The certificates for Nationwide do not have any intermediate CAs, so should not be affected.
I can't obviously identify whether it's EV or not (how does one tell these days?).
768 posts • joined 10 Oct 2007
That's my server announcing that email of up to 20MB will be accepted.
That seems like a reasonable limit in the modern world - not too small to interfere with normal traffic, not too big to choke the server.
IME, the UCE that does get through actually tends to be quite small (well below that 20MB limit) - it's not often that junk comes with huge attachments.
Other [genuine] email from MS servers comes through ok, so I don't think it's TLS-related (though it's a good thought).
And even if MS did want to only transmit over TLS, their servers should end the conversation cleanly with QUIT, not just drop the connection.
Mostly, it's their hypocrisy that peeves me.
...it'd be nice if they could stop the silly DoS crap originating from some of their *.outbound.protection.outlook.com servers.
Stuff like this, where they just connect and then drop the connection over and over:
07/07/2020 13:04:41 - ( 2911) EHLO GBR01-LO2-obe.outbound.protection.outlook.com
07/07/2020 13:04:41 - ( 2911) 250-Welcome, mail-lo2gbr01lp2055.outbound.protection.outlook.com [220.127.116.11], pleased to meet you
07/07/2020 13:04:41 - ( 2911) 250-AUTH=LOGIN
07/07/2020 13:04:41 - ( 2911) 250-AUTH LOGIN
07/07/2020 13:04:41 - ( 2911) 250-SIZE 20971520
07/07/2020 13:04:41 - ( 2911) 250-ETRN
07/07/2020 13:04:41 - ( 2911) 250 HELP
07/07/2020 13:04:41 - ( 2911) Error:  Connection reset by peer
It certainly is.
The number of attempts to log in to my email servers via SMTP, 2ry SMTP, IMAP and POP3 are through the roof.
In the past, it would be the same IP trying over and over (though there's still plenty of that), but it's now also common to see an IP try once and then disappear. And lots of those IPs are part of cloud providers networks.
Not only that, but the spam is also coming from an increasing range of IP addresses.
I've had to further reduce the limit on failed login attempts, as well as begin firewall blocking of IP ranges wholesale.
More like 3rd-party manufacturers being obliged to sell their accessories (eg tyres, wiper blades, seat covers, fluffy dice, etc) for Ford vehicles through Ford dealers, and pay Ford a hefty fee for the privilege.
Or, say, music companies being forced to sell their music (to be played in a Ford vehicle) through Ford dealers, and again, paying Ford a hefty fee for the privilege.
I've never been much interested in burgers, even before there was a McDonald's on every damn corner, so have never consumed any of their "offerings" (though I have been inside their premises occasionally in the company of others who did partake). I'm much more partial to pizza, though I'm aware that's almost certainly even worse for me in health terms.
Indeed, thinking about it, I wonder what the effect on the nations' waistlines might have been had the government instructed all takeaway food outlets to close for the duration of the lockdown! (I know I'd have eaten less pizza, for a start)
"Black Cab"'s are now Chinese (LTI got bought out - by Geely, IIRC).
Morgan's numbers are so low as to be a rounding error on a rounding error. Aston Martin isn't significant either. And of course, Land Rover is Indian now (being owned by Tata), although still built here.
The Nissan Leaf is currently assembled in Sunderland.
"Complicated to administer and police."
Not really, it just goes into the VAT regime, which is the motor trade's problem. HMRC (at least the Excise portion) have traditionally been fairly effective on that front (some notable issues aside).
"Just keep knocking up the taxes on petrol and diesel and you'd achieve the same effect."
Well, that ought to be happening too. The difficulty in doing so is that it's pretty damn visible to taxpayers, so the governments of the day (of whatever flavour) tend not to be overly keen on doing so.
"Sure, provided you're comfortable with punishing the poorest who are least able to avoid your new taxes. I'm not completely sure I am."
By and large, I would expect that the poorest are not actually buying new cars at all, so pushing up the cost of ICE isn't likely to affect them (at least, not directly).
[Road charging is] "completely incompatible with privacy."
Not necessarily. You could certainly make it so if you wanted to do so (and I can see that there are some who would like to do so). However, the EU countries using road charging seem to be doing so without major problems, and without (AFAIK) totally compromising privacy. I don't see why we could not do likewise (non-functional public bodies notwithstanding).
Exactly. Fuel duty is going to dry up as a source of income. That's another reason that VED needs to be restructured (allowing EVs to pay nothing really is not a viable option).
If you want to encourage the switch from oil to EV, in a gradual way and not have a mad rush to switch at the last minute, forcing the price of ICE up and EV down is necessary. Doing so in a clearly defined manner that is affordable and doesn't simply introduce further problems down the road seems like the logical thing to do.
I agree that road charging is probably required, and that's not necessarily a bad thing if implemented sensibly (eg we ensure a contribution from foreign vehicles using our infrastructure that way).
VED is such a mess right now (with multiple differing schemes) that it just seems sensible to bundle fixing it in with larger changes.
While I get your point about the seriously wealthy not caring one way or another (as you say, the VED is almost immaterial to them), you do want it overall to be as fair as possible, and to be constructively arranged (even if it's principally "virtue signalling").
At the moment, the effective message of the various schemes is "hang on to your old diesel"!
Removing the cost of using the existing infrastructure from electric vehicles is ultimately self-defeating (the country cannot afford to give up those forms of income in the long-term).
