* Posts by Vimes

1319 publicly visible posts • joined 3 Dec 2012


UK refreshes national security plan to stop more of China's secret-stealing cyber-tricks


This might be a stupid question, but in general terms the NPSA seems to serve the same purpose as the NCSC. What would be the difference between them?

Thought you'd opted out of online tracking? Think again


A fun one to check out is any *.fandom.com website.

On a few occasions now I went to the trouble of unchecking all vendors in their consent dialog (an excessively and unreasonably time-consuming process in itself - not to mention dishonest since the selected purpose might be disabled but all vendors listed within the collapsible section for that purpose remain enabled)

Funny thing is though in some case the options for some vendors get re-enabled after I had explicitly disabled them. I only know this because on one occasion it happened as I was unchecking other entries further down without me choosing to do so.

OK, we know iPhones are expensive but... $11 a month for Twitter Blue on iOS?


‘You’re one of those condescending Mac users!’…


Bye bye BoJo: Liz Truss named new UK prime minister


The state of UK cybersecurity now she has been selected: NCSC advocating the use of barking dogs to scare off APTs...


Okta now says: Lapsus$ may in fact have accessed customer info


Why doesn't Microsoft just revert back to full Borg mode and refer to them as SPECIES-0537?

UK Space Agency wants primary school kids to design a logo for first Brit launches


'Stop drawing rockets shooting lasers on my windows!!!'


Government-favoured child safety app warned it could violate the UK's Investigatory Powers Act with message-scanning tech


'"We were a very young startup then but it worries me that those that don't have the finance to get professional advice will cut corners and innocently/naively breach laws like [the Computer Misuse Act] etc. We see that all the time, especially with international safety tech providers entering the UK market. They often have no idea these laws exist."'

Really? Seriously?

I was able to contribute towards stopping a telecoms company from introducing scanning tech provided by an Israeli company. If a mere member of the public with zero legal experience and zero funding can understand enough about the law to do that then there is nothing to stop companies from knowing enough to see the potential pitfalls.

In my opinion If they don't know about the law by now then in all likelihood it's because they don't want to know. This is especially the case when you consider some of the laws have been around for more than thirty years (even RIPA - now the IPA - has been around for more than two decades). Their existance should really not come as such a shock.

The government even publishes the damned laws online at legislation.gov.uk for anybody to read for crying out loud. This stuff is really not so difficult to find once you go looking.

Apple seeks geniuses to work on 6G cellular modem before it's even shipped own 5G chip


Personally I'd prefer it if they spent a little more money on their QA testing (*cough*Monterey, bent ipads etc. etc.)

Privacy activist Max Schrems on Microsoft's EU data move: It won't keep the NSA away


"Support is still a [data] transfer”

Didn't Lockheed Martin provide systems for the 2011 census in the UK with access granted for support purposes? Makes you wonder what if anything was sent to the US in that case...


Virgin Media website broken for over a month now?


Virgin Media website broken for over a month now?

Anybody else here a Virgin Media customer when it comes to their ISP?

I've been trying for over a month now to access the package management settings on the 'my virgin media' part of their site but all I get are messages that tell me 'oops something went wrong'.

It's almost as if Virgin are trying to deliberately obstruct people from downgrading their services or cancelling them outright after the recent price hike (more than 7% in my case).

They seem to value new customers more than existing ones. Maybe I should try cancelling my service and signing up again every few years if only to bring the price down to something more reasonable.

Court orders encrypted email biz Tutanota to build a backdoor in user's mailbox, founder says 'this is absurd'


I'd agree with that, but it's still one of the excuses that gets an airing each time this sort of thing is discussed.


It's interesting that those claiming to act 'for the children' in demanding that unworkable limits be placed on encryption never seem to consider the possibility that children should not be allowed access to that technology in the first place, and when it comes to 'big tech' always omit the phone companies from their calls for greater regulation, despite the spread of child abuse only being impossible from mobile devices if the phone companies are there to sell them the devices to begin with.

If something is dangerous for children then generally society limits or stops access to that thing for children, yet when it comes to phones the authorities are quite happy to see the camera enabled devices sold to children despite the capacity for them to be abused.

