I will rarely defend Paypal, but they do actually have other 2FA methods, such as an authenticator and will use all the usual suspects.
11 posts • joined 10 Dec 2009
Microsoft warns against SMS, voice calls for multi-factor authentication: Try something that can't be SIM swapped
Never an issue in South London?
In this case, changing the router mac detected new CPE, assigned a new IP and thus hadn't cached any routing. Worked around for a while.
But as for no issues in South London?
How many times in the croydon/tooting/streatham area has it failed 'intermittently' for days on end? Many!
How many times have I tried to explain to the phone handling fool at the other end that it isn't my modem, as neighbours are having exactly the same problem, only to have it suggested that their modems have obviously failed too. Also many!
Most nasty, though, was when in 2009 the blocked a whole server at the planet (hosting many, many websites, including my business sites and business sites of my clients) by IP address, because *1* URL (v1rgin dot com) was hosted there. Their excuse for the 2 week+ block (and associated lack of business? "We have to protect our branding, and it's up to the other server owner to contact us when we block them". That was from their UK head of internet security, and if that's the level of incompetence that high up, then you can see why this has failed so badly again!
Not A/C, because Virgin *really* f'd up on that one and if they want to whine at me making it even more public, let them.
BT Business Bad
Glad I left them.
They just can't provide a business ADSL without it breaking every 30 minutes or so, spent 3 months fixing it then 'upgraded' the exchange a week later and back to failure.
During an earlier problem, they were flumoxed that I wouldn't allow them to connect to my machine via remote desktop to test the system.
Very pleasant bunch to deal with, and I'm sure they've got some technical ability, but this sort of stupidity surfaces too often with their lower level tech staff.
Re: Enimga first defeated...
I'd go with misunderstanding or meme rather than myth.
Since the beginning of the release of official information about Bletchley Park's activities in the late 70s, which were still considered highly secret way after the war (not least because the British Government had sold the enigma system to various allied countries as a 'secure' encryption system), the contributions of the Polish Cipher Bureau have been acknowledge in every good source on the subject.
Very early reports suggested were confused as they were leaks against the official secrets act.
By the late 70s BBC series 'The Secret War' which was one of the first authoratitive programmes on the subject this was acknowledge by Bletchley's staff who had broken their silence and given interviews to the BBC.
Yes, the Polish Cipher Bureau cracked the original enigma system and gave over their research just about the time the Germans were trundling into Poland.
During the course of the war, enigma was upgraded with multiple interchangeable wheels and an increase in the number of wheels as well as the use of a plug board on the front of the machine to further obfuscate the signal path.
All of this increased the complexities and, as with any deciphering, more work was needed in order to decrypt the enciphered data.
The automation of the process to handle the identifying of possible settings was courtesy of a certain Mr Turin, the bombe if I recall. Another prevalent misunderstanding is that this task was carried out by collosus.
Interested in this stuff since childhood? Well, yup. :)
As to the article itself, this government needs to find money to support historically important things like Bletchley Park rather than squandering it on election rigging. 250K? Pathetic!
Everyone alive today owes a lot to all the people who contributed to the research, or worked at Bletchley and who kept its activities so vitally secret throughout the war.
Now, as the first poster suggested, please give a little bit to help Bletchley Park out :)
I don't think I'm alone in finding Open Office to be a very low rent alternative to Microsoft Office.
Yes it's free, but I wish people would stop evangelising it as better then office. It simply isn't. It too crashes. It too has security problems. It's also a lot less polished and less user friendly. As for it's macro ability - shoddy.
I don't quite agree with the first poster that MS has been alone in advancing the state of the art, but in making things friendly for users - absolutely.
I have two main problems with the concept of google apps.
I'd rather have apps locally and depend on the computer+software working, rather than increasing that dependancy list to include ISPs and remote computer. For a business to choose to rely on 2 things completely out of their control is just plain stupid.
Further, I wouldn't trust anything propriertary going through google's system, let alone personal information. They claim no evil, yet seem intent on tracking just about everything they can because they can (streetmaps and wi-fi macs for example). Too much additional data being stored for no valid reason.
Re: Why no dye bomb?
How often do you think bank staff *won't* accidentally trigger the dye pack when loading the machine?
The machines have multiple (sealed) cash cartridges. The dye-pack would need to be in each cartridge. The cartridge must be removable from the machine to be reloaded, and could be taken far from the machine legitimately to refill it in a more secure area. Yeah, I might have had the job of reloading them when I worked for the bank 20+ years ago.
So a nice idea, but not practical due to the usual fleshly fallibility.
Much easier would be to tether the bugger with a nice large cable, solid metal bolting to secure the cable inside the secure cabinet and a solid anchor point for it to loop through on the ground. Smaller machines couldn't then be carted away (tbh 90KG isn't that hard to lift and move on your own anyway), and the larger ones can't be lifted and draged by fork lifts.
>Err. You complain about MBNA's marketing policies but you still have a card with them?
Believe it or not, if I'd stopped being a customer I'd still have received their marketing crap but with no easy way to contact them and no leverage to get them to stop. Now they've finally stopped the marketing it's there if I need it but so far have not needed to use it since the marketing nonsense started; that would have earned them money (tsk!).
>Personally, when I get junk mail I'm not interested in, I scribble over all of it, stuff it in the >freepost envelope and send it back to them. Seem to work for me.
Yup, but try hearing some imbecille trying to tell you that you haven't got the letter that you're holding, at which point you ask them why they're suggesting you're lying...
ICO occasionally works (almost)
They managed to stop the imbecilles at MBNA sending me marketing by phone, text and post. MBNA's excuse... the account records showed no marketing but the customer records showed it was ok. This despite over 10 years of asking politely to have it stopped. Of course, each time a card is issued the new card record shows all marketing is ok again (MBNA are very shit like this) and credit card cheques will be issued for all new cards automatically.
So, the ICO did do some good. More teeth (and a better bit of biting) would maybe have made MBNA actually fix their logic issues, but the ICO is not useless; they are just not yet useful.