You obviously don't have any experience of Teesside, Have had 35 years there I agree you won't see many left lying around. Most will be lifted off the streets and later found around South Bank, Redcar, Cargo Fleet, Stockton, Thornaby and Haverton Hill.
414 posts • joined 14 Sep 2010
That's a first!
So it is earier getting data and creadit card details from EasyJet than getting a refund on a cancelled flight!
Was due to go to Krakow in March but as Poland shut the airport EasyJet cancelled the flights. Got a refund for the flight out - but the flight back has been deleted from my bookings making the task of applying for a refund a tad difficult. Trying the creditcard route but they are similarly in being un-cooperative.
Crooks set up stall on UK govt's IT marketplace to peddle email fraud services targeting 'gullible' punters
Brit competition regulator will soon be able to seize rogue traders' domains – and even Amazon accounts
As Brit cyber-spies drop 'whitelist' and 'blacklist', tech boss says: If you’re thinking about getting in touch saying this is political correctness gone mad, don’t bother
Bye, Russia: NASA wheels out astronauts, describes plan for first all-American manned launch into orbit since 2011
Browse mode: We're not goofing off on the Sidebar of Shame and online shopping sites, says UK's Ministry of Defence
Why are they looking at amazon.com rather than .co.uk? Probably because there are regular visits to the US by MoD staff who could buy for themselves or pickup for colleagues without having to pay import tax. And not just visits to the US but they have a number of staff across the globe who would not use .co.uk.
But as a CS person of some years I am really surprised that the Daily Fail is so high up the list. That rag is not really read by the majority of CS staff.
Hey, Brits. Your Google data is leaving the EU before you are: Hoard to be shipped from Ireland to US next month
Government and Personal Data
Offshoring of Government data (that is any data held by Gov Depts being) has been fairly strictly controlled to a few countries. If memory serves me right it doesn't like any data going outside the EEA.
So I wonder if the Cabinet Office OGSIRO has issued a missive to Depts to ask which of them still us Google services. It wasn't all that long ago that some *large* ones did.
See also https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/01/statement-on-data-protection-and-brexit-implementation-what-you-need-to-do/
Latest battery bruiser Android from budget Moto G range appears ahead of MWC after an Amazon whoopsie
Not call, dude: UK govt says guaranteed surcharge-free EU roaming will end after Brexit transition period. Brits left at the mercy of networks
Has it started?
Try looking around for SIM only monthly deals. There used to a lot around at one point but now you have to be spending over £20 pm for data you don't want for the most part. GiffGaff still provide lower data levels for reasonable amounts, if you want to rely on the O2 coverage - not so good if you are in the Western part of the Isles. There are a couple of other smaller players too offering monthly deals. However, the big players have pulled out of these deals (latest being Three)and now require you to sign up for 12 or 24 month contracts if you want SIM deals at a similar price to their "old" monthly price.
Still, we have ours on order anyway (£2.50 postage is not included). While it won't be here in time to mop up the spilled Champagne/floods of tears (delete as appropriate by the end of the month), hopefully it will survive to the end of 2020, when the real excrement will start.
Then it will be a bit damp, sport a few distressing stains and suffer a little fraying at the edges.
Welcome to The Reg's poetry corner... hiQ once again / beats LinkedIn on web scrape case / more appeals await
So if LinkedIn used, say, a WAF in front of their services that utilised rate limiting and repetition request rules to protect their customers being able to access their services how would the Courts deal with that? Could also go by reputation rules so that anything that looked like a scraper would be blocked if the browser action continued for several minutes it would get blocked for a cool down period.
All in the interest of protecting their service availability and customer access of course.
Pokemon No! Good news: You can now ban the virtual pests, er, pets to stop nerds wandering around your property
And the Rest of the World?
With respect to Pokémon GO in the United States:
So what about the rest of the world that also has to put up with these "players" cluttering up the streets and hanging around our homes?
And will this also be relevant to their other games like Ingress that uses the same locations, and the new Harry Potter "game" due out soon?
Veeam. Veeam. Veeeeeeeam. What was that? Oh, just the sound of half a billion bucks hitting backup biz's bucket
Too much a coincidence?
One or two banks perhaps, but so many different businesses within a short space of time should make one think is there more to this than meets the eyes? Or is that just my normal suspicious self?
Still, glad I never made the decision to move over to using a mobile application. Never liked or trusted them.
Banks, banks and banks
Today the RBS group of banks (that all use the same firewall with such a single point of failure?), Barclays yesterday, Lloyds not so long ago along with Halifax. And so the list of names goes on. Seems to becoming more prevalent - and at a time when King Cash is being threatened. It does make you wonder if somewhere in the world there is a rubbing of hands.
