* Posts by Graham Anderson

37 posts • joined 9 Jan 2008

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'

Graham Anderson

missing the www

The posted link has no www - if you include it, the site is up http://www.giulianisecurity.com

Information on smart meters? Yep. They're great. That works, right? – UK.gov

Graham Anderson

Re: 21st Century Economy7

Yes, the current E7 system is rubbish. But British Gas are already offering "free time" that isn't a traditional E7 tariff - https://www.britishgas.co.uk/products-and-services/gas-and-electricity/free-electricity-tariff.html

We have big peaks in energy demand, and an upcoming generation crunch. If you want to dismiss any efforts to smooth demand, fine. Looking at the National Grid data, peak runs from 1600 - 2200 ish, which looks an awful lot like domestic usage to me. http://www.gridwatch.templar.co.uk

Graham Anderson

21st Century Economy7

Smart meters will hopefully allow demand based pricing. This already happens with big business customers, but cheaper off-peak energy could encourage running washing machines and dish washers through the night.

As to the people pointing out how easy it is for you to submit your readings, bully for you. My Mum is in her 80s, and to get the cheapest energy deal we have to provide monthly readings online. Which means I have to call her, get her to go through the not-very-easy-to-access meter cupboard and then *I* have to enter the readings online. I asked if we could get her a smart meter and we were told not yet. The leccy meter in her place and mine are both older than me.

Recruitment giant PageGroup hacked, Capgemini dev server blamed for info leak

Graham Anderson

not a 'hack' if just on a publicly accessible server

If you read the original article by Troy Hunt, the server was publicly accessible. So while this is a "breach" of privacy, its no more a "hack" than me going to robots.txt and seeing what pages are listed as deny and copy pasting them into my browser.

"… an underlying risk on the server end; publicly exposed website, directory listing enabled, .sql files exposed… "


What went wrong at Tesco Bank?

Graham Anderson

Santander must also not be hashing passwords

Santander online banking has a password and a PIN that you need to enter selected character/digits from - so they can't be hashing passwords either. At least they don't use email as the account identifier though.

My first direct account uses an app based 'code generator' - which doesn't seem to be TOTP/OATH. I wonder if its an established and reviewed method, or if they rolled their own solution?

London NHS trust fined £180,000 after second bcc fail on HIV email list

Graham Anderson

Not very hot on SSL either

From 11 March to 8 May, the bookings site was running with an expired SSL cert. SSL Labs only gives them a Grade C.

So where's all these digital services GDS promised us?

Graham Anderson

The Companies House site is now a worse experience

I use CH fairly frequently to keep tabs on clients and suppliers. It used to be that you go to CH.gov.uk and right there on the front page was a search box to enter the name or company number to get the info you were after. Now:

CH.gov.uk → redirects to GDS front page → Find Company info → Start Now → old CH front page exactly as it was, with the useful search box right on the front page

Similarly, one of the very first tools launched by GDS was the Trade Tariff Tool. That defintely needed sprucing up as at the time we were exporting iPads, and you needed to choose "Automatic data-processing machines and units thereof; magnetic or optical readers, machines for transcribing data onto data media in coded form and machines for processing such data, not elsewhere specified or included". Foolishly I'd hoped that they were doing something useful to improve the existing tool like looking for common search terms and making suggestions. It launched with some fanfare and GDS branding, and zero functional improvement. If you search for 'iPad' or the more vendor neutral 'tablet computer', you get results for sugar, yeast, nuclear reactors and photographic equipment. Yay!

Nothing is True and Everything is Possible, Dead Girl Walking and Chasing the Scream

Graham Anderson

incorrect book website link

Your book link for 'Chasing The Scream' goes to the site for 'Nothing Is True...' - correct URL should be http://chasingthescream.com

vSphere meets iCylinder in new VMware update

Graham Anderson

you can only virtualise OS X on Mac hardware

When I was working on a project that was exclusively Mac and iOS, we were using VMware a lot. Apparently, Mac OS licensing insists that you can only run OS X on Apple hardware, regardless of whether or not you own a legal license that you bought sepcially for your VMware setup.

That said, it is possible to trick Windows VMware into running OS X as a guest OS.

Major problems beset UK ISP filth filters: But it's OK, nobody uses them

Graham Anderson

BT has fewest miscategorisation requests, because almost impossible to report

According to Blocked.org.uk, my personal website is blocked by BT, as is a friend's.

