the BT line; and then ring the unwitting victim's phone, laying any caller ID they liked on the call.

    The greatest risk is of getting caught setting up or clearing away. (Once the tent is in place, it's very obviously Somebody Else's Problem.) Mucking about with phone lines like this will break the person's Internet connection (barring the kind of coil-winding skills that went out of fashion when kids stopped building radios, while there was still anything to listen to on MW and LW), but most householders are not going to correlate the two events even if they notice the 'net going off. And most importantly, once the miscreants have packed up and gone, the only record of anything happening at all is on the HDD of the portable exchange.

    1. Arachnoid

      Re: Colour me surprised -- NOT

      No need just repurpose the government txt broadcast system to send the messsage to everybody

  31. gnasher729 Silver badge

    Apple / Google app

    Several countries have an app shipping using the Apple / Google API. So what's the advantages?

    The app can warn people that came close to me even if I don't know them, or if I don't remember them. Imagine that.

    As.a result, no need for someone to call me. No opportunity for a scammer to call me. Nobody will call me.

    No server software to write at all. Ok, one tiny bit: To avoid idiots registering them infected, every positive test will be accompanied by a code; you'll have to enter the code, and then some tiny server checks that the code is valid and hasn't been used before.

    What's the disadvantages? All the data is deleted after 14 days. 20,000 contact tracers lose their job. Dominic Cumming's best mates brother loses income.

    So it's obvious how the government had to decide.

  32. H in The Hague

    How to spot a scammer

    The comments here suggest that most Commentards will be appropriately cautious when receiving a call from a supposed contact tracer.

    However, these tips might be useful for more trusting folk such as elderly relatives:

    https://fullfact.org/online/test-and-trace-scam/

    Disclosure: I have donated to them.

  33. Katy_B

    sms spoofing service

    I'm a complete technical bozo (definitely NOT to be confused with Bojo) but I just searched for sms spoofing and came across three websites that offer to send spoofed texts on your behalf. Clearly not something that only a hacking genius can do.

  34. plrndl
    Pint

    Beer

    Free beer?

    Right now it's way past beer o'clock on Friday, and I'd be a sucker for anyone who could tell me where to get paid beer.

    (And I don't mean that garbage that comes in cans!)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like