Re: Email is absolutely broken...
To secure YOUR sending emails you'll need the SPF/DKIM/DMARC trio applied - but that doesn't stop fraudulent email from coming in to you. In addition to setting up your own email receipt rules (like how can an email purporting to be from your own business be coming in from outside your domain) you need every other email sender to apply the trio - and/or use (read pay for) a propriety protection or alert system. Which is a growing industry.
The IETF have had plenty of time - and examples - to examine how broken email RFCs are and, along with the apwg and MAAWG, could have started to address some of issues (like checks on the header from address in addition to the envelope from address, IP/domain chains....). But perhaps they have realised that as use of email has progressed beyond that envisaged that it may be easier to try to educate to end user. Unfortunately that cannot be applied in many cases.
Joint Cyber Reserve
Had a thought about this way in, extra pay, chance to mess a bit with some more interesting pentest/hack/cracking stuff...then realised that perhaps the joint bit wasn't what I thought it could be when I read about the sailor being busted on HMS Queen Liz for peddling.
Sherlocks bong is the nearest thing
Indeed. "That enabled them to expand from using just BlackBerry devices into support for Android, iOS and Chromebooks. "I was proud of that," he adds" Most still using Blackberry phones, odd bits like MoD accept Apple in "some" places. Some are using Windows OS phones.
Android? CESG passed Samsung Knox a couple of years ago but hasn't got traction yet.
But yes, Seems a nice guy. But why years working in a relatively low paid job!
One of the issues often seen is that "management" are keen to be known as "experts" but do not have the aptitude or passion for the subject.
Once you get "management" to understand that they have to recognise that those with the correct aptitude and passion for the work should have money spent on them to obtain qualifications rather than "managers" who use the cash to attend "cyber" conferences, then you might, just might, get an improvement.
And Senior Management also need to start understanding that they need IT managers in place who also have an aptitude and passion for the work - and these need to be listened to. So often you see IT Dept managers who have no operational interest or ability but know who to appease Senior Management as that is where they have set their target to get to.
“Deploying a DMARC policy where p=none along with a relevant SPF record is simple, but it is only the first step......"
Just having a DMARC record in place is a chocolate fireguard. Perhaps when writing reports like this the folk concerned really should make it clear that you also need a SPF or DKIM as well - as a minimum. But best to have both.
And yes we all know that DMARC+SPF alone "can" break when mail servers forward mail when p=reject. Particularly when mail forwarders or loadbalancers overwrite/insert their sending IP address in the header :-(
Re: Pension Forecast
You don't need a GGW account for a pension forecast, just a printer attached to your PC to print a form off and post it. Keeps folk employed (post office, drivers, civil servants).
And before you comment - how do you know if your application isn't just printed off at the other end and handled just like a posted application :-)
Inland Revenue service? That's not existed for over 10 years.
If it refers to HMRC then they "got off their arse" and implemented DMARC and SPF back in 2013 and have been trying to get others to follow suit. Looks like their actions have been noticed and now NCSC have taken up the baton.
Re: Top Civil Servants
If only that were true. Trouble with GDS is that this was a Cabinet Office initiative bringing in "experts" from outside the Civil Service to provide expert advice on how IT dev should be done. So althought a number of these are now CS they are not old stream....who have got their hands dirty by keeping legacy systems running and trying to do things on a shoestring as all the funding appears to go to new web functions with "cool" fonts.
£450m given to Depts would result in a lot of infrastructure improvements...but to GDS?!!!
Re: Akamai? Breach?
Then again are the Beeb just using Akamai for CDN rather than CDN and DDoS protection? They do have some IP addresses out in plain sight so a DDoS could have gone through the back door
Try looking up without the www and you get
canonical name bbc.co.uk.
canonical name a1733.g.akamai.net.
So either it was a massive DDoS that could overcome Akamai's Edgeserevrs (assuming BBC do not just use European ones) or there was a bit of a cockup in some configuration activity within BBC or Akamai.
I remember breaking ground on this back in 1975 when working for the Brunel Exhibition Rotherhithe through CSV. Two of us a shovel and a sledgehammer working a derelict site. Didn't make much of an impact and annoyed neighbours on a Sunday morning but found interesting hoards of illicit goods buried under rubble on the site.
Re: Yahoo and DKIM
The thing about BT is that they are causing denials themselves with their CPcloud server acting as a mail forwarder. If you look at BT they are running THREE email services under the name of BTInternet.com, one of which uses the Yahoo! mail service. To direct to mail to the correct service the CPcloud server is stripping off the original header info and substitutes itself as the sender. A great way to get mail be labelled as Spam.