Neither of us were able to find a mechanism to report mis-classification, and its not like we're newbies. I used to be in charge of Parental Controls product management for AOL UK, and my friend is a respected technology journalist. Sky should be given some credit for having relatively accessible tools to report a problem.

*Update, BT now have information for site owners, but there was none when Blocked.org.uk launched. Obviously stung into action.

WORLD CUP TRAUMA? Just Streaming Stick a Roku in it

Graham Anderson

Now TV hack closed now

As to the £9.99 Now TV box being hackable, it looks like Sky have closed that loophole now. I got one last week and followed instructions found on the net and the latest firmware looks different and does not seem to allow the user to go into developer mode, which was the basis of side-loading Plex onto the box.

If anyone knows of a up-to-date hack, I'd love to give it a try, but I wouldn't buy a Now TV box if you're after a cheap hackable Roku box.

Mensch pal Bozier defends Menshn security, dubs critics 'snippy geeks'

Graham Anderson

Deleted after 7 days?

I'm not sure Theresa May would be very happy having all that communications data deleted before MI5 have a chance to look for any funny business.

Cameron calls for ISP-level parental censorship tools

Graham Anderson

ask about parental controls during sign up

Here's an idea - instead of forcing ISPs to turn on a mandatory opt-out nanny-filter for the entire country, why not make it a part of the signup process online or by phone:

"So, now we've got you through the sign-up for your new ISP service, we've got one last question for you. Do you have any children in the household?


"Would you like us to turn on the nanny-filter for you? You can turn it off at any time by going to your account control panel. Equally, if you don't want it now, you can turn it on at your account control panel..."

4G interference will knock out Freeview

Graham Anderson

not another Granadaland retune??

Granadaland has already had two DTT retunes. The first one I was able to talk my 80-year old parents through on the phone. The second screwed things up royally and my mother was left with the Welsh channels in one part of the house - the bit she actually uses. The house is big, so calling out an aerial engineer is a complete pain and an unwanted expense. My poor old Mum had to wait for me to come visit (from That London) and even as a reasonably techie person, looking up the correct channel groupings for Granada TV as opposed to Welsh was annoying and confusing. Add into this the Chinglish inspired set-top box UI for manually changing the channels and it was a nightmare. As it turned out, there was a problem with the box as well, but the process was so confusing that I didn't know if it was a mistake I'd made, or if the aerial was completely incapable of picking up Winter Hill.

With a new set-top box, we worked out that it wasn't the aerial at fault, but then with the new Humax I had yet another designed-by-autistic-engineers-in-another-language interface to wrestle with in order to tell the stupid box to tune into Granada and not S4C.

If they're going to screw around with the retuning again, I may as well save myself the £100 train fare back to Liverpool and get a satellite dish installed. Oh wait, I can't because they live in a conservation area...


Mumsnet founder: Our members are 'very keen' on PORN ...

Graham Anderson

OpenDNS free for home use

Its not as if you even have to sign up for a subscription service in order to put some safeguards in place. OpenDNS is free for home users and has the upside of usually being faster than your own ISP's DNS servers.

I get pretty tired of my friends who are parents coming up for excuses as to why thet can't keep their under-13's off Facebook and seem to have no spine when it comes to unfettered use of tech in kids bedrooms.

ASA rules BT Wi-Fi service works with invisible routers

Graham Anderson

BT Openzone and BT Openzone

My main gripe with BT Openzone is that not all hotspots called BT Openzone behave in the same way. With my O₂ iPhone package, there's supposed to be free access to both BTO and The Cloud. And for a while, BTO access was great - once I was authenticated once, my iPhone seemed to be fine across multiple hotspot locations and yea, the browsing was good.

Then BTO launched their FON boxes all across London. They use BT Openzone as their SSID, so the iPhone happily joins it. But the Fon versions do not seem to be part of the free access deal for O₂ - so if you're using Safari you end up trying to use the authentication pages, which don't work. If you're using an app, you don't see the authentication pages and your connection seems to be broken. You have to tell the iPhone to not auto-join BTO hotspots. I pretty much never get a working BTO connection now.

I'm fine with BT deciding that their deal with O₂ only extends to their BT Openzone operated hotspots rather than their Fon network - but FFS, don't call them the same thing if they are not.