Another interesting omission with regards to two words the likes of the commissioner never mentions: parental responsibility. Yes the technology can be a headache for parents to understand and control but if they can't do this then how can they justify handing something that could potentially do great harm to their children because of their lack of understanding?

Don’t panic, but five jet drones just used their AI to chat and collaborate while in flight


So... basically a swarm of hi-tech flying monkeys?

Software running on demo licence? At least one patty pusher is Lovin' It


This would be the same McDonalds whose touch screens seem to inevitable have traces of shit covering them?

It would give a whole new meaning to the word 'buggy', especially now...


YouTube is going to splash adverts all over your videos, and won't pay creators unless there's a big enough audience


Adverts already seem to appear at entirely random times in some cases.

I wonder if anybody has bothered to ask the advertisers if they honestly think that pissing off youtube users is a good way to generate new business?

Welcome to Superbork: Where high-street fashion meets high-strung Windows


Re: Times are strange

You should only have been concerned if you had heard a voice telling you 'I'm sorry Dave. I can't let you do that' as you started...


I still recall going through Heathrow about 20 years ago. Every two or three minutes most of the departure monitors appeared to reboot and we were treated to the old 'Windows 95 - with internet explorer' boot screen shown rotated 90 degrees.

One would hope the real air traffic control system was a little better designed, even back then. Unless of course somebody wanted to add new meaning to the words 'blue screen of death'.

Departing MI5 chief: Break chat app crypto for us, kthxbai


From their homepage:

The National Technical Assistance Centre (NTAC) is a government unit made up of staff from a range of backgrounds. It is responsible for the lawful interception of communications on behalf of law enforcement and other agencies, as well as recovering data from seized media. NTAC also offers technical advice to government and industry on interception, data recovery, and digital forensics.


NTAC does not apply for interception warrants in its own right. Rather, it manages the delivery of intercepted communications to the agencies that have a lawful authorisation in place to acquire them.

So in this instance GCHQ is often little better than an extension of MI5, and doing their bidding.



Whilst the underyling interception is done by GCHQ it's still often the security service seeking and obtaining the warrants that underpin the spying. He may claim that MI5 isn't interested in bulk surveillance, but who'd care to bet them and their warrants are still quite happily taking advantage of it?

After blowing $100m to snoop on Americans' phone call logs for four years, what did the NSA get? Just one lead


Well the people at the NSA probably also got yet another chance & way of spying on their husbands & wives so there is that too. Still a tad expensive though.


This episode of Black Mirror sucks: London cops boast that facial-recog creepycams will be on the streets this year


Re: Lazers

That's part of the problem: people won't want to be watched & if you give people legitimate reasons to resort to a particular tactic then stopping it from being used will become that much more difficult.


Re: Lazers

Why bother when you can fool them with a simple mask?



What oversight and auditing will there be I wonder when it comes to the watchlists?

Who gets to decide which people get put on the list? What happens when mistakes are made or abuse of the system is discovered?


Police simply can't be trusted with technology. Go back 12 years and there were complaints about how the DNA database contained something like 500,000 errors.

And the rates are worse than you've made it out to be too: The BBC were saying the Met were claiming that only 1 in 1000 people scanned would generate a false alarm. That's going from a known and proven failure rate of 98% back in May 2018 to one of 0.1% today. That sort of progress in only roughly a year and a half is questionable to say the least.

Interesting to note too the ICO's continued obsession with public opinion in their press releases. It's almost as if they've forgotten that their job is to enforce the law, not try and make it popular.

UK's Virgin Media celebrates the end of 2019 with a good, old fashioned TITSUP*


A lot of people to be affected by a single failure.

You'd have thought that with people paying so much to start with - even for consumer level service - and all those price rises they push through on a regular basis on top of that that they would have better redundancy than this.

Uncle Sam punishes China for abusing Uyghur Muslims – by blacklisting top AI surveillance companies


Given their failure to do anything about human rights abuses elsewhere in the world (*cough*Yemen) it's easy to end up with the impression that there are other things at work here.

Are there any US companies competing for the same services that the Chinese companies provide by any chance?

Vodafone: Daft Huawei comms gear ban will cripple UK – and cost punters loads



Hardly surprising Vodafone would be so supportive of a company accused of questionable activities given their own history.

Lucky, lucky, Westminster residents: Who better to look after your housing benefits than Capita?