Plus, such discounts are generally regressive, as the current price differential between petrol/diesel cars and the EV equivalent is such that EV purchases are mostly made by the wealthiest (ie those who can most afford to pay for the infrastructure are the ones least in need of such discounts).
There are several factors to consider:
a) the profits on the car sales (which definitely goes overseas),
b) the service-based UK car jobs (dealerships/showrooms, garages, logistics, etc),
c) the car financing profits (may/may not go overseas, depending on source),
d) avoiding reintroducing the pollution from cars (the air quality has improved massively during lockdown)
I'm not sure where the overall balance would sit, and how (or whether) you can actually value (d).
1. Introduce a fossil fuel car VAT supplement, starting at 2%, ratcheting up by an additional 2 percentage points every year until it hits 20% - ie gradually double the VAT on any vehicle that is in any way powered by petrol or diesel.
2. Introduce an electric/AF car VAT discount, starting at 20%, ratcheting down by 2 percentage points every year until it's gone - ie remove the VAT for now, gradually reintroducing it. You could cap this at (say) £6k maximum if thought necessary.
3. Drop the existing EV grant.
4. Rework VED so that all vehicles are on the same scheme (there are currently 3 or 4 different ones running in parallel), such that:
a) all vehicles pay, b) those that pollute more pay more, and c) those that impose extra wear and tear on the network or consume extra capacity [think heavy and/or XL vehicles] pay even more. For example, a base VED of £50, plus a fossil fuel component tied to emissions [one element for each of CO2 and NOx, plus room to add others if we find further pollutants], plus a % "XL" levy (say, 50% extra for over 2 tonnes or L>4.5m or W>2m or H>1.5m, and 25% discount for "compact" cars [<1T or small enough to fit 2 in a standard parking space]). It's probably appropriate to implement this new VED with lower starting rates that are ratchetted up by fixed increments for a few years before switching to inflationary rises, to avoid huge overnight hikes for those currently enjoying negligible rate VED on older petrol/diesel vehicles.
"It's a deterrent to installation for sure, but the whole rigmarole can largely be prevented by signing code with a certificate"
"It's a deterrent to installation for sure, but the whole rigmarole can largely be prevented by downloading with a real browser instead of Edge"
Indeed, if I get a call from my bank (to my mobile number), the first thing they do is ask me to answer security questions (something their own advice says is bad).
I always say no, and explain why (the explanation is for the benefit of the staff person calling *and* their trainers [who use the recordings of those calls :p]).
As I understand it, publishers receive ongoing payments for works lent by libraries, not just the normal purchase price of the work (using some fancy formulae).
Assuming the former is accurate, then while the IA is probably pushing the envelope somewhat, as long as they're paying the lending fees apropos for the vastly increased lending, the publishers aren't actually losing out. Indeed, arguably, they're likely to benefit from the increased awareness of their product (more readers means more sales [ultimately]).
Of course, it would probably have been better if the IA and publishers could have come to a negotiated agreement before all this kicked off.
If both are available, and working, why not just leave visitors on whichever one they chose to use? (especially when you've previously received negative feedback about forced redirection)
Even worse are those sites that then drop you on some sort of "pick your region" landing page, when the URL you typed expressly contained the relevant region in the first place!
This isn't the first time Stelios has forced an EGM to be held, as he does like to throw tantrums from time to time. He basically thinks he always knows better than the EasyJet board - sometimes he might be right, but trying to throw his weight [vis his large shareholding] around like this just makes him look petty and vindictive.
"You're missing the point of the attack."
No, I'm not. The point of the attack is to persuade one innocent DNS server to overload another innocent DNS server, thereby creating two victims, one of whom is misled into thinking the other is a culprit.
"The resolver at badguy.com is "misconfigured" on purpose--that is the attack."
I'm not talking about what the bad actor is doing at all. I'm talking about what the good actors can do.
Authoritative isn't the issue. Recursion is.
It's a recursive DNS server that's vulnerable, because it can be used to cause problems for other authoritative DNS servers (by generating multiple queries to resolve the one it received).
Best practice says that authoritative servers should be configured to only respond for their domains, and not to resolve other domains at all. Like that, they can't be used to propagate this attack.
Perhaps it's time for developers to ensure that they provide the installation APKs on their own website as well as via the Google Store, so that there's a way for users to obtain the latest versions even when Google muck things up^Hfail to scale again.
This has the useful benefit of allowing their software to be sourced by those who either don't have access to the Google Store (eg Huawei users) or who wish to avoid it (eg privacy advocates).
The current "punishment" regime is useless - forbidding advertisers from running an advert that they aren't using/showing any more is a waste of time.
What might work is forbidding them from advertising at all for a while - perhaps on similar lines to the coronavirus fines, where the ban duration starts modest, but rapidly ratchets up for repeat offences (within defined limits and with a slow decay [like speeding points]).
Or maybe we should just go the whole hog and ban advertising entirely! (launch the "B" ark)
Of course, it was created by a bridge player (or official), who used Word because it's what they had available to them at the time, and they weren't a "computer expert" (and probably were someone's grandmother!).
And either they weren't clever enough to be able to do booklet printing of a simple paged document, or possibly the automatic booklet printing options we take for granted now might not have been there in the combination of Win95/Me + Word 95/97 that was probably around when it was first created (it might just have been in the WinXP + OfficeXP era - certainly that's what I was using when I first got my hands on a copy of the document in the mid-noughties), so they created a multi-column layout to achieve the same end.
Biting the hand that feeds IT © 1998–2020