O2 boots up boobies blocker

Graham Anderson

blocks apps too

I've been having trouble using a popular gay dating app on the iPhone for the last day or so (when did the block come on?). The app kept just hanging and I thought it was the app's fault. When I tried accessing the dating site using Mobile Safari, I got the age verification messaging for the first time.

So you'll have a chunk of users who are using apps rather than phone browsers who can't see the messaging from O2 at all.

I just asked for my PUK - I've had problems with pre-paying for international data where they credit the add-on the *following billing cycle*, ending up with me being charges extoritionate rates for mobile roaming in the US when I thought I was covered, and having a useless bundle of pre-paid data a month after my trip. Add in crap mobile reception and many dropped calls, this is the last straw for me.

Bot attacks Linux and Mac but can't lock down its booty

Graham Anderson
Jobs Halo

Clam X AV free anti-virus for Mac

Clam AV has a version available for free for Mac OS X. As you mentioned, there are paid products such as Kaspersky out there if you don't trust the open source freebie. The core Clam software is used in a number of server based anti-virus solutions and usually holds its own against paid packages.

Clam is included as standard in Mac OS X Server editions.


BAA accused of banning passengers from filming travel chaos

Graham Anderson

Photography banned in the security screening areas and... everywhere!

One place where photography and videoing is banned is the security areas.

The Heathrow website claims that ALL photography requires permits and written permission, so it would seem that the press bunny who said that photography was OK is misinformed. Of course, trying to enforce no-photo rules in a world of camera phones and 14x zoom super-compacts is stupid, but that's BAA for you.


Apple MacBook Air 11.6in sub-notebook

Graham Anderson
Jobs Halo


Difficult to measure on a new machine, but in general, Macs seem to last longer because they are better built - especially with the aluminium unibody construction.

I'm still running the very first Intel MacBook Pro from 2006 and its been around the world several times with me.

My female friend - possibly the clumsiest person I've ever known - used to get through a Sony Vaio a year. She also trashed a plastic MacBook, but is in love with her aluminium MacBook Pro - which has survived her and her 6-month old baby. So far.

I've not used a netbook myself - as they're generally made as cheaply as possble, how does that affect their durability compared to the very solid construction of the alu-Macs?

O2 outs liars and philanderers with live status feed

Graham Anderson
Thumb Down

Indoors signal atrocious here, "Good" according to the map

Does anyone see a "report a flagrant lie in our reporting" link on the status pages?

Google slips $3.1bn through 'Double Irish' tax loophole

Graham Anderson

No corporation tax in the UK

Being an "Irish" company, Google pays no taxes on revenues generated from the sale of advertising by UK companies, to UK consumers on searches performed within the UK. The UK represents 12% of all of Google's revenues according to the last earnings release. This is perfectly legal.

The Americans have particular reason to be upset at this arrangement as Brin & Page's research which gave rise to the technology behind Google was funded by the US taxpayer bankrolled National Science Foundation.

O2 hits button on location-based ads

Graham Anderson
Big Brother

O2 More says nothing about constant location snooping

The Placecast technology uses cell tower triangulation at the carrier network level. So Placecast will have a stream of your movements AT ALL TIMES.

People are used to location apps being about checking-in - the O2 More faqs make no mention of the fact that a 3rd party will constantly be following them around to see if they go anywhere near a Starbucks.

UK.gov digital engagement director to retire

Graham Anderson

How many digital engagement czars do we need?

I thought Martha Lane Fox was in charge of pressing a new MacBook into every granny's hands?

Apple iOS 4 update frustrates iPhone 3G owners

Graham Anderson
Jobs Horns

Mine borked too

After a number of attempts to restore, I now have my stuff back. Deffo not as smooth as previous upgrades.

Guardian loses half a million CVs

Graham Anderson

wil they pay for my Experian?

When my employer lost a disk with my details on it, the company paid for me to get Experian credit watch. Will the Guardian cough up for Experian/CIFAS subscriptions for all affected users?

DLNA compliance testing: It ain't working

Graham Anderson
Jobs Halo

PS3 not talking to Lacie either

When my housemate had a PS3, it would only see some music and the images on my Lacie 1TB NAS. Almost none of the movie files would play. The same movies being served via a Windows box to the PS3 were fine. The Sony PS3 would also only see some of the content being served up by the various versions of iTunes on the network. I blame Sony - in fact, I blame Sony for most of the world's ills...