The same Capita as this?


Are they setting themselves up for another Carillon style fiasco?

UK defence secretary ponders £50m hit to terminate Capita recruiting contract


Odd how this sort of failure keeps on happening. Don't government contracts have some sort of get-out clause that allow them to drop suppliers without any financial penalties when said supplier provides such an abysmal level of service?

Virgin Media? More like Virgin Meltdown: Brit broadband ISP falls over amid power drama


Stop whining when your only provider goes down and you're too cheap to pay for a backup service.

Or simply don't have the money.

Stop assuming people are living sufficiently comfortable lives that they can afford this. It might not be much to you (even for a 'crappy' line). It might not be feasible for many others.


Re: Should they email you notices

I can't see them being keen on paying £X000+ each time they have a fault for text messages.

Perhaps the additional cost will be an incentive to keep large scale incidents to a minimum?

For that matter surely SMSs would only represent a significant cost if they keep on failing to provide the service to such a large number of customers? Small scale outages would presumably be less of an issue.

For me personally Virgin Media has been on the whole reasonably reliable. It's when things inevitably fall apart - as it will always do occasionally with technology - that the problems start.

Keeping customers informed isn't their strongest point apparently and when I asked them via Twitter this morning what had happened the previous day they couldn't give me any information. Given the scale of the outage I don't think being willing to tell such a large chunk of customers why they weren't getting the service they were paying for is particularly unreasonable. Apparently Virgin Media disagrees.

Where's my money?! UK Info Commish squeezes data controllers while brandishing £4,350 fine


Funny how the ICO's willingness to start fining suddenly gets a lot stronger when it involves anything affecting them directly rather than another 3rd party.

Microsoft has a digital coworker it wants in your business: Cortana


Re: Cortana is fine. At home

<HAL 9000 voice>'I'm sorry Dave, I'm afraid I can't do that'</HAL 9000 voice>


Re: Cortana is fine. At home

Oh, I don't know about that. There could be entertainment to be found in watching Cortana struggle with accents.


Some of the clients I've dealt with in the past were quite resistant to sharing data with us even when they were using our software & had raised a support ticket requesting the sort of help that required access to it.

The idea that these same companies would be happy with a microphone switched on all the time listening to everything they're saying and potentially sharing it with Microsoft (which is presumably what any sort of real voice control & using Cortana would entail) seems unlikely in the extreme.

Need a facial recognition auto-doxxx tool? Social Mapper has you covered


Didn't NSA employees get caught out on LinkedIn using project names that were then subsequently leaked by Snowden? And presumably their profiles have nice mugshots displayed?

No fandango for you: EU boots UK off Galileo satellite project


Re: EU Are Being Vindictive @shadmeister

So basically it's still undefined. Anything not tested in court is essentially little more than an opinion however informed it may or may not be. There are other opinions too. Even your own link says so. See the following article as an example:


On one hand you're accusing the EU of being vindictive merely by plainly following the rules *WE LAID DOWN*. On the other you suggest we should bend the rules as far as possible - maybe even beyond breaking point - purely to serve our own selfish interests and make a point.

And yet you still think the EU are the ones trying to be vindictive? Really?

It's also entirely possible that the EU will come up with projects or organisations in the future that the UK will want to join. What do you think the likelihood is of this happening will be if we've proven ourselves to be unreliable in the past?


Re: EU Are Being Vindictive @heyrick

There's a word for people that promote and intentionally follow a course of action they know will cause harm to their country. It's one that the likes of the daily mail is rather fond of using when it suits them: traitor.



Re: Richard51

The whole 'passport-must-be-burgundy' thing was a non-binding council resolution. We could have remained members of the EU *and* had blue passports.

Also ignore the fact that the blue colour was actually something brought about by the League of Nations in 1920 and the only reason we've bothered with biometrics is because of demands made by the US in regards to its own visa waiver program. (*muttermutter...bloodyforeigners...muttermuttermumble*)



Re: If not doing something because it was "inconvenient" [...] @Voland's right hand

One of my favourite Brexit tweets:



Re: If not doing something because it was "inconvenient" [...] @Doctor Syntax

What gets me is the continued failure of our politicians to grasp the idea that people on the continent can quite easily read our papers too and can see how the likes of Johnson, Gove, Fox and Davis play to the gallery at home just so they can jump through the tabloid hoops.