OpenOffice.org overwhelmed by demand for version 3.0

Graham Anderson

Why no torrents?

Perhaps if they had posted some torrents of the files, they wouldn't have fally over servers. I'm pretty sure they used to encourage you to download via Torrent before, but this time around they seem to offer only HTTP and FTP links.

Even now - with their super small emergency homepage - they are pushing you to HTTP/FTP.

Be Unlimited pulls plug on home CCTV service

Graham Anderson

Doesn't even have to be an IP camera

My oldsters have a camera pointing out from their front door that plugs in to their TV via the composite video in - even simpler (and probably cheaper) than an IP camera.

Virgin warns 800 punters for file-sharing

Graham Anderson

You get what you pay for

When I worked for a large ISP with a three letter name, we had a rolling programme where staff would go out to punters homes to talk about their experience using the intertubes.

As well as current and ex members, we talked to competitor members too. All the NTL (i.e. Virgin) people universally said that they hated the poor customer service and poor quality of service - but the killer was that none of them would switch. Cheap and all bundled together with their telephone and TV, none of them could be bothered to switch to a better provider.

My personal opinion (and I may not have a typical attitude to saving money) is that my Internet access is really quite important to me, so its worth spending a little more for better service. I can heartily recommend a smaller ISP like Zen - who seem to win customer satisfaction awards every year.

One positive outcome for BT and Virgin is that by getting all pally with the BPI and acting as copyright vigilantes for them, many of their heaviest downloaders will take their BitTorrents to another ISP like TalkTalk. "Bad" customers go away of their own accord, plus, they get gold stars from the music biz and Andy "eyeliner" Burnham. They may never get to the point of having to kick downloaders off their network - neato!

The war on photographers - you're all al Qaeda suspects now

Graham Anderson

photography *not* banned at Canary Wharf

Living close to CW, and having seen the plastic police harrassing photographers myself, I thought I would look at the Canary Wharf website to see if there was a list of the dos and don't of the estate - it being private property and all that. I was hoping they might have them on the web as I certainly have never seen a sign with them listed on the estate itself.

www.canarywharf.co.uk has no information about what is and isn't allowed on its private land - no information even of the fact that you will be stopped by their plastic police and inexpertly swabbed for explosives if you drive in.

Google however provided this gem from a Flickr user questioning the CW Estate Security Manager on this very topic:


[snip] "Photography is not banned on the Estate and therefore there are no signs advising of its prohibition. However, professional photography is only permitted with our permission and when granted, a permit is issued. Amateur photography is welcomed but, in the light of the current extremely high threat from terrorism, photographers may be questioned by security staff. Once satisfied with their legitimacy, security personnel will permit the photography to continue and I am very disappointed at your comments about the threats to confiscate the memory card or delete the photos. " [snip]

Billy Bragg: Why should songwriters starve so others get rich?

Graham Anderson
Jobs Halo

This is between the artists and the labels

Part of the problem is that musicians sell their "intellectual property" to large evil corporations. Said evil corporations then screw up the marketing of product - trying to sell formats and products that punters don't want. (Case in point, I quite like the French artist Camille. She has a new single out according to her website. This morning I tried to buy it from the iTunes store and couldn't because it was only available in the French iTunes store. This isn't my fault, its between EMI and iTunes - and I suspect its down to EMI only licensing their precious acquired "intellectual property" for sale in France. They have just lost a completely free sale - no marketing required. Free money for more coke - I mean, candles and flowers!)

When artists do better deals with labels - or cut them out completely - then they will find a way to make money out of their fanbase. But please stop blaming the fans. Fans don't sit on artsits' back catalogues preventing fans from buying material - that's the labels and their precious "intellectual property". The long tail should be a massive opportunity for the music business - and they have borked it completely.

Except of course for labels like 4AD. I can go to the 4AD website and buy pretty much every release they ever made. If I can't buy the CD because its out of print, I can buy high quality digital downloads. With David Sylvian's Samadhisound, I can buy all of his new releases while cutting out the middle-man.

UK.gov will force paedophiles to register email addresses

Graham Anderson
Paris Hilton

change to notification reqs

Well yes, the whole idea is stupid to think that a determined child abuser is going to be stopped from joining a social network by this regulation.

But what it will do is make it an offence for people on the sex offenders register to NOT disclose all their email addresses. So if it is found out that they have created a new Gmail account - guilt is presumed and they can be banged up for an extra five years. Regardless of whether or not any grooming or abuse has taken place - the failure to disclose is the crime.

I wonder if the Goverment plans on using the CRB people to operate this email address blacklist? If so, I guess you can look at a 6 month waiting list before you can join Facebook successfully.

Apple US retail sales leap past PC par

Graham Anderson

re: Toyota vs Lexus

Darryl - my point is more that to a significant section of the market, the cash money price differential is not so big that it will stop them buying the machine they want, rather than the Dell compromise.

People who have to lug around their computer up and down the country to meetings, given the choice, are likely to plump for the machine that is not going to turn them in to Quasimodo. Hence the popularity of the small form factor Vaios and their ilk. In particular, all the female execs I have worked with have always lusted after the Vaios and the small Toshibas because of the small weight. But with these machines the tradeoff is in screen size - escape the tyranny of backache only to end up with eye strain squinting at a tiny screen.

With MBA, you get the light weight, and a full size screen and keyboard. The tradeoff is that some of the connectivity options are not there - which as I've already pointed out, a chunk of people do not in practice use.

Will cost-conscious corporate IT departments flock to the MBA as a buffer against employee claims of back pain caused by lugging 2 kilos of Dell around in a badly designed freebie laptop bag? No. But someone who is self employed now has a choice as to whether or not they pay the extra few hundreds of pounds in order to get a balanced compromise laptop. Where the Lenovo X300 has gone before, I'm sure other Wintel manufacturers will follow - which can only be good for all of us.

Graham Anderson
Jobs Halo

MacBook Air naysayers - get over it

It is obvious from reading various forums, that there is a large body of people who just don't understand why anyone would want to shell out on a MacBook Air.

It has no optical drive! Only one USB! No user serviceable battery! No ethernet! I can get cheaper elsewhere, etc...

I, however, know plenty of people for whom the MBA makes perfect sense, and who don't care about the sins of omission listed above.

I'm part of a small IT/management consultancy, and I'm the responsible adult when it comes to making IT purchases for the group. All my colleagues want a laptop that is as light as can be. The majority of them have baby Sony Vaios and while they like the portability, they all hate the small screen real estate and the crappy keyboard (ah, the older Sony Vaios had nice keyboards...)

These people connect via wifi and have Vodafone 3G USB dongles for where there is no wifi. They don't install a lot of software from CD/DVD (I make sure they're too scared to!), plus for when they do there is the drive sharey thing bundled with MBA. We have networked printers. As far as I know, they don't watch DVDs on trains using their laptop. They think that laptops are just for doing MS Office and email on.

And they don't notice/care about the price difference. They don't care about the price difference between a Merc and a Ford Focus, why should they care about the difference between a Toshiba and a MacBook Air?

When it next comes around to laptop shopping in my company, my colleagues will probably be looking at the MBA and the new Lenovo X300 (or its equivalents). As a Mac user, I can show them how they can do everything they do now using either the Mac version of MS Office, or using Parallels/Boot Camp. They have a choice.

So, to all those people who say that anyone who buys a MBA has more money than sense, I say "does exactly what I want it to, thanks very much". Apple are quite good at finding out what the market really wants, you know.

Finally, let's not forget, the iPod Shuffle would never sell because it had no display, no FM receiver and too few buttons.

Online banking payment system aims to reduce fraud

Graham Anderson
Jobs Halo

Service is Windoze/IE only - uses ActiveX

Well, their FAQ seems to completely ignore the fact that there are people out there who choose not to have a Windows PC, but as they rely on ActiveX, that locks out Macs, Linux and any Internet Exploder refuseniks.

So their soopa-secure service relies on a technology that lots of people really don't trust.

Lord Triesman on P2P, pop-ups and the Klaxons

Graham Anderson

Pandora, schmandora

Pandora's withdrawal from the UK market can be looked at in another way - unable to get a royalty deal as cushy as the one they have in the US, Pandora threw its toys out of the pram and went back to the US. Last.fm has always operated under the UK licensing regime, and was able to get major backing.


Biting the hand that feeds IT © 1998–2022