Yet somehow our MPs are still continually surprised by the angry reaction of the EU when it comes to making promises in Brussels only to break them shortly afterwards just to keep the likes of Paul Dacre happy.


Re: EU Are Being Vindictive

Are you honestly expecting the EU to give non-EU states the sort of control over its own systems that the US refuses to share with others when it comes to its own GPS systems even if they are NATO allies?


Re: If not doing something because it was "inconvenient" was the ciriteria for Brexit..

Which begs the question: why bother making such a song and dance about being denied access in the first place?


Re: EU Are Being Vindictive

Didn't the UK have a hand in writing the rules that said that non-EU states shouldn't be given this level of access? And that's precisely what we'll be after Brexit: a non-EU state. No amount of negotiation or fanciful plans will change that.

Now the EU is being vindictive because it's following rules that we helped lay down? Seriously?


Re: Well @Anon Coward

Speak for yourself. I have seen a number of people angry that they were conned into voting leave when they wanted to see more money for the NHS. Then of course you have others that voted for the sunlit uplands and the 'easiest trade deals in history' that the likes of Davis and Fox have been continually promising until they collectively tried to rewrite history and claim that nobody said it would be easy.

The problem for them is that they did. Repeatedly. And the wonderful thing is that their words aren't readily forgotten, especially when we have the internet and archived articles to go back to.

How many people were conned by all those promises and fake fear regarding Turkey I wonder? Less than 4% of the leave vote? Because that's all it would have taken to change the outcome.


Re: Dictionary anyone?

It's a mistake to portray leave voters as stupid in my opinion, especially when the government itself didn't know initially what leaving would entail. Expecting a member of the public to do so therefore when an entire civil service hadn't got to grips with it seems more than a little unrealistic. You could equally claim that remain voters didn't fully understand the implications of staying in the EU, however positive doing so may or may not be.

Not doing more to stop the over-spending, possible criminal behaviour and collusion with foreign states (*cough*Russia*cough*) to interfere with our democratic processes is, however, a different matter. People talk about respecting the result but from where I sit given the underhanded manner in which the result was secured I see nothing worth respecting. If this were to take place in any other country we would be loudly pushing for a rerun of the process. Funny how that doesn't happen when the mistake is made at home.


The mistake here perhaps is to see this as a negotiation to start with from the Europeans point of view when from their side of things it's probably more of an implementation of the rules they already have (rules that in many cases we had a strong hand in formulating - so it's a bit of a mystery why the government didn't see this one coming from the very start).

As Theresa May was so fond of saying until it started being flung back in her direction: Brexit means Brexit. There are consequences to leaving and this is one of them. Pretending this issue can simply be negotiated out of existence is just as likely as finding a solution to the Northern Ireland issue that doesn't involve either a hard border or non-existent technology.

Of course the caption 'Lose access to navigation services, your financial industry, automotive industry, aviation industry and fishing industry too amongst others. Oh, and by the way you might want to say goodbye to your loved ones dying of cancer now as they won't be around much longer when the medicine runs out' wouldn't fit onto the side of a bus quite so easily.

A certain millennial turned 30 recently: Welcome to middle age, Microsoft Excel v2


There are too many VBA-filled spreadsheets out there to allow Excel to disappear any time soon.

And I speak as somebody who regularly gets asked to update one such file for a client. This file has been around longer than I have, and I've been at my current employer more than 11 years now.

I've also seen a general resistance to learning anything new or changing working practices - especially in the larger accounting firms (I'm guessing they probably don't want the additional training costs in terms of both time & money for so many people unless it's really necessary). This means you can easily end up with a situation where people end up sticking with what they know & are familiar with using.

It may also be worth noting that whilst Libre Office supports macros it does so using its own language and not the same VBA that so many people are familiar with. A move to Libre Office would require a rewrite of those existing macros in files accountants are already using.

European Commission refers Ireland to court over failure to collect €13bn in tax from Apple


So: Amazon owes 250m, Apple billions... and all enforced by a European system on rules limiting state aid. Rules that Corbyn wants to ditch.

I bet the tax dodging corporations will love having him